2.1 Additional Hash algorithms¶
These algorithms extend those defined in PSA Certified Crypto API [PSA-CRYPT] §10.2 Message digests. They are used with the hash functions and multi-part operations, or combined with composite algorithms that are parameterized by a hash algorithm.
2.1.1 SHA-256-based hash algorithms¶
PSA_ALG_SHA_256_192
(macro)¶
The SHA-256/192 message digest algorithm.
Added in version 1.3.
#define PSA_ALG_SHA_256_192 ((psa_algorithm_t)0x0200000E)
SHA-256/192 is the first 192 bits (24 bytes) of the SHA-256 output. SHA-256 is defined in [FIPS180-4].
2.1.2 SHAKE-based hash algorithms¶
PSA_ALG_SHAKE128_256
(macro)¶
The SHAKE128/256 message digest algorithm.
Added in version 1.3.
#define PSA_ALG_SHAKE128_256 ((psa_algorithm_t)0x02000016)
SHAKE128/256 is the first 256 bits (32 bytes) of the SHAKE128 output. SHAKE128 is defined in [FIPS202].
This can be used as pre-hashing for SLH-DSA (see PSA_ALG_HASH_SLH_DSA()
).
Note
For other scenarios where a hash function based on SHA3 or SHAKE is required, SHA3-256 is recommended. SHA3-256 has the same output size, and a theoretically higher security strength.
PSA_ALG_SHAKE256_192
(macro)¶
The SHAKE256/192 message digest algorithm.
Added in version 1.3.
#define PSA_ALG_SHAKE256_192 ((psa_algorithm_t)0x02000017)
SHAKE256/192 is the first 192 bits (24 bytes) of the SHAKE256 output. SHAKE256 is defined in [FIPS202].
PSA_ALG_SHAKE256_256
(macro)¶
The SHAKE256/256 message digest algorithm.
Added in version 1.3.
#define PSA_ALG_SHAKE256_256 ((psa_algorithm_t)0x02000018)
SHAKE256/256 is the first 256 bits (32 bytes) of the SHAKE256 output. SHAKE256 is defined in [FIPS202].