]>
Commit | Line | Data |
---|---|---|
e592dbde RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
d7cea0b8 | 5 | EVP_MAC-KMAC, EVP_MAC-KMAC128, EVP_MAC-KMAC256 |
e592dbde RL |
6 | - The KMAC EVP_MAC implementations |
7 | ||
8 | =head1 DESCRIPTION | |
9 | ||
10 | Support for computing KMAC MACs through the B<EVP_MAC> API. | |
11 | ||
12 | =head2 Identity | |
13 | ||
14 | These implementations are identified with one of these names and | |
15 | properties, to be used with EVP_MAC_fetch(): | |
16 | ||
17 | =over 4 | |
18 | ||
745fc918 | 19 | =item "KMAC-128", "provider=default" or "provider=fips" |
e592dbde | 20 | |
745fc918 | 21 | =item "KMAC-256", "provider=default" or "provider=fips" |
e592dbde RL |
22 | |
23 | =back | |
24 | ||
25 | =head2 Supported parameters | |
26 | ||
27 | The general description of these parameters can be found in | |
fddb1847 | 28 | L<EVP_MAC(3)/PARAMETERS>. |
e592dbde | 29 | |
865adf97 | 30 | All these parameters can be set with EVP_MAC_CTX_set_params(). |
e592dbde | 31 | Furthermore, the "size" parameter can be retrieved with |
90a2576b | 32 | EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_mac_size(). |
f49a65d0 | 33 | The length of the "size" parameter should not exceed that of a B<size_t>. |
e592dbde RL |
34 | |
35 | =over 4 | |
36 | ||
0c452a51 | 37 | =item "key" (B<OSSL_MAC_PARAM_KEY>) <octet string> |
e592dbde | 38 | |
8593ff00 RL |
39 | Sets the MAC key. |
40 | Setting this parameter is identical to passing a I<key> to L<EVP_MAC_init(3)>. | |
41 | ||
0c452a51 | 42 | =item "custom" (B<OSSL_MAC_PARAM_CUSTOM>) <octet string> |
e592dbde | 43 | |
8593ff00 RL |
44 | Sets the custom value. |
45 | It is an optional value of at most 127 bytes, and is empty by default. | |
46 | ||
0c452a51 | 47 | =item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer> |
e592dbde | 48 | |
8593ff00 RL |
49 | Sets the MAC size. |
50 | By default, it is 16 for C<KMAC-128> and 32 for C<KMAC-256>. | |
51 | ||
0c452a51 | 52 | =item "xof" (B<OSSL_MAC_PARAM_XOF>) <integer> |
e592dbde | 53 | |
317b7c57 SL |
54 | The "xof" parameter value is expected to be 1 or 0. Use 1 to enable XOF mode. |
55 | The default value is 0. | |
56 | ||
e592dbde RL |
57 | =back |
58 | ||
9258f7ef | 59 | The "custom" parameter must be set as part of or before the EVP_MAC_init() call. |
317b7c57 | 60 | The "xof" and "size" parameters can be set at any time before EVP_MAC_final(). |
9258f7ef P |
61 | The "key" parameter is set as part of the EVP_MAC_init() call, but can be |
62 | set before it instead. | |
317b7c57 SL |
63 | |
64 | =head1 EXAMPLES | |
65 | ||
66 | #include <openssl/evp.h> | |
67 | #include <openssl/params.h> | |
68 | ||
69 | static int do_kmac(const unsigned char *in, size_t in_len, | |
70 | const unsigned char *key, size_t key_len, | |
71 | const unsigned char *custom, size_t custom_len, | |
72 | int xof_enabled, unsigned char *out, int out_len) | |
73 | { | |
74 | EVP_MAC_CTX *ctx = NULL; | |
75 | EVP_MAC *mac = NULL; | |
76 | OSSL_PARAM params[4], *p; | |
77 | int ret = 0; | |
78 | size_t l = 0; | |
79 | ||
80 | mac = EVP_MAC_fetch(NULL, "KMAC-128", NULL); | |
81 | if (mac == NULL) | |
82 | goto err; | |
83 | ctx = EVP_MAC_CTX_new(mac); | |
84 | /* The mac can be freed after it is used by EVP_MAC_CTX_new */ | |
85 | EVP_MAC_free(mac); | |
86 | if (ctx == NULL) | |
87 | goto err; | |
88 | ||
89 | /* | |
90 | * Setup parameters required before calling EVP_MAC_init() | |
91 | * The parameters OSSL_MAC_PARAM_XOF and OSSL_MAC_PARAM_SIZE may also be | |
92 | * used at this point. | |
93 | */ | |
94 | p = params; | |
95 | *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, | |
96 | (void *)key, key_len); | |
97 | if (custom != NULL && custom_len != 0) | |
98 | *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_CUSTOM, | |
99 | (void *)custom, custom_len); | |
100 | *p = OSSL_PARAM_construct_end(); | |
101 | if (!EVP_MAC_CTX_set_params(ctx, params)) | |
102 | goto err; | |
103 | ||
104 | if (!EVP_MAC_init(ctx)) | |
105 | goto err; | |
106 | ||
107 | /* | |
108 | * Note: the following optional parameters can be set any time | |
109 | * before EVP_MAC_final(). | |
110 | */ | |
111 | p = params; | |
112 | *p++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_XOF, &xof_enabled); | |
113 | *p++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_SIZE, &out_len); | |
114 | *p = OSSL_PARAM_construct_end(); | |
115 | if (!EVP_MAC_CTX_set_params(ctx, params)) | |
116 | goto err; | |
117 | ||
118 | /* The update may be called multiple times here for streamed input */ | |
119 | if (!EVP_MAC_update(ctx, in, in_len)) | |
120 | goto err; | |
121 | if (!EVP_MAC_final(ctx, out, &l, out_len)) | |
122 | goto err; | |
123 | ret = 1; | |
124 | err: | |
125 | EVP_MAC_CTX_free(ctx); | |
126 | return ret; | |
127 | } | |
e592dbde RL |
128 | |
129 | =head1 SEE ALSO | |
130 | ||
865adf97 | 131 | L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, |
fddb1847 | 132 | L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)> |
e592dbde RL |
133 | |
134 | =head1 COPYRIGHT | |
135 | ||
8020d79b | 136 | Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved. |
e592dbde RL |
137 | |
138 | Licensed under the Apache License 2.0 (the "License"). You may not use | |
139 | this file except in compliance with the License. You can obtain a copy | |
140 | in the file LICENSE in the source distribution or at | |
141 | L<https://www.openssl.org/source/license.html>. | |
142 | ||
143 | =cut |