Currently PSA mac backends can only implement psa_mac_compute() from
the PSA crypto API, but not psa_mac_verify() and the associated
multi-part functions.
Extend the location and algorithm dispatchers to connect the above
PSA API functions to suitable backends. Also extend the MAC backend
API to allow backends to implement those additional functions. Due
to a design issue with the SE backend API (context size is dynamic,
thus requiring a memory allocation) only psa_mac_verify() can be
accelerated by SE backends.
Signed-off-by: Armin Wolf <W_Armin@gmx.de>
This removes the static (thread-unsafe) variables from sha256 and
hmac_sha256 to remove a potential footgun. The static variable is only
used when the caller does not supply a pointer to store the digest and
it is returned via the (undocumented) return value.
This commit removes this option and makes the digest argument mandatory.
The macros CONCAT(), MIN(), and MAX() are defined over and over again in
RIOT's code base. This de-duplicates the code by moving the macros to a
common place.
Having to cast a password provided as `const char *` to
`const uint8_t *` is a needless pain in the ass when using the API.
Hence, fix it by accepting passwords and salts as `const void *`
instead.
Wipe temporary buffers and sha256 contexts so that no remnants of the
password is left on the stack
This ensures that the password is not leaked if some function reads
the stack afterwards.
This add an implementation of PBKDF2 using sha256 hmac. Only one derived
key length is supported (32) though it should not be hard to extend it.
The testing is done with both random (with fixed seed) vectors amd vectors
from rfc7914.
Add init/update/final interface
Add interface functions for direct SHA3
Add unit tests for SHA-3
Document functions and types
Reduced var scope in Keccak code
Add CCO Copyright notice to Keccak code
Add init, update, and final functions to do HMAC
calculation using blocks, instead of one shot.
Unit tests: use the PRF-6 test vector to test the case
where data is splitted in 3 different blocks.
