]>
Commit | Line | Data |
---|---|---|
567db2c1 RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
e74bd290 RL |
5 | EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free, EVP_MAC_name, |
6 | EVP_MAC_get_params, EVP_MAC_gettable_params, | |
7 | EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup, | |
8 | EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params, | |
9 | EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, | |
10 | EVP_MAC_CTX_gettable_params, EVP_MAC_CTX_settable_params | |
11 | - EVP MAC routines | |
567db2c1 RL |
12 | |
13 | =head1 SYNOPSIS | |
14 | ||
15 | #include <openssl/evp.h> | |
16 | ||
17 | typedef struct evp_mac_st EVP_MAC; | |
18 | typedef struct evp_mac_ctx_st EVP_MAC_CTX; | |
19 | ||
e74bd290 RL |
20 | EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, |
21 | const char *properties); | |
22 | int EVP_MAC_up_ref(EVP_MAC *mac); | |
23 | void EVP_MAC_free(EVP_MAC *mac); | |
24 | const char *EVP_MAC_name(const EVP_MAC *mac); | |
25 | int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); | |
26 | ||
27 | EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); | |
567db2c1 | 28 | void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); |
be5fc053 | 29 | EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); |
e74bd290 RL |
30 | EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx); |
31 | int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); | |
32 | int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); | |
33 | ||
567db2c1 RL |
34 | size_t EVP_MAC_size(EVP_MAC_CTX *ctx); |
35 | int EVP_MAC_init(EVP_MAC_CTX *ctx); | |
36 | int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen); | |
e74bd290 RL |
37 | int EVP_MAC_final(EVP_MAC_CTX *ctx, |
38 | unsigned char *out, size_t *outl, size_t outsize); | |
39 | ||
40 | const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac); | |
41 | const OSSL_PARAM *EVP_MAC_CTX_gettable_params(const EVP_MAC *mac); | |
42 | const OSSL_PARAM *EVP_MAC_CTX_settable_params(const EVP_MAC *mac); | |
567db2c1 RL |
43 | |
44 | =head1 DESCRIPTION | |
45 | ||
46 | These types and functions help the application to calculate MACs of | |
47 | different types and with different underlying algorithms if there are | |
48 | any. | |
49 | ||
50 | MACs are a bit complex insofar that some of them use other algorithms | |
51 | for actual computation. HMAC uses a digest, and CMAC uses a cipher. | |
52 | Therefore, there are sometimes two contexts to keep track of, one for | |
53 | the MAC algorithm itself and one for the underlying computation | |
54 | algorithm if there is one. | |
55 | ||
56 | To make things less ambiguous, this manual talks about a "context" or | |
57 | "MAC context", which is to denote the MAC level context, and about a | |
58 | "underlying context", or "computation context", which is to denote the | |
59 | context for the underlying computation algorithm if there is one. | |
60 | ||
61 | =head2 Types | |
62 | ||
63 | B<EVP_MAC> is a type that holds the implementation of a MAC. | |
64 | ||
65 | B<EVP_MAC_CTX> is a context type that holds internal MAC information | |
66 | as well as a reference to a computation context, for those MACs that | |
67 | rely on an underlying computation algorithm. | |
68 | ||
e74bd290 RL |
69 | =head2 Algorithm implementation fetching |
70 | ||
71 | EVP_MAC_fetch() fetches an implementation of a MAC I<algorithm>, given | |
72 | a library context I<libctx> and a set of I<properties>. | |
73 | See L<provider(7)/Fetching algorithms> for further information. | |
74 | ||
75 | The returned value must eventually be freed with | |
76 | L<EVP_MAC_free(3)>. | |
77 | ||
78 | EVP_MAC_up_ref() increments the reference count of an already fetched | |
79 | MAC. | |
80 | ||
81 | EVP_MAC_free() frees a fetched algorithm. | |
82 | NULL is a valid parameter, for which this function is a no-op. | |
83 | ||
567db2c1 RL |
84 | =head2 Context manipulation functions |
85 | ||
e74bd290 | 86 | EVP_MAC_CTX_new() creates a new context for the MAC type I<mac>. |
567db2c1 RL |
87 | The created context can then be used with most other functions |
88 | described here. | |
89 | ||
90 | EVP_MAC_CTX_free() frees the contents of the context, including an | |
91 | underlying context if there is one, as well as the context itself. | |
e74bd290 | 92 | NULL is a valid parameter, for which this function is a no-op. |
567db2c1 | 93 | |
e74bd290 | 94 | EVP_MAC_CTX_dup() duplicates the I<src> context and returns a newly allocated |
be5fc053 | 95 | context. |
567db2c1 RL |
96 | |
97 | EVP_MAC_CTX_mac() returns the B<EVP_MAC> associated with the context | |
e74bd290 | 98 | I<ctx>. |
567db2c1 RL |
99 | |
100 | =head2 Computing functions | |
101 | ||
102 | EVP_MAC_init() sets up the underlying context with information given | |
103 | through diverse controls. | |
104 | This should be called before calling EVP_MAC_update() and | |
105 | EVP_MAC_final(). | |
106 | ||
e74bd290 | 107 | EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input. |
567db2c1 RL |
108 | |
109 | EVP_MAC_final() does the final computation and stores the result in | |
e74bd290 RL |
110 | the memory pointed at by I<out> of size I<outsize>, and sets the number |
111 | of bytes written in I<*outl> at. | |
112 | If I<out> is B<NULL> or I<outsize> is too small, then no computation | |
113 | is made. | |
567db2c1 | 114 | To figure out what the output length will be and allocate space for it |
e74bd290 | 115 | dynamically, simply call with I<out> being B<NULL> and I<outl> |
567db2c1 | 116 | pointing at a valid location, then allocate space and make a second |
e74bd290 RL |
117 | call with I<out> pointing at the allocated space. |
118 | ||
119 | EVP_MAC_get_params() retrieves details about the implementation | |
120 | I<mac>. | |
121 | The set of parameters given with I<params> determine exactly what | |
122 | parameters should be retrieved. | |
123 | Note that a parameter that is unknown in the underlying context is | |
124 | simply ignored. | |
125 | ||
126 | EVP_MAC_CTX_get_params() retrieves chosen parameters, given the | |
127 | context I<ctx> and its underlying context. | |
128 | The set of parameters given with I<params> determine exactly what | |
129 | parameters should be retrieved. | |
130 | Note that a parameter that is unknown in the underlying context is | |
131 | simply ignored. | |
132 | ||
133 | EVP_MAC_CTX_set_params() passes chosen parameters to the underlying | |
134 | context, given a context I<ctx>. | |
135 | The set of parameters given with I<params> determine exactly what | |
136 | parameters are passed down. | |
137 | Note that a parameter that is unknown in the underlying context is | |
138 | simply ignored. | |
139 | Also, what happens when a needed parameter isn't passed down is | |
140 | defined by the implementation. | |
141 | ||
142 | EVP_MAC_gettable_params(), EVP_MAC_CTX_gettable_params() and | |
143 | EVP_MAC_CTX_settable_params() get a constant B<OSSL_PARAM> array that | |
144 | decribes the retrievable and settable parameters, i.e. parameters that | |
145 | can be used with EVP_MAC_CTX_get_params(), EVP_MAC_CTX_get_params() | |
146 | and EVP_MAC_CTX_set_params(), respectively. | |
147 | See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor. | |
567db2c1 RL |
148 | |
149 | =head2 Information functions | |
150 | ||
151 | EVP_MAC_size() returns the MAC output size for the given context. | |
152 | ||
567db2c1 RL |
153 | EVP_MAC_name() returns the name of the given MAC implementation. |
154 | ||
e74bd290 | 155 | =head1 PARAMETER NAMES |
567db2c1 | 156 | |
e74bd290 | 157 | The standard parameter names are: |
567db2c1 RL |
158 | |
159 | =over 4 | |
160 | ||
e74bd290 | 161 | =item OSSL_MAC_PARAM_KEY ("key") <octet string> |
567db2c1 | 162 | |
e74bd290 | 163 | Its value is the MAC key as an array of bytes. |
567db2c1 RL |
164 | |
165 | For MACs that use an underlying computation algorithm, the algorithm | |
e74bd290 | 166 | must be set first, see parameter names "algorithm" below. |
afc580b9 | 167 | |
e74bd290 | 168 | =item OSSL_MAC_PARAM_IV ("iv") <octet string> |
afc580b9 | 169 | |
e74bd290 | 170 | Some MAC implementations require an IV, this parameter sets the IV. |
6e624a64 | 171 | |
e74bd290 | 172 | =item OSSL_MAC_PARAM_CUSTOM ("custom") <octet string> |
6e624a64 | 173 | |
13b3cd7b | 174 | Some MAC implementations (KMAC, BLAKE2) accept a Customization String, |
e74bd290 RL |
175 | this parameter sets the Customization String. The default value is the |
176 | empty string. | |
6e624a64 | 177 | |
e74bd290 | 178 | =item OSSL_MAC_PARAM_SALT ("salt") <octet string> |
13b3cd7b AS |
179 | |
180 | This option is used by BLAKE2 MAC. | |
181 | ||
e74bd290 | 182 | =item OSSL_MAC_PARAM_XOF ("xof") <int> |
6e624a64 | 183 | |
e74bd290 | 184 | It's a simple flag, the value 0 or 1 are expected. |
6e624a64 SL |
185 | |
186 | This option is used by KMAC. | |
187 | ||
e74bd290 | 188 | =item OSSL_MAC_PARAM_FLAGS ("flags") <int> |
567db2c1 RL |
189 | |
190 | These will set the MAC flags to the given numbers. | |
191 | Some MACs do not support this option. | |
192 | ||
e74bd290 RL |
193 | =item OSSL_MAC_PARAM_ENGINE ("engine") <utf8string> |
194 | ||
195 | =item OSSL_MAC_PARAM_MD ("md") <utf8string> | |
567db2c1 | 196 | |
e74bd290 | 197 | =item OSSL_MAC_PARAM_DIGEST ("digest") <utf8string> |
567db2c1 | 198 | |
e74bd290 RL |
199 | =item OSSL_MAC_PARAM_CIPHER ("cipher") <utf8string> |
200 | ||
201 | =item OSSL_MAC_PARAM_ALGORITHM ("algorithm") <utf8string> | |
567db2c1 RL |
202 | |
203 | For MAC implementations that use an underlying computation algorithm, | |
e74bd290 | 204 | these parameters set what the algorithm should be, and the engine that |
567db2c1 RL |
205 | implements the algorithm if needed. |
206 | ||
e74bd290 | 207 | The value is always the name of the intended engine or algorithm. |
567db2c1 | 208 | |
e74bd290 RL |
209 | Note that not all algorithms may support all digests. |
210 | HMAC does not support variable output length digests such as SHAKE128 | |
211 | or SHAKE256. | |
567db2c1 | 212 | |
e74bd290 RL |
213 | Also note that OSSL_MAC_PARAM_ALGORITHM can be use generically instead |
214 | of OSSL_MAC_PARAM_MD, OSSL_MAC_PARAM_DIGEST or OSSL_MAC_PARAM_CIPHER, | |
215 | and that OSSL_MAC_PARAM_MD and OSSL_MAC_PARAM_DIGEST are also interchangable. | |
567db2c1 | 216 | |
e74bd290 | 217 | =item OSSL_MAC_PARAM_SIZE <unsigned int> |
567db2c1 RL |
218 | |
219 | For MAC implementations that support it, set the output size that | |
220 | EVP_MAC_final() should produce. | |
221 | The allowed sizes vary between MAC implementations. | |
222 | ||
223 | =back | |
224 | ||
e74bd290 | 225 | All these parameters should be used before the calls to any of |
567db2c1 RL |
226 | EVP_MAC_init(), EVP_MAC_update() and EVP_MAC_final() for a full |
227 | computation. | |
228 | Anything else may give undefined results. | |
229 | ||
e74bd290 | 230 | =head1 RETURN VALUES |
567db2c1 | 231 | |
e74bd290 RL |
232 | EVP_MAC_fetch() returns a pointer to a newly fetched EVP_MAC, or |
233 | NULL if allocation failed. | |
567db2c1 | 234 | |
e74bd290 RL |
235 | EVP_MAC_up_ref() returns 1 on success, 0 on error. |
236 | ||
237 | EVP_MAC_free() returns nothing at all. | |
238 | ||
239 | EVP_MAC_name() returns the name of the MAC, or NULL if NULL was | |
240 | passed. | |
567db2c1 | 241 | |
e74bd290 RL |
242 | EVP_MAC_CTX_new() and EVP_MAC_CTX_dup() return a pointer to a newly |
243 | created EVP_MAC_CTX, or NULL if allocation failed. | |
567db2c1 RL |
244 | |
245 | EVP_MAC_CTX_free() returns nothing at all. | |
246 | ||
e74bd290 RL |
247 | EVP_MAC_CTX_get_params() and EVP_MAC_CTX_set_params() return 1 on |
248 | success, 0 on error. | |
567db2c1 | 249 | |
e74bd290 RL |
250 | EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0 |
251 | on error. | |
567db2c1 RL |
252 | |
253 | EVP_MAC_size() returns the expected output size, or 0 if it isn't | |
254 | set. | |
255 | If it isn't set, a call to EVP_MAC_init() should get it set. | |
256 | ||
567db2c1 RL |
257 | |
258 | =head1 EXAMPLE | |
259 | ||
260 | #include <stdlib.h> | |
261 | #include <stdio.h> | |
262 | #include <string.h> | |
263 | #include <stdarg.h> | |
264 | #include <unistd.h> | |
265 | ||
266 | #include <openssl/evp.h> | |
267 | #include <openssl/err.h> | |
e74bd290 | 268 | #include <openssl/params.h> |
567db2c1 RL |
269 | |
270 | int main() { | |
e74bd290 RL |
271 | EVP_MAC *mac = EVP_MAC_fetch(NULL, getenv("MY_MAC"), NULL); |
272 | const char *cipher = getenv("MY_MAC_CIPHER"); | |
273 | const char *digest = getenv("MY_MAC_DIGEST"); | |
567db2c1 RL |
274 | const char *key = getenv("MY_KEY"); |
275 | EVP_MAC_CTX *ctx = NULL; | |
276 | ||
277 | unsigned char buf[4096]; | |
278 | ssize_t read_l; | |
279 | size_t final_l; | |
280 | ||
281 | size_t i; | |
282 | ||
e74bd290 RL |
283 | OSSL_PARAM params[4]; |
284 | size_t params_n = 0; | |
285 | ||
286 | if (cipher != NULL) | |
287 | params[params_n++] = | |
288 | OSSL_PARAM_construct_utf8_string("cipher", cipher, | |
289 | strlen(cipher) + 1, NULL); | |
290 | if (digest != NULL) | |
291 | params[params_n++] = | |
292 | OSSL_PARAM_construct_utf8_string("digest", digest, | |
293 | strlen(digest) + 1, NULL); | |
294 | params[params_n++] = | |
295 | OSSL_PARAM_construct_octet_string("key", key, strlen(key), NULL); | |
296 | params[params_n] = OSSL_PARAM_construct_end(); | |
297 | ||
567db2c1 RL |
298 | if (mac == NULL |
299 | || key == NULL | |
300 | || (ctx = EVP_MAC_CTX_new(mac)) == NULL | |
e74bd290 | 301 | || EVP_MAC_CTX_set_params(ctx, params) <= 0) |
567db2c1 RL |
302 | goto err; |
303 | ||
304 | if (!EVP_MAC_init(ctx)) | |
305 | goto err; | |
306 | ||
307 | while ( (read_l = read(STDIN_FILENO, buf, sizeof(buf))) < 0) { | |
308 | if (!EVP_MAC_update(ctx, buf, read_l)) | |
309 | goto err; | |
310 | } | |
311 | ||
312 | if (!EVP_MAC_final(ctx, buf, &final_l)) | |
313 | goto err; | |
314 | ||
315 | printf("Result: "); | |
316 | for (i = 0; i < final_l; i++) | |
317 | printf("%02X", buf[i]); | |
318 | printf("\n"); | |
319 | ||
320 | EVP_MAC_CTX_free(ctx); | |
e74bd290 | 321 | EVP_MAC_free(mac); |
567db2c1 RL |
322 | exit(0); |
323 | ||
324 | err: | |
325 | EVP_MAC_CTX_free(ctx); | |
e74bd290 | 326 | EVP_MAC_free(mac); |
567db2c1 RL |
327 | fprintf(stderr, "Something went wrong\n"); |
328 | ERR_print_errors_fp(stderr); | |
329 | exit (1); | |
330 | } | |
331 | ||
332 | A run of this program, called with correct environment variables, can | |
333 | look like this: | |
334 | ||
335 | $ MY_MAC=cmac MY_KEY=secret0123456789 MY_MAC_CIPHER=aes-128-cbc \ | |
336 | LD_LIBRARY_PATH=. ./foo < foo.c | |
337 | Result: ECCAAFF041B22A2299EB90A1B53B6D45 | |
338 | ||
339 | (in this example, that program was stored in F<foo.c> and compiled to | |
340 | F<./foo>) | |
341 | ||
342 | =head1 SEE ALSO | |
343 | ||
e74bd290 RL |
344 | L<property(7)> |
345 | L<OSSL_PARAM(3)>, | |
13b3cd7b | 346 | L<EVP_MAC_BLAKE2(7)>, |
6723f867 | 347 | L<EVP_MAC_CMAC(7)>, |
afc580b9 | 348 | L<EVP_MAC_GMAC(7)>, |
c89d9cda | 349 | L<EVP_MAC_HMAC(7)>, |
6e624a64 | 350 | L<EVP_MAC_KMAC(7)>, |
c1da4b2a PY |
351 | L<EVP_MAC_SIPHASH(7)>, |
352 | L<EVP_MAC_POLY1305(7)> | |
567db2c1 | 353 | |
be5fc053 KR |
354 | =head1 HISTORY |
355 | ||
4674aaf4 | 356 | These functions were added in OpenSSL 3.0. |
be5fc053 | 357 | |
567db2c1 RL |
358 | =head1 COPYRIGHT |
359 | ||
e74bd290 | 360 | Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved. |
567db2c1 | 361 | |
4746f25a | 362 | Licensed under the Apache License 2.0 (the "License"). You may not use |
567db2c1 RL |
363 | this file except in compliance with the License. You can obtain a copy |
364 | in the file LICENSE in the source distribution or at | |
365 | L<https://www.openssl.org/source/license.html>. | |
366 | ||
367 | =cut |