int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
const OSSL_PARAM params[])
{
+ if (ctx->meth->init == NULL) {
+ ERR_raise(ERR_R_EVP_LIB, ERR_R_UNSUPPORTED);
+ return 0;
+ }
return ctx->meth->init(ctx->algctx, key, keylen, params);
}
+int EVP_MAC_init_SKEY(EVP_MAC_CTX *ctx, EVP_SKEY *skey, const OSSL_PARAM params[])
+{
+ if (ctx->meth->init_skey == NULL
+ || skey->skeymgmt->prov != ctx->meth->prov
+ || ctx->meth->init_skey == NULL) {
+ ERR_raise(ERR_R_EVP_LIB, ERR_R_UNSUPPORTED);
+ return 0;
+ }
+ return ctx->meth->init_skey(ctx->algctx, skey->keydata, params);
+}
+
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
{
return ctx->meth->update(ctx->algctx, data, datalen);
{
const OSSL_DISPATCH *fns = algodef->implementation;
EVP_MAC *mac = NULL;
- int fnmaccnt = 0, fnctxcnt = 0;
+ int fnmaccnt = 0, fnctxcnt = 0, mac_init_found = 0;
if ((mac = evp_mac_new()) == NULL) {
ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
if (mac->init != NULL)
break;
mac->init = OSSL_FUNC_mac_init(fns);
- fnmaccnt++;
+ mac_init_found = 1;
break;
case OSSL_FUNC_MAC_UPDATE:
if (mac->update != NULL)
break;
mac->set_ctx_params = OSSL_FUNC_mac_set_ctx_params(fns);
break;
+ case OSSL_FUNC_MAC_INIT_SKEY:
+ if (mac->init_skey != NULL)
+ break;
+ mac->init_skey = OSSL_FUNC_mac_init_skey(fns);
+ mac_init_found = 1;
+ break;
}
}
+ fnmaccnt += mac_init_found;
if (fnmaccnt != 3
|| fnctxcnt != 2) {
/*
EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
EVP_MAC_CTX_get0_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
EVP_MAC_CTX_get_mac_size, EVP_MAC_CTX_get_block_size, EVP_Q_mac,
-EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, EVP_MAC_finalXOF,
+EVP_MAC_init, EVP_MAC_init_SKEY, EVP_MAC_update, EVP_MAC_final, EVP_MAC_finalXOF,
EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
EVP_MAC_CTX_gettable_params, EVP_MAC_CTX_settable_params,
EVP_MAC_do_all_provided - EVP MAC routines
unsigned char *out, size_t outsize, size_t *outlen);
int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
const OSSL_PARAM params[]);
+ int EVP_MAC_init_SKEY(EVP_MAC_CTX *ctx, EVP_SKEY *skey, const OSSL_PARAM params[]);
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
EVP_MAC_init() should be called before EVP_MAC_update() and EVP_MAC_final().
+EVP_MAC_init_SKEY() is similar to EVP_MAC_init() but it accepts an opaque
+B<EVP_SKEY> object as a key.
+
EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input.
EVP_MAC_final() does the final computation and stores the result in
EVP_Q_mac() returns a pointer to the computed MAC value, or NULL on error.
-EVP_MAC_init(), EVP_MAC_update(), EVP_MAC_final(), and EVP_MAC_finalXOF()
-return 1 on success, 0 on error.
+EVP_MAC_init(), EVP_MAC_init_SKEY(), EVP_MAC_update(), EVP_MAC_final(), and
+EVP_MAC_finalXOF() return 1 on success, 0 on error.
EVP_MAC_CTX_get_mac_size() returns the expected output size, or 0 if it isn't
set. If it isn't set, a call to EVP_MAC_init() will set it.
These functions were added in OpenSSL 3.0.
+The EVP_MAC_init_SKEY() function was added in OpenSSL 3.5.
+
=head1 COPYRIGHT
Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.
/* Encryption/decryption */
int OSSL_FUNC_mac_init(void *mctx, unsigned char *key, size_t keylen,
const OSSL_PARAM params[]);
+ int OSSL_FUNC_mac_init_skey(void *mctx, const void *key, const OSSL_PARAM params[]);
int OSSL_FUNC_mac_update(void *mctx, const unsigned char *in, size_t inl);
int OSSL_FUNC_mac_final(void *mctx, unsigned char *out, size_t *outl, size_t outsize);
OSSL_FUNC_mac_dupctx OSSL_FUNC_MAC_DUPCTX
OSSL_FUNC_mac_init OSSL_FUNC_MAC_INIT
+ OSSL_FUNC_mac_init_skey OSSL_FUNC_MAC_INIT_SKEY
OSSL_FUNC_mac_update OSSL_FUNC_MAC_UPDATE
OSSL_FUNC_mac_final OSSL_FUNC_MAC_FINAL
A mac algorithm implementation may not implement all of these functions.
In order to be a consistent set of functions, at least the following functions
-must be implemented: OSSL_FUNC_mac_newctx(), OSSL_FUNC_mac_freectx(), OSSL_FUNC_mac_init(),
+must be implemented: OSSL_FUNC_mac_newctx(), OSSL_FUNC_mac_freectx(),
+at least one of OSSL_FUNC_mac_init() or OSSL_FUNC_mac_init_skey(),
OSSL_FUNC_mac_update(), OSSL_FUNC_mac_final().
All other functions are optional.
side mac context in the I<mctx> parameter. The I<params> are set before setting
the MAC I<key> of I<keylen> bytes.
+OSSL_FUNC_mac_init_skey() is similar but uses an opaque provider-specific object
+to initialize the MAC context.
+
OSSL_FUNC_mac_update() is called to supply data for MAC computation of a previously
initialised mac operation.
The I<mctx> parameter contains a pointer to a previously initialised provider
OSSL_FUNC_mac_newctx() and OSSL_FUNC_mac_dupctx() should return the newly created
provider side mac context, or NULL on failure.
-OSSL_FUNC_mac_init(), OSSL_FUNC_mac_update(), OSSL_FUNC_mac_final(), OSSL_FUNC_mac_get_params(),
+OSSL_FUNC_mac_init(), OSSL_FUNC_mac_init_skey(),
+OSSL_FUNC_mac_update(), OSSL_FUNC_mac_final(), OSSL_FUNC_mac_get_params(),
OSSL_FUNC_mac_get_ctx_params() and OSSL_FUNC_mac_set_ctx_params() should return 1 for
success or 0 on error.
The provider MAC interface was introduced in OpenSSL 3.0.
The parameters "no-short-mac" and "fips-indicator" were added in OpenSSL 3.4.
+The function OSSL_FUNC_mac_init_skey() was introduced in OpenSSL 3.5.
+
=head1 COPYRIGHT
Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
OSSL_FUNC_mac_get_params_fn *get_params;
OSSL_FUNC_mac_get_ctx_params_fn *get_ctx_params;
OSSL_FUNC_mac_set_ctx_params_fn *set_ctx_params;
+ OSSL_FUNC_mac_init_skey_fn *init_skey;
};
struct evp_kdf_st {
# define OSSL_FUNC_MAC_GETTABLE_PARAMS 10
# define OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS 11
# define OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS 12
+# define OSSL_FUNC_MAC_INIT_SKEY 13
OSSL_CORE_MAKE_FUNC(void *, mac_newctx, (void *provctx))
OSSL_CORE_MAKE_FUNC(void *, mac_dupctx, (void *src))
(void *mctx, OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, mac_set_ctx_params,
(void *mctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, mac_init_skey, (void *mctx, void *key, const OSSL_PARAM params[]))
/* KDFs and PRFs */
unsigned char *out, size_t outsize, size_t *outlen);
int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
const OSSL_PARAM params[]);
+int EVP_MAC_init_SKEY(EVP_MAC_CTX *ctx, EVP_SKEY *skey, const OSSL_PARAM params[]);
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
EVP_SKEYMGMT_is_a ? 3_5_0 EXIST::FUNCTION:
EVP_SKEYMGMT_do_all_provided ? 3_5_0 EXIST::FUNCTION:
EVP_SKEYMGMT_names_do_all ? 3_5_0 EXIST::FUNCTION:
+EVP_MAC_init_SKEY ? 3_5_0 EXIST::FUNCTION:
+EVP_SKEY_get0_key_id ? 3_5_0 EXIST::FUNCTION:
+EVP_SKEY_get0_skeymgmt_name ? 3_5_0 EXIST::FUNCTION:
+EVP_SKEY_get0_provider_name ? 3_5_0 EXIST::FUNCTION:
+EVP_SKEYMGMT_get0_gen_settable_params ? 3_5_0 EXIST::FUNCTION:
+EVP_SKEYMGMT_get0_imp_settable_params ? 3_5_0 EXIST::FUNCTION:
OSSL_PROVIDER_add_conf_parameter ? 3_5_0 EXIST::FUNCTION:
OSSL_PROVIDER_get_conf_parameters ? 3_5_0 EXIST::FUNCTION:
OSSL_PROVIDER_conf_get_bool ? 3_5_0 EXIST::FUNCTION:
projects / thirdparty / openssl.git / commitdiff
