[thirdparty/openssl.git] / doc / man3 / EVP_MAC.pod

=pod

=head1 NAME

EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free,
EVP_MAC_is_a, EVP_MAC_name,
EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final,
EVP_MAC_CTX_gettable_params, EVP_MAC_CTX_settable_params,
EVP_MAC_do_all_ex - EVP MAC routines

=head1 SYNOPSIS

 #include <openssl/evp.h>

 typedef struct evp_mac_st EVP_MAC;
 typedef struct evp_mac_ctx_st EVP_MAC_CTX;

 EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm,
                        const char *properties);
 int EVP_MAC_up_ref(EVP_MAC *mac);
 void EVP_MAC_free(EVP_MAC *mac);
 int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
 const char *EVP_MAC_name(const EVP_MAC *mac);
 const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
 int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);

 EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac);
 void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
 EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
 EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx);
 int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
 int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);

 size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
 int EVP_MAC_init(EVP_MAC_CTX *ctx);
 int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
 int EVP_MAC_final(EVP_MAC_CTX *ctx,
                   unsigned char *out, size_t *outl, size_t outsize);

 const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
 const OSSL_PARAM *EVP_MAC_CTX_gettable_params(const EVP_MAC *mac);
 const OSSL_PARAM *EVP_MAC_CTX_settable_params(const EVP_MAC *mac);

 void EVP_MAC_do_all_ex(OPENSSL_CTX *libctx,
                        void (*fn)(EVP_MAC *mac, void *arg),
                        void *arg);

=head1 DESCRIPTION

These types and functions help the application to calculate MACs of
different types and with different underlying algorithms if there are
any.

MACs are a bit complex insofar that some of them use other algorithms
for actual computation.  HMAC uses a digest, and CMAC uses a cipher.
Therefore, there are sometimes two contexts to keep track of, one for
the MAC algorithm itself and one for the underlying computation
algorithm if there is one.

To make things less ambiguous, this manual talks about a "context" or
"MAC context", which is to denote the MAC level context, and about a
"underlying context", or "computation context", which is to denote the
context for the underlying computation algorithm if there is one.

=head2 Types

B<EVP_MAC> is a type that holds the implementation of a MAC.

B<EVP_MAC_CTX> is a context type that holds internal MAC information
as well as a reference to a computation context, for those MACs that
rely on an underlying computation algorithm.

=head2 Algorithm implementation fetching

EVP_MAC_fetch() fetches an implementation of a MAC I<algorithm>, given
a library context I<libctx> and a set of I<properties>.
See L<provider(7)/Fetching algorithms> for further information.

The returned value must eventually be freed with
L<EVP_MAC_free(3)>.

EVP_MAC_up_ref() increments the reference count of an already fetched
MAC.

EVP_MAC_free() frees a fetched algorithm.
NULL is a valid parameter, for which this function is a no-op.

=head2 Context manipulation functions

EVP_MAC_CTX_new() creates a new context for the MAC type I<mac>.
The created context can then be used with most other functions
described here.

EVP_MAC_CTX_free() frees the contents of the context, including an
underlying context if there is one, as well as the context itself.
NULL is a valid parameter, for which this function is a no-op.

EVP_MAC_CTX_dup() duplicates the I<src> context and returns a newly allocated
context.

EVP_MAC_CTX_mac() returns the B<EVP_MAC> associated with the context
I<ctx>.

=head2 Computing functions

EVP_MAC_init() sets up the underlying context with information given
through diverse controls.
This should be called before calling EVP_MAC_update() and
EVP_MAC_final().

EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input.

EVP_MAC_final() does the final computation and stores the result in
the memory pointed at by I<out> of size I<outsize>, and sets the number
of bytes written in I<*outl> at.
If I<out> is B<NULL> or I<outsize> is too small, then no computation
is made.
To figure out what the output length will be and allocate space for it
dynamically, simply call with I<out> being B<NULL> and I<outl>
pointing at a valid location, then allocate space and make a second
call with I<out> pointing at the allocated space.

EVP_MAC_get_params() retrieves details about the implementation
I<mac>.
The set of parameters given with I<params> determine exactly what
parameters should be retrieved.
Note that a parameter that is unknown in the underlying context is
simply ignored.

EVP_MAC_CTX_get_params() retrieves chosen parameters, given the
context I<ctx> and its underlying context.
The set of parameters given with I<params> determine exactly what
parameters should be retrieved.
Note that a parameter that is unknown in the underlying context is
simply ignored.

EVP_MAC_CTX_set_params() passes chosen parameters to the underlying
context, given a context I<ctx>.
The set of parameters given with I<params> determine exactly what
parameters are passed down.
Note that a parameter that is unknown in the underlying context is
simply ignored.
Also, what happens when a needed parameter isn't passed down is
defined by the implementation.

EVP_MAC_gettable_params(), EVP_MAC_CTX_gettable_params() and
EVP_MAC_CTX_settable_params() get a constant B<OSSL_PARAM> array that
decribes the retrievable and settable parameters, i.e. parameters that
can be used with EVP_MAC_get_params(), EVP_MAC_CTX_get_params()
and EVP_MAC_CTX_set_params(), respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.

=head2 Information functions

EVP_MAC_size() returns the MAC output size for the given context.

EVP_MAC_name() returns the name of the given MAC implementation.

EVP_MAC_is_a() checks if the given I<mac> is an implementation of an
algorithm that's identifiable with I<name>.

EVP_MAC_provider() returns the provider that holds the implementation
of the given I<mac>.

EVP_MAC_do_all_ex() traverses all MAC implemented by all activated
providers in the given library context I<libctx>, and for each of the
implementations, calls the given function I<fn> with the implementation method
and the given I<arg> as argument.

=head1 PARAMETERS

Parameters are identified by name as strings, and have an expected
data type and maximum size.
OpenSSL has a set of macros for parameter names it expects to see in
its own MAC implementations.
Here, we show all three, the OpenSSL macro for the parameter name, the
name in string form, and a type description.

The standard parameter names are:

=over 4

=item B<OSSL_MAC_PARAM_KEY> ("key") <octet string>

Its value is the MAC key as an array of bytes.

For MACs that use an underlying computation algorithm, the algorithm
must be set first, see parameter names "algorithm" below.

=item B<OSSL_MAC_PARAM_IV> ("iv") <octet string>

Some MAC implementations require an IV, this parameter sets the IV.

=item B<OSSL_MAC_PARAM_CUSTOM> ("custom") <octet string>

Some MAC implementations (KMAC, BLAKE2) accept a Customization String,
this parameter sets the Customization String. The default value is the
empty string.

=item B<OSSL_MAC_PARAM_SALT> ("salt") <octet string>

This option is used by BLAKE2 MAC.

=item B<OSSL_MAC_PARAM_XOF> ("xof") <integer>

It's a simple flag, the value 0 or 1 are expected.

This option is used by KMAC.

=item B<OSSL_MAC_PARAM_FLAGS> ("flags") <integer>

These will set the MAC flags to the given numbers.
Some MACs do not support this option.

=item B<OSSL_MAC_PARAM_ENGINE> ("engine") <UTF8 string>

=item B<OSSL_MAC_PARAM_PROPERTIES> ("properties") <UTF8 string>

=item B<OSSL_MAC_PARAM_DIGEST> ("digest") <UTF8 string>

=item B<OSSL_MAC_PARAM_CIPHER> ("cipher") <UTF8 string>

For MAC implementations that use an underlying computation cipher or
digest, these parameters set what the algorithm should be, and the
engine that implements the algorithm or the properties to fetch it
by if needed.

The value is always the name of the intended engine, algorithm,
or the properties.

Note that not all algorithms may support all digests.
HMAC does not support variable output length digests such as SHAKE128
or SHAKE256.

=item B<OSSL_MAC_PARAM_SIZE> ("size") <unsigned integer>

For MAC implementations that support it, set the output size that
EVP_MAC_final() should produce.
The allowed sizes vary between MAC implementations, but must never exceed
what can be given with a B<size_t>.

=back

All these parameters should be used before the calls to any of
EVP_MAC_init(), EVP_MAC_update() and EVP_MAC_final() for a full
computation.
Anything else may give undefined results.

=head1 RETURN VALUES

EVP_MAC_fetch() returns a pointer to a newly fetched EVP_MAC, or
NULL if allocation failed.

EVP_MAC_up_ref() returns 1 on success, 0 on error.

EVP_MAC_free() returns nothing at all.

EVP_MAC_name() returns the name of the MAC, or NULL if NULL was
passed.

EVP_MAC_is_a() returns 1 if the given method can be identified with
the given name, otherwise 0.

EVP_MAC_provider() returns a pointer to the provider for the MAC, or
NULL on error.

EVP_MAC_CTX_new() and EVP_MAC_CTX_dup() return a pointer to a newly
created EVP_MAC_CTX, or NULL if allocation failed.

EVP_MAC_CTX_free() returns nothing at all.

EVP_MAC_CTX_get_params() and EVP_MAC_CTX_set_params() return 1 on
success, 0 on error.

EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0
on error.

EVP_MAC_size() returns the expected output size, or 0 if it isn't
set.
If it isn't set, a call to EVP_MAC_init() should get it set.

EVP_MAC_do_all_ex() returns nothing at all.

=head1 EXAMPLES

  #include <stdlib.h>
  #include <stdio.h>
  #include <string.h>
  #include <stdarg.h>
  #include <unistd.h>

  #include <openssl/evp.h>
  #include <openssl/err.h>
  #include <openssl/params.h>

  int main() {
      EVP_MAC *mac = EVP_MAC_fetch(NULL, getenv("MY_MAC"), NULL);
      const char *cipher = getenv("MY_MAC_CIPHER");
      const char *digest = getenv("MY_MAC_DIGEST");
      const char *key = getenv("MY_KEY");
      EVP_MAC_CTX *ctx = NULL;

      unsigned char buf[4096];
      ssize_t read_l;
      size_t final_l;

      size_t i;

      OSSL_PARAM params[4];
      size_t params_n = 0;

      if (cipher != NULL)
          params[params_n++] =
              OSSL_PARAM_construct_utf8_string("cipher", cipher, 0, NULL);
      if (digest != NULL)
          params[params_n++] =
              OSSL_PARAM_construct_utf8_string("digest", digest, 0, NULL);
      params[params_n++] =
          OSSL_PARAM_construct_octet_string("key", key, strlen(key), NULL);
      params[params_n] = OSSL_PARAM_construct_end();

      if (mac == NULL
          || key == NULL
          || (ctx = EVP_MAC_CTX_new(mac)) == NULL
          || EVP_MAC_CTX_set_params(ctx, params) <= 0)
          goto err;

      if (!EVP_MAC_init(ctx))
          goto err;

      while ( (read_l = read(STDIN_FILENO, buf, sizeof(buf))) < 0) {
          if (!EVP_MAC_update(ctx, buf, read_l))
              goto err;
      }

      if (!EVP_MAC_final(ctx, buf, &final_l))
          goto err;

      printf("Result: ");
      for (i = 0; i < final_l; i++)
          printf("%02X", buf[i]);
      printf("\n");

      EVP_MAC_CTX_free(ctx);
      EVP_MAC_free(mac);
      exit(0);

   err:
      EVP_MAC_CTX_free(ctx);
      EVP_MAC_free(mac);
      fprintf(stderr, "Something went wrong\n");
      ERR_print_errors_fp(stderr);
      exit (1);
  }

A run of this program, called with correct environment variables, can
look like this:

  $ MY_MAC=cmac MY_KEY=secret0123456789 MY_MAC_CIPHER=aes-128-cbc \
    LD_LIBRARY_PATH=. ./foo < foo.c
  Result: ECCAAFF041B22A2299EB90A1B53B6D45

(in this example, that program was stored in F<foo.c> and compiled to
F<./foo>)

=head1 SEE ALSO

L<property(7)>
L<OSSL_PARAM(3)>,
L<EVP_MAC_BLAKE2(7)>,
L<EVP_MAC_CMAC(7)>,
L<EVP_MAC_GMAC(7)>,
L<EVP_MAC_HMAC(7)>,
L<EVP_MAC_KMAC(7)>,
L<EVP_MAC_SIPHASH(7)>,
L<EVP_MAC_POLY1305(7)>

=head1 HISTORY

These functions were added in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
567db2c1 RL	1	=pod
	2
	3	=head1 NAME
	4
7cfa1717 RL	5	EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free,
7cfa1717 RL	6	EVP_MAC_is_a, EVP_MAC_name,
7dd0f299	7	EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
e74bd290 RL	8	EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
	9	EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
	10	EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final,
d1cafb08 RL	11	EVP_MAC_CTX_gettable_params, EVP_MAC_CTX_settable_params,
d1cafb08 RL	12	EVP_MAC_do_all_ex - EVP MAC routines
567db2c1 RL	13
	14	=head1 SYNOPSIS
	15
	16	#include <openssl/evp.h>
	17
	18	typedef struct evp_mac_st EVP_MAC;
	19	typedef struct evp_mac_ctx_st EVP_MAC_CTX;
	20
e74bd290 RL	21	EVP_MAC EVP_MAC_fetch(OPENSSL_CTX libctx, const char *algorithm,
	22	const char *properties);
	23	int EVP_MAC_up_ref(EVP_MAC *mac);
	24	void EVP_MAC_free(EVP_MAC *mac);
7cfa1717	25	int EVP_MAC_is_a(const EVP_MAC mac, const char name);
e74bd290	26	const char EVP_MAC_name(const EVP_MAC mac);
7dd0f299	27	const OSSL_PROVIDER EVP_MAC_provider(const EVP_MAC mac);
e74bd290 RL	28	int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
	29
	30	EVP_MAC_CTX EVP_MAC_CTX_new(EVP_MAC mac);
567db2c1	31	void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
be5fc053	32	EVP_MAC_CTX EVP_MAC_CTX_dup(const EVP_MAC_CTX src);
e74bd290 RL	33	EVP_MAC EVP_MAC_CTX_mac(EVP_MAC_CTX ctx);
	34	int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
	35	int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
	36
567db2c1 RL	37	size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
	38	int EVP_MAC_init(EVP_MAC_CTX *ctx);
	39	int EVP_MAC_update(EVP_MAC_CTX ctx, const unsigned char data, size_t datalen);
e74bd290 RL	40	int EVP_MAC_final(EVP_MAC_CTX *ctx,
	41	unsigned char out, size_t outl, size_t outsize);
	42
	43	const OSSL_PARAM EVP_MAC_gettable_params(const EVP_MAC mac);
	44	const OSSL_PARAM EVP_MAC_CTX_gettable_params(const EVP_MAC mac);
	45	const OSSL_PARAM EVP_MAC_CTX_settable_params(const EVP_MAC mac);
567db2c1	46
d1cafb08 RL	47	void EVP_MAC_do_all_ex(OPENSSL_CTX *libctx,
	48	void (fn)(EVP_MAC mac, void *arg),
	49	void *arg);
	50
567db2c1 RL	51	=head1 DESCRIPTION
	52
	53	These types and functions help the application to calculate MACs of
	54	different types and with different underlying algorithms if there are
	55	any.
	56
	57	MACs are a bit complex insofar that some of them use other algorithms
	58	for actual computation. HMAC uses a digest, and CMAC uses a cipher.
	59	Therefore, there are sometimes two contexts to keep track of, one for
	60	the MAC algorithm itself and one for the underlying computation
	61	algorithm if there is one.
	62
	63	To make things less ambiguous, this manual talks about a "context" or
	64	"MAC context", which is to denote the MAC level context, and about a
	65	"underlying context", or "computation context", which is to denote the
	66	context for the underlying computation algorithm if there is one.
	67
	68	=head2 Types
	69
	70	B<EVP_MAC> is a type that holds the implementation of a MAC.
	71
	72	B<EVP_MAC_CTX> is a context type that holds internal MAC information
	73	as well as a reference to a computation context, for those MACs that
	74	rely on an underlying computation algorithm.
	75
e74bd290 RL	76	=head2 Algorithm implementation fetching
	77
	78	EVP_MAC_fetch() fetches an implementation of a MAC I<algorithm>, given
	79	a library context I<libctx> and a set of I<properties>.
	80	See L<provider(7)/Fetching algorithms> for further information.
	81
	82	The returned value must eventually be freed with
	83	L<EVP_MAC_free(3)>.
	84
	85	EVP_MAC_up_ref() increments the reference count of an already fetched
	86	MAC.
	87
	88	EVP_MAC_free() frees a fetched algorithm.
	89	NULL is a valid parameter, for which this function is a no-op.
	90
567db2c1 RL	91	=head2 Context manipulation functions
567db2c1 RL	92
e74bd290	93	EVP_MAC_CTX_new() creates a new context for the MAC type I<mac>.
567db2c1 RL	94	The created context can then be used with most other functions
	95	described here.
	96
	97	EVP_MAC_CTX_free() frees the contents of the context, including an
	98	underlying context if there is one, as well as the context itself.
e74bd290	99	NULL is a valid parameter, for which this function is a no-op.
567db2c1	100
e74bd290	101	EVP_MAC_CTX_dup() duplicates the I<src> context and returns a newly allocated
be5fc053	102	context.
567db2c1 RL	103
567db2c1 RL	104	EVP_MAC_CTX_mac() returns the B<EVP_MAC> associated with the context
e74bd290	105	I<ctx>.
567db2c1 RL	106
	107	=head2 Computing functions
	108
	109	EVP_MAC_init() sets up the underlying context with information given
	110	through diverse controls.
	111	This should be called before calling EVP_MAC_update() and
	112	EVP_MAC_final().
	113
e74bd290	114	EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input.
567db2c1 RL	115
567db2c1 RL	116	EVP_MAC_final() does the final computation and stores the result in
e74bd290 RL	117	the memory pointed at by I<out> of size I<outsize>, and sets the number
	118	of bytes written in I<*outl> at.
	119	If I<out> is B<NULL> or I<outsize> is too small, then no computation
	120	is made.
567db2c1	121	To figure out what the output length will be and allocate space for it
e74bd290	122	dynamically, simply call with I<out> being B<NULL> and I<outl>
567db2c1	123	pointing at a valid location, then allocate space and make a second
e74bd290 RL	124	call with I<out> pointing at the allocated space.
	125
	126	EVP_MAC_get_params() retrieves details about the implementation
	127	I<mac>.
	128	The set of parameters given with I<params> determine exactly what
	129	parameters should be retrieved.
	130	Note that a parameter that is unknown in the underlying context is
	131	simply ignored.
	132
	133	EVP_MAC_CTX_get_params() retrieves chosen parameters, given the
	134	context I<ctx> and its underlying context.
	135	The set of parameters given with I<params> determine exactly what
	136	parameters should be retrieved.
	137	Note that a parameter that is unknown in the underlying context is
	138	simply ignored.
	139
	140	EVP_MAC_CTX_set_params() passes chosen parameters to the underlying
	141	context, given a context I<ctx>.
	142	The set of parameters given with I<params> determine exactly what
	143	parameters are passed down.
	144	Note that a parameter that is unknown in the underlying context is
	145	simply ignored.
	146	Also, what happens when a needed parameter isn't passed down is
	147	defined by the implementation.
	148
	149	EVP_MAC_gettable_params(), EVP_MAC_CTX_gettable_params() and
	150	EVP_MAC_CTX_settable_params() get a constant B<OSSL_PARAM> array that
	151	decribes the retrievable and settable parameters, i.e. parameters that
ba24076f	152	can be used with EVP_MAC_get_params(), EVP_MAC_CTX_get_params()
e74bd290 RL	153	and EVP_MAC_CTX_set_params(), respectively.
e74bd290 RL	154	See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
567db2c1 RL	155
	156	=head2 Information functions
	157
	158	EVP_MAC_size() returns the MAC output size for the given context.
	159
567db2c1 RL	160	EVP_MAC_name() returns the name of the given MAC implementation.
567db2c1 RL	161
7cfa1717 RL	162	EVP_MAC_is_a() checks if the given I<mac> is an implementation of an
	163	algorithm that's identifiable with I<name>.
	164
7dd0f299 RL	165	EVP_MAC_provider() returns the provider that holds the implementation
	166	of the given I<mac>.
	167
d1cafb08 RL	168	EVP_MAC_do_all_ex() traverses all MAC implemented by all activated
	169	providers in the given library context I<libctx>, and for each of the
	170	implementations, calls the given function I<fn> with the implementation method
	171	and the given I<arg> as argument.
	172
b1cabee8	173	=head1 PARAMETERS
567db2c1	174
e592dbde RL	175	Parameters are identified by name as strings, and have an expected
	176	data type and maximum size.
	177	OpenSSL has a set of macros for parameter names it expects to see in
	178	its own MAC implementations.
	179	Here, we show all three, the OpenSSL macro for the parameter name, the
	180	name in string form, and a type description.
	181
e74bd290	182	The standard parameter names are:
567db2c1 RL	183
	184	=over 4
	185
e592dbde	186	=item B<OSSL_MAC_PARAM_KEY> ("key") <octet string>
567db2c1	187
e74bd290	188	Its value is the MAC key as an array of bytes.
567db2c1 RL	189
567db2c1 RL	190	For MACs that use an underlying computation algorithm, the algorithm
e74bd290	191	must be set first, see parameter names "algorithm" below.
afc580b9	192
e592dbde	193	=item B<OSSL_MAC_PARAM_IV> ("iv") <octet string>
afc580b9	194
e74bd290	195	Some MAC implementations require an IV, this parameter sets the IV.
6e624a64	196
e592dbde	197	=item B<OSSL_MAC_PARAM_CUSTOM> ("custom") <octet string>
6e624a64	198
13b3cd7b	199	Some MAC implementations (KMAC, BLAKE2) accept a Customization String,
e74bd290 RL	200	this parameter sets the Customization String. The default value is the
e74bd290 RL	201	empty string.
6e624a64	202
e592dbde	203	=item B<OSSL_MAC_PARAM_SALT> ("salt") <octet string>
13b3cd7b AS	204
	205	This option is used by BLAKE2 MAC.
	206
e9147bd4	207	=item B<OSSL_MAC_PARAM_XOF> ("xof") <integer>
6e624a64	208
e74bd290	209	It's a simple flag, the value 0 or 1 are expected.
6e624a64 SL	210
	211	This option is used by KMAC.
	212
e9147bd4	213	=item B<OSSL_MAC_PARAM_FLAGS> ("flags") <integer>
567db2c1 RL	214
	215	These will set the MAC flags to the given numbers.
	216	Some MACs do not support this option.
	217
1aa01009	218	=item B<OSSL_MAC_PARAM_ENGINE> ("engine") <UTF8 string>
e74bd290	219
1aa01009	220	=item B<OSSL_MAC_PARAM_PROPERTIES> ("properties") <UTF8 string>
567db2c1	221
1aa01009	222	=item B<OSSL_MAC_PARAM_DIGEST> ("digest") <UTF8 string>
567db2c1	223
1aa01009	224	=item B<OSSL_MAC_PARAM_CIPHER> ("cipher") <UTF8 string>
e74bd290	225
f3b8d77f RL	226	For MAC implementations that use an underlying computation cipher or
	227	digest, these parameters set what the algorithm should be, and the
	228	engine that implements the algorithm or the properties to fetch it
	229	by if needed.
567db2c1	230
f3b8d77f RL	231	The value is always the name of the intended engine, algorithm,
f3b8d77f RL	232	or the properties.
567db2c1	233
e74bd290 RL	234	Note that not all algorithms may support all digests.
	235	HMAC does not support variable output length digests such as SHAKE128
	236	or SHAKE256.
567db2c1	237
e9147bd4	238	=item B<OSSL_MAC_PARAM_SIZE> ("size") <unsigned integer>
567db2c1 RL	239
	240	For MAC implementations that support it, set the output size that
	241	EVP_MAC_final() should produce.
1aa01009 P	242	The allowed sizes vary between MAC implementations, but must never exceed
1aa01009 P	243	what can be given with a B<size_t>.
567db2c1 RL	244
	245	=back
	246
e74bd290	247	All these parameters should be used before the calls to any of
567db2c1 RL	248	EVP_MAC_init(), EVP_MAC_update() and EVP_MAC_final() for a full
	249	computation.
	250	Anything else may give undefined results.
	251
e74bd290	252	=head1 RETURN VALUES
567db2c1	253
e74bd290 RL	254	EVP_MAC_fetch() returns a pointer to a newly fetched EVP_MAC, or
e74bd290 RL	255	NULL if allocation failed.
567db2c1	256
e74bd290 RL	257	EVP_MAC_up_ref() returns 1 on success, 0 on error.
	258
	259	EVP_MAC_free() returns nothing at all.
	260
	261	EVP_MAC_name() returns the name of the MAC, or NULL if NULL was
	262	passed.
567db2c1	263
7cfa1717 RL	264	EVP_MAC_is_a() returns 1 if the given method can be identified with
	265	the given name, otherwise 0.
	266
7dd0f299 RL	267	EVP_MAC_provider() returns a pointer to the provider for the MAC, or
	268	NULL on error.
	269
e74bd290 RL	270	EVP_MAC_CTX_new() and EVP_MAC_CTX_dup() return a pointer to a newly
e74bd290 RL	271	created EVP_MAC_CTX, or NULL if allocation failed.
567db2c1 RL	272
	273	EVP_MAC_CTX_free() returns nothing at all.
	274
e74bd290 RL	275	EVP_MAC_CTX_get_params() and EVP_MAC_CTX_set_params() return 1 on
e74bd290 RL	276	success, 0 on error.
567db2c1	277
e74bd290 RL	278	EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0
e74bd290 RL	279	on error.
567db2c1 RL	280
	281	EVP_MAC_size() returns the expected output size, or 0 if it isn't
	282	set.
	283	If it isn't set, a call to EVP_MAC_init() should get it set.
	284
d1cafb08	285	EVP_MAC_do_all_ex() returns nothing at all.
567db2c1	286
cda77422	287	=head1 EXAMPLES
567db2c1 RL	288
	289	#include <stdlib.h>
	290	#include <stdio.h>
	291	#include <string.h>
	292	#include <stdarg.h>
	293	#include <unistd.h>
	294
	295	#include <openssl/evp.h>
	296	#include <openssl/err.h>
e74bd290	297	#include <openssl/params.h>
567db2c1 RL	298
567db2c1 RL	299	int main() {
e74bd290 RL	300	EVP_MAC *mac = EVP_MAC_fetch(NULL, getenv("MY_MAC"), NULL);
	301	const char *cipher = getenv("MY_MAC_CIPHER");
	302	const char *digest = getenv("MY_MAC_DIGEST");
567db2c1 RL	303	const char *key = getenv("MY_KEY");
	304	EVP_MAC_CTX *ctx = NULL;
	305
	306	unsigned char buf[4096];
	307	ssize_t read_l;
	308	size_t final_l;
	309
	310	size_t i;
	311
e74bd290 RL	312	OSSL_PARAM params[4];
	313	size_t params_n = 0;
	314
	315	if (cipher != NULL)
	316	params[params_n++] =
7f588d20	317	OSSL_PARAM_construct_utf8_string("cipher", cipher, 0, NULL);
e74bd290 RL	318	if (digest != NULL)
e74bd290 RL	319	params[params_n++] =
7f588d20	320	OSSL_PARAM_construct_utf8_string("digest", digest, 0, NULL);
e74bd290 RL	321	params[params_n++] =
	322	OSSL_PARAM_construct_octet_string("key", key, strlen(key), NULL);
	323	params[params_n] = OSSL_PARAM_construct_end();
	324
567db2c1 RL	325	if (mac == NULL
	326	\|\| key == NULL
	327	\|\| (ctx = EVP_MAC_CTX_new(mac)) == NULL
e74bd290	328	\|\| EVP_MAC_CTX_set_params(ctx, params) <= 0)
567db2c1 RL	329	goto err;
	330
	331	if (!EVP_MAC_init(ctx))
	332	goto err;
	333
	334	while ( (read_l = read(STDIN_FILENO, buf, sizeof(buf))) < 0) {
	335	if (!EVP_MAC_update(ctx, buf, read_l))
	336	goto err;
	337	}
	338
	339	if (!EVP_MAC_final(ctx, buf, &final_l))
	340	goto err;
	341
	342	printf("Result: ");
	343	for (i = 0; i < final_l; i++)
	344	printf("%02X", buf[i]);
	345	printf("\n");
	346
	347	EVP_MAC_CTX_free(ctx);
e74bd290	348	EVP_MAC_free(mac);
567db2c1 RL	349	exit(0);
	350
	351	err:
	352	EVP_MAC_CTX_free(ctx);
e74bd290	353	EVP_MAC_free(mac);
567db2c1 RL	354	fprintf(stderr, "Something went wrong\n");
	355	ERR_print_errors_fp(stderr);
	356	exit (1);
	357	}
	358
	359	A run of this program, called with correct environment variables, can
	360	look like this:
	361
	362	$ MY_MAC=cmac MY_KEY=secret0123456789 MY_MAC_CIPHER=aes-128-cbc \
	363	LD_LIBRARY_PATH=. ./foo < foo.c
	364	Result: ECCAAFF041B22A2299EB90A1B53B6D45
	365
	366	(in this example, that program was stored in F<foo.c> and compiled to
	367	F<./foo>)
	368
	369	=head1 SEE ALSO
	370
e74bd290 RL	371	L<property(7)>
e74bd290 RL	372	L<OSSL_PARAM(3)>,
13b3cd7b	373	L<EVP_MAC_BLAKE2(7)>,
6723f867	374	L<EVP_MAC_CMAC(7)>,
afc580b9	375	L<EVP_MAC_GMAC(7)>,
c89d9cda	376	L<EVP_MAC_HMAC(7)>,
6e624a64	377	L<EVP_MAC_KMAC(7)>,
c1da4b2a PY	378	L<EVP_MAC_SIPHASH(7)>,
c1da4b2a PY	379	L<EVP_MAC_POLY1305(7)>
567db2c1	380
be5fc053 KR	381	=head1 HISTORY
be5fc053 KR	382
4674aaf4	383	These functions were added in OpenSSL 3.0.
be5fc053	384
567db2c1 RL	385	=head1 COPYRIGHT
567db2c1 RL	386
e74bd290	387	Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
567db2c1	388
4746f25a	389	Licensed under the Apache License 2.0 (the "License"). You may not use
567db2c1 RL	390	this file except in compliance with the License. You can obtain a copy
	391	in the file LICENSE in the source distribution or at
	392	L<https://www.openssl.org/source/license.html>.
	393
	394	=cut