From 4076d3e9f3b46318a9eb5be1175c7dce2a6e605c Mon Sep 17 00:00:00 2001
From: gabor-mezei-arm <gabor.mezei@arm.com>
Date: Mon, 1 Mar 2021 15:34:18 +0100
Subject: [PATCH] Implement one-shot MAC functions

Implement one-shot MAC APIs, psa_mac_compute and psa_mac_verify, introduced in PSA Crypto API 1.0.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
---
 library/psa_crypto.c | 61 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7921eb2313..a6697f6f40 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2444,7 +2444,68 @@ cleanup:
     return( status == PSA_SUCCESS ? abort_status : status );
 }
 
+psa_status_t psa_mac_compute( mbedtls_svc_key_id_t key,
+                              psa_algorithm_t alg,
+                              const uint8_t *input,
+                              size_t input_length,
+                              uint8_t *mac,
+                              size_t mac_size,
+                              size_t *mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
 
+    status = psa_mac_sign_setup( &operation, key, alg );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_mac_update( &operation, input, input_length );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_mac_sign_finish( &operation, mac, mac_size, mac_length );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+exit:
+    if ( status == PSA_SUCCESS )
+        status = psa_mac_abort( &operation );
+    else
+        psa_mac_abort( &operation );
+
+    return ( status );
+}
+
+psa_status_t psa_mac_verify( mbedtls_svc_key_id_t key,
+                             psa_algorithm_t alg,
+                             const uint8_t *input,
+                             size_t input_length,
+                             const uint8_t *mac,
+                             size_t mac_length)
+{
+    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+    psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
+
+    status = psa_mac_verify_setup( &operation, key, alg );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_mac_update( &operation, input, input_length );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+    status = psa_mac_verify_finish( &operation, mac, mac_length );
+    if( status != PSA_SUCCESS )
+        goto exit;
+
+exit:
+    if ( status == PSA_SUCCESS )
+        status = psa_mac_abort( &operation );
+    else
+        psa_mac_abort( &operation );
+
+    return ( status );
+}
 
 /****************************************************************/
 /* Asymmetric cryptography */