]>
Commit | Line | Data |
---|---|---|
5e55159b RL |
1 | /* |
2 | * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4a8b0c55 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5e55159b RL |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
e74bd290 | 10 | #include <string.h> |
5e55159b RL |
11 | #include <openssl/err.h> |
12 | #include <openssl/evp.h> | |
e74bd290 RL |
13 | #include <openssl/engine.h> |
14 | #include <openssl/params.h> | |
15 | #include <openssl/core_names.h> | |
5e55159b | 16 | #include "internal/evp_int.h" |
be5fc053 | 17 | #include "evp_locl.h" |
5e55159b RL |
18 | |
19 | /* MAC PKEY context structure */ | |
20 | ||
21 | typedef struct { | |
22 | EVP_MAC_CTX *ctx; | |
23 | ||
24 | /* | |
25 | * We know of two MAC types: | |
26 | * | |
27 | * 1. those who take a secret in raw form, i.e. raw data as a | |
28 | * ASN1_OCTET_STRING embedded in a EVP_PKEY. So far, that's | |
29 | * all of them but CMAC. | |
30 | * 2. those who take a secret with associated cipher in very generic | |
31 | * form, i.e. a complete EVP_MAC_CTX embedded in a PKEY. So far, | |
32 | * only CMAC does this. | |
33 | * | |
34 | * (one might wonder why the second form isn't used for all) | |
35 | */ | |
36 | #define MAC_TYPE_RAW 1 /* HMAC like MAC type (all but CMAC so far) */ | |
37 | #define MAC_TYPE_MAC 2 /* CMAC like MAC type (only CMAC known so far) */ | |
38 | int type; | |
39 | ||
40 | /* The following is only used for MAC_TYPE_RAW implementations */ | |
41 | struct { | |
42 | const EVP_MD *md; /* temp storage of MD */ | |
43 | ASN1_OCTET_STRING ktmp; /* temp storage for key */ | |
44 | } raw_data; | |
45 | } MAC_PKEY_CTX; | |
46 | ||
e74bd290 RL |
47 | static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx); |
48 | ||
5e55159b RL |
49 | static int pkey_mac_init(EVP_PKEY_CTX *ctx) |
50 | { | |
51 | MAC_PKEY_CTX *hctx; | |
e74bd290 | 52 | /* We're being smart and using the same base NIDs for PKEY and for MAC */ |
5e55159b | 53 | int nid = ctx->pmeth->pkey_id; |
e74bd290 | 54 | EVP_MAC *mac = EVP_MAC_fetch(NULL, OBJ_nid2sn(nid), NULL); |
5e55159b RL |
55 | |
56 | if ((hctx = OPENSSL_zalloc(sizeof(*hctx))) == NULL) { | |
57 | EVPerr(EVP_F_PKEY_MAC_INIT, ERR_R_MALLOC_FAILURE); | |
58 | return 0; | |
59 | } | |
60 | ||
e74bd290 | 61 | hctx->ctx = EVP_MAC_CTX_new(mac); |
5e55159b RL |
62 | if (hctx->ctx == NULL) { |
63 | OPENSSL_free(hctx); | |
64 | return 0; | |
65 | } | |
66 | ||
67 | if (nid == EVP_PKEY_CMAC) { | |
68 | hctx->type = MAC_TYPE_MAC; | |
69 | } else { | |
70 | hctx->type = MAC_TYPE_RAW; | |
71 | hctx->raw_data.ktmp.type = V_ASN1_OCTET_STRING; | |
72 | } | |
73 | ||
e74bd290 | 74 | pkey_mac_cleanup(ctx); |
5e55159b RL |
75 | EVP_PKEY_CTX_set_data(ctx, hctx); |
76 | ctx->keygen_info_count = 0; | |
77 | ||
78 | return 1; | |
79 | } | |
80 | ||
9fdcc21f | 81 | static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) |
5e55159b RL |
82 | { |
83 | MAC_PKEY_CTX *sctx, *dctx; | |
84 | ||
be5fc053 KR |
85 | sctx = EVP_PKEY_CTX_get_data(src); |
86 | if (sctx->ctx->data == NULL) | |
5e55159b RL |
87 | return 0; |
88 | ||
be5fc053 KR |
89 | dctx = OPENSSL_zalloc(sizeof(*dctx)); |
90 | if (dctx == NULL) { | |
91 | EVPerr(EVP_F_PKEY_MAC_COPY, ERR_R_MALLOC_FAILURE); | |
92 | return 0; | |
93 | } | |
94 | ||
95 | EVP_PKEY_CTX_set_data(dst, dctx); | |
96 | dst->keygen_info_count = 0; | |
5e55159b | 97 | |
be5fc053 KR |
98 | dctx->ctx = EVP_MAC_CTX_dup(sctx->ctx); |
99 | if (dctx->ctx == NULL) | |
5e55159b RL |
100 | goto err; |
101 | ||
e74bd290 RL |
102 | /* |
103 | * Normally, nothing special would be done with the MAC method. In | |
104 | * this particular case, though, the MAC method was fetched internally | |
105 | * by pkey_mac_init() above or by EVP_PKEY_new_CMAC_key() and passed | |
106 | * via the EVP_MAC_CTX, so it is effectively like every new EVP_MAC_CTX | |
107 | * fetches the MAC method anew in this case. Therefore, its reference | |
108 | * count must be adjusted here. | |
109 | */ | |
110 | if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(dctx->ctx))) | |
111 | goto err; | |
112 | ||
be5fc053 KR |
113 | dctx->type = sctx->type; |
114 | ||
5e55159b RL |
115 | switch (dctx->type) { |
116 | case MAC_TYPE_RAW: | |
117 | dctx->raw_data.md = sctx->raw_data.md; | |
118 | if (ASN1_STRING_get0_data(&sctx->raw_data.ktmp) != NULL && | |
119 | !ASN1_STRING_copy(&dctx->raw_data.ktmp, &sctx->raw_data.ktmp)) | |
120 | goto err; | |
121 | break; | |
122 | case MAC_TYPE_MAC: | |
123 | /* Nothing more to do */ | |
124 | break; | |
125 | default: | |
126 | /* This should be dead code */ | |
127 | return 0; | |
128 | } | |
129 | return 1; | |
130 | err: | |
be5fc053 | 131 | pkey_mac_cleanup(dst); |
5e55159b RL |
132 | return 0; |
133 | } | |
134 | ||
135 | static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx) | |
136 | { | |
e74bd290 RL |
137 | /* |
138 | * For the exact same reasons the MAC reference count is incremented | |
139 | * in pkey_mac_copy() above, it must be explicitly freed here. | |
140 | */ | |
141 | ||
142 | MAC_PKEY_CTX *hctx = ctx == NULL ? NULL : EVP_PKEY_CTX_get_data(ctx); | |
5e55159b RL |
143 | |
144 | if (hctx != NULL) { | |
e74bd290 RL |
145 | EVP_MAC *mac = EVP_MAC_CTX_mac(hctx->ctx); |
146 | ||
5e55159b RL |
147 | switch (hctx->type) { |
148 | case MAC_TYPE_RAW: | |
149 | OPENSSL_clear_free(hctx->raw_data.ktmp.data, | |
150 | hctx->raw_data.ktmp.length); | |
151 | break; | |
152 | } | |
153 | EVP_MAC_CTX_free(hctx->ctx); | |
e74bd290 | 154 | EVP_MAC_free(mac); |
5e55159b RL |
155 | OPENSSL_free(hctx); |
156 | EVP_PKEY_CTX_set_data(ctx, NULL); | |
157 | } | |
158 | } | |
159 | ||
160 | static int pkey_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |
161 | { | |
162 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
163 | int nid = ctx->pmeth->pkey_id; | |
164 | ||
165 | switch (hctx->type) { | |
166 | case MAC_TYPE_RAW: | |
167 | { | |
168 | ASN1_OCTET_STRING *hkey = NULL; | |
169 | ||
170 | if (!hctx->raw_data.ktmp.data) | |
171 | return 0; | |
172 | hkey = ASN1_OCTET_STRING_dup(&hctx->raw_data.ktmp); | |
173 | if (!hkey) | |
174 | return 0; | |
175 | EVP_PKEY_assign(pkey, nid, hkey); | |
176 | } | |
177 | break; | |
178 | case MAC_TYPE_MAC: | |
179 | { | |
be5fc053 | 180 | EVP_MAC_CTX *cmkey = EVP_MAC_CTX_dup(hctx->ctx); |
5e55159b RL |
181 | |
182 | if (cmkey == NULL) | |
183 | return 0; | |
e74bd290 RL |
184 | if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(hctx->ctx))) |
185 | return 0; | |
5e55159b RL |
186 | EVP_PKEY_assign(pkey, nid, cmkey); |
187 | } | |
188 | break; | |
189 | default: | |
190 | /* This should be dead code */ | |
191 | return 0; | |
192 | } | |
193 | ||
194 | return 1; | |
195 | } | |
196 | ||
197 | static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count) | |
198 | { | |
199 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(EVP_MD_CTX_pkey_ctx(ctx)); | |
200 | ||
201 | if (!EVP_MAC_update(hctx->ctx, data, count)) | |
202 | return 0; | |
203 | return 1; | |
204 | } | |
205 | ||
206 | static int pkey_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) | |
207 | { | |
208 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
209 | ASN1_OCTET_STRING *key = NULL; | |
210 | int rv = 1; | |
211 | /* | |
212 | * For MACs with the EVP_PKEY_FLAG_SIGCTX_CUSTOM flag set and that | |
213 | * gets the key passed as an ASN.1 OCTET STRING, we set the key here, | |
214 | * as this may be only time it's set during a DigestSign. | |
215 | * | |
216 | * MACs that pass around the key in form of EVP_MAC_CTX are setting | |
217 | * the key through other mechanisms. (this is only CMAC for now) | |
218 | */ | |
219 | int set_key = | |
220 | hctx->type == MAC_TYPE_RAW | |
221 | && (ctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) != 0; | |
222 | ||
223 | if (set_key) { | |
7cfa1717 RL |
224 | if (!EVP_MAC_is_a(EVP_MAC_CTX_mac(hctx->ctx), |
225 | OBJ_nid2sn(EVP_PKEY_id(EVP_PKEY_CTX_get0_pkey(ctx))))) | |
5e55159b RL |
226 | return 0; |
227 | key = EVP_PKEY_get0(EVP_PKEY_CTX_get0_pkey(ctx)); | |
228 | if (key == NULL) | |
229 | return 0; | |
230 | } | |
231 | ||
5e55159b RL |
232 | EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); |
233 | EVP_MD_CTX_set_update_fn(mctx, int_update); | |
234 | ||
e74bd290 RL |
235 | /* Some MACs don't support this control... that's fine */ |
236 | { | |
237 | OSSL_PARAM params[3]; | |
238 | size_t params_n = 0; | |
239 | int flags = EVP_MD_CTX_test_flags(mctx, ~EVP_MD_CTX_FLAG_NO_INIT); | |
240 | ||
241 | /* TODO(3.0) "flags" isn't quite right, i.e. a quick hack for now */ | |
242 | params[params_n++] = | |
243 | OSSL_PARAM_construct_int(OSSL_MAC_PARAM_FLAGS, &flags); | |
244 | if (set_key) | |
245 | params[params_n++] = | |
246 | OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, | |
247 | key->data, key->length); | |
248 | params[params_n++] = OSSL_PARAM_construct_end(); | |
249 | rv = EVP_MAC_CTX_set_params(hctx->ctx, params); | |
250 | } | |
251 | return rv; | |
5e55159b RL |
252 | } |
253 | ||
254 | static int pkey_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, | |
255 | size_t *siglen, EVP_MD_CTX *mctx) | |
256 | { | |
257 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
258 | ||
e74bd290 | 259 | return EVP_MAC_final(hctx->ctx, sig, siglen, EVP_MAC_size(hctx->ctx)); |
5e55159b RL |
260 | } |
261 | ||
262 | static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | |
263 | { | |
264 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
265 | ||
266 | switch (type) { | |
267 | ||
268 | case EVP_PKEY_CTRL_CIPHER: | |
269 | switch (hctx->type) { | |
270 | case MAC_TYPE_RAW: | |
271 | return -2; /* The raw types don't support ciphers */ | |
272 | case MAC_TYPE_MAC: | |
273 | { | |
e74bd290 RL |
274 | OSSL_PARAM params[3]; |
275 | size_t params_n = 0; | |
276 | char *ciphname = (char *)OBJ_nid2sn(EVP_CIPHER_nid(p2)); | |
3be06e0d | 277 | #ifndef OPENSSL_NO_ENGINE |
e74bd290 RL |
278 | char *engineid = (char *)ENGINE_get_id(ctx->engine); |
279 | ||
280 | params[params_n++] = | |
281 | OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ENGINE, | |
7f588d20 | 282 | engineid, 0); |
3be06e0d | 283 | #endif |
e74bd290 | 284 | params[params_n++] = |
703170d4 | 285 | OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, |
7f588d20 | 286 | ciphname, 0); |
e74bd290 RL |
287 | params[params_n] = OSSL_PARAM_construct_end(); |
288 | ||
289 | if (!EVP_MAC_CTX_set_params(hctx->ctx, params) | |
290 | || !EVP_MAC_init(hctx->ctx)) | |
291 | return 0; | |
5e55159b RL |
292 | } |
293 | break; | |
294 | default: | |
295 | /* This should be dead code */ | |
296 | return 0; | |
297 | } | |
298 | break; | |
299 | ||
300 | case EVP_PKEY_CTRL_MD: | |
301 | switch (hctx->type) { | |
302 | case MAC_TYPE_RAW: | |
303 | hctx->raw_data.md = p2; | |
304 | break; | |
be5fc053 KR |
305 | case MAC_TYPE_MAC: { |
306 | EVP_MAC_CTX *new_mac_ctx; | |
307 | ||
308 | if (ctx->pkey == NULL) | |
309 | return 0; | |
310 | new_mac_ctx = EVP_MAC_CTX_dup((EVP_MAC_CTX *)ctx->pkey | |
311 | ->pkey.ptr); | |
312 | if (new_mac_ctx == NULL) | |
313 | return 0; | |
314 | EVP_MAC_CTX_free(hctx->ctx); | |
315 | hctx->ctx = new_mac_ctx; | |
316 | } | |
5e55159b RL |
317 | break; |
318 | default: | |
319 | /* This should be dead code */ | |
320 | return 0; | |
321 | } | |
322 | break; | |
323 | ||
324 | case EVP_PKEY_CTRL_SET_DIGEST_SIZE: | |
e74bd290 RL |
325 | { |
326 | OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; | |
327 | size_t size = (size_t)p1; | |
328 | size_t verify = 0; | |
329 | ||
330 | /* | |
331 | * We verify that the length is actually set by getting back | |
332 | * the same parameter and checking that it matches what we | |
333 | * tried to set. | |
334 | * TODO(3.0) when we have a more direct mechanism to check if | |
335 | * a parameter was used, we must refactor this to use that. | |
336 | */ | |
337 | ||
338 | params[0] = | |
703170d4 | 339 | OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &size); |
e74bd290 RL |
340 | |
341 | if (!EVP_MAC_CTX_set_params(hctx->ctx, params)) | |
342 | return 0; | |
5e55159b | 343 | |
e74bd290 | 344 | params[0] = |
703170d4 | 345 | OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &verify); |
e74bd290 RL |
346 | |
347 | if (!EVP_MAC_CTX_get_params(hctx->ctx, params)) | |
348 | return 0; | |
349 | ||
350 | /* | |
351 | * Since EVP_MAC_CTX_{get,set}_params() returned successfully, | |
352 | * we can only assume that the size was ignored, i.e. this | |
353 | * control is unsupported. | |
354 | */ | |
355 | if (verify != size) | |
356 | return -2; | |
357 | } | |
358 | break; | |
5e55159b RL |
359 | case EVP_PKEY_CTRL_SET_MAC_KEY: |
360 | switch (hctx->type) { | |
361 | case MAC_TYPE_RAW: | |
362 | if ((!p2 && p1 > 0) || (p1 < -1)) | |
363 | return 0; | |
364 | if (!ASN1_OCTET_STRING_set(&hctx->raw_data.ktmp, p2, p1)) | |
365 | return 0; | |
366 | break; | |
367 | case MAC_TYPE_MAC: | |
e74bd290 RL |
368 | { |
369 | OSSL_PARAM params[2]; | |
370 | size_t params_n = 0; | |
371 | ||
372 | params[params_n++] = | |
373 | OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, | |
374 | p2, p1); | |
375 | params[params_n] = OSSL_PARAM_construct_end(); | |
376 | ||
377 | return EVP_MAC_CTX_set_params(hctx->ctx, params); | |
378 | } | |
5e55159b RL |
379 | break; |
380 | default: | |
381 | /* This should be dead code */ | |
382 | return 0; | |
383 | } | |
384 | break; | |
385 | ||
386 | case EVP_PKEY_CTRL_DIGESTINIT: | |
387 | switch (hctx->type) { | |
388 | case MAC_TYPE_RAW: | |
389 | /* Ensure that we have attached the implementation */ | |
390 | if (!EVP_MAC_init(hctx->ctx)) | |
391 | return 0; | |
392 | { | |
5e55159b RL |
393 | ASN1_OCTET_STRING *key = |
394 | (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; | |
e74bd290 RL |
395 | OSSL_PARAM params[4]; |
396 | size_t params_n = 0; | |
397 | char *mdname = | |
398 | (char *)OBJ_nid2sn(EVP_MD_nid(hctx->raw_data.md)); | |
3be06e0d | 399 | #ifndef OPENSSL_NO_ENGINE |
e74bd290 RL |
400 | char *engineid = ctx->engine == NULL |
401 | ? NULL : (char *)ENGINE_get_id(ctx->engine); | |
402 | ||
403 | if (engineid != NULL) { | |
e74bd290 RL |
404 | params[params_n++] = |
405 | OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ENGINE, | |
7f588d20 | 406 | engineid, 0); |
e74bd290 | 407 | } |
3be06e0d | 408 | #endif |
e74bd290 | 409 | params[params_n++] = |
703170d4 | 410 | OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, |
7f588d20 | 411 | mdname, 0); |
e74bd290 RL |
412 | params[params_n++] = |
413 | OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, | |
414 | key->data, key->length); | |
415 | params[params_n] = OSSL_PARAM_construct_end(); | |
416 | ||
417 | return EVP_MAC_CTX_set_params(hctx->ctx, params); | |
5e55159b RL |
418 | } |
419 | break; | |
420 | case MAC_TYPE_MAC: | |
421 | return -2; /* The mac types don't support ciphers */ | |
422 | default: | |
423 | /* This should be dead code */ | |
424 | return 0; | |
425 | } | |
426 | break; | |
427 | ||
428 | default: | |
429 | return -2; | |
430 | ||
431 | } | |
432 | return 1; | |
433 | } | |
434 | ||
435 | static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx, | |
436 | const char *type, const char *value) | |
437 | { | |
438 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
e74bd290 RL |
439 | const EVP_MAC *mac = EVP_MAC_CTX_mac(hctx->ctx); |
440 | OSSL_PARAM params[2]; | |
441 | int ok = 0; | |
5e55159b | 442 | |
703170d4 RL |
443 | /* |
444 | * Translation of some control names that are equivalent to a single | |
445 | * parameter name. | |
446 | * | |
447 | * "md" and "digest" are the same thing, we use the single "digest" | |
448 | * | |
449 | * "digestsize" was a setting control in siphash, but naming wise, | |
450 | * it's really the same as "size". | |
451 | */ | |
452 | if (strcmp(type, "md") == 0) | |
453 | type = OSSL_MAC_PARAM_DIGEST; | |
454 | else if (strcmp(type, "digestsize") == 0) | |
455 | type = OSSL_MAC_PARAM_SIZE; | |
456 | ||
e74bd290 RL |
457 | if (!OSSL_PARAM_allocate_from_text(¶ms[0], |
458 | EVP_MAC_CTX_settable_params(mac), | |
459 | type, value, strlen(value) + 1)) | |
460 | return 0; | |
461 | params[1] = OSSL_PARAM_construct_end(); | |
462 | ok = EVP_MAC_CTX_set_params(hctx->ctx, params); | |
463 | OPENSSL_free(params[0].data); | |
464 | return ok; | |
5e55159b RL |
465 | } |
466 | ||
e74a435f RL |
467 | const EVP_PKEY_METHOD cmac_pkey_meth = { |
468 | EVP_PKEY_CMAC, | |
5e55159b RL |
469 | EVP_PKEY_FLAG_SIGCTX_CUSTOM, |
470 | pkey_mac_init, | |
471 | pkey_mac_copy, | |
472 | pkey_mac_cleanup, | |
473 | ||
474 | 0, 0, | |
475 | ||
476 | 0, | |
477 | pkey_mac_keygen, | |
478 | ||
479 | 0, 0, | |
480 | ||
481 | 0, 0, | |
482 | ||
483 | 0, 0, | |
484 | ||
485 | pkey_mac_signctx_init, | |
486 | pkey_mac_signctx, | |
487 | ||
488 | 0, 0, | |
489 | ||
490 | 0, 0, | |
491 | ||
492 | 0, 0, | |
493 | ||
494 | 0, 0, | |
495 | ||
496 | pkey_mac_ctrl, | |
497 | pkey_mac_ctrl_str | |
498 | }; | |
f8c9a8e3 RL |
499 | |
500 | const EVP_PKEY_METHOD hmac_pkey_meth = { | |
501 | EVP_PKEY_HMAC, | |
502 | 0, | |
503 | pkey_mac_init, | |
504 | pkey_mac_copy, | |
505 | pkey_mac_cleanup, | |
506 | ||
507 | 0, 0, | |
508 | ||
509 | 0, | |
510 | pkey_mac_keygen, | |
511 | ||
512 | 0, 0, | |
513 | ||
514 | 0, 0, | |
515 | ||
516 | 0, 0, | |
517 | ||
518 | pkey_mac_signctx_init, | |
519 | pkey_mac_signctx, | |
520 | ||
521 | 0, 0, | |
522 | ||
523 | 0, 0, | |
524 | ||
525 | 0, 0, | |
526 | ||
527 | 0, 0, | |
528 | ||
529 | pkey_mac_ctrl, | |
530 | pkey_mac_ctrl_str | |
531 | }; | |
14f61f81 RL |
532 | |
533 | const EVP_PKEY_METHOD siphash_pkey_meth = { | |
534 | EVP_PKEY_SIPHASH, | |
535 | EVP_PKEY_FLAG_SIGCTX_CUSTOM, | |
536 | pkey_mac_init, | |
537 | pkey_mac_copy, | |
538 | pkey_mac_cleanup, | |
539 | ||
540 | 0, 0, | |
541 | ||
542 | 0, | |
543 | pkey_mac_keygen, | |
544 | ||
545 | 0, 0, | |
546 | ||
547 | 0, 0, | |
548 | ||
549 | 0, 0, | |
550 | ||
551 | pkey_mac_signctx_init, | |
552 | pkey_mac_signctx, | |
553 | ||
554 | 0, 0, | |
555 | ||
556 | 0, 0, | |
557 | ||
558 | 0, 0, | |
559 | ||
560 | 0, 0, | |
561 | ||
562 | pkey_mac_ctrl, | |
563 | pkey_mac_ctrl_str | |
564 | }; | |
c1da4b2a PY |
565 | |
566 | const EVP_PKEY_METHOD poly1305_pkey_meth = { | |
567 | EVP_PKEY_POLY1305, | |
568 | EVP_PKEY_FLAG_SIGCTX_CUSTOM, | |
569 | pkey_mac_init, | |
570 | pkey_mac_copy, | |
571 | pkey_mac_cleanup, | |
572 | ||
573 | 0, 0, | |
574 | ||
575 | 0, | |
576 | pkey_mac_keygen, | |
577 | ||
578 | 0, 0, | |
579 | ||
580 | 0, 0, | |
581 | ||
582 | 0, 0, | |
583 | ||
584 | pkey_mac_signctx_init, | |
585 | pkey_mac_signctx, | |
586 | ||
587 | 0, 0, | |
588 | ||
589 | 0, 0, | |
590 | ||
591 | 0, 0, | |
592 | ||
593 | 0, 0, | |
594 | ||
595 | pkey_mac_ctrl, | |
596 | pkey_mac_ctrl_str | |
597 | }; |