]>
Commit | Line | Data |
---|---|---|
5e55159b RL |
1 | /* |
2 | * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4a8b0c55 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5e55159b RL |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
e74bd290 | 10 | #include <string.h> |
5e55159b RL |
11 | #include <openssl/err.h> |
12 | #include <openssl/evp.h> | |
e74bd290 RL |
13 | #include <openssl/engine.h> |
14 | #include <openssl/params.h> | |
15 | #include <openssl/core_names.h> | |
25f2138b | 16 | #include "crypto/evp.h" |
706457b7 | 17 | #include "evp_local.h" |
5e55159b RL |
18 | |
19 | /* MAC PKEY context structure */ | |
20 | ||
21 | typedef struct { | |
22 | EVP_MAC_CTX *ctx; | |
23 | ||
24 | /* | |
25 | * We know of two MAC types: | |
26 | * | |
27 | * 1. those who take a secret in raw form, i.e. raw data as a | |
28 | * ASN1_OCTET_STRING embedded in a EVP_PKEY. So far, that's | |
29 | * all of them but CMAC. | |
30 | * 2. those who take a secret with associated cipher in very generic | |
31 | * form, i.e. a complete EVP_MAC_CTX embedded in a PKEY. So far, | |
32 | * only CMAC does this. | |
33 | * | |
34 | * (one might wonder why the second form isn't used for all) | |
35 | */ | |
36 | #define MAC_TYPE_RAW 1 /* HMAC like MAC type (all but CMAC so far) */ | |
37 | #define MAC_TYPE_MAC 2 /* CMAC like MAC type (only CMAC known so far) */ | |
38 | int type; | |
39 | ||
40 | /* The following is only used for MAC_TYPE_RAW implementations */ | |
41 | struct { | |
42 | const EVP_MD *md; /* temp storage of MD */ | |
43 | ASN1_OCTET_STRING ktmp; /* temp storage for key */ | |
44 | } raw_data; | |
45 | } MAC_PKEY_CTX; | |
46 | ||
e74bd290 RL |
47 | static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx); |
48 | ||
5e55159b RL |
49 | static int pkey_mac_init(EVP_PKEY_CTX *ctx) |
50 | { | |
51 | MAC_PKEY_CTX *hctx; | |
e74bd290 | 52 | /* We're being smart and using the same base NIDs for PKEY and for MAC */ |
5e55159b | 53 | int nid = ctx->pmeth->pkey_id; |
e74bd290 | 54 | EVP_MAC *mac = EVP_MAC_fetch(NULL, OBJ_nid2sn(nid), NULL); |
5e55159b RL |
55 | |
56 | if ((hctx = OPENSSL_zalloc(sizeof(*hctx))) == NULL) { | |
57 | EVPerr(EVP_F_PKEY_MAC_INIT, ERR_R_MALLOC_FAILURE); | |
58 | return 0; | |
59 | } | |
60 | ||
e74bd290 | 61 | hctx->ctx = EVP_MAC_CTX_new(mac); |
5e55159b RL |
62 | if (hctx->ctx == NULL) { |
63 | OPENSSL_free(hctx); | |
64 | return 0; | |
65 | } | |
66 | ||
67 | if (nid == EVP_PKEY_CMAC) { | |
68 | hctx->type = MAC_TYPE_MAC; | |
69 | } else { | |
70 | hctx->type = MAC_TYPE_RAW; | |
71 | hctx->raw_data.ktmp.type = V_ASN1_OCTET_STRING; | |
72 | } | |
73 | ||
e74bd290 | 74 | pkey_mac_cleanup(ctx); |
5e55159b RL |
75 | EVP_PKEY_CTX_set_data(ctx, hctx); |
76 | ctx->keygen_info_count = 0; | |
77 | ||
78 | return 1; | |
79 | } | |
80 | ||
9fdcc21f | 81 | static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) |
5e55159b RL |
82 | { |
83 | MAC_PKEY_CTX *sctx, *dctx; | |
84 | ||
be5fc053 KR |
85 | sctx = EVP_PKEY_CTX_get_data(src); |
86 | if (sctx->ctx->data == NULL) | |
5e55159b RL |
87 | return 0; |
88 | ||
be5fc053 KR |
89 | dctx = OPENSSL_zalloc(sizeof(*dctx)); |
90 | if (dctx == NULL) { | |
91 | EVPerr(EVP_F_PKEY_MAC_COPY, ERR_R_MALLOC_FAILURE); | |
92 | return 0; | |
93 | } | |
94 | ||
95 | EVP_PKEY_CTX_set_data(dst, dctx); | |
96 | dst->keygen_info_count = 0; | |
5e55159b | 97 | |
be5fc053 KR |
98 | dctx->ctx = EVP_MAC_CTX_dup(sctx->ctx); |
99 | if (dctx->ctx == NULL) | |
5e55159b RL |
100 | goto err; |
101 | ||
e74bd290 RL |
102 | /* |
103 | * Normally, nothing special would be done with the MAC method. In | |
104 | * this particular case, though, the MAC method was fetched internally | |
105 | * by pkey_mac_init() above or by EVP_PKEY_new_CMAC_key() and passed | |
106 | * via the EVP_MAC_CTX, so it is effectively like every new EVP_MAC_CTX | |
107 | * fetches the MAC method anew in this case. Therefore, its reference | |
108 | * count must be adjusted here. | |
109 | */ | |
110 | if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(dctx->ctx))) | |
111 | goto err; | |
112 | ||
be5fc053 KR |
113 | dctx->type = sctx->type; |
114 | ||
5e55159b RL |
115 | switch (dctx->type) { |
116 | case MAC_TYPE_RAW: | |
117 | dctx->raw_data.md = sctx->raw_data.md; | |
118 | if (ASN1_STRING_get0_data(&sctx->raw_data.ktmp) != NULL && | |
119 | !ASN1_STRING_copy(&dctx->raw_data.ktmp, &sctx->raw_data.ktmp)) | |
120 | goto err; | |
121 | break; | |
122 | case MAC_TYPE_MAC: | |
123 | /* Nothing more to do */ | |
124 | break; | |
125 | default: | |
126 | /* This should be dead code */ | |
127 | return 0; | |
128 | } | |
129 | return 1; | |
130 | err: | |
be5fc053 | 131 | pkey_mac_cleanup(dst); |
5e55159b RL |
132 | return 0; |
133 | } | |
134 | ||
135 | static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx) | |
136 | { | |
e74bd290 RL |
137 | /* |
138 | * For the exact same reasons the MAC reference count is incremented | |
139 | * in pkey_mac_copy() above, it must be explicitly freed here. | |
140 | */ | |
141 | ||
142 | MAC_PKEY_CTX *hctx = ctx == NULL ? NULL : EVP_PKEY_CTX_get_data(ctx); | |
5e55159b RL |
143 | |
144 | if (hctx != NULL) { | |
e74bd290 RL |
145 | EVP_MAC *mac = EVP_MAC_CTX_mac(hctx->ctx); |
146 | ||
5e55159b RL |
147 | switch (hctx->type) { |
148 | case MAC_TYPE_RAW: | |
149 | OPENSSL_clear_free(hctx->raw_data.ktmp.data, | |
150 | hctx->raw_data.ktmp.length); | |
151 | break; | |
152 | } | |
153 | EVP_MAC_CTX_free(hctx->ctx); | |
e74bd290 | 154 | EVP_MAC_free(mac); |
5e55159b RL |
155 | OPENSSL_free(hctx); |
156 | EVP_PKEY_CTX_set_data(ctx, NULL); | |
157 | } | |
158 | } | |
159 | ||
160 | static int pkey_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) | |
161 | { | |
162 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
163 | int nid = ctx->pmeth->pkey_id; | |
164 | ||
165 | switch (hctx->type) { | |
166 | case MAC_TYPE_RAW: | |
167 | { | |
168 | ASN1_OCTET_STRING *hkey = NULL; | |
169 | ||
170 | if (!hctx->raw_data.ktmp.data) | |
171 | return 0; | |
172 | hkey = ASN1_OCTET_STRING_dup(&hctx->raw_data.ktmp); | |
173 | if (!hkey) | |
174 | return 0; | |
175 | EVP_PKEY_assign(pkey, nid, hkey); | |
176 | } | |
177 | break; | |
178 | case MAC_TYPE_MAC: | |
179 | { | |
be5fc053 | 180 | EVP_MAC_CTX *cmkey = EVP_MAC_CTX_dup(hctx->ctx); |
5e55159b RL |
181 | |
182 | if (cmkey == NULL) | |
183 | return 0; | |
e74bd290 RL |
184 | if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(hctx->ctx))) |
185 | return 0; | |
5e55159b RL |
186 | EVP_PKEY_assign(pkey, nid, cmkey); |
187 | } | |
188 | break; | |
189 | default: | |
190 | /* This should be dead code */ | |
191 | return 0; | |
192 | } | |
193 | ||
194 | return 1; | |
195 | } | |
196 | ||
197 | static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count) | |
198 | { | |
199 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(EVP_MD_CTX_pkey_ctx(ctx)); | |
200 | ||
201 | if (!EVP_MAC_update(hctx->ctx, data, count)) | |
202 | return 0; | |
203 | return 1; | |
204 | } | |
205 | ||
206 | static int pkey_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) | |
207 | { | |
208 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
209 | ASN1_OCTET_STRING *key = NULL; | |
210 | int rv = 1; | |
211 | /* | |
212 | * For MACs with the EVP_PKEY_FLAG_SIGCTX_CUSTOM flag set and that | |
213 | * gets the key passed as an ASN.1 OCTET STRING, we set the key here, | |
214 | * as this may be only time it's set during a DigestSign. | |
215 | * | |
216 | * MACs that pass around the key in form of EVP_MAC_CTX are setting | |
217 | * the key through other mechanisms. (this is only CMAC for now) | |
218 | */ | |
219 | int set_key = | |
220 | hctx->type == MAC_TYPE_RAW | |
221 | && (ctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) != 0; | |
222 | ||
223 | if (set_key) { | |
7cfa1717 RL |
224 | if (!EVP_MAC_is_a(EVP_MAC_CTX_mac(hctx->ctx), |
225 | OBJ_nid2sn(EVP_PKEY_id(EVP_PKEY_CTX_get0_pkey(ctx))))) | |
5e55159b RL |
226 | return 0; |
227 | key = EVP_PKEY_get0(EVP_PKEY_CTX_get0_pkey(ctx)); | |
228 | if (key == NULL) | |
229 | return 0; | |
230 | } | |
231 | ||
5e55159b RL |
232 | EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); |
233 | EVP_MD_CTX_set_update_fn(mctx, int_update); | |
234 | ||
e74bd290 RL |
235 | /* Some MACs don't support this control... that's fine */ |
236 | { | |
237 | OSSL_PARAM params[3]; | |
238 | size_t params_n = 0; | |
239 | int flags = EVP_MD_CTX_test_flags(mctx, ~EVP_MD_CTX_FLAG_NO_INIT); | |
240 | ||
241 | /* TODO(3.0) "flags" isn't quite right, i.e. a quick hack for now */ | |
242 | params[params_n++] = | |
243 | OSSL_PARAM_construct_int(OSSL_MAC_PARAM_FLAGS, &flags); | |
244 | if (set_key) | |
245 | params[params_n++] = | |
246 | OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, | |
247 | key->data, key->length); | |
248 | params[params_n++] = OSSL_PARAM_construct_end(); | |
249 | rv = EVP_MAC_CTX_set_params(hctx->ctx, params); | |
250 | } | |
251 | return rv; | |
5e55159b RL |
252 | } |
253 | ||
254 | static int pkey_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, | |
255 | size_t *siglen, EVP_MD_CTX *mctx) | |
256 | { | |
257 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
258 | ||
e74bd290 | 259 | return EVP_MAC_final(hctx->ctx, sig, siglen, EVP_MAC_size(hctx->ctx)); |
5e55159b RL |
260 | } |
261 | ||
262 | static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) | |
263 | { | |
264 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
265 | ||
266 | switch (type) { | |
267 | ||
268 | case EVP_PKEY_CTRL_CIPHER: | |
269 | switch (hctx->type) { | |
270 | case MAC_TYPE_RAW: | |
271 | return -2; /* The raw types don't support ciphers */ | |
272 | case MAC_TYPE_MAC: | |
273 | { | |
e74bd290 RL |
274 | OSSL_PARAM params[3]; |
275 | size_t params_n = 0; | |
276 | char *ciphname = (char *)OBJ_nid2sn(EVP_CIPHER_nid(p2)); | |
3be06e0d | 277 | #ifndef OPENSSL_NO_ENGINE |
e74bd290 RL |
278 | char *engineid = (char *)ENGINE_get_id(ctx->engine); |
279 | ||
280 | params[params_n++] = | |
69db3044 | 281 | OSSL_PARAM_construct_utf8_string("engine", engineid, 0); |
3be06e0d | 282 | #endif |
e74bd290 | 283 | params[params_n++] = |
703170d4 | 284 | OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, |
7f588d20 | 285 | ciphname, 0); |
e74bd290 RL |
286 | params[params_n] = OSSL_PARAM_construct_end(); |
287 | ||
288 | if (!EVP_MAC_CTX_set_params(hctx->ctx, params) | |
289 | || !EVP_MAC_init(hctx->ctx)) | |
290 | return 0; | |
5e55159b RL |
291 | } |
292 | break; | |
293 | default: | |
294 | /* This should be dead code */ | |
295 | return 0; | |
296 | } | |
297 | break; | |
298 | ||
299 | case EVP_PKEY_CTRL_MD: | |
300 | switch (hctx->type) { | |
301 | case MAC_TYPE_RAW: | |
302 | hctx->raw_data.md = p2; | |
303 | break; | |
be5fc053 KR |
304 | case MAC_TYPE_MAC: { |
305 | EVP_MAC_CTX *new_mac_ctx; | |
306 | ||
307 | if (ctx->pkey == NULL) | |
308 | return 0; | |
309 | new_mac_ctx = EVP_MAC_CTX_dup((EVP_MAC_CTX *)ctx->pkey | |
310 | ->pkey.ptr); | |
311 | if (new_mac_ctx == NULL) | |
312 | return 0; | |
313 | EVP_MAC_CTX_free(hctx->ctx); | |
314 | hctx->ctx = new_mac_ctx; | |
315 | } | |
5e55159b RL |
316 | break; |
317 | default: | |
318 | /* This should be dead code */ | |
319 | return 0; | |
320 | } | |
321 | break; | |
322 | ||
323 | case EVP_PKEY_CTRL_SET_DIGEST_SIZE: | |
e74bd290 RL |
324 | { |
325 | OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; | |
326 | size_t size = (size_t)p1; | |
327 | size_t verify = 0; | |
328 | ||
329 | /* | |
330 | * We verify that the length is actually set by getting back | |
331 | * the same parameter and checking that it matches what we | |
332 | * tried to set. | |
333 | * TODO(3.0) when we have a more direct mechanism to check if | |
334 | * a parameter was used, we must refactor this to use that. | |
335 | */ | |
336 | ||
337 | params[0] = | |
703170d4 | 338 | OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &size); |
e74bd290 RL |
339 | |
340 | if (!EVP_MAC_CTX_set_params(hctx->ctx, params)) | |
341 | return 0; | |
5e55159b | 342 | |
e74bd290 | 343 | params[0] = |
703170d4 | 344 | OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &verify); |
e74bd290 RL |
345 | |
346 | if (!EVP_MAC_CTX_get_params(hctx->ctx, params)) | |
347 | return 0; | |
348 | ||
349 | /* | |
350 | * Since EVP_MAC_CTX_{get,set}_params() returned successfully, | |
351 | * we can only assume that the size was ignored, i.e. this | |
352 | * control is unsupported. | |
353 | */ | |
354 | if (verify != size) | |
355 | return -2; | |
356 | } | |
357 | break; | |
5e55159b RL |
358 | case EVP_PKEY_CTRL_SET_MAC_KEY: |
359 | switch (hctx->type) { | |
360 | case MAC_TYPE_RAW: | |
361 | if ((!p2 && p1 > 0) || (p1 < -1)) | |
362 | return 0; | |
363 | if (!ASN1_OCTET_STRING_set(&hctx->raw_data.ktmp, p2, p1)) | |
364 | return 0; | |
365 | break; | |
366 | case MAC_TYPE_MAC: | |
e74bd290 RL |
367 | { |
368 | OSSL_PARAM params[2]; | |
369 | size_t params_n = 0; | |
370 | ||
371 | params[params_n++] = | |
372 | OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, | |
373 | p2, p1); | |
374 | params[params_n] = OSSL_PARAM_construct_end(); | |
375 | ||
376 | return EVP_MAC_CTX_set_params(hctx->ctx, params); | |
377 | } | |
5e55159b RL |
378 | break; |
379 | default: | |
380 | /* This should be dead code */ | |
381 | return 0; | |
382 | } | |
383 | break; | |
384 | ||
385 | case EVP_PKEY_CTRL_DIGESTINIT: | |
386 | switch (hctx->type) { | |
387 | case MAC_TYPE_RAW: | |
388 | /* Ensure that we have attached the implementation */ | |
389 | if (!EVP_MAC_init(hctx->ctx)) | |
390 | return 0; | |
391 | { | |
5e55159b RL |
392 | ASN1_OCTET_STRING *key = |
393 | (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr; | |
e74bd290 RL |
394 | OSSL_PARAM params[4]; |
395 | size_t params_n = 0; | |
396 | char *mdname = | |
397 | (char *)OBJ_nid2sn(EVP_MD_nid(hctx->raw_data.md)); | |
3be06e0d | 398 | #ifndef OPENSSL_NO_ENGINE |
e74bd290 RL |
399 | char *engineid = ctx->engine == NULL |
400 | ? NULL : (char *)ENGINE_get_id(ctx->engine); | |
401 | ||
69db3044 | 402 | if (engineid != NULL) |
e74bd290 | 403 | params[params_n++] = |
69db3044 | 404 | OSSL_PARAM_construct_utf8_string("engine", engineid, 0); |
3be06e0d | 405 | #endif |
e74bd290 | 406 | params[params_n++] = |
703170d4 | 407 | OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, |
7f588d20 | 408 | mdname, 0); |
e74bd290 RL |
409 | params[params_n++] = |
410 | OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, | |
411 | key->data, key->length); | |
412 | params[params_n] = OSSL_PARAM_construct_end(); | |
413 | ||
414 | return EVP_MAC_CTX_set_params(hctx->ctx, params); | |
5e55159b RL |
415 | } |
416 | break; | |
417 | case MAC_TYPE_MAC: | |
418 | return -2; /* The mac types don't support ciphers */ | |
419 | default: | |
420 | /* This should be dead code */ | |
421 | return 0; | |
422 | } | |
423 | break; | |
424 | ||
425 | default: | |
426 | return -2; | |
427 | ||
428 | } | |
429 | return 1; | |
430 | } | |
431 | ||
432 | static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx, | |
433 | const char *type, const char *value) | |
434 | { | |
435 | MAC_PKEY_CTX *hctx = EVP_PKEY_CTX_get_data(ctx); | |
e74bd290 RL |
436 | const EVP_MAC *mac = EVP_MAC_CTX_mac(hctx->ctx); |
437 | OSSL_PARAM params[2]; | |
438 | int ok = 0; | |
5e55159b | 439 | |
703170d4 RL |
440 | /* |
441 | * Translation of some control names that are equivalent to a single | |
442 | * parameter name. | |
443 | * | |
444 | * "md" and "digest" are the same thing, we use the single "digest" | |
445 | * | |
446 | * "digestsize" was a setting control in siphash, but naming wise, | |
447 | * it's really the same as "size". | |
448 | */ | |
449 | if (strcmp(type, "md") == 0) | |
450 | type = OSSL_MAC_PARAM_DIGEST; | |
451 | else if (strcmp(type, "digestsize") == 0) | |
452 | type = OSSL_MAC_PARAM_SIZE; | |
453 | ||
e74bd290 | 454 | if (!OSSL_PARAM_allocate_from_text(¶ms[0], |
41f7ecf3 | 455 | EVP_MAC_settable_ctx_params(mac), |
e74bd290 RL |
456 | type, value, strlen(value) + 1)) |
457 | return 0; | |
458 | params[1] = OSSL_PARAM_construct_end(); | |
459 | ok = EVP_MAC_CTX_set_params(hctx->ctx, params); | |
460 | OPENSSL_free(params[0].data); | |
461 | return ok; | |
5e55159b RL |
462 | } |
463 | ||
19bd1fa1 | 464 | static const EVP_PKEY_METHOD cmac_pkey_meth = { |
e74a435f | 465 | EVP_PKEY_CMAC, |
5e55159b RL |
466 | EVP_PKEY_FLAG_SIGCTX_CUSTOM, |
467 | pkey_mac_init, | |
468 | pkey_mac_copy, | |
469 | pkey_mac_cleanup, | |
470 | ||
471 | 0, 0, | |
472 | ||
473 | 0, | |
474 | pkey_mac_keygen, | |
475 | ||
476 | 0, 0, | |
477 | ||
478 | 0, 0, | |
479 | ||
480 | 0, 0, | |
481 | ||
482 | pkey_mac_signctx_init, | |
483 | pkey_mac_signctx, | |
484 | ||
485 | 0, 0, | |
486 | ||
487 | 0, 0, | |
488 | ||
489 | 0, 0, | |
490 | ||
491 | 0, 0, | |
492 | ||
493 | pkey_mac_ctrl, | |
494 | pkey_mac_ctrl_str | |
495 | }; | |
f8c9a8e3 | 496 | |
19bd1fa1 PS |
497 | const EVP_PKEY_METHOD *cmac_pkey_method(void) |
498 | { | |
499 | return &cmac_pkey_meth; | |
500 | } | |
501 | ||
502 | static const EVP_PKEY_METHOD hmac_pkey_meth = { | |
f8c9a8e3 RL |
503 | EVP_PKEY_HMAC, |
504 | 0, | |
505 | pkey_mac_init, | |
506 | pkey_mac_copy, | |
507 | pkey_mac_cleanup, | |
508 | ||
509 | 0, 0, | |
510 | ||
511 | 0, | |
512 | pkey_mac_keygen, | |
513 | ||
514 | 0, 0, | |
515 | ||
516 | 0, 0, | |
517 | ||
518 | 0, 0, | |
519 | ||
520 | pkey_mac_signctx_init, | |
521 | pkey_mac_signctx, | |
522 | ||
523 | 0, 0, | |
524 | ||
525 | 0, 0, | |
526 | ||
527 | 0, 0, | |
528 | ||
529 | 0, 0, | |
530 | ||
531 | pkey_mac_ctrl, | |
532 | pkey_mac_ctrl_str | |
533 | }; | |
14f61f81 | 534 | |
19bd1fa1 PS |
535 | const EVP_PKEY_METHOD *hmac_pkey_method(void) |
536 | { | |
537 | return &hmac_pkey_meth; | |
538 | } | |
539 | ||
540 | static const EVP_PKEY_METHOD siphash_pkey_meth = { | |
14f61f81 RL |
541 | EVP_PKEY_SIPHASH, |
542 | EVP_PKEY_FLAG_SIGCTX_CUSTOM, | |
543 | pkey_mac_init, | |
544 | pkey_mac_copy, | |
545 | pkey_mac_cleanup, | |
546 | ||
547 | 0, 0, | |
548 | ||
549 | 0, | |
550 | pkey_mac_keygen, | |
551 | ||
552 | 0, 0, | |
553 | ||
554 | 0, 0, | |
555 | ||
556 | 0, 0, | |
557 | ||
558 | pkey_mac_signctx_init, | |
559 | pkey_mac_signctx, | |
560 | ||
561 | 0, 0, | |
562 | ||
563 | 0, 0, | |
564 | ||
565 | 0, 0, | |
566 | ||
567 | 0, 0, | |
568 | ||
569 | pkey_mac_ctrl, | |
570 | pkey_mac_ctrl_str | |
571 | }; | |
c1da4b2a | 572 | |
19bd1fa1 PS |
573 | const EVP_PKEY_METHOD *siphash_pkey_method(void) |
574 | { | |
575 | return &siphash_pkey_meth; | |
576 | } | |
577 | ||
578 | static const EVP_PKEY_METHOD poly1305_pkey_meth = { | |
c1da4b2a PY |
579 | EVP_PKEY_POLY1305, |
580 | EVP_PKEY_FLAG_SIGCTX_CUSTOM, | |
581 | pkey_mac_init, | |
582 | pkey_mac_copy, | |
583 | pkey_mac_cleanup, | |
584 | ||
585 | 0, 0, | |
586 | ||
587 | 0, | |
588 | pkey_mac_keygen, | |
589 | ||
590 | 0, 0, | |
591 | ||
592 | 0, 0, | |
593 | ||
594 | 0, 0, | |
595 | ||
596 | pkey_mac_signctx_init, | |
597 | pkey_mac_signctx, | |
598 | ||
599 | 0, 0, | |
600 | ||
601 | 0, 0, | |
602 | ||
603 | 0, 0, | |
604 | ||
605 | 0, 0, | |
606 | ||
607 | pkey_mac_ctrl, | |
608 | pkey_mac_ctrl_str | |
609 | }; | |
19bd1fa1 PS |
610 | |
611 | const EVP_PKEY_METHOD *poly1305_pkey_method(void) | |
612 | { | |
613 | return &poly1305_pkey_meth; | |
614 | } |