Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[crypto] improve API descriptions for HMAC and KMAC #21197

Merged
merged 1 commit into from
Feb 13, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 14 additions & 2 deletions sw/device/lib/crypto/include/mac.h
Original file line number Diff line number Diff line change
Expand Up @@ -51,8 +51,15 @@ typedef struct otcrypto_hmac_context {
* mode. Only SHA-2 hash functions are supported. Other modes (e.g. SHA-3) are
* not supported and will result in errors.
*
* The caller should allocate 32 bytes (8 32-bit words) of space for the `tag`
* buffer and set its `len` field to 8.
* The caller should allocate the following amount of space for the `tag`
* buffer, depending on which hash algorithm is used:
*
* SHA-256: 32 bytes
* SHA-384: 48 bytes
* SHA-512: 64 bytes
*
* The caller should also set the `len` field of `tag` to the equivalent number
* of 32-bit words (e.g. 8 for SHA-256).
*
* @param key Pointer to the blinded key struct with key shares.
* @param input_message Input message to be hashed.
Expand All @@ -71,6 +78,11 @@ otcrypto_status_t otcrypto_hmac(const otcrypto_blinded_key_t *key,
* through `customization_string` parameter. If no customization is desired it
* can be empty.
*
* The caller should set the `key_length` field of `key.config` to the number
* of bytes in the key. Only the following key sizes (in bytes) are supported:
* [16, 24, 32, 48, 64]. If any other size is given, the function will return
* an error.
*
* The caller should allocate enough space in the `tag` buffer to hold
* `required_output_len` bytes, rounded up to the nearest word, and then set
* the `len` field of `tag` to the word length. If the word length is not long
Expand Down
Loading