esp_idf_hal::sys

Function psa_mac_sign_finish

Source
pub unsafe extern "C" fn psa_mac_sign_finish(
    operation: *mut psa_mac_operation_s,
    mac: *mut u8,
    mac_size: usize,
    mac_length: *mut usize,
) -> i32
Expand description

Finish the calculation of the MAC of a message.

The application must call psa_mac_sign_setup() before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to psa_mac_update().

When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling psa_mac_abort().

\warning Applications should not call this function if they expect a specific value for the MAC. Call psa_mac_verify_finish() instead. Beware that comparing integrity or authenticity data such as MAC values with a function such as \c memcmp is risky because the time taken by the comparison may leak information about the MAC value which could allow an attacker to guess a valid MAC and thereby bypass security controls.

\param[in,out] operation Active MAC operation. \param[out] mac Buffer where the MAC value is to be written. \param mac_size Size of the \p mac buffer in bytes. \param[out] mac_length On success, the number of bytes that make up the MAC value. This is always #PSA_MAC_LENGTH(\c key_type, \c key_bits, \c alg) where \c key_type and \c key_bits are the type and bit-size respectively of the key and \c alg is the MAC algorithm that is calculated.

\retval #PSA_SUCCESS Success. \retval #PSA_ERROR_BUFFER_TOO_SMALL The size of the \p mac buffer is too small. You can determine a sufficient buffer size by calling PSA_MAC_LENGTH(). \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription \retval #PSA_ERROR_COMMUNICATION_FAILURE \emptydescription \retval #PSA_ERROR_HARDWARE_FAILURE \emptydescription \retval #PSA_ERROR_CORRUPTION_DETECTED \emptydescription \retval #PSA_ERROR_STORAGE_FAILURE \emptydescription \retval #PSA_ERROR_BAD_STATE The operation state is not valid (it must be an active mac sign operation), or the library has not been previously initialized by psa_crypto_init(). It is implementation-dependent whether a failure to initialize results in this error code.