10.3. Message authentication codes (MAC)

10.3.1. MAC algorithms

`PSA_ALG_HMAC` (macro)

Macro to build an HMAC message-authentication-code algorithm from an underlying hash algorithm.

#define PSA_ALG_HMAC(hash_alg) /* specification-defined value */

Parameters

hash_alg: A hash algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_HASH(hash_alg) is true).

Returns

The corresponding HMAC algorithm.

Unspecified if hash_alg is not a supported hash algorithm.

Description

For example, PSA_ALG_HMAC(PSA_ALG_SHA_256) is HMAC-SHA-256.

The HMAC construction is defined in HMAC: Keyed-Hashing for Message Authentication [RFC2104].

`PSA_ALG_TRUNCATED_MAC` (macro)

Macro to build a truncated MAC algorithm.

#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \
    /* specification-defined value */

Parameters

mac_alg: A MAC algorithm identifier (value of type psa_algorithm_t such that PSA_ALG_IS_MAC(alg) is true). This can be a truncated or untruncated MAC algorithm.
mac_length: Desired length of the truncated MAC in bytes. This must be at most the full length of the MAC and must be at least an implementation-specified minimum. The implementation-specified minimum must not be zero.

Returns

The corresponding MAC algorithm with the specified length.

Unspecified if alg is not a supported MAC algorithm or if mac_length is too small or too large for the specified MAC algorithm.

Description

A truncated MAC algorithm is identical to the corresponding MAC algorithm except that the MAC value for the truncated algorithm consists of only the first mac_length bytes of the MAC value for the untruncated algorithm.

Note

This macro might allow constructing algorithm identifiers that are not valid, either because the specified length is larger than the untruncated MAC or because the specified length is smaller than permitted by the implementation.

Note

It is implementation-defined whether a truncated MAC that is truncated to the same length as the MAC of the untruncated algorithm is considered identical to the untruncated algorithm for policy comparison purposes.

The full-length MAC algorithm can be recovered using PSA_ALG_FULL_LENGTH_MAC().

`PSA_ALG_CBC_MAC` (macro)

The CBC-MAC message-authentication-code algorithm, constructed over a block cipher.

#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)

Warning

CBC-MAC is insecure in many cases. A more secure mode, such as PSA_ALG_CMAC, is recommended.

The CBC-MAC algorithm must be used with a key for a block cipher. For example, one of PSA_KEY_TYPE_AES.

CBC-MAC is defined as MAC Algorithm 1 in ISO/IEC 9797-1:2011 Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher [ISO9797].

`PSA_ALG_CMAC` (macro)

The CMAC message-authentication-code algorithm, constructed over a block cipher.

#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)

The CMAC algorithm must be used with a key for a block cipher. For example, when used with a key with type PSA_KEY_TYPE_AES, the resulting operation is AES-CMAC.

CMAC is defined in NIST Special Publication 800-38B: Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication [SP800-38B].

10.3.2. Single-part MAC functions

`psa_mac_compute` (function)

Calculate the message authentication code (MAC) of a message.

psa_status_t psa_mac_compute(psa_key_id_t key,
                             psa_algorithm_t alg,
                             const uint8_t * input,
                             size_t input_length,
                             uint8_t * mac,
                             size_t mac_size,
                             size_t * mac_length);

Parameters

key

Identifier of the key to use for the operation. It must allow the usage PSA_KEY_USAGE_SIGN_MESSAGE.

alg

The MAC algorithm to compute (PSA_ALG_XXX value such that PSA_ALG_IS_MAC(alg) is true).

input

Buffer containing the input message.

input_length

Size of the input buffer in bytes.

mac

Buffer where the MAC value is to be written.

mac_size

Size of the mac buffer in bytes. This must be appropriate for the selected algorithm and key:

The exact MAC size is PSA_MAC_LENGTH(key_type, key_bits, alg) where key_type and key_bits are attributes of the key used to compute the MAC.
PSA_MAC_MAX_SIZE evaluates to the maximum MAC size of any supported MAC algorithm.

mac_length

On success, the number of bytes that make up the MAC value.

Returns: psa_status_t

PSA_SUCCESS: Success.
PSA_ERROR_INVALID_HANDLE
PSA_ERROR_NOT_PERMITTED: The key does not have the PSA_KEY_USAGE_SIGN_MESSAGE flag, or it does not permit the requested algorithm.
PSA_ERROR_INVALID_ARGUMENT: key is not compatible with alg.
PSA_ERROR_NOT_SUPPORTED: alg is not supported or is not a MAC algorithm.
PSA_ERROR_BUFFER_TOO_SMALL: The size of the mac buffer is too small. PSA_MAC_LENGTH() or PSA_MAC_MAX_SIZE can be used to determine the required buffer size.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE: The key could not be retrieved from storage.
PSA_ERROR_DATA_CORRUPT: The key could not be retrieved from storage.
PSA_ERROR_DATA_INVALID: The key could not be retrieved from storage.
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

Description

Note

To verify the MAC of a message against an expected value, use psa_mac_verify() instead. Beware that comparing integrity or authenticity data such as MAC values with a function such as memcmp() is risky because the time taken by the comparison might leak information about the MAC value which could allow an attacker to guess a valid MAC and thereby bypass security controls.

`psa_mac_verify` (function)

Calculate the MAC of a message and compare it with a reference value.

psa_status_t psa_mac_verify(psa_key_id_t key,
                            psa_algorithm_t alg,
                            const uint8_t * input,
                            size_t input_length,
                            const uint8_t * mac,
                            size_t mac_length);

Parameters

key: Identifier of the key to use for the operation. It must allow the usage PSA_KEY_USAGE_VERIFY_MESSAGE.
alg: The MAC algorithm to compute (PSA_ALG_XXX value such that PSA_ALG_IS_MAC(alg) is true).
input: Buffer containing the input message.
input_length: Size of the input buffer in bytes.
mac: Buffer containing the expected MAC value.
mac_length: Size of the mac buffer in bytes.

Returns: psa_status_t

PSA_SUCCESS: The expected MAC is identical to the actual MAC of the input.
PSA_ERROR_INVALID_SIGNATURE: The MAC of the message was calculated successfully, but it differs from the expected value.
PSA_ERROR_INVALID_HANDLE
PSA_ERROR_NOT_PERMITTED: The key does not have the PSA_KEY_USAGE_VERIFY_MESSAGE flag, or it does not permit the requested algorithm.
PSA_ERROR_INVALID_ARGUMENT: key is not compatible with alg.
PSA_ERROR_NOT_SUPPORTED: alg is not supported or is not a MAC algorithm.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE: The key could not be retrieved from storage.
PSA_ERROR_DATA_CORRUPT: The key could not be retrieved from storage.
PSA_ERROR_DATA_INVALID: The key could not be retrieved from storage.
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

10.3.3. Multi-part MAC operations

`psa_mac_operation_t` (type)

The type of the state object for multi-part MAC operations.

typedef /* implementation-defined type */ psa_mac_operation_t;

Before calling any function on a MAC operation object, the application must initialize it by any of the following means:

Set the object to all-bits-zero, for example:

psa_mac_operation_t operation;
memset(&operation, 0, sizeof(operation));

Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:
```
static psa_mac_operation_t operation;
```
Initialize the object to the initializer PSA_MAC_OPERATION_INIT, for example:
```
psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
```
Assign the result of the function psa_mac_operation_init() to the object, for example:
```
psa_mac_operation_t operation;
operation = psa_mac_operation_init();
```

This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.

`PSA_MAC_OPERATION_INIT` (macro)

This macro returns a suitable initializer for a MAC operation object of type psa_mac_operation_t.

#define PSA_MAC_OPERATION_INIT /* implementation-defined value */

`psa_mac_operation_init` (function)

Return an initial value for a MAC operation object.

psa_mac_operation_t psa_mac_operation_init(void);

Returns: psa_mac_operation_t

`psa_mac_sign_setup` (function)

Set up a multi-part MAC calculation operation.

psa_status_t psa_mac_sign_setup(psa_mac_operation_t * operation,
                                psa_key_id_t key,
                                psa_algorithm_t alg);

Parameters

operation: The operation object to set up. It must have been initialized as per the documentation for psa_mac_operation_t and not yet in use.
key: Identifier of the key to use for the operation. It must remain valid until the operation terminates. It must allow the usage PSA_KEY_USAGE_SIGN_MESSAGE.
alg: The MAC algorithm to compute (PSA_ALG_XXX value such that PSA_ALG_IS_MAC(alg) is true).

Returns: psa_status_t

PSA_SUCCESS: Success.
PSA_ERROR_INVALID_HANDLE
PSA_ERROR_NOT_PERMITTED: The key does not have the PSA_KEY_USAGE_SIGN_MESSAGE flag, or it does not permit the requested algorithm.
PSA_ERROR_INVALID_ARGUMENT: key is not compatible with alg.
PSA_ERROR_NOT_SUPPORTED: alg is not supported or is not a MAC algorithm.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE: The key could not be retrieved from storage.
PSA_ERROR_DATA_CORRUPT: The key could not be retrieved from storage.
PSA_ERROR_DATA_INVALID: The key could not be retrieved from storage.
PSA_ERROR_BAD_STATE: The operation state is not valid: it must be inactive.
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

Description

This function sets up the calculation of the message authentication code (MAC) of a byte string. To verify the MAC of a message against an expected value, use psa_mac_verify_setup() instead.

The sequence of operations to calculate a MAC is as follows:

Allocate an operation object which will be passed to all the functions listed here.
Initialize the operation object with one of the methods described in the documentation for psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT.
Call psa_mac_sign_setup() to specify the algorithm and key.
Call psa_mac_update() zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.
At the end of the message, call psa_mac_sign_finish() to finish calculating the MAC value and retrieve it.

If an error occurs at any step after a call to psa_mac_sign_setup(), the operation will need to be reset by a call to psa_mac_abort(). The application can call psa_mac_abort() at any time after the operation has been initialized.

After a successful call to psa_mac_sign_setup(), the application must eventually terminate the operation through one of the following methods:

A successful call to psa_mac_sign_finish().
A call to psa_mac_abort().

`psa_mac_verify_setup` (function)

Set up a multi-part MAC verification operation.

psa_status_t psa_mac_verify_setup(psa_mac_operation_t * operation,
                                  psa_key_id_t key,
                                  psa_algorithm_t alg);

Parameters

operation: The operation object to set up. It must have been initialized as per the documentation for psa_mac_operation_t and not yet in use.
key: Identifier of the key to use for the operation. It must remain valid until the operation terminates. It must allow the usage PSA_KEY_USAGE_VERIFY_MESSAGE.
alg: The MAC algorithm to compute (PSA_ALG_XXX value such that PSA_ALG_IS_MAC(alg) is true).

Returns: psa_status_t

PSA_SUCCESS: Success.
PSA_ERROR_INVALID_HANDLE
PSA_ERROR_NOT_PERMITTED: The key does not have the PSA_KEY_USAGE_VERIFY_MESSAGE flag, or it does not permit the requested algorithm.
PSA_ERROR_INVALID_ARGUMENT: key is not compatible with alg.
PSA_ERROR_NOT_SUPPORTED: alg is not supported or is not a MAC algorithm.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE: The key could not be retrieved from storage
PSA_ERROR_DATA_CORRUPT: The key could not be retrieved from storage.
PSA_ERROR_DATA_INVALID: The key could not be retrieved from storage.
PSA_ERROR_BAD_STATE: The operation state is not valid: it must be inactive.
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

Description

This function sets up the verification of the message authentication code (MAC) of a byte string against an expected value.

The sequence of operations to verify a MAC is as follows:

Allocate an operation object which will be passed to all the functions listed here.
Initialize the operation object with one of the methods described in the documentation for psa_mac_operation_t, e.g. PSA_MAC_OPERATION_INIT.
Call psa_mac_verify_setup() to specify the algorithm and key.
Call psa_mac_update() zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.
At the end of the message, call psa_mac_verify_finish() to finish calculating the actual MAC of the message and verify it against the expected value.

If an error occurs at any step after a call to psa_mac_verify_setup(), the operation will need to be reset by a call to psa_mac_abort(). The application can call psa_mac_abort() at any time after the operation has been initialized.

After a successful call to psa_mac_verify_setup(), the application must eventually terminate the operation through one of the following methods:

A successful call to psa_mac_verify_finish().
A call to psa_mac_abort().

`psa_mac_update` (function)

Add a message fragment to a multi-part MAC operation.

psa_status_t psa_mac_update(psa_mac_operation_t * operation,
                            const uint8_t * input,
                            size_t input_length);

Parameters

operation: Active MAC operation.
input: Buffer containing the message fragment to add to the MAC calculation.
input_length: Size of the input buffer in bytes.

Returns: psa_status_t

PSA_SUCCESS: Success.
PSA_ERROR_BAD_STATE: The operation state is not valid: it must be active.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE
PSA_ERROR_DATA_CORRUPT
PSA_ERROR_DATA_INVALID
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

Description

The application must call psa_mac_sign_setup() or psa_mac_verify_setup() before calling this function.

If this function returns an error status, the operation enters an error state and must be aborted by calling psa_mac_abort().

`psa_mac_sign_finish` (function)

Finish the calculation of the MAC of a message.

psa_status_t psa_mac_sign_finish(psa_mac_operation_t * operation,
                                 uint8_t * mac,
                                 size_t mac_size,
                                 size_t * mac_length);

Parameters

operation

Active MAC operation.

mac

Buffer where the MAC value is to be written.

mac_size

Size of the mac buffer in bytes. This must be appropriate for the selected algorithm and key:

The exact MAC size is PSA_MAC_LENGTH(key_type, key_bits, alg) where key_type and key_bits are attributes of the key, and alg is the algorithm used to compute the MAC.
PSA_MAC_MAX_SIZE evaluates to the maximum MAC size of any supported MAC algorithm.

mac_length

On success, the number of bytes that make up the MAC value. This is always PSA_MAC_FINAL_SIZE(key_type, key_bits, alg) where key_type and key_bits are the type and bit-size respectively of the key and alg is the MAC algorithm that is calculated.

Returns: psa_status_t

PSA_SUCCESS: Success.
PSA_ERROR_BAD_STATE: The operation state is not valid: it must be an active mac sign operation.
PSA_ERROR_BUFFER_TOO_SMALL: The size of the mac buffer is too small. PSA_MAC_LENGTH() or PSA_MAC_MAX_SIZE can be used to determine the required buffer size.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE
PSA_ERROR_DATA_CORRUPT
PSA_ERROR_DATA_INVALID
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

Description

The application must call psa_mac_sign_setup() before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to psa_mac_update().

When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling psa_mac_abort().

Warning

It is not recommended to use this function when a specific value is expected for the MAC. Call psa_mac_verify_finish() instead with the expected MAC value.

Comparing integrity or authenticity data such as MAC values with a function such as memcmp() is risky because the time taken by the comparison might leak information about the hashed data which could allow an attacker to guess a valid MAC and thereby bypass security controls.

`psa_mac_verify_finish` (function)

Finish the calculation of the MAC of a message and compare it with an expected value.

psa_status_t psa_mac_verify_finish(psa_mac_operation_t * operation,
                                   const uint8_t * mac,
                                   size_t mac_length);

Parameters

operation: Active MAC operation.
mac: Buffer containing the expected MAC value.
mac_length: Size of the mac buffer in bytes.

Returns: psa_status_t

PSA_SUCCESS: The expected MAC is identical to the actual MAC of the message.
PSA_ERROR_INVALID_SIGNATURE: The MAC of the message was calculated successfully, but it differs from the expected MAC.
PSA_ERROR_BAD_STATE: The operation state is not valid: it must be an active mac verify operation.
PSA_ERROR_INSUFFICIENT_MEMORY
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_STORAGE_FAILURE
PSA_ERROR_DATA_CORRUPT
PSA_ERROR_DATA_INVALID
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

Description

The application must call psa_mac_verify_setup() before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to psa_mac_update(). It then compares the calculated MAC with the expected MAC passed as a parameter to this function.

When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling psa_mac_abort().

Note

Implementations must make the best effort to ensure that the comparison between the actual MAC and the expected MAC is performed in constant time.

`psa_mac_abort` (function)

Abort a MAC operation.

psa_status_t psa_mac_abort(psa_mac_operation_t * operation);

Parameters

operation: Initialized MAC operation.

Returns: psa_status_t

PSA_SUCCESS
PSA_ERROR_COMMUNICATION_FAILURE
PSA_ERROR_HARDWARE_FAILURE
PSA_ERROR_CORRUPTION_DETECTED
PSA_ERROR_BAD_STATE: The library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.

Description

Aborting an operation frees all associated resources except for the operation object itself. Once aborted, the operation object can be reused for another operation by calling psa_mac_sign_setup() or psa_mac_verify_setup() again.

This function can be called any time after the operation object has been initialized by one of the methods described in psa_mac_operation_t.

In particular, calling psa_mac_abort() after the operation has been terminated by a call to psa_mac_abort(), psa_mac_sign_finish() or psa_mac_verify_finish() is safe and has no effect.

10.3.4. Support macros

`PSA_ALG_IS_HMAC` (macro)

Whether the specified algorithm is an HMAC algorithm.

#define PSA_ALG_IS_HMAC(alg) /* specification-defined value */

Parameters

alg: An algorithm identifier (value of type psa_algorithm_t).

Returns

1 if alg is an HMAC algorithm, 0 otherwise. This macro can return either 0 or 1 if alg is not a supported algorithm identifier.

Description

HMAC is a family of MAC algorithms that are based on a hash function.

`PSA_ALG_IS_BLOCK_CIPHER_MAC` (macro)

Whether the specified algorithm is a MAC algorithm based on a block cipher.

#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) /* specification-defined value */

Parameters

alg: An algorithm identifier (value of type psa_algorithm_t).

Returns

1 if alg is a MAC algorithm based on a block cipher, 0 otherwise. This macro can return either 0 or 1 if alg is not a supported algorithm identifier.

`PSA_ALG_FULL_LENGTH_MAC` (macro)

Macro to construct the MAC algorithm with a full length MAC, from a truncated MAC algorithm.

#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) /* specification-defined value */

Parameters

mac_alg: A MAC algorithm identifier (value of type psa_algorithm_t such that PSA_ALG_IS_MAC(alg) is true). This can be a truncated or untruncated MAC algorithm.

Returns

The corresponding MAC algorithm with a full length MAC.

Unspecified if alg is not a supported MAC algorithm.

`PSA_MAC_LENGTH` (macro)

The size of the output of psa_mac_compute() and psa_mac_sign_finish(), in bytes.

#define PSA_MAC_LENGTH(key_type, key_bits, alg) \
    /* implementation-defined value */

Parameters

key_type: The type of the MAC key.
key_bits: The size of the MAC key in bits.
alg: A MAC algorithm (PSA_ALG_XXX value such that PSA_ALG_IS_MAC(alg) is true).

Returns

The MAC length for the specified algorithm with the specified key parameters.

0 if the MAC algorithm is not recognized.

Either 0 or the correct length for a MAC algorithm that the implementation recognizes, but does not support.

Unspecified if the key parameters are not consistent with the algorithm.

Description

This is also the MAC length that psa_mac_verify() and psa_mac_verify_finish() expects.

`PSA_MAC_MAX_SIZE` (macro)

Maximum size of a MAC.

#define PSA_MAC_MAX_SIZE /* implementation-defined value */

This macro must expand to a compile-time constant integer. It is recommended that this value is the maximum size of a MAC supported by the implementation, in bytes. The value must not be smaller than this maximum.

10.3. Message authentication codes (MAC)

10.3.1. MAC algorithms

PSA_ALG_HMAC (macro)

PSA_ALG_TRUNCATED_MAC (macro)

PSA_ALG_CBC_MAC (macro)

PSA_ALG_CMAC (macro)

10.3.2. Single-part MAC functions

psa_mac_compute (function)

psa_mac_verify (function)

10.3.3. Multi-part MAC operations

psa_mac_operation_t (type)

PSA_MAC_OPERATION_INIT (macro)

psa_mac_operation_init (function)

psa_mac_sign_setup (function)

psa_mac_verify_setup (function)

psa_mac_update (function)

psa_mac_sign_finish (function)

psa_mac_verify_finish (function)

psa_mac_abort (function)

10.3.4. Support macros

PSA_ALG_IS_HMAC (macro)

PSA_ALG_IS_BLOCK_CIPHER_MAC (macro)

PSA_ALG_FULL_LENGTH_MAC (macro)

PSA_MAC_LENGTH (macro)

PSA_MAC_MAX_SIZE (macro)

`PSA_ALG_HMAC` (macro)

`PSA_ALG_TRUNCATED_MAC` (macro)

`PSA_ALG_CBC_MAC` (macro)

`PSA_ALG_CMAC` (macro)

`psa_mac_compute` (function)

`psa_mac_verify` (function)

`psa_mac_operation_t` (type)

`PSA_MAC_OPERATION_INIT` (macro)

`psa_mac_operation_init` (function)

`psa_mac_sign_setup` (function)

`psa_mac_verify_setup` (function)

`psa_mac_update` (function)

`psa_mac_sign_finish` (function)

`psa_mac_verify_finish` (function)

`psa_mac_abort` (function)

`PSA_ALG_IS_HMAC` (macro)

`PSA_ALG_IS_BLOCK_CIPHER_MAC` (macro)

`PSA_ALG_FULL_LENGTH_MAC` (macro)

`PSA_MAC_LENGTH` (macro)

`PSA_MAC_MAX_SIZE` (macro)