diff options
| author | slontis <shane.lontis@oracle.com> | 2023-07-21 07:05:38 +0200 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2023-11-10 13:27:00 +0100 |
| commit | 536649082212e7c643ab8d7bab89f620fbcd37f0 (patch) | |
| tree | d5f28d382eb86111b2d2672db4f7ab0a836bc9c5 /include/crypto/evp.h | |
| parent | cms demos: print signingTime attributes (diff) | |
| download | openssl-536649082212e7c643ab8d7bab89f620fbcd37f0.tar.xz openssl-536649082212e7c643ab8d7bab89f620fbcd37f0.zip | |
Add EVP_DigestSqueeze() API.
Fixes #7894
This allows SHAKE to squeeze multiple times with different output sizes.
The existing EVP_DigestFinalXOF() API has been left as a one shot
operation. A similar interface is used by another toolkit.
The low level SHA3_Squeeze() function needed to change slightly so
that it can handle multiple squeezes. This involves changing the
assembler code so that it passes a boolean to indicate whether
the Keccak function should be called on entry.
At the provider level, the squeeze is buffered, so that it only requests
a multiple of the blocksize when SHA3_Squeeze() is called. On the first
call the value is zero, on subsequent calls the value passed is 1.
This PR is derived from the excellent work done by @nmathewson in
https://github.com/openssl/openssl/pull/7921
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21511)
Diffstat (limited to 'include/crypto/evp.h')
| -rw-r--r-- | include/crypto/evp.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 34cea2f9f4..96133bf7f5 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -282,6 +282,7 @@ struct evp_md_st { OSSL_FUNC_digest_init_fn *dinit; OSSL_FUNC_digest_update_fn *dupdate; OSSL_FUNC_digest_final_fn *dfinal; + OSSL_FUNC_digest_squeeze_fn *dsqueeze; OSSL_FUNC_digest_digest_fn *digest; OSSL_FUNC_digest_freectx_fn *freectx; OSSL_FUNC_digest_dupctx_fn *dupctx; |