wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Get rid of the diversity of names for MAC parameters

Browse source 
The EVP_PKEY MAC implementations had a diversity of controls that were
really the same thing.  We did reproduce that for the provider based
MACs, but are changing our minds on this.  Instead of that, we now use
one parameter name for passing the name of the underlying ciphers or
digests to a MAC implementation, "cipher" and "digest", and one
parameter name for passing the output size of the MAC, "size".

Then we leave it to the EVP_PKEY->EVP_MAC bridge to translate "md"
to "digest", and "digestsize" to "size".

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9667)
This commit is contained in:
Richard Levitte 2019-08-22 12:50:00 +02:00
parent 9f57e2184d
commit 703170d4b9
18 changed files with 98 additions and 122 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
crypto/crmf/crmf_pbm.c
View file

@ -207,7 +207,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
}
macparams[0] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
(char *)mdname, strlen(mdname) + 1);
macparams[1] =
OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, basekey, bklen);

2
crypto/evp/mac_lib.c
View file

@ -89,7 +89,7 @@ size_t EVP_MAC_size(EVP_MAC_CTX *ctx)
if (ctx->data != NULL) {
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, &sz);
params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &sz);
if (ctx->meth->get_ctx_params != NULL) {
if (ctx->meth->get_ctx_params(ctx->data, params))
return sz;

2
crypto/evp/p_lib.c
View file

@ -345,7 +345,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
(char *)engine_name,
strlen(engine_name) + 1);
params[paramsn++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
(char *)cipher_name,
strlen(cipher_name) + 1);
params[paramsn++] =

22
crypto/evp/pkey_mac.c
View file

@ -281,7 +281,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
engineid,
strlen(engineid) + 1);
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
ciphname,
strlen(ciphname) + 1);
params[params_n] = OSSL_PARAM_construct_end();
@ -336,13 +336,13 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
*/
params[0] =
OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, &size);
OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &size);
if (!EVP_MAC_CTX_set_params(hctx->ctx, params))
return 0;
params[0] =
OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, &verify);
OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &verify);
if (!EVP_MAC_CTX_get_params(hctx->ctx, params))
return 0;
@ -407,7 +407,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
engineid_l);
}
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
mdname,
strlen(mdname) + 1);
params[params_n++] =
@ -441,6 +441,20 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
OSSL_PARAM params[2];
int ok = 0;
/*
* Translation of some control names that are equivalent to a single
* parameter name.
*
* "md" and "digest" are the same thing, we use the single "digest"
*
* "digestsize" was a setting control in siphash, but naming wise,
* it's really the same as "size".
*/
if (strcmp(type, "md") == 0)
type = OSSL_MAC_PARAM_DIGEST;
else if (strcmp(type, "digestsize") == 0)
type = OSSL_MAC_PARAM_SIZE;
if (!OSSL_PARAM_allocate_from_text(&params[0],
EVP_MAC_CTX_settable_params(mac),
type, value, strlen(value) + 1))

4
crypto/kdf/sskdf.c
View file

@ -168,7 +168,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom,
|| kmac_out_len == 64))
return 0;
params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN,
params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE,
&kmac_out_len);
if (EVP_MAC_CTX_set_params(ctx, params) <= 0)
@ -222,7 +222,7 @@ static int SSKDF_mac_kdm(EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
if (hmac_md != NULL) {
const char *mdname = EVP_MD_name(hmac_md);
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
(char *)mdname,
strlen(mdname) + 1);
}

2
crypto/kdf/tls1_prf.c
View file

@ -251,7 +251,7 @@ static int tls1_prf_P_hash(const EVP_MD *md,
/* TODO(3.0) rethink "flags", also see hmac.c in providers */
mac_flags = EVP_MD_CTX_FLAG_NON_FIPS_ALLOW;
params[0] = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_FLAGS, &mac_flags);
params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
(char *)mdname,
strlen(mdname) + 1);
params[2] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,

2
crypto/modes/siv128.c
View file

@ -172,7 +172,7 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
OSSL_PARAM params[3];
const char *cbc_name = EVP_CIPHER_name(cbc);
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
(char *)cbc_name,
strlen(cbc_name) + 1);
params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,

25
doc/man7/provider-mac.pod
View file

@ -178,21 +178,12 @@ Gets flags associated with the MAC.
=for comment We need to investigate if this is the right approach
=item B<OSSL_MAC_PARAM_ALGORITHM> (utf8 string)
Sets the name of the underlying algorithm to be used.
It must name a suitable algorithm for the MAC that's being used.
=item B<OSSL_MAC_PARAM_MD> (utf8 string)
=item B<OSSL_MAC_PARAM_CIPHER> (utf8 string)
=item B<OSSL_MAC_PARAM_DIGEST> (utf8 string)
=item B<OSSL_MAC_PARAM_CIPHER> (utf8 string)
These have the same meaning as B<OSSL_MAC_PARAM_ALGORITHM>, but specify
the expected operation for the underlying algorithm.
These are regarded as antiquated, but are kept for easier transition from
legacy MAC implementations.
Sets the name of the underlying cipher or digest to be used.
It must name a suitable algorithm for the MAC that's being used.
=item B<OSSL_MAC_PARAM_ENGINE> (utf8 string)
@ -212,13 +203,11 @@ and engine, or a built in legacy function depends on what is available.
=item B<OSSL_MAC_PARAM_SIZE> (int)
=item B<OSSL_MAC_PARAM_DIGESTSIZE> (int)
Can be used to get the resulting MAC size.
=item B<OSSL_MAC_PARAM_OUTLEN> (int)
All three names are considered the same.
B<OSSL_MAC_PARAM_SIZE> and B<OSSL_MAC_PARAM_DIGESTSIZE> are considered
antiquated, but are kept for easier transition from legacy MAC implementations.
With some MAC algorithms, it can also be used to set the size that the
resulting MAC should have.
Allowable sizes are decided within each implementation.
=back

13
include/openssl/core_names.h
View file

@ -75,18 +75,15 @@ extern "C" {
#define OSSL_MAC_PARAM_SALT "salt" /* octet string */
#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */
#define OSSL_MAC_PARAM_FLAGS "flags" /* int */
/* Note that "md" and "digest" are equivalent */
#define OSSL_MAC_PARAM_MD "md" /* utf8 string */
#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */
/*
* If "engine" or "properties" are specified, they should always be paired
* with "cipher" or "digest".
*/
#define OSSL_MAC_PARAM_CIPHER "cipher" /* utf8 string */
/* Note that "algorithm" can be used instead of "md", "digest" or "cipher" */
#define OSSL_MAC_PARAM_ALGORITHM "algorithm" /* utf8 string */
#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */
#define OSSL_MAC_PARAM_ENGINE "engine" /* utf8 string */
#define OSSL_MAC_PARAM_PROPERTIES "properties" /* utf8 string */
/* Note that "size", "digestsize" and "outlen" are equivalent */
#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
#define OSSL_MAC_PARAM_DIGESTSIZE "digestsize" /* size_t */
#define OSSL_MAC_PARAM_OUTLEN "outlen" /* size_t */
/* Known MAC names (not a complete list) */
#define OSSL_MAC_NAME_CMAC "CMAC"

12
providers/common/macs/cmac_prov.c
View file

@ -140,8 +140,7 @@ static int cmac_final(void *vmacctx, unsigned char *out, size_t *outl,
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *cmac_gettable_ctx_params(void)
@ -153,16 +152,13 @@ static int cmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, cmac_size(vmacctx));
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
/* "algorithm" and "cipher" are the same parameter */
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ALGORITHM, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_CIPHER, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ENGINE, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0),
@ -182,9 +178,7 @@ static int cmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
struct cmac_data_st *macctx = vmacctx;
const OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL
|| ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_ALGORITHM))
!= NULL)) {
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;

14
providers/common/macs/gmac_prov.c
View file

@ -53,7 +53,7 @@ struct gmac_data_st {
/*
* Conditions for legacy EVP_CIPHER uses.
*/
ENGINE *engine; /* Engine implementing the algorithm */
ENGINE *engine; /* Engine implementing the cipher */
};
static size_t gmac_size(void);
@ -150,8 +150,7 @@ static size_t gmac_size(void)
}
static const OSSL_PARAM known_gettable_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *gmac_gettable_params(void)
@ -163,16 +162,13 @@ static int gmac_get_params(OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, gmac_size());
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
/* "algorithm" and "cipher" are the same parameter */
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ALGORITHM, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_CIPHER, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ENGINE, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0),
@ -194,9 +190,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
EVP_CIPHER_CTX *ctx = macctx->ctx;
const OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL
|| (p = OSSL_PARAM_locate_const(params,
OSSL_MAC_PARAM_ALGORITHM)) != NULL) {
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;

12
providers/common/macs/hmac_prov.c
View file

@ -151,8 +151,7 @@ static int hmac_final(void *vmacctx, unsigned char *out, size_t *outl,
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *hmac_gettable_ctx_params(void)
@ -164,16 +163,13 @@ static int hmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, hmac_size(vmacctx));
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
/* "algorithm" and "digest" are the same parameter */
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ALGORITHM, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_DIGEST, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ENGINE, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0),
@ -194,9 +190,7 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
struct hmac_data_st *macctx = vmacctx;
const OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_DIGEST)) != NULL
|| (p = OSSL_PARAM_locate_const(params,
OSSL_MAC_PARAM_ALGORITHM)) != NULL) {
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_DIGEST)) != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;

13
providers/common/macs/kmac_prov.c
View file

@ -311,9 +311,7 @@ static int kmac_final(void *vmacctx, unsigned char *out, size_t *outl,
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_DIGESTSIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *kmac_gettable_ctx_params(void)
@ -325,9 +323,7 @@ static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_DIGESTSIZE)) != NULL)
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, kmac_size(vmacctx));
return 1;
@ -335,7 +331,6 @@ static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_int(OSSL_MAC_PARAM_XOF, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0),
@ -363,9 +358,7 @@ static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params)
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_XOF)) != NULL
&& !OSSL_PARAM_get_int(p, &kctx->xof_mode))
return 0;
if (((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
||
(p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL)
if (((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL)
&& !OSSL_PARAM_get_size_t(p, &kctx->out_len))
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {

11
providers/default/macs/blake2_mac_impl.c
View file

@ -108,8 +108,7 @@ static int blake2_mac_final(void *vmacctx,
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *blake2_gettable_ctx_params(void)
@ -121,15 +120,13 @@ static int blake2_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, blake2_mac_size(vmacctx));
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0),
@ -149,9 +146,7 @@ static int blake2_mac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
struct blake2_mac_data_st *macctx = vmacctx;
const OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
||
(p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
size_t size;
if (!OSSL_PARAM_get_size_t(p, &size)

6
providers/default/macs/poly1305_prov.c
View file

@ -106,8 +106,7 @@ static int poly1305_final(void *vmacctx, unsigned char *out, size_t *outl,
}
static const OSSL_PARAM known_gettable_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *poly1305_gettable_params(void)
@ -119,8 +118,7 @@ static int poly1305_get_params(OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, poly1305_size());
return 1;

18
providers/default/macs/siphash_prov.c
View file

@ -111,9 +111,7 @@ static int siphash_final(void *vmacctx, unsigned char *out, size_t *outl,
}
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_DIGESTSIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *siphash_gettable_ctx_params(void)
@ -125,18 +123,14 @@ static int siphash_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
|| (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_DIGESTSIZE)) != NULL)
if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
return OSSL_PARAM_set_size_t(p, siphash_size(vmacctx));
return 1;
}
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL),
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_DIGESTSIZE, NULL), /* Same as "outlen" */
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
OSSL_PARAM_END
};
@ -150,11 +144,7 @@ static int siphash_set_params(void *vmacctx, const OSSL_PARAM *params)
struct siphash_data_st *ctx = vmacctx;
const OSSL_PARAM *p = NULL;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_OUTLEN)) != NULL
|| ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_DIGESTSIZE))
!= NULL)
|| ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE))
!= NULL)) {
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
size_t size;
if (!OSSL_PARAM_get_size_t(p, &size)

28
test/evp_test.c
View file

@ -1163,11 +1163,29 @@ static int mac_test_run_mac(EVP_TEST *t)
}
#endif
if (expected->alg != NULL)
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM,
expected->alg,
strlen(expected->alg) + 1);
if (expected->alg != NULL) {
/*
* The underlying algorithm may be a cipher or a digest.
* We don't know which it is, but we can ask the MAC what it
* should be and bet on that.
*/
if (OSSL_PARAM_locate_const(defined_params,
OSSL_MAC_PARAM_CIPHER) != NULL) {
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
expected->alg,
strlen(expected->alg) + 1);
} else if (OSSL_PARAM_locate_const(defined_params,
OSSL_MAC_PARAM_DIGEST) != NULL) {
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
expected->alg,
strlen(expected->alg) + 1);
} else {
t->err = "MAC_BAD_PARAMS";
goto err;
}
}
if (expected->key != NULL)
params[params_n++] =
OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,

32
test/recipes/30-test_evp_data/evpmac.txt
View file

@ -131,7 +131,7 @@ Output = 5150d1772f50834a503e069a973fbd7c
# SIPHASH - default values: 2,4 rounds, explicit 8-byte mac
MAC = SipHash
Ctrl = digestsize:8
Ctrl = size:8
Key = 000102030405060708090A0B0C0D0E0F
Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
Output = 724506EB4C328A95
@ -139,7 +139,7 @@ Output = 724506EB4C328A95
# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac
MAC = SipHash
Ctrl = digestsize:16
Ctrl = size:16
Key = 000102030405060708090A0B0C0D0E0F
Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
Output = 5150d1772f50834a503e069a973fbd7c
@ -147,7 +147,7 @@ Output = 5150d1772f50834a503e069a973fbd7c
# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac (set as 0)
MAC = SipHash
Ctrl = digestsize:0
Ctrl = size:0
Key = 000102030405060708090A0B0C0D0E0F
Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
Output = 5150d1772f50834a503e069a973fbd7c
@ -155,7 +155,7 @@ Output = 5150d1772f50834a503e069a973fbd7c
# SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size)
MAC = SipHash
Ctrl = digestsize:13
Ctrl = size:13
Key = 000102030405060708090A0B0C0D0E0F
Result = MAC_BAD_PARAMS
@ -163,7 +163,7 @@ Result = MAC_BAD_PARAMS
# by EVP_PKEY this time
MAC = SipHash by EVP_PKEY
Ctrl = digestsize:13
Ctrl = size:13
Key = 000102030405060708090A0B0C0D0E0F
Result = EVPPKEYCTXCTRL_ERROR
@ -324,19 +324,19 @@ Output = 233a6c732212f4813ec4c9f357e35297e59a652fd24155205f00363f7c54734ee1e8c73
MAC = BLAKE2BMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Ctrl = outlen:128
Ctrl = size:128
Result = MAC_BAD_PARAMS
MAC = BLAKE2BMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Input = "Sample input for outlen<digest_length"
Ctrl = outlen:1
Ctrl = size:1
Output = 2a
MAC = BLAKE2BMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Input = "Sample input for outlen<digest_length"
Ctrl = outlen:32
Ctrl = size:32
Output = 7fa43c7735fcacad9fce2b44bef37dba6501ab48c9397bedb5562a682e519793
MAC = BLAKE2BMAC
@ -344,7 +344,7 @@ Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Input = "Combo input with outlen, custom and salt"
Custom = "application"
Salt = 000102030405060708090a0b0c0d0e0f
Ctrl = outlen:32
Ctrl = size:32
Output = 51742fc491171eaf6b9459c8b93a44bbf8f44a0b4869a17fa178c8209918ad96
MAC = BLAKE2SMAC
@ -380,18 +380,18 @@ Output = e9f7704dfe5080a4aafe62a806f53ea7f98ffc24175164158f18ec5497b961f5
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f
Ctrl = outlen:64
Ctrl = size:64
Result = MAC_BAD_PARAMS
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f
Ctrl = outlen:16
Ctrl = size:16
Input = "Sample input for outlen<digest_length"
Output = a09fb3d513efc3ed58dd1264de3c59f5
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f
Ctrl = outlen:16
Ctrl = size:16
Custom = "app"
Salt = 0001020304050607
Input = "Combo input with outlen, custom and salt"
@ -712,7 +712,7 @@ Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
Custom = "My Tagged Application"
Output = 1F5B4E6CCA02209E0DCB5CA635B89A15E271ECC760071DFD805FAA38F9729230
Ctrl = outlen:32
Ctrl = size:32
MAC = KMAC256
Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
@ -731,7 +731,7 @@ Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
Custom = "My Tagged Application"
Output = B58618F71F92E1D56C1B8C55DDD7CD188B97B4CA4D99831EB2699A837DA2E4D970FBACFDE50033AEA585F1A2708510C32D07880801BD182898FE476876FC8965
Ctrl = outlen:64
Ctrl = size:64
Title = KMAC XOF Tests (From NIST)
@ -754,7 +754,7 @@ Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223
Custom = "My Tagged Application"
Output = 47026C7CD793084AA0283C253EF658490C0DB61438B8326FE9BDDF281B83AE0F
Ctrl = xof:1
Ctrl = outlen:32
Ctrl = size:32
MAC = KMAC256
Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
@ -775,7 +775,7 @@ Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
Custom = "My Tagged Application"
Output = D5BE731C954ED7732846BB59DBE3A8E30F83E77A4BFF4459F2F1C2B4ECEBB8CE67BA01C62E8AB8578D2D499BD1BB276768781190020A306A97DE281DCC30305D
Ctrl = outlen:64
Ctrl = size:64
Ctrl = xof:1