Skip to content

Add support for XOF algorithms #253

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 3, 2025
Merged

Add support for XOF algorithms #253

merged 2 commits into from
Oct 3, 2025

Conversation

athoelke
Copy link
Contributor

  • Add psa_xof_operation_t and its functions.
  • Add SHAKE128 and SHAKE256 XOF algorithms.

Fixes #248

@athoelke athoelke added enhancement New feature or request Crypto API Issue or PR related to the Cryptography API labels Apr 30, 2025
@athoelke athoelke added this to the Crypto API 1.4 milestone Apr 30, 2025
@athoelke athoelke self-assigned this Apr 30, 2025
@athoelke
Copy link
Contributor Author

Would value any feedback on the naming of the input/output functions for the XOF operation API. As noted in the TODO in this PR:

Should it be psa_xof_input() and psa_xof_output() (current), or psa_xof_input_bytes() and psa_xof_output_bytes(), or something else?

For comparison:

  • Hash operations use update() and finish(), but only have a single output call. update() and output() doesn't seem quite right.
  • KDF operations have input_bytes() and output_bytes(), but also have _key() variants so distinguishing bytes vs keys is necessary for KDF.
  • PAKE operations has input() and output() for the data transfer protocol steps.

@athoelke athoelke moved this to In Progress in PSA Certified API development Apr 30, 2025
@athoelke athoelke mentioned this pull request Apr 30, 2025
Closed
MarcusJGStreets
MarcusJGStreets approved these changes May 13, 2025
View reviewed changes
Copy link
Contributor

@MarcusJGStreets MarcusJGStreets left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I like psa_xof_input() and psa_xof_output().

As a XOF does not accept a key, the _bytes() seems tautologous to me, and therefore I would go for the shorter name.

So I am happy as is - though obviously the todo section needs to be removed.

I like the change to numbering in tens - reminds me of BBC BASIC. :-)

@athoelke
Copy link
Contributor Author

Rebased after fixing copyright dates in one of the set-up commits.

@athoelke athoelke force-pushed the crypto-xof branch 2 times, most recently from bf467ea to 538ce56 Compare June 11, 2025 07:10
@athoelke athoelke mentioned this pull request Aug 28, 2025
Open
@athoelke
Copy link
Contributor Author

I am tempted to revisit the naming convention question.

All existing multi-part operations that take incremental inputs use the verb 'update' to add inputs: hash, MAC, cipher, AEAD. KDF uses the verb 'input' as there are many different inputs, and they are not streamed into the KDF.

For streamed output, KDF does use 'output', but in this case, the behavior of the output functions is the same as we need for XOF.

So, my revised opinion is to use the pair: psa_xof_update() and psa_xof_output(). psa_xof_update() matches expectation for a developer familiar with the existing multi-part operations.

Although this is not 'a matching pair', that statement is true of all of the other streaming input multi-part operations, which use update/finish or update/compare.

@athoelke athoelke marked this pull request as ready for review September 3, 2025 13:26
@athoelke
Copy link
Contributor Author

athoelke commented Sep 3, 2025

Changed the input function to psa_xof_update() to align with other multi-part operations in the API.

@athoelke athoelke mentioned this pull request Sep 12, 2025
Open
@athoelke
Add support for XOF algorithms
64da7cc 
* Add psa_xof_operation_t and its functions.
* Add SHAKE128 and SHAKE256 XOF algorithms.
@athoelke
Rename psa_xof_input to psa_xof_update
285a5e5
@athoelke athoelke merged commit bba0093 into ARM-software:main Oct 3, 2025
@github-project-automation github-project-automation bot moved this from In Progress to Done in PSA Certified API development Oct 3, 2025
@athoelke athoelke deleted the crypto-xof branch October 3, 2025 16:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarcusJGStreets MarcusJGStreets MarcusJGStreets approved these changes

@gilles-peskine-arm gilles-peskine-arm Awaiting requested review from gilles-peskine-arm

Assignees

@athoelke athoelke

Labels
Crypto API Issue or PR related to the Cryptography API enhancement New feature or request
Projects
PSA Certified API development
Status: Done
Milestone
Crypto API 1.4
Development

Successfully merging this pull request may close these issues.

API for XOF algorithms
2 participants
@athoelke @MarcusJGStreets