diff options
| -rw-r--r-- | crypto/crmf/crmf_pbm.c | 2 | ||||
| -rw-r--r-- | crypto/evp/mac_lib.c | 2 | ||||
| -rw-r--r-- | crypto/evp/p_lib.c | 2 | ||||
| -rw-r--r-- | crypto/evp/pkey_mac.c | 22 | ||||
| -rw-r--r-- | crypto/kdf/sskdf.c | 4 | ||||
| -rw-r--r-- | crypto/kdf/tls1_prf.c | 2 | ||||
| -rw-r--r-- | crypto/modes/siv128.c | 2 | ||||
| -rw-r--r-- | doc/man7/provider-mac.pod | 25 | ||||
| -rw-r--r-- | include/openssl/core_names.h | 13 | ||||
| -rw-r--r-- | providers/common/macs/cmac_prov.c | 12 | ||||
| -rw-r--r-- | providers/common/macs/gmac_prov.c | 14 | ||||
| -rw-r--r-- | providers/common/macs/hmac_prov.c | 12 | ||||
| -rw-r--r-- | providers/common/macs/kmac_prov.c | 13 | ||||
| -rw-r--r-- | providers/default/macs/blake2_mac_impl.c | 11 | ||||
| -rw-r--r-- | providers/default/macs/poly1305_prov.c | 6 | ||||
| -rw-r--r-- | providers/default/macs/siphash_prov.c | 18 | ||||
| -rw-r--r-- | test/evp_test.c | 28 | ||||
| -rw-r--r-- | test/recipes/30-test_evp_data/evpmac.txt | 32 |
18 files changed, 98 insertions, 122 deletions
diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c index 40c12dd32a..aef676f252 100644 --- a/crypto/crmf/crmf_pbm.c +++ b/crypto/crmf/crmf_pbm.c @@ -207,7 +207,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, } macparams[0] = - OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, (char *)mdname, strlen(mdname) + 1); macparams[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, basekey, bklen); diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index a416687577..cf704ba4fc 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -89,7 +89,7 @@ size_t EVP_MAC_size(EVP_MAC_CTX *ctx) if (ctx->data != NULL) { OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, &sz); + params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &sz); if (ctx->meth->get_ctx_params != NULL) { if (ctx->meth->get_ctx_params(ctx->data, params)) return sz; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index bc573d0208..ead1d4ffd3 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -345,7 +345,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, (char *)engine_name, strlen(engine_name) + 1); params[paramsn++] = - OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, (char *)cipher_name, strlen(cipher_name) + 1); params[paramsn++] = diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c index 07421183ea..3750220416 100644 --- a/crypto/evp/pkey_mac.c +++ b/crypto/evp/pkey_mac.c @@ -281,7 +281,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) engineid, strlen(engineid) + 1); params[params_n++] = - OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, ciphname, strlen(ciphname) + 1); params[params_n] = OSSL_PARAM_construct_end(); @@ -336,13 +336,13 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) */ params[0] = - OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, &size); + OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &size); if (!EVP_MAC_CTX_set_params(hctx->ctx, params)) return 0; params[0] = - OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, &verify); + OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &verify); if (!EVP_MAC_CTX_get_params(hctx->ctx, params)) return 0; @@ -407,7 +407,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) engineid_l); } params[params_n++] = - OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, mdname, strlen(mdname) + 1); params[params_n++] = @@ -441,6 +441,20 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx, OSSL_PARAM params[2]; int ok = 0; + /* + * Translation of some control names that are equivalent to a single + * parameter name. + * + * "md" and "digest" are the same thing, we use the single "digest" + * + * "digestsize" was a setting control in siphash, but naming wise, + * it's really the same as "size". + */ + if (strcmp(type, "md") == 0) + type = OSSL_MAC_PARAM_DIGEST; + else if (strcmp(type, "digestsize") == 0) + type = OSSL_MAC_PARAM_SIZE; + if (!OSSL_PARAM_allocate_from_text(¶ms[0], EVP_MAC_CTX_settable_params(mac), type, value, strlen(value) + 1)) diff --git a/crypto/kdf/sskdf.c b/crypto/kdf/sskdf.c index a4a9abff5a..916a06e5a1 100644 --- a/crypto/kdf/sskdf.c +++ b/crypto/kdf/sskdf.c @@ -168,7 +168,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, || kmac_out_len == 64)) return 0; - params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, + params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &kmac_out_len); if (EVP_MAC_CTX_set_params(ctx, params) <= 0) @@ -222,7 +222,7 @@ static int SSKDF_mac_kdm(EVP_MAC *kdf_mac, const EVP_MD *hmac_md, if (hmac_md != NULL) { const char *mdname = EVP_MD_name(hmac_md); params[params_n++] = - OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, (char *)mdname, strlen(mdname) + 1); } diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c index b53c417737..f5d2314681 100644 --- a/crypto/kdf/tls1_prf.c +++ b/crypto/kdf/tls1_prf.c @@ -251,7 +251,7 @@ static int tls1_prf_P_hash(const EVP_MD *md, /* TODO(3.0) rethink "flags", also see hmac.c in providers */ mac_flags = EVP_MD_CTX_FLAG_NON_FIPS_ALLOW; params[0] = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_FLAGS, &mac_flags); - params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, (char *)mdname, strlen(mdname) + 1); params[2] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, diff --git a/crypto/modes/siv128.c b/crypto/modes/siv128.c index 626d2f37ec..de6a3b853f 100644 --- a/crypto/modes/siv128.c +++ b/crypto/modes/siv128.c @@ -172,7 +172,7 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen, OSSL_PARAM params[3]; const char *cbc_name = EVP_CIPHER_name(cbc); - params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, (char *)cbc_name, strlen(cbc_name) + 1); params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, diff --git a/doc/man7/provider-mac.pod b/doc/man7/provider-mac.pod index 455231172f..14fb3afb67 100644 --- a/doc/man7/provider-mac.pod +++ b/doc/man7/provider-mac.pod @@ -178,21 +178,12 @@ Gets flags associated with the MAC. =for comment We need to investigate if this is the right approach -=item B<OSSL_MAC_PARAM_ALGORITHM> (utf8 string) - -Sets the name of the underlying algorithm to be used. -It must name a suitable algorithm for the MAC that's being used. - -=item B<OSSL_MAC_PARAM_MD> (utf8 string) +=item B<OSSL_MAC_PARAM_CIPHER> (utf8 string) =item B<OSSL_MAC_PARAM_DIGEST> (utf8 string) -=item B<OSSL_MAC_PARAM_CIPHER> (utf8 string) - -These have the same meaning as B<OSSL_MAC_PARAM_ALGORITHM>, but specify -the expected operation for the underlying algorithm. -These are regarded as antiquated, but are kept for easier transition from -legacy MAC implementations. +Sets the name of the underlying cipher or digest to be used. +It must name a suitable algorithm for the MAC that's being used. =item B<OSSL_MAC_PARAM_ENGINE> (utf8 string) @@ -212,13 +203,11 @@ and engine, or a built in legacy function depends on what is available. =item B<OSSL_MAC_PARAM_SIZE> (int) -=item B<OSSL_MAC_PARAM_DIGESTSIZE> (int) - -=item B<OSSL_MAC_PARAM_OUTLEN> (int) +Can be used to get the resulting MAC size. -All three names are considered the same. -B<OSSL_MAC_PARAM_SIZE> and B<OSSL_MAC_PARAM_DIGESTSIZE> are considered -antiquated, but are kept for easier transition from legacy MAC implementations. +With some MAC algorithms, it can also be used to set the size that the +resulting MAC should have. +Allowable sizes are decided within each implementation. =back diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index 76fe37ee4a..11232cb177 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -75,18 +75,15 @@ extern "C" { #define OSSL_MAC_PARAM_SALT "salt" /* octet string */ #define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */ #define OSSL_MAC_PARAM_FLAGS "flags" /* int */ -/* Note that "md" and "digest" are equivalent */ -#define OSSL_MAC_PARAM_MD "md" /* utf8 string */ -#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */ +/* + * If "engine" or "properties" are specified, they should always be paired + * with "cipher" or "digest". + */ #define OSSL_MAC_PARAM_CIPHER "cipher" /* utf8 string */ -/* Note that "algorithm" can be used instead of "md", "digest" or "cipher" */ -#define OSSL_MAC_PARAM_ALGORITHM "algorithm" /* utf8 string */ +#define OSSL_MAC_PARAM_DIGEST "digest" /* utf8 string */ #define OSSL_MAC_PARAM_ENGINE "engine" /* utf8 string */ #define OSSL_MAC_PARAM_PROPERTIES "properties" /* utf8 string */ -/* Note that "size", "digestsize" and "outlen" are equivalent */ #define OSSL_MAC_PARAM_SIZE "size" /* size_t */ -#define OSSL_MAC_PARAM_DIGESTSIZE "digestsize" /* size_t */ -#define OSSL_MAC_PARAM_OUTLEN "outlen" /* size_t */ /* Known MAC names (not a complete list) */ #define OSSL_MAC_NAME_CMAC "CMAC" diff --git a/providers/common/macs/cmac_prov.c b/providers/common/macs/cmac_prov.c index d27beeba27..64ecba2b37 100644 --- a/providers/common/macs/cmac_prov.c +++ b/providers/common/macs/cmac_prov.c @@ -140,8 +140,7 @@ static int cmac_final(void *vmacctx, unsigned char *out, size_t *outl, } static const OSSL_PARAM known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *cmac_gettable_ctx_params(void) @@ -153,16 +152,13 @@ static int cmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) { OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) + if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) return OSSL_PARAM_set_size_t(p, cmac_size(vmacctx)); return 1; } static const OSSL_PARAM known_settable_ctx_params[] = { - /* "algorithm" and "cipher" are the same parameter */ - OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ALGORITHM, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_CIPHER, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ENGINE, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0), @@ -182,9 +178,7 @@ static int cmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) struct cmac_data_st *macctx = vmacctx; const OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL - || ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_ALGORITHM)) - != NULL)) { + if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; diff --git a/providers/common/macs/gmac_prov.c b/providers/common/macs/gmac_prov.c index b7cfb0f6f5..ae0e9daba9 100644 --- a/providers/common/macs/gmac_prov.c +++ b/providers/common/macs/gmac_prov.c @@ -53,7 +53,7 @@ struct gmac_data_st { /* * Conditions for legacy EVP_CIPHER uses. */ - ENGINE *engine; /* Engine implementing the algorithm */ + ENGINE *engine; /* Engine implementing the cipher */ }; static size_t gmac_size(void); @@ -150,8 +150,7 @@ static size_t gmac_size(void) } static const OSSL_PARAM known_gettable_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *gmac_gettable_params(void) @@ -163,16 +162,13 @@ static int gmac_get_params(OSSL_PARAM params[]) { OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) + if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) return OSSL_PARAM_set_size_t(p, gmac_size()); return 1; } static const OSSL_PARAM known_settable_ctx_params[] = { - /* "algorithm" and "cipher" are the same parameter */ - OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ALGORITHM, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_CIPHER, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ENGINE, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0), @@ -194,9 +190,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) EVP_CIPHER_CTX *ctx = macctx->ctx; const OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL - || (p = OSSL_PARAM_locate_const(params, - OSSL_MAC_PARAM_ALGORITHM)) != NULL) { + if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CIPHER)) != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; diff --git a/providers/common/macs/hmac_prov.c b/providers/common/macs/hmac_prov.c index a08f23a168..e77dfe3439 100644 --- a/providers/common/macs/hmac_prov.c +++ b/providers/common/macs/hmac_prov.c @@ -151,8 +151,7 @@ static int hmac_final(void *vmacctx, unsigned char *out, size_t *outl, } static const OSSL_PARAM known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *hmac_gettable_ctx_params(void) @@ -164,16 +163,13 @@ static int hmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) { OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) + if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) return OSSL_PARAM_set_size_t(p, hmac_size(vmacctx)); return 1; } static const OSSL_PARAM known_settable_ctx_params[] = { - /* "algorithm" and "digest" are the same parameter */ - OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ALGORITHM, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_DIGEST, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_ENGINE, NULL, 0), OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_PROPERTIES, NULL, 0), @@ -194,9 +190,7 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) struct hmac_data_st *macctx = vmacctx; const OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_DIGEST)) != NULL - || (p = OSSL_PARAM_locate_const(params, - OSSL_MAC_PARAM_ALGORITHM)) != NULL) { + if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_DIGEST)) != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) return 0; diff --git a/providers/common/macs/kmac_prov.c b/providers/common/macs/kmac_prov.c index 70dad09794..b1e852ac77 100644 --- a/providers/common/macs/kmac_prov.c +++ b/providers/common/macs/kmac_prov.c @@ -311,9 +311,7 @@ static int kmac_final(void *vmacctx, unsigned char *out, size_t *outl, } static const OSSL_PARAM known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ - OSSL_PARAM_size_t(OSSL_MAC_PARAM_DIGESTSIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *kmac_gettable_ctx_params(void) @@ -325,9 +323,7 @@ static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) { OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_DIGESTSIZE)) != NULL) + if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) return OSSL_PARAM_set_size_t(p, kmac_size(vmacctx)); return 1; @@ -335,7 +331,6 @@ static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) static const OSSL_PARAM known_settable_ctx_params[] = { OSSL_PARAM_int(OSSL_MAC_PARAM_XOF, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0), OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0), @@ -363,9 +358,7 @@ static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params) if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_XOF)) != NULL && !OSSL_PARAM_get_int(p, &kctx->xof_mode)) return 0; - if (((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || - (p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) + if (((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) && !OSSL_PARAM_get_size_t(p, &kctx->out_len)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) { diff --git a/providers/default/macs/blake2_mac_impl.c b/providers/default/macs/blake2_mac_impl.c index 4ce9145daf..846e5ef57b 100644 --- a/providers/default/macs/blake2_mac_impl.c +++ b/providers/default/macs/blake2_mac_impl.c @@ -108,8 +108,7 @@ static int blake2_mac_final(void *vmacctx, } static const OSSL_PARAM known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *blake2_gettable_ctx_params(void) @@ -121,15 +120,13 @@ static int blake2_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) { OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) + if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) return OSSL_PARAM_set_size_t(p, blake2_mac_size(vmacctx)); return 1; } static const OSSL_PARAM known_settable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0), OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0), @@ -149,9 +146,7 @@ static int blake2_mac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) struct blake2_mac_data_st *macctx = vmacctx; const OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || - (p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) { + if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) { size_t size; if (!OSSL_PARAM_get_size_t(p, &size) diff --git a/providers/default/macs/poly1305_prov.c b/providers/default/macs/poly1305_prov.c index c4e02d125a..db54fbe313 100644 --- a/providers/default/macs/poly1305_prov.c +++ b/providers/default/macs/poly1305_prov.c @@ -106,8 +106,7 @@ static int poly1305_final(void *vmacctx, unsigned char *out, size_t *outl, } static const OSSL_PARAM known_gettable_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *poly1305_gettable_params(void) @@ -119,8 +118,7 @@ static int poly1305_get_params(OSSL_PARAM params[]) { OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) + if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) return OSSL_PARAM_set_size_t(p, poly1305_size()); return 1; diff --git a/providers/default/macs/siphash_prov.c b/providers/default/macs/siphash_prov.c index 3a477256d5..91b46c9e77 100644 --- a/providers/default/macs/siphash_prov.c +++ b/providers/default/macs/siphash_prov.c @@ -111,9 +111,7 @@ static int siphash_final(void *vmacctx, unsigned char *out, size_t *outl, } static const OSSL_PARAM known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ - OSSL_PARAM_size_t(OSSL_MAC_PARAM_DIGESTSIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_END }; static const OSSL_PARAM *siphash_gettable_ctx_params(void) @@ -125,18 +123,14 @@ static int siphash_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) { OSSL_PARAM *p; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL - || (p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_DIGESTSIZE)) != NULL) + if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL) return OSSL_PARAM_set_size_t(p, siphash_size(vmacctx)); return 1; } static const OSSL_PARAM known_settable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_OUTLEN, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), /* Same as "outlen" */ - OSSL_PARAM_size_t(OSSL_MAC_PARAM_DIGESTSIZE, NULL), /* Same as "outlen" */ + OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0), OSSL_PARAM_END }; @@ -150,11 +144,7 @@ static int siphash_set_params(void *vmacctx, const OSSL_PARAM *params) struct siphash_data_st *ctx = vmacctx; const OSSL_PARAM *p = NULL; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_OUTLEN)) != NULL - || ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_DIGESTSIZE)) - != NULL) - || ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) - != NULL)) { + if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) { size_t size; if (!OSSL_PARAM_get_size_t(p, &size) diff --git a/test/evp_test.c b/test/evp_test.c index 2dfa8d0318..17b9fc0dfb 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1163,11 +1163,29 @@ static int mac_test_run_mac(EVP_TEST *t) } #endif - if (expected->alg != NULL) - params[params_n++] = - OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, - expected->alg, - strlen(expected->alg) + 1); + if (expected->alg != NULL) { + /* + * The underlying algorithm may be a cipher or a digest. + * We don't know which it is, but we can ask the MAC what it + * should be and bet on that. + */ + if (OSSL_PARAM_locate_const(defined_params, + OSSL_MAC_PARAM_CIPHER) != NULL) { + params[params_n++] = + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, + expected->alg, + strlen(expected->alg) + 1); + } else if (OSSL_PARAM_locate_const(defined_params, + OSSL_MAC_PARAM_DIGEST) != NULL) { + params[params_n++] = + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, + expected->alg, + strlen(expected->alg) + 1); + } else { + t->err = "MAC_BAD_PARAMS"; + goto err; + } + } if (expected->key != NULL) params[params_n++] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, diff --git a/test/recipes/30-test_evp_data/evpmac.txt b/test/recipes/30-test_evp_data/evpmac.txt index 5b24200673..0b83cff36c 100644 --- a/test/recipes/30-test_evp_data/evpmac.txt +++ b/test/recipes/30-test_evp_data/evpmac.txt @@ -131,7 +131,7 @@ Output = 5150d1772f50834a503e069a973fbd7c # SIPHASH - default values: 2,4 rounds, explicit 8-byte mac MAC = SipHash -Ctrl = digestsize:8 +Ctrl = size:8 Key = 000102030405060708090A0B0C0D0E0F Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E Output = 724506EB4C328A95 @@ -139,7 +139,7 @@ Output = 724506EB4C328A95 # SIPHASH - default values: 2,4 rounds, explicit 16-byte mac MAC = SipHash -Ctrl = digestsize:16 +Ctrl = size:16 Key = 000102030405060708090A0B0C0D0E0F Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E Output = 5150d1772f50834a503e069a973fbd7c @@ -147,7 +147,7 @@ Output = 5150d1772f50834a503e069a973fbd7c # SIPHASH - default values: 2,4 rounds, explicit 16-byte mac (set as 0) MAC = SipHash -Ctrl = digestsize:0 +Ctrl = size:0 Key = 000102030405060708090A0B0C0D0E0F Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E Output = 5150d1772f50834a503e069a973fbd7c @@ -155,7 +155,7 @@ Output = 5150d1772f50834a503e069a973fbd7c # SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size) MAC = SipHash -Ctrl = digestsize:13 +Ctrl = size:13 Key = 000102030405060708090A0B0C0D0E0F Result = MAC_BAD_PARAMS @@ -163,7 +163,7 @@ Result = MAC_BAD_PARAMS # by EVP_PKEY this time MAC = SipHash by EVP_PKEY -Ctrl = digestsize:13 +Ctrl = size:13 Key = 000102030405060708090A0B0C0D0E0F Result = EVPPKEYCTXCTRL_ERROR @@ -324,19 +324,19 @@ Output = 233a6c732212f4813ec4c9f357e35297e59a652fd24155205f00363f7c54734ee1e8c73 MAC = BLAKE2BMAC Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f -Ctrl = outlen:128 +Ctrl = size:128 Result = MAC_BAD_PARAMS MAC = BLAKE2BMAC Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f Input = "Sample input for outlen<digest_length" -Ctrl = outlen:1 +Ctrl = size:1 Output = 2a MAC = BLAKE2BMAC Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f Input = "Sample input for outlen<digest_length" -Ctrl = outlen:32 +Ctrl = size:32 Output = 7fa43c7735fcacad9fce2b44bef37dba6501ab48c9397bedb5562a682e519793 MAC = BLAKE2BMAC @@ -344,7 +344,7 @@ Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f Input = "Combo input with outlen, custom and salt" Custom = "application" Salt = 000102030405060708090a0b0c0d0e0f -Ctrl = outlen:32 +Ctrl = size:32 Output = 51742fc491171eaf6b9459c8b93a44bbf8f44a0b4869a17fa178c8209918ad96 MAC = BLAKE2SMAC @@ -380,18 +380,18 @@ Output = e9f7704dfe5080a4aafe62a806f53ea7f98ffc24175164158f18ec5497b961f5 MAC = BLAKE2SMAC Key = 000102030405060708090a0b0c0d0e0f -Ctrl = outlen:64 +Ctrl = size:64 Result = MAC_BAD_PARAMS MAC = BLAKE2SMAC Key = 000102030405060708090a0b0c0d0e0f -Ctrl = outlen:16 +Ctrl = size:16 Input = "Sample input for outlen<digest_length" Output = a09fb3d513efc3ed58dd1264de3c59f5 MAC = BLAKE2SMAC Key = 000102030405060708090a0b0c0d0e0f -Ctrl = outlen:16 +Ctrl = size:16 Custom = "app" Salt = 0001020304050607 Input = "Combo input with outlen, custom and salt" @@ -712,7 +712,7 @@ Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7 Custom = "My Tagged Application" Output = 1F5B4E6CCA02209E0DCB5CA635B89A15E271ECC760071DFD805FAA38F9729230 -Ctrl = outlen:32 +Ctrl = size:32 MAC = KMAC256 Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F @@ -731,7 +731,7 @@ Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7 Custom = "My Tagged Application" Output = B58618F71F92E1D56C1B8C55DDD7CD188B97B4CA4D99831EB2699A837DA2E4D970FBACFDE50033AEA585F1A2708510C32D07880801BD182898FE476876FC8965 -Ctrl = outlen:64 +Ctrl = size:64 Title = KMAC XOF Tests (From NIST) @@ -754,7 +754,7 @@ Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 Custom = "My Tagged Application" Output = 47026C7CD793084AA0283C253EF658490C0DB61438B8326FE9BDDF281B83AE0F Ctrl = xof:1 -Ctrl = outlen:32 +Ctrl = size:32 MAC = KMAC256 Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F @@ -775,7 +775,7 @@ Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7 Custom = "My Tagged Application" Output = D5BE731C954ED7732846BB59DBE3A8E30F83E77A4BFF4459F2F1C2B4ECEBB8CE67BA01C62E8AB8578D2D499BD1BB276768781190020A306A97DE281DCC30305D -Ctrl = outlen:64 +Ctrl = size:64 Ctrl = xof:1 |