[thirdparty/openssl.git] / doc / man3 / EVP_MAC.pod

=pod

=head1 NAME

EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free,
EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_names_do_all,
EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
EVP_MAC_CTX, EVP_MAC_new_ctx, EVP_MAC_free_ctx, EVP_MAC_dup_ctx,
EVP_MAC_get_ctx_mac, EVP_MAC_get_ctx_params, EVP_MAC_set_ctx_params,
EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final,
EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
EVP_MAC_do_all_provided - EVP MAC routines

=head1 SYNOPSIS

 #include <openssl/evp.h>

 typedef struct evp_mac_st EVP_MAC;
 typedef struct evp_mac_ctx_st EVP_MAC_CTX;

 EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm,
                        const char *properties);
 int EVP_MAC_up_ref(EVP_MAC *mac);
 void EVP_MAC_free(EVP_MAC *mac);
 int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
 int EVP_MAC_number(const EVP_MAC *mac);
 void EVP_MAC_names_do_all(const EVP_MAC *mac,
                           void (*fn)(const char *name, void *data),
                           void *data);
 const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
 int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);

 EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac);
 void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx);
 EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src);
 EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx);
 int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
 int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);

 size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
 int EVP_MAC_init(EVP_MAC_CTX *ctx);
 int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
 int EVP_MAC_final(EVP_MAC_CTX *ctx,
                   unsigned char *out, size_t *outl, size_t outsize);

 const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
 const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
 const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac);

 void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx,
                              void (*fn)(EVP_MAC *mac, void *arg),
                              void *arg);

=head1 DESCRIPTION

These types and functions help the application to calculate MACs of
different types and with different underlying algorithms if there are
any.

MACs are a bit complex insofar that some of them use other algorithms
for actual computation.  HMAC uses a digest, and CMAC uses a cipher.
Therefore, there are sometimes two contexts to keep track of, one for
the MAC algorithm itself and one for the underlying computation
algorithm if there is one.

To make things less ambiguous, this manual talks about a "context" or
"MAC context", which is to denote the MAC level context, and about a
"underlying context", or "computation context", which is to denote the
context for the underlying computation algorithm if there is one.

=head2 Types

B<EVP_MAC> is a type that holds the implementation of a MAC.

B<EVP_MAC_CTX> is a context type that holds internal MAC information
as well as a reference to a computation context, for those MACs that
rely on an underlying computation algorithm.

=head2 Algorithm implementation fetching

EVP_MAC_fetch() fetches an implementation of a MAC I<algorithm>, given
a library context I<libctx> and a set of I<properties>.
See L<provider(7)/Fetching algorithms> for further information.

See L<OSSL_PROVIDER-default(7)/Message Authentication Code (MAC)> for the list
of algorithms supported by the default provider.

The returned value must eventually be freed with
L<EVP_MAC_free(3)>.

EVP_MAC_up_ref() increments the reference count of an already fetched
MAC.

EVP_MAC_free() frees a fetched algorithm.
NULL is a valid parameter, for which this function is a no-op.

=head2 Context manipulation functions

EVP_MAC_new_ctx() creates a new context for the MAC type I<mac>.
The created context can then be used with most other functions
described here.

EVP_MAC_free_ctx() frees the contents of the context, including an
underlying context if there is one, as well as the context itself.
NULL is a valid parameter, for which this function is a no-op.

EVP_MAC_dup_ctx() duplicates the I<src> context and returns a newly allocated
context.

EVP_MAC_get_ctx_mac() returns the B<EVP_MAC> associated with the context
I<ctx>.

=head2 Computing functions

EVP_MAC_init() sets up the underlying context with information given
through diverse controls.
This should be called before calling EVP_MAC_update() and
EVP_MAC_final().

EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input.

EVP_MAC_final() does the final computation and stores the result in
the memory pointed at by I<out> of size I<outsize>, and sets the number
of bytes written in I<*outl> at.
If I<out> is NULL or I<outsize> is too small, then no computation
is made.
To figure out what the output length will be and allocate space for it
dynamically, simply call with I<out> being NULL and I<outl>
pointing at a valid location, then allocate space and make a second
call with I<out> pointing at the allocated space.

EVP_MAC_get_params() retrieves details about the implementation
I<mac>.
The set of parameters given with I<params> determine exactly what
parameters should be retrieved.
Note that a parameter that is unknown in the underlying context is
simply ignored.

EVP_MAC_get_ctx_params() retrieves chosen parameters, given the
context I<ctx> and its underlying context.
The set of parameters given with I<params> determine exactly what
parameters should be retrieved.
Note that a parameter that is unknown in the underlying context is
simply ignored.

EVP_MAC_set_ctx_params() passes chosen parameters to the underlying
context, given a context I<ctx>.
The set of parameters given with I<params> determine exactly what
parameters are passed down.
Note that a parameter that is unknown in the underlying context is
simply ignored.
Also, what happens when a needed parameter isn't passed down is
defined by the implementation.

EVP_MAC_gettable_params(), EVP_MAC_gettable_ctx_params() and
EVP_MAC_settable_ctx_params() get a constant B<OSSL_PARAM> array that
describes the retrievable and settable parameters, i.e. parameters that
can be used with EVP_MAC_get_params(), EVP_MAC_get_ctx_params()
and EVP_MAC_set_ctx_params(), respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.

=head2 Information functions

EVP_MAC_size() returns the MAC output size for the given context.

EVP_MAC_is_a() checks if the given I<mac> is an implementation of an
algorithm that's identifiable with I<name>.

EVP_MAC_provider() returns the provider that holds the implementation
of the given I<mac>.

EVP_MAC_do_all_provided() traverses all MAC implemented by all activated
providers in the given library context I<libctx>, and for each of the
implementations, calls the given function I<fn> with the implementation method
and the given I<arg> as argument.

EVP_MAC_number() returns the internal dynamic number assigned to
I<mac>.

EVP_MAC_names_do_all() traverses all names for I<mac>, and calls
I<fn> with each name and I<data>.

=head1 PARAMETERS

Parameters are identified by name as strings, and have an expected
data type and maximum size.
OpenSSL has a set of macros for parameter names it expects to see in
its own MAC implementations.
Here, we show all three, the OpenSSL macro for the parameter name, the
name in string form, and a type description.

The standard parameter names are:

=over 4

=item "key" (B<OSSL_MAC_PARAM_KEY>) <octet string>

Its value is the MAC key as an array of bytes.

For MACs that use an underlying computation algorithm, the algorithm
must be set first, see parameter names "algorithm" below.

=item "iv" (B<OSSL_MAC_PARAM_IV>) <octet string>

Some MAC implementations require an IV, this parameter sets the IV.

=item "custom" (B<OSSL_MAC_PARAM_CUSTOM>) <octet string>

Some MAC implementations (KMAC, BLAKE2) accept a Customization String,
this parameter sets the Customization String. The default value is the
empty string.

=item "salt" (B<OSSL_MAC_PARAM_SALT>) <octet string>

This option is used by BLAKE2 MAC.

=item "xof" (B<OSSL_MAC_PARAM_XOF>) <integer>

It's a simple flag, the value 0 or 1 are expected.

This option is used by KMAC.

=item "flags" (B<OSSL_MAC_PARAM_FLAGS>) <integer>

These will set the MAC flags to the given numbers.
Some MACs do not support this option.

=item "properties" (B<OSSL_MAC_PARAM_PROPERTIES>) <UTF8 string>

=item "digest" (B<OSSL_MAC_PARAM_DIGEST>) <UTF8 string>

=item "cipher" (B<OSSL_MAC_PARAM_CIPHER>) <UTF8 string>

For MAC implementations that use an underlying computation cipher or
digest, these parameters set what the algorithm should be.

The value is always the name of the intended algorithm,
or the properties.

Note that not all algorithms may support all digests.
HMAC does not support variable output length digests such as SHAKE128
or SHAKE256.

=item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>

For MAC implementations that support it, set the output size that
EVP_MAC_final() should produce.
The allowed sizes vary between MAC implementations, but must never exceed
what can be given with a B<size_t>.

=back

All these parameters should be used before the calls to any of
EVP_MAC_init(), EVP_MAC_update() and EVP_MAC_final() for a full
computation.
Anything else may give undefined results.

=head1 RETURN VALUES

EVP_MAC_fetch() returns a pointer to a newly fetched EVP_MAC, or
NULL if allocation failed.

EVP_MAC_up_ref() returns 1 on success, 0 on error.

EVP_MAC_free() returns nothing at all.

EVP_MAC_is_a() returns 1 if the given method can be identified with
the given name, otherwise 0.

EVP_MAC_provider() returns a pointer to the provider for the MAC, or
NULL on error.

EVP_MAC_new_ctx() and EVP_MAC_dup_ctx() return a pointer to a newly
created EVP_MAC_CTX, or NULL if allocation failed.

EVP_MAC_free_ctx() returns nothing at all.

EVP_MAC_get_ctx_params() and EVP_MAC_set_ctx_params() return 1 on
success, 0 on error.

EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0
on error.

EVP_MAC_size() returns the expected output size, or 0 if it isn't
set.
If it isn't set, a call to EVP_MAC_init() should get it set.

EVP_MAC_do_all_provided() returns nothing at all.

=head1 EXAMPLES

  #include <stdlib.h>
  #include <stdio.h>
  #include <string.h>
  #include <stdarg.h>
  #include <unistd.h>

  #include <openssl/evp.h>
  #include <openssl/err.h>
  #include <openssl/params.h>

  int main() {
      EVP_MAC *mac = EVP_MAC_fetch(NULL, getenv("MY_MAC"), NULL);
      const char *cipher = getenv("MY_MAC_CIPHER");
      const char *digest = getenv("MY_MAC_DIGEST");
      const char *key = getenv("MY_KEY");
      EVP_MAC_CTX *ctx = NULL;

      unsigned char buf[4096];
      ssize_t read_l;
      size_t final_l;

      size_t i;

      OSSL_PARAM params[4];
      size_t params_n = 0;

      if (cipher != NULL)
          params[params_n++] =
              OSSL_PARAM_construct_utf8_string("cipher", cipher, 0;
      if (digest != NULL)
          params[params_n++] =
              OSSL_PARAM_construct_utf8_string("digest", digest, 0);
      params[params_n++] =
          OSSL_PARAM_construct_octet_string("key", key, strlen(key));
      params[params_n] = OSSL_PARAM_construct_end();

      if (mac == NULL
          || key == NULL
          || (ctx = EVP_MAC_new_ctx(mac)) == NULL
          || EVP_MAC_set_ctx_params(ctx, params) <= 0)
          goto err;

      if (!EVP_MAC_init(ctx))
          goto err;

      while ( (read_l = read(STDIN_FILENO, buf, sizeof(buf))) > 0) {
          if (!EVP_MAC_update(ctx, buf, read_l))
              goto err;
      }

      if (!EVP_MAC_final(ctx, buf, &final_l))
          goto err;

      printf("Result: ");
      for (i = 0; i < final_l; i++)
          printf("%02X", buf[i]);
      printf("\n");

      EVP_MAC_free_ctx(ctx);
      EVP_MAC_free(mac);
      exit(0);

   err:
      EVP_MAC_free_ctx(ctx);
      EVP_MAC_free(mac);
      fprintf(stderr, "Something went wrong\n");
      ERR_print_errors_fp(stderr);
      exit (1);
  }

A run of this program, called with correct environment variables, can
look like this:

  $ MY_MAC=cmac MY_KEY=secret0123456789 MY_MAC_CIPHER=aes-128-cbc \
    LD_LIBRARY_PATH=. ./foo < foo.c
  Result: C5C06683CD9DDEF904D754505C560A4E

(in this example, that program was stored in F<foo.c> and compiled to
F<./foo>)

=head1 SEE ALSO

L<property(7)>
L<OSSL_PARAM(3)>,
L<EVP_MAC-BLAKE2(7)>,
L<EVP_MAC-CMAC(7)>,
L<EVP_MAC-GMAC(7)>,
L<EVP_MAC-HMAC(7)>,
L<EVP_MAC-KMAC(7)>,
L<EVP_MAC-Siphash(7)>,
L<EVP_MAC-Poly1305(7)>

=head1 HISTORY

These functions were added in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
567db2c1 RL	1	=pod
	2
	3	=head1 NAME
	4
7cfa1717	5	EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free,
506cb0f6	6	EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_names_do_all,
7dd0f299	7	EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
d9c2fd51 P	8	EVP_MAC_CTX, EVP_MAC_new_ctx, EVP_MAC_free_ctx, EVP_MAC_dup_ctx,
d9c2fd51 P	9	EVP_MAC_get_ctx_mac, EVP_MAC_get_ctx_params, EVP_MAC_set_ctx_params,
e74bd290	10	EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final,
41f7ecf3	11	EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
251e610c	12	EVP_MAC_do_all_provided - EVP MAC routines
567db2c1 RL	13
	14	=head1 SYNOPSIS
	15
	16	#include <openssl/evp.h>
	17
	18	typedef struct evp_mac_st EVP_MAC;
	19	typedef struct evp_mac_ctx_st EVP_MAC_CTX;
	20
e74bd290 RL	21	EVP_MAC EVP_MAC_fetch(OPENSSL_CTX libctx, const char *algorithm,
	22	const char *properties);
	23	int EVP_MAC_up_ref(EVP_MAC *mac);
	24	void EVP_MAC_free(EVP_MAC *mac);
7cfa1717	25	int EVP_MAC_is_a(const EVP_MAC mac, const char name);
506cb0f6	26	int EVP_MAC_number(const EVP_MAC *mac);
f651c727 RL	27	void EVP_MAC_names_do_all(const EVP_MAC *mac,
	28	void (fn)(const char name, void *data),
	29	void *data);
7dd0f299	30	const OSSL_PROVIDER EVP_MAC_provider(const EVP_MAC mac);
e74bd290 RL	31	int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
e74bd290 RL	32
d9c2fd51 P	33	EVP_MAC_CTX EVP_MAC_new_ctx(EVP_MAC mac);
	34	void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx);
	35	EVP_MAC_CTX EVP_MAC_dup_ctx(const EVP_MAC_CTX src);
	36	EVP_MAC EVP_MAC_get_ctx_mac(EVP_MAC_CTX ctx);
	37	int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
	38	int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
e74bd290	39
567db2c1 RL	40	size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
	41	int EVP_MAC_init(EVP_MAC_CTX *ctx);
	42	int EVP_MAC_update(EVP_MAC_CTX ctx, const unsigned char data, size_t datalen);
e74bd290 RL	43	int EVP_MAC_final(EVP_MAC_CTX *ctx,
	44	unsigned char out, size_t outl, size_t outsize);
	45
	46	const OSSL_PARAM EVP_MAC_gettable_params(const EVP_MAC mac);
41f7ecf3 P	47	const OSSL_PARAM EVP_MAC_gettable_ctx_params(const EVP_MAC mac);
41f7ecf3 P	48	const OSSL_PARAM EVP_MAC_settable_ctx_params(const EVP_MAC mac);
567db2c1	49
251e610c RL	50	void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx,
	51	void (fn)(EVP_MAC mac, void *arg),
	52	void *arg);
d1cafb08	53
567db2c1 RL	54	=head1 DESCRIPTION
	55
	56	These types and functions help the application to calculate MACs of
	57	different types and with different underlying algorithms if there are
	58	any.
	59
	60	MACs are a bit complex insofar that some of them use other algorithms
	61	for actual computation. HMAC uses a digest, and CMAC uses a cipher.
	62	Therefore, there are sometimes two contexts to keep track of, one for
	63	the MAC algorithm itself and one for the underlying computation
	64	algorithm if there is one.
	65
	66	To make things less ambiguous, this manual talks about a "context" or
	67	"MAC context", which is to denote the MAC level context, and about a
	68	"underlying context", or "computation context", which is to denote the
	69	context for the underlying computation algorithm if there is one.
	70
	71	=head2 Types
	72
	73	B<EVP_MAC> is a type that holds the implementation of a MAC.
	74
	75	B<EVP_MAC_CTX> is a context type that holds internal MAC information
	76	as well as a reference to a computation context, for those MACs that
	77	rely on an underlying computation algorithm.
	78
e74bd290 RL	79	=head2 Algorithm implementation fetching
	80
	81	EVP_MAC_fetch() fetches an implementation of a MAC I<algorithm>, given
	82	a library context I<libctx> and a set of I<properties>.
	83	See L<provider(7)/Fetching algorithms> for further information.
	84
b8086652 SL	85	See L<OSSL_PROVIDER-default(7)/Message Authentication Code (MAC)> for the list
	86	of algorithms supported by the default provider.
	87
e74bd290 RL	88	The returned value must eventually be freed with
	89	L<EVP_MAC_free(3)>.
	90
	91	EVP_MAC_up_ref() increments the reference count of an already fetched
	92	MAC.
	93
	94	EVP_MAC_free() frees a fetched algorithm.
	95	NULL is a valid parameter, for which this function is a no-op.
	96
567db2c1 RL	97	=head2 Context manipulation functions
567db2c1 RL	98
d9c2fd51	99	EVP_MAC_new_ctx() creates a new context for the MAC type I<mac>.
567db2c1 RL	100	The created context can then be used with most other functions
	101	described here.
	102
d9c2fd51	103	EVP_MAC_free_ctx() frees the contents of the context, including an
567db2c1	104	underlying context if there is one, as well as the context itself.
e74bd290	105	NULL is a valid parameter, for which this function is a no-op.
567db2c1	106
d9c2fd51	107	EVP_MAC_dup_ctx() duplicates the I<src> context and returns a newly allocated
be5fc053	108	context.
567db2c1	109
d9c2fd51	110	EVP_MAC_get_ctx_mac() returns the B<EVP_MAC> associated with the context
e74bd290	111	I<ctx>.
567db2c1 RL	112
	113	=head2 Computing functions
	114
	115	EVP_MAC_init() sets up the underlying context with information given
	116	through diverse controls.
	117	This should be called before calling EVP_MAC_update() and
	118	EVP_MAC_final().
	119
e74bd290	120	EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input.
567db2c1 RL	121
567db2c1 RL	122	EVP_MAC_final() does the final computation and stores the result in
e74bd290 RL	123	the memory pointed at by I<out> of size I<outsize>, and sets the number
e74bd290 RL	124	of bytes written in I<*outl> at.
ee2161e8	125	If I<out> is NULL or I<outsize> is too small, then no computation
e74bd290	126	is made.
567db2c1	127	To figure out what the output length will be and allocate space for it
ee2161e8	128	dynamically, simply call with I<out> being NULL and I<outl>
567db2c1	129	pointing at a valid location, then allocate space and make a second
e74bd290 RL	130	call with I<out> pointing at the allocated space.
	131
	132	EVP_MAC_get_params() retrieves details about the implementation
	133	I<mac>.
	134	The set of parameters given with I<params> determine exactly what
	135	parameters should be retrieved.
	136	Note that a parameter that is unknown in the underlying context is
	137	simply ignored.
	138
d9c2fd51	139	EVP_MAC_get_ctx_params() retrieves chosen parameters, given the
e74bd290 RL	140	context I<ctx> and its underlying context.
	141	The set of parameters given with I<params> determine exactly what
	142	parameters should be retrieved.
	143	Note that a parameter that is unknown in the underlying context is
	144	simply ignored.
	145
d9c2fd51	146	EVP_MAC_set_ctx_params() passes chosen parameters to the underlying
e74bd290 RL	147	context, given a context I<ctx>.
	148	The set of parameters given with I<params> determine exactly what
	149	parameters are passed down.
	150	Note that a parameter that is unknown in the underlying context is
	151	simply ignored.
	152	Also, what happens when a needed parameter isn't passed down is
	153	defined by the implementation.
	154
41f7ecf3 P	155	EVP_MAC_gettable_params(), EVP_MAC_gettable_ctx_params() and
41f7ecf3 P	156	EVP_MAC_settable_ctx_params() get a constant B<OSSL_PARAM> array that
79c44b4e	157	describes the retrievable and settable parameters, i.e. parameters that
d9c2fd51 P	158	can be used with EVP_MAC_get_params(), EVP_MAC_get_ctx_params()
d9c2fd51 P	159	and EVP_MAC_set_ctx_params(), respectively.
e74bd290	160	See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
567db2c1 RL	161
	162	=head2 Information functions
	163
	164	EVP_MAC_size() returns the MAC output size for the given context.
	165
7cfa1717 RL	166	EVP_MAC_is_a() checks if the given I<mac> is an implementation of an
	167	algorithm that's identifiable with I<name>.
	168
7dd0f299 RL	169	EVP_MAC_provider() returns the provider that holds the implementation
	170	of the given I<mac>.
	171
251e610c	172	EVP_MAC_do_all_provided() traverses all MAC implemented by all activated
d1cafb08 RL	173	providers in the given library context I<libctx>, and for each of the
	174	implementations, calls the given function I<fn> with the implementation method
	175	and the given I<arg> as argument.
	176
506cb0f6 RL	177	EVP_MAC_number() returns the internal dynamic number assigned to
	178	I<mac>.
	179
f651c727 RL	180	EVP_MAC_names_do_all() traverses all names for I<mac>, and calls
	181	I<fn> with each name and I<data>.
	182
b1cabee8	183	=head1 PARAMETERS
567db2c1	184
e592dbde RL	185	Parameters are identified by name as strings, and have an expected
	186	data type and maximum size.
	187	OpenSSL has a set of macros for parameter names it expects to see in
	188	its own MAC implementations.
	189	Here, we show all three, the OpenSSL macro for the parameter name, the
	190	name in string form, and a type description.
	191
e74bd290	192	The standard parameter names are:
567db2c1 RL	193
	194	=over 4
	195
0c452a51	196	=item "key" (B<OSSL_MAC_PARAM_KEY>) <octet string>
567db2c1	197
e74bd290	198	Its value is the MAC key as an array of bytes.
567db2c1 RL	199
567db2c1 RL	200	For MACs that use an underlying computation algorithm, the algorithm
e74bd290	201	must be set first, see parameter names "algorithm" below.
afc580b9	202
0c452a51	203	=item "iv" (B<OSSL_MAC_PARAM_IV>) <octet string>
afc580b9	204
e74bd290	205	Some MAC implementations require an IV, this parameter sets the IV.
6e624a64	206
0c452a51	207	=item "custom" (B<OSSL_MAC_PARAM_CUSTOM>) <octet string>
6e624a64	208
13b3cd7b	209	Some MAC implementations (KMAC, BLAKE2) accept a Customization String,
e74bd290 RL	210	this parameter sets the Customization String. The default value is the
e74bd290 RL	211	empty string.
6e624a64	212
0c452a51	213	=item "salt" (B<OSSL_MAC_PARAM_SALT>) <octet string>
13b3cd7b AS	214
	215	This option is used by BLAKE2 MAC.
	216
0c452a51	217	=item "xof" (B<OSSL_MAC_PARAM_XOF>) <integer>
6e624a64	218
e74bd290	219	It's a simple flag, the value 0 or 1 are expected.
6e624a64 SL	220
	221	This option is used by KMAC.
	222
0c452a51	223	=item "flags" (B<OSSL_MAC_PARAM_FLAGS>) <integer>
567db2c1 RL	224
	225	These will set the MAC flags to the given numbers.
	226	Some MACs do not support this option.
	227
0c452a51	228	=item "properties" (B<OSSL_MAC_PARAM_PROPERTIES>) <UTF8 string>
567db2c1	229
0c452a51	230	=item "digest" (B<OSSL_MAC_PARAM_DIGEST>) <UTF8 string>
567db2c1	231
0c452a51	232	=item "cipher" (B<OSSL_MAC_PARAM_CIPHER>) <UTF8 string>
e74bd290	233
f3b8d77f	234	For MAC implementations that use an underlying computation cipher or
9bd9c440	235	digest, these parameters set what the algorithm should be.
567db2c1	236
9bd9c440	237	The value is always the name of the intended algorithm,
f3b8d77f	238	or the properties.
567db2c1	239
e74bd290 RL	240	Note that not all algorithms may support all digests.
	241	HMAC does not support variable output length digests such as SHAKE128
	242	or SHAKE256.
567db2c1	243
0c452a51	244	=item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
567db2c1 RL	245
	246	For MAC implementations that support it, set the output size that
	247	EVP_MAC_final() should produce.
1aa01009 P	248	The allowed sizes vary between MAC implementations, but must never exceed
1aa01009 P	249	what can be given with a B<size_t>.
567db2c1 RL	250
	251	=back
	252
e74bd290	253	All these parameters should be used before the calls to any of
567db2c1 RL	254	EVP_MAC_init(), EVP_MAC_update() and EVP_MAC_final() for a full
	255	computation.
	256	Anything else may give undefined results.
	257
e74bd290	258	=head1 RETURN VALUES
567db2c1	259
e74bd290 RL	260	EVP_MAC_fetch() returns a pointer to a newly fetched EVP_MAC, or
e74bd290 RL	261	NULL if allocation failed.
567db2c1	262
e74bd290 RL	263	EVP_MAC_up_ref() returns 1 on success, 0 on error.
	264
	265	EVP_MAC_free() returns nothing at all.
	266
7cfa1717 RL	267	EVP_MAC_is_a() returns 1 if the given method can be identified with
	268	the given name, otherwise 0.
	269
7dd0f299 RL	270	EVP_MAC_provider() returns a pointer to the provider for the MAC, or
	271	NULL on error.
	272
d9c2fd51	273	EVP_MAC_new_ctx() and EVP_MAC_dup_ctx() return a pointer to a newly
e74bd290	274	created EVP_MAC_CTX, or NULL if allocation failed.
567db2c1	275
d9c2fd51	276	EVP_MAC_free_ctx() returns nothing at all.
567db2c1	277
d9c2fd51	278	EVP_MAC_get_ctx_params() and EVP_MAC_set_ctx_params() return 1 on
e74bd290	279	success, 0 on error.
567db2c1	280
e74bd290 RL	281	EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0
e74bd290 RL	282	on error.
567db2c1 RL	283
	284	EVP_MAC_size() returns the expected output size, or 0 if it isn't
	285	set.
	286	If it isn't set, a call to EVP_MAC_init() should get it set.
	287
251e610c	288	EVP_MAC_do_all_provided() returns nothing at all.
567db2c1	289
cda77422	290	=head1 EXAMPLES
567db2c1 RL	291
	292	#include <stdlib.h>
	293	#include <stdio.h>
	294	#include <string.h>
	295	#include <stdarg.h>
	296	#include <unistd.h>
	297
	298	#include <openssl/evp.h>
	299	#include <openssl/err.h>
e74bd290	300	#include <openssl/params.h>
567db2c1 RL	301
567db2c1 RL	302	int main() {
e74bd290 RL	303	EVP_MAC *mac = EVP_MAC_fetch(NULL, getenv("MY_MAC"), NULL);
	304	const char *cipher = getenv("MY_MAC_CIPHER");
	305	const char *digest = getenv("MY_MAC_DIGEST");
567db2c1 RL	306	const char *key = getenv("MY_KEY");
	307	EVP_MAC_CTX *ctx = NULL;
	308
	309	unsigned char buf[4096];
	310	ssize_t read_l;
	311	size_t final_l;
	312
	313	size_t i;
	314
e74bd290 RL	315	OSSL_PARAM params[4];
	316	size_t params_n = 0;
	317
	318	if (cipher != NULL)
	319	params[params_n++] =
6926be0b	320	OSSL_PARAM_construct_utf8_string("cipher", cipher, 0;
e74bd290 RL	321	if (digest != NULL)
e74bd290 RL	322	params[params_n++] =
6926be0b	323	OSSL_PARAM_construct_utf8_string("digest", digest, 0);
e74bd290	324	params[params_n++] =
6926be0b	325	OSSL_PARAM_construct_octet_string("key", key, strlen(key));
e74bd290 RL	326	params[params_n] = OSSL_PARAM_construct_end();
e74bd290 RL	327
567db2c1 RL	328	if (mac == NULL
567db2c1 RL	329	\|\| key == NULL
d9c2fd51 P	330	\|\| (ctx = EVP_MAC_new_ctx(mac)) == NULL
d9c2fd51 P	331	\|\| EVP_MAC_set_ctx_params(ctx, params) <= 0)
567db2c1 RL	332	goto err;
	333
	334	if (!EVP_MAC_init(ctx))
	335	goto err;
	336
38e6c490	337	while ( (read_l = read(STDIN_FILENO, buf, sizeof(buf))) > 0) {
567db2c1 RL	338	if (!EVP_MAC_update(ctx, buf, read_l))
	339	goto err;
	340	}
	341
	342	if (!EVP_MAC_final(ctx, buf, &final_l))
	343	goto err;
	344
	345	printf("Result: ");
	346	for (i = 0; i < final_l; i++)
	347	printf("%02X", buf[i]);
	348	printf("\n");
	349
d9c2fd51	350	EVP_MAC_free_ctx(ctx);
e74bd290	351	EVP_MAC_free(mac);
567db2c1 RL	352	exit(0);
	353
	354	err:
d9c2fd51	355	EVP_MAC_free_ctx(ctx);
e74bd290	356	EVP_MAC_free(mac);
567db2c1 RL	357	fprintf(stderr, "Something went wrong\n");
	358	ERR_print_errors_fp(stderr);
	359	exit (1);
	360	}
	361
	362	A run of this program, called with correct environment variables, can
	363	look like this:
	364
	365	$ MY_MAC=cmac MY_KEY=secret0123456789 MY_MAC_CIPHER=aes-128-cbc \
	366	LD_LIBRARY_PATH=. ./foo < foo.c
38e6c490	367	Result: C5C06683CD9DDEF904D754505C560A4E
567db2c1 RL	368
	369	(in this example, that program was stored in F<foo.c> and compiled to
	370	F<./foo>)
	371
	372	=head1 SEE ALSO
	373
e74bd290 RL	374	L<property(7)>
e74bd290 RL	375	L<OSSL_PARAM(3)>,
d7cea0b8 RS	376	L<EVP_MAC-BLAKE2(7)>,
	377	L<EVP_MAC-CMAC(7)>,
	378	L<EVP_MAC-GMAC(7)>,
	379	L<EVP_MAC-HMAC(7)>,
	380	L<EVP_MAC-KMAC(7)>,
	381	L<EVP_MAC-Siphash(7)>,
	382	L<EVP_MAC-Poly1305(7)>
567db2c1	383
be5fc053 KR	384	=head1 HISTORY
be5fc053 KR	385
4674aaf4	386	These functions were added in OpenSSL 3.0.
be5fc053	387
567db2c1 RL	388	=head1 COPYRIGHT
567db2c1 RL	389
33388b44	390	Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
567db2c1	391
4746f25a	392	Licensed under the Apache License 2.0 (the "License"). You may not use
567db2c1 RL	393	this file except in compliance with the License. You can obtain a copy
	394	in the file LICENSE in the source distribution or at
	395	L<https://www.openssl.org/source/license.html>.
	396
	397	=cut