Compute/Verify truncated MAC using AES-128 CMAC calculation with PSA API

Hi,

I fiddled around with examples using the PSA API to compute a MAC by AES-128 CMAC. That worked out fine. I can import a key, use it to compute the mac over a message and verify it in my example. The MAC created is 16 bytes long. Now I looked around how to handle a truncated MAC of 5 byte, but found no hints in the PSA API, how to handle them.

Can anyone point me into the right direction?

Thank's allot

Stephan

Parents

0 GeneralPurpose 10 hours ago
Ahaaa! I found that but didn't understand the usage of that macro at first: So I put in my algorithm and length of MAC to be and get a algorithm back:

psa_algorithm trunc_algo = PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 5u);

With that new trunc_algo as my keys attribute I import my key and just use it for signing/verification with the new algorithm, like the original PSA_ALG_CMAC.

The example I wrote works correctly with that, thanks for your help!

Stephan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 GeneralPurpose 10 hours ago
Ahaaa! I found that but didn't understand the usage of that macro at first: So I put in my algorithm and length of MAC to be and get a algorithm back:

psa_algorithm trunc_algo = PSA_ALG_TRUNCATED_MAC(PSA_ALG_CMAC, 5u);

With that new trunc_algo as my keys attribute I import my key and just use it for signing/verification with the new algorithm, like the original PSA_ALG_CMAC.

The example I wrote works correctly with that, thanks for your help!

Stephan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data