From 6983b4fffcb062c5e5ebe595880686c2a2dca620 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 3 May 2021 11:41:49 +0200 Subject: [PATCH] Add identifier for PBKDF2 with AES-CMAC-PRF-128 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This algorithm is used for example by the Thread 1.1.1 specification, which is not public but can be obtained free of charge at https://www.threadgroup.org/ThreadSpec Here it doesn't really make sense to define a parametrised family, as this really seems to be the only use of PBKDF2 with a CMAC-based PRF (or with any PRF other than HMAC with SHA1 or SHA2, for that matter). Signed-off-by: Manuel Pégourié-Gonnard --- include/psa/crypto_values.h | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 917a0a263..fa008d45a 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1779,6 +1779,17 @@ #define PSA_ALG_PBKDF2_HMAC_GET_HASH(hkdf_alg) \ (PSA_ALG_CATEGORY_HASH | ((hkdf_alg) & PSA_ALG_HASH_MASK)) +/** The PBKDF2-AES-CMAC-PRF-128 password hashing / key stretching algorithm. + * + * PBKDF2 is defined by PKCS#5, republished as RFC 8018 (section 5.2). + * This macro specifies the PBKDF2 algorithm constructed using the + * AES-CMAC-PRF-128 PRF specified by RFC 4615. + * + * This key derivation algorithm uses the same inputs as + * #PBKDF_ALG_PBKDF2_HMAC() with the same constraints. + */ +#define PSA_ALG_PBKDF2_AES_CMAC_PRF_128 ((psa_algorithm_t)0x08008200) + #define PSA_ALG_KEY_DERIVATION_MASK ((psa_algorithm_t)0xfe00ffff) #define PSA_ALG_KEY_AGREEMENT_MASK ((psa_algorithm_t)0xffff0000)