Move is_sign and mac_size checking back to PSA core scope It makes sense to do the length checking in the core rather than expect each driver to deal with it themselves. This puts the onus on the core to dictate which algorithm/key combinations are valid before calling a driver. Additionally, this commit also updates the psa_mac_sign_finish function to better deal with output buffer sanitation, as per the review comments on #4247. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

commit: 72f736a1912cf85dab2c488a9433f84e300ce901 [log] [tgz]
author: Steven Cooreman <steven.cooreman@silabs.com> Fri May 07 14:14:37 2021 +0200
committer: Steven Cooreman <steven.cooreman@silabs.com> Mon May 10 11:29:13 2021 +0200
tree: 13857f4bcdf696c338988f2e7a2a47361b2cee33
parent: c112315aebc20e39ad1affb91eb84f4d21100073 [diff] [blame]
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index fc7e778..47012fd 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h

@@ -137,10 +137,12 @@
      * ID value zero means the context is not valid or not assigned to
      * any driver (i.e. none of the driver contexts are active). */
     unsigned int id;
+    uint8_t mac_size;
+    unsigned int is_sign : 1;
     psa_driver_mac_context_t ctx;
 };
 
-#define PSA_MAC_OPERATION_INIT {0, {0}}
+#define PSA_MAC_OPERATION_INIT {0, 0, 0, {0}}
 static inline struct psa_mac_operation_s psa_mac_operation_init( void )
 {
     const struct psa_mac_operation_s v = PSA_MAC_OPERATION_INIT;
commit	72f736a1912cf85dab2c488a9433f84e300ce901	[log] [tgz]
author	Steven Cooreman <steven.cooreman@silabs.com>	Fri May 07 14:14:37 2021 +0200
committer	Steven Cooreman <steven.cooreman@silabs.com>	Mon May 10 11:29:13 2021 +0200
tree	13857f4bcdf696c338988f2e7a2a47361b2cee33
parent	c112315aebc20e39ad1affb91eb84f4d21100073 [diff] [blame]