Struct optee_utee::crypto_op::Mac [−][src]
pub struct Mac(_);
Expand description
An operation for performing MAC (Message Authentication Code) operations, such as HMAC
or AES-CMAC
operations. This operation is not used for Authenticated Encryption algorithms,
which SHALL use the functions defined in AE.
Implementations
Initialize a MAC opeartion. The The function should be called after the set_key.
Parameters
iv
: Input buffer containing the operation Initialization Vector, if applicable
Panics
- If the algorithm is not a valid algorithm for
Mac
. - If no key is programmed in the operation.
- If the Initialization Vector does not have the length required by the algorithm.
- Hardware or cryptographic algorithm failure.
- If the Implementation detects any other error.
Accumulate data for a MAC calculation.
Input data does not have to be a multiple of block size. Subsequent calls to this function are possible. Unless one or more calls of this function have supplied sufficient input data, no output is generated. The function should be called after the init.
Parameters
chunk
: Chunk of the message to be MACed.
Panics
- If the algorithm is not a valid algorithm for
Mac
. - If the function is called before init or after compute_final or after compare_final.
- If
chunk
excceds maximum length for algorithm. - Hardware or cryptographic algorithm failure.
- If the Implementation detects any other error.
Finalize the MAC operation with a last chunk of message, and computes the MAC. Afterwards the operation handle can be reused or re-initialized with a new key. The operation SHALL be in active state and moves to initial state afterwards.
Parameters:
message
: Input buffer containing a last message chunk to MAC
mac
: Output buffer filled with the computed MAC, the size should be allocated enough for
containing the whole computed MAC
Example
let mut key: [u8; 20] = [
0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
0x36, 0x37, 0x38, 0x39, 0x30,];
let mut out: [u8; 20] = [0u8; 20];
match Mac::allocate(AlgorithmId::HmacSha1, key.len() * 8) {
Err(e) => return Err(e),
Ok(mac) => {
match TransientObject::allocate(TransientObjectType::HmacSha1, key.len() * 8) {
Err(e) => return Err(e),
Ok(mut key_object) => {
let attr = Attribute::from_ref(AttributeId::SecretValue, &key);
key_object.populate(&[attr.into()])?;
mac.set_key(&key_object)?;
}
}
mac.init(&[0u8; 0]);
mac.update(&[0u8; 8]);
mac.compute_final(&[0u8; 0], &mut out)?;
}
Errors
ShortBuffer
: If the output buffer is not large enough to contain the output.
Panics
- If the algorithm is not a valid algorithm for
Mac
. - If the function is called before before init or after compute_final or after compare_final.
- If input data exceeds maximum length for algorithm.
- Hardware or cryptographic algorithm failure.
- If the Implementation detects any other error.
Finalize the MAC operation and compares the MAC with the buffer passed to the function. Afterwards the operation handle can be reused or re-initialized with a new key. The operation SHALL be in active state and moves to initial state afterwards.
Parameters:
message
: Input buffer containing a last message chunk to MAC
mac
: Input buffer containing the MAC to check
Errors
MacInvald
: If the computed MAC does not correspond to the value passed inmac
.
Panics
- If the algorithm is not a valid algorithm for
Mac
. - If operation is not in active state.
- If input data exceeds maximum length for algorithm.
- Hardware or cryptographic algorithm failure.
- If the Implementation detects any other error.
Function usage is similar to Digest::allocate.
Function usage is similar to Digest::info.
Function usage is similar to Digest::info_multiple.
Function usage is similar to Digest::reset.
Function usage is similar to Cipher::set_key.
Function usage is similar to Digest::copy.
Trait Implementations
Auto Trait Implementations
impl RefUnwindSafe for Mac
impl !Send for Mac
impl !Sync for Mac
impl Unpin for Mac
impl UnwindSafe for Mac
Blanket Implementations
pub fn borrow_mut(&mut self) -> &mut T
pub fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
pub fn from(t: T) -> T
pub fn from(t: T) -> T
Performs the conversion.
pub fn into(self) -> U
pub fn into(self) -> U
Performs the conversion.