]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8e787b1)
Fix SHAKE AlgorithmIdentifier encodings
authorDaniel Van Geest <daniel.vangeest@cryptonext-security.com>
Fri, 28 Mar 2025 10:40:32 +0000 (10:40 +0000)
committerTomas Mraz <tomas@openssl.org>
Tue, 10 Jun 2025 17:42:00 +0000 (19:42 +0200)
NIST CSOR specifies that the id-shake128 and id-shake256
algorithm identifiers, like the SHA-3 ones, do not carry
any parameters.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27190)

crypto/evp/legacy_sha.c patch | blob | blame | history
providers/implementations/digests/sha3_prov.c patch | blob | blame | history

diff --git a/crypto/evp/legacy_sha.c b/crypto/evp/legacy_sha.c
index 38423ff540f5685f19ff695987295d62ec7b3c37..72c4da985f0268785a7355e56d6f9d29d2528ae5 100644 (file)
--- a/crypto/evp/legacy_sha.c
+++ b/crypto/evp/legacy_sha.c
@@ -216,7 +216,7 @@ const EVP_MD *EVP_shake##bitlen(void)                                          \
         NID_shake##bitlen,                                                     \
         0,                                                                     \
         bitlen / 8,                                                            \
-        EVP_MD_FLAG_XOF,                                                       \
+        EVP_MD_FLAG_XOF | EVP_MD_FLAG_DIGALGID_ABSENT,                         \
         EVP_ORIG_GLOBAL,                                                       \
         LEGACY_EVP_MD_METH_TABLE(shake_init, sha3_int_update, sha3_int_final,  \
                         shake_ctrl, (KECCAK1600_WIDTH - bitlen * 2) / 8),      \
diff --git a/providers/implementations/digests/sha3_prov.c b/providers/implementations/digests/sha3_prov.c
index d4f6d9797cd3bb545994efcdad427d72b56fe70d..407089d98fa37375ca7cb26584b72adaa7e11bbb 100644 (file)
--- a/providers/implementations/digests/sha3_prov.c
+++ b/providers/implementations/digests/sha3_prov.c
@@ -20,7 +20,7 @@
 #include "prov/implementations.h"
 
 #define SHA3_FLAGS PROV_DIGEST_FLAG_ALGID_ABSENT
-#define SHAKE_FLAGS PROV_DIGEST_FLAG_XOF
+#define SHAKE_FLAGS (PROV_DIGEST_FLAG_XOF | PROV_DIGEST_FLAG_ALGID_ABSENT)
 #define KMAC_FLAGS PROV_DIGEST_FLAG_XOF
 
 /*
Mirror of https://github.com/openssl/openssl.git