]>
Commit | Line | Data |
---|---|---|
567db2c1 RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
7cfa1717 | 5 | EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free, |
506cb0f6 | 6 | EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_names_do_all, |
7dd0f299 | 7 | EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params, |
d9c2fd51 P |
8 | EVP_MAC_CTX, EVP_MAC_new_ctx, EVP_MAC_free_ctx, EVP_MAC_dup_ctx, |
9 | EVP_MAC_get_ctx_mac, EVP_MAC_get_ctx_params, EVP_MAC_set_ctx_params, | |
e74bd290 | 10 | EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, |
41f7ecf3 | 11 | EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params, |
251e610c | 12 | EVP_MAC_do_all_provided - EVP MAC routines |
567db2c1 RL |
13 | |
14 | =head1 SYNOPSIS | |
15 | ||
16 | #include <openssl/evp.h> | |
17 | ||
18 | typedef struct evp_mac_st EVP_MAC; | |
19 | typedef struct evp_mac_ctx_st EVP_MAC_CTX; | |
20 | ||
e74bd290 RL |
21 | EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, |
22 | const char *properties); | |
23 | int EVP_MAC_up_ref(EVP_MAC *mac); | |
24 | void EVP_MAC_free(EVP_MAC *mac); | |
7cfa1717 | 25 | int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); |
506cb0f6 | 26 | int EVP_MAC_number(const EVP_MAC *mac); |
f651c727 RL |
27 | void EVP_MAC_names_do_all(const EVP_MAC *mac, |
28 | void (*fn)(const char *name, void *data), | |
29 | void *data); | |
7dd0f299 | 30 | const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac); |
e74bd290 RL |
31 | int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); |
32 | ||
d9c2fd51 P |
33 | EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac); |
34 | void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx); | |
35 | EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src); | |
36 | EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx); | |
37 | int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); | |
38 | int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); | |
e74bd290 | 39 | |
567db2c1 RL |
40 | size_t EVP_MAC_size(EVP_MAC_CTX *ctx); |
41 | int EVP_MAC_init(EVP_MAC_CTX *ctx); | |
42 | int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen); | |
e74bd290 RL |
43 | int EVP_MAC_final(EVP_MAC_CTX *ctx, |
44 | unsigned char *out, size_t *outl, size_t outsize); | |
45 | ||
46 | const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac); | |
41f7ecf3 P |
47 | const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac); |
48 | const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac); | |
567db2c1 | 49 | |
251e610c RL |
50 | void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx, |
51 | void (*fn)(EVP_MAC *mac, void *arg), | |
52 | void *arg); | |
d1cafb08 | 53 | |
567db2c1 RL |
54 | =head1 DESCRIPTION |
55 | ||
56 | These types and functions help the application to calculate MACs of | |
57 | different types and with different underlying algorithms if there are | |
58 | any. | |
59 | ||
60 | MACs are a bit complex insofar that some of them use other algorithms | |
61 | for actual computation. HMAC uses a digest, and CMAC uses a cipher. | |
62 | Therefore, there are sometimes two contexts to keep track of, one for | |
63 | the MAC algorithm itself and one for the underlying computation | |
64 | algorithm if there is one. | |
65 | ||
66 | To make things less ambiguous, this manual talks about a "context" or | |
67 | "MAC context", which is to denote the MAC level context, and about a | |
68 | "underlying context", or "computation context", which is to denote the | |
69 | context for the underlying computation algorithm if there is one. | |
70 | ||
71 | =head2 Types | |
72 | ||
73 | B<EVP_MAC> is a type that holds the implementation of a MAC. | |
74 | ||
75 | B<EVP_MAC_CTX> is a context type that holds internal MAC information | |
76 | as well as a reference to a computation context, for those MACs that | |
77 | rely on an underlying computation algorithm. | |
78 | ||
e74bd290 RL |
79 | =head2 Algorithm implementation fetching |
80 | ||
81 | EVP_MAC_fetch() fetches an implementation of a MAC I<algorithm>, given | |
82 | a library context I<libctx> and a set of I<properties>. | |
83 | See L<provider(7)/Fetching algorithms> for further information. | |
84 | ||
b8086652 SL |
85 | See L<OSSL_PROVIDER-default(7)/Message Authentication Code (MAC)> for the list |
86 | of algorithms supported by the default provider. | |
87 | ||
e74bd290 RL |
88 | The returned value must eventually be freed with |
89 | L<EVP_MAC_free(3)>. | |
90 | ||
91 | EVP_MAC_up_ref() increments the reference count of an already fetched | |
92 | MAC. | |
93 | ||
94 | EVP_MAC_free() frees a fetched algorithm. | |
95 | NULL is a valid parameter, for which this function is a no-op. | |
96 | ||
567db2c1 RL |
97 | =head2 Context manipulation functions |
98 | ||
d9c2fd51 | 99 | EVP_MAC_new_ctx() creates a new context for the MAC type I<mac>. |
567db2c1 RL |
100 | The created context can then be used with most other functions |
101 | described here. | |
102 | ||
d9c2fd51 | 103 | EVP_MAC_free_ctx() frees the contents of the context, including an |
567db2c1 | 104 | underlying context if there is one, as well as the context itself. |
e74bd290 | 105 | NULL is a valid parameter, for which this function is a no-op. |
567db2c1 | 106 | |
d9c2fd51 | 107 | EVP_MAC_dup_ctx() duplicates the I<src> context and returns a newly allocated |
be5fc053 | 108 | context. |
567db2c1 | 109 | |
d9c2fd51 | 110 | EVP_MAC_get_ctx_mac() returns the B<EVP_MAC> associated with the context |
e74bd290 | 111 | I<ctx>. |
567db2c1 RL |
112 | |
113 | =head2 Computing functions | |
114 | ||
115 | EVP_MAC_init() sets up the underlying context with information given | |
116 | through diverse controls. | |
117 | This should be called before calling EVP_MAC_update() and | |
118 | EVP_MAC_final(). | |
119 | ||
e74bd290 | 120 | EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input. |
567db2c1 RL |
121 | |
122 | EVP_MAC_final() does the final computation and stores the result in | |
e74bd290 RL |
123 | the memory pointed at by I<out> of size I<outsize>, and sets the number |
124 | of bytes written in I<*outl> at. | |
ee2161e8 | 125 | If I<out> is NULL or I<outsize> is too small, then no computation |
e74bd290 | 126 | is made. |
567db2c1 | 127 | To figure out what the output length will be and allocate space for it |
ee2161e8 | 128 | dynamically, simply call with I<out> being NULL and I<outl> |
567db2c1 | 129 | pointing at a valid location, then allocate space and make a second |
e74bd290 RL |
130 | call with I<out> pointing at the allocated space. |
131 | ||
132 | EVP_MAC_get_params() retrieves details about the implementation | |
133 | I<mac>. | |
134 | The set of parameters given with I<params> determine exactly what | |
135 | parameters should be retrieved. | |
136 | Note that a parameter that is unknown in the underlying context is | |
137 | simply ignored. | |
138 | ||
d9c2fd51 | 139 | EVP_MAC_get_ctx_params() retrieves chosen parameters, given the |
e74bd290 RL |
140 | context I<ctx> and its underlying context. |
141 | The set of parameters given with I<params> determine exactly what | |
142 | parameters should be retrieved. | |
143 | Note that a parameter that is unknown in the underlying context is | |
144 | simply ignored. | |
145 | ||
d9c2fd51 | 146 | EVP_MAC_set_ctx_params() passes chosen parameters to the underlying |
e74bd290 RL |
147 | context, given a context I<ctx>. |
148 | The set of parameters given with I<params> determine exactly what | |
149 | parameters are passed down. | |
150 | Note that a parameter that is unknown in the underlying context is | |
151 | simply ignored. | |
152 | Also, what happens when a needed parameter isn't passed down is | |
153 | defined by the implementation. | |
154 | ||
41f7ecf3 P |
155 | EVP_MAC_gettable_params(), EVP_MAC_gettable_ctx_params() and |
156 | EVP_MAC_settable_ctx_params() get a constant B<OSSL_PARAM> array that | |
79c44b4e | 157 | describes the retrievable and settable parameters, i.e. parameters that |
d9c2fd51 P |
158 | can be used with EVP_MAC_get_params(), EVP_MAC_get_ctx_params() |
159 | and EVP_MAC_set_ctx_params(), respectively. | |
e74bd290 | 160 | See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor. |
567db2c1 RL |
161 | |
162 | =head2 Information functions | |
163 | ||
164 | EVP_MAC_size() returns the MAC output size for the given context. | |
165 | ||
7cfa1717 RL |
166 | EVP_MAC_is_a() checks if the given I<mac> is an implementation of an |
167 | algorithm that's identifiable with I<name>. | |
168 | ||
7dd0f299 RL |
169 | EVP_MAC_provider() returns the provider that holds the implementation |
170 | of the given I<mac>. | |
171 | ||
251e610c | 172 | EVP_MAC_do_all_provided() traverses all MAC implemented by all activated |
d1cafb08 RL |
173 | providers in the given library context I<libctx>, and for each of the |
174 | implementations, calls the given function I<fn> with the implementation method | |
175 | and the given I<arg> as argument. | |
176 | ||
506cb0f6 RL |
177 | EVP_MAC_number() returns the internal dynamic number assigned to |
178 | I<mac>. | |
179 | ||
f651c727 RL |
180 | EVP_MAC_names_do_all() traverses all names for I<mac>, and calls |
181 | I<fn> with each name and I<data>. | |
182 | ||
b1cabee8 | 183 | =head1 PARAMETERS |
567db2c1 | 184 | |
e592dbde RL |
185 | Parameters are identified by name as strings, and have an expected |
186 | data type and maximum size. | |
187 | OpenSSL has a set of macros for parameter names it expects to see in | |
188 | its own MAC implementations. | |
189 | Here, we show all three, the OpenSSL macro for the parameter name, the | |
190 | name in string form, and a type description. | |
191 | ||
e74bd290 | 192 | The standard parameter names are: |
567db2c1 RL |
193 | |
194 | =over 4 | |
195 | ||
0c452a51 | 196 | =item "key" (B<OSSL_MAC_PARAM_KEY>) <octet string> |
567db2c1 | 197 | |
e74bd290 | 198 | Its value is the MAC key as an array of bytes. |
567db2c1 RL |
199 | |
200 | For MACs that use an underlying computation algorithm, the algorithm | |
e74bd290 | 201 | must be set first, see parameter names "algorithm" below. |
afc580b9 | 202 | |
0c452a51 | 203 | =item "iv" (B<OSSL_MAC_PARAM_IV>) <octet string> |
afc580b9 | 204 | |
e74bd290 | 205 | Some MAC implementations require an IV, this parameter sets the IV. |
6e624a64 | 206 | |
0c452a51 | 207 | =item "custom" (B<OSSL_MAC_PARAM_CUSTOM>) <octet string> |
6e624a64 | 208 | |
13b3cd7b | 209 | Some MAC implementations (KMAC, BLAKE2) accept a Customization String, |
e74bd290 RL |
210 | this parameter sets the Customization String. The default value is the |
211 | empty string. | |
6e624a64 | 212 | |
0c452a51 | 213 | =item "salt" (B<OSSL_MAC_PARAM_SALT>) <octet string> |
13b3cd7b AS |
214 | |
215 | This option is used by BLAKE2 MAC. | |
216 | ||
0c452a51 | 217 | =item "xof" (B<OSSL_MAC_PARAM_XOF>) <integer> |
6e624a64 | 218 | |
e74bd290 | 219 | It's a simple flag, the value 0 or 1 are expected. |
6e624a64 SL |
220 | |
221 | This option is used by KMAC. | |
222 | ||
0c452a51 | 223 | =item "flags" (B<OSSL_MAC_PARAM_FLAGS>) <integer> |
567db2c1 RL |
224 | |
225 | These will set the MAC flags to the given numbers. | |
226 | Some MACs do not support this option. | |
227 | ||
0c452a51 | 228 | =item "properties" (B<OSSL_MAC_PARAM_PROPERTIES>) <UTF8 string> |
567db2c1 | 229 | |
0c452a51 | 230 | =item "digest" (B<OSSL_MAC_PARAM_DIGEST>) <UTF8 string> |
567db2c1 | 231 | |
0c452a51 | 232 | =item "cipher" (B<OSSL_MAC_PARAM_CIPHER>) <UTF8 string> |
e74bd290 | 233 | |
f3b8d77f | 234 | For MAC implementations that use an underlying computation cipher or |
9bd9c440 | 235 | digest, these parameters set what the algorithm should be. |
567db2c1 | 236 | |
9bd9c440 | 237 | The value is always the name of the intended algorithm, |
f3b8d77f | 238 | or the properties. |
567db2c1 | 239 | |
e74bd290 RL |
240 | Note that not all algorithms may support all digests. |
241 | HMAC does not support variable output length digests such as SHAKE128 | |
242 | or SHAKE256. | |
567db2c1 | 243 | |
0c452a51 | 244 | =item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer> |
567db2c1 RL |
245 | |
246 | For MAC implementations that support it, set the output size that | |
247 | EVP_MAC_final() should produce. | |
1aa01009 P |
248 | The allowed sizes vary between MAC implementations, but must never exceed |
249 | what can be given with a B<size_t>. | |
567db2c1 RL |
250 | |
251 | =back | |
252 | ||
e74bd290 | 253 | All these parameters should be used before the calls to any of |
567db2c1 RL |
254 | EVP_MAC_init(), EVP_MAC_update() and EVP_MAC_final() for a full |
255 | computation. | |
256 | Anything else may give undefined results. | |
257 | ||
e74bd290 | 258 | =head1 RETURN VALUES |
567db2c1 | 259 | |
e74bd290 RL |
260 | EVP_MAC_fetch() returns a pointer to a newly fetched EVP_MAC, or |
261 | NULL if allocation failed. | |
567db2c1 | 262 | |
e74bd290 RL |
263 | EVP_MAC_up_ref() returns 1 on success, 0 on error. |
264 | ||
265 | EVP_MAC_free() returns nothing at all. | |
266 | ||
7cfa1717 RL |
267 | EVP_MAC_is_a() returns 1 if the given method can be identified with |
268 | the given name, otherwise 0. | |
269 | ||
7dd0f299 RL |
270 | EVP_MAC_provider() returns a pointer to the provider for the MAC, or |
271 | NULL on error. | |
272 | ||
d9c2fd51 | 273 | EVP_MAC_new_ctx() and EVP_MAC_dup_ctx() return a pointer to a newly |
e74bd290 | 274 | created EVP_MAC_CTX, or NULL if allocation failed. |
567db2c1 | 275 | |
d9c2fd51 | 276 | EVP_MAC_free_ctx() returns nothing at all. |
567db2c1 | 277 | |
d9c2fd51 | 278 | EVP_MAC_get_ctx_params() and EVP_MAC_set_ctx_params() return 1 on |
e74bd290 | 279 | success, 0 on error. |
567db2c1 | 280 | |
e74bd290 RL |
281 | EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0 |
282 | on error. | |
567db2c1 RL |
283 | |
284 | EVP_MAC_size() returns the expected output size, or 0 if it isn't | |
285 | set. | |
286 | If it isn't set, a call to EVP_MAC_init() should get it set. | |
287 | ||
251e610c | 288 | EVP_MAC_do_all_provided() returns nothing at all. |
567db2c1 | 289 | |
cda77422 | 290 | =head1 EXAMPLES |
567db2c1 RL |
291 | |
292 | #include <stdlib.h> | |
293 | #include <stdio.h> | |
294 | #include <string.h> | |
295 | #include <stdarg.h> | |
296 | #include <unistd.h> | |
297 | ||
298 | #include <openssl/evp.h> | |
299 | #include <openssl/err.h> | |
e74bd290 | 300 | #include <openssl/params.h> |
567db2c1 RL |
301 | |
302 | int main() { | |
e74bd290 RL |
303 | EVP_MAC *mac = EVP_MAC_fetch(NULL, getenv("MY_MAC"), NULL); |
304 | const char *cipher = getenv("MY_MAC_CIPHER"); | |
305 | const char *digest = getenv("MY_MAC_DIGEST"); | |
567db2c1 RL |
306 | const char *key = getenv("MY_KEY"); |
307 | EVP_MAC_CTX *ctx = NULL; | |
308 | ||
309 | unsigned char buf[4096]; | |
310 | ssize_t read_l; | |
311 | size_t final_l; | |
312 | ||
313 | size_t i; | |
314 | ||
e74bd290 RL |
315 | OSSL_PARAM params[4]; |
316 | size_t params_n = 0; | |
317 | ||
318 | if (cipher != NULL) | |
319 | params[params_n++] = | |
6926be0b | 320 | OSSL_PARAM_construct_utf8_string("cipher", cipher, 0; |
e74bd290 RL |
321 | if (digest != NULL) |
322 | params[params_n++] = | |
6926be0b | 323 | OSSL_PARAM_construct_utf8_string("digest", digest, 0); |
e74bd290 | 324 | params[params_n++] = |
6926be0b | 325 | OSSL_PARAM_construct_octet_string("key", key, strlen(key)); |
e74bd290 RL |
326 | params[params_n] = OSSL_PARAM_construct_end(); |
327 | ||
567db2c1 RL |
328 | if (mac == NULL |
329 | || key == NULL | |
d9c2fd51 P |
330 | || (ctx = EVP_MAC_new_ctx(mac)) == NULL |
331 | || EVP_MAC_set_ctx_params(ctx, params) <= 0) | |
567db2c1 RL |
332 | goto err; |
333 | ||
334 | if (!EVP_MAC_init(ctx)) | |
335 | goto err; | |
336 | ||
38e6c490 | 337 | while ( (read_l = read(STDIN_FILENO, buf, sizeof(buf))) > 0) { |
567db2c1 RL |
338 | if (!EVP_MAC_update(ctx, buf, read_l)) |
339 | goto err; | |
340 | } | |
341 | ||
342 | if (!EVP_MAC_final(ctx, buf, &final_l)) | |
343 | goto err; | |
344 | ||
345 | printf("Result: "); | |
346 | for (i = 0; i < final_l; i++) | |
347 | printf("%02X", buf[i]); | |
348 | printf("\n"); | |
349 | ||
d9c2fd51 | 350 | EVP_MAC_free_ctx(ctx); |
e74bd290 | 351 | EVP_MAC_free(mac); |
567db2c1 RL |
352 | exit(0); |
353 | ||
354 | err: | |
d9c2fd51 | 355 | EVP_MAC_free_ctx(ctx); |
e74bd290 | 356 | EVP_MAC_free(mac); |
567db2c1 RL |
357 | fprintf(stderr, "Something went wrong\n"); |
358 | ERR_print_errors_fp(stderr); | |
359 | exit (1); | |
360 | } | |
361 | ||
362 | A run of this program, called with correct environment variables, can | |
363 | look like this: | |
364 | ||
365 | $ MY_MAC=cmac MY_KEY=secret0123456789 MY_MAC_CIPHER=aes-128-cbc \ | |
366 | LD_LIBRARY_PATH=. ./foo < foo.c | |
38e6c490 | 367 | Result: C5C06683CD9DDEF904D754505C560A4E |
567db2c1 RL |
368 | |
369 | (in this example, that program was stored in F<foo.c> and compiled to | |
370 | F<./foo>) | |
371 | ||
372 | =head1 SEE ALSO | |
373 | ||
e74bd290 RL |
374 | L<property(7)> |
375 | L<OSSL_PARAM(3)>, | |
d7cea0b8 RS |
376 | L<EVP_MAC-BLAKE2(7)>, |
377 | L<EVP_MAC-CMAC(7)>, | |
378 | L<EVP_MAC-GMAC(7)>, | |
379 | L<EVP_MAC-HMAC(7)>, | |
380 | L<EVP_MAC-KMAC(7)>, | |
381 | L<EVP_MAC-Siphash(7)>, | |
382 | L<EVP_MAC-Poly1305(7)> | |
567db2c1 | 383 | |
be5fc053 KR |
384 | =head1 HISTORY |
385 | ||
4674aaf4 | 386 | These functions were added in OpenSSL 3.0. |
be5fc053 | 387 | |
567db2c1 RL |
388 | =head1 COPYRIGHT |
389 | ||
33388b44 | 390 | Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. |
567db2c1 | 391 | |
4746f25a | 392 | Licensed under the Apache License 2.0 (the "License"). You may not use |
567db2c1 RL |
393 | this file except in compliance with the License. You can obtain a copy |
394 | in the file LICENSE in the source distribution or at | |
395 | L<https://www.openssl.org/source/license.html>. | |
396 | ||
397 | =cut |