KMAC implementation using EVP_MAC #7597
Conversation
| if (kctx->custom_len == 0) | ||
| (void)kmac_ctrl_str(kctx, "custom", ""); | ||
|
|
||
| return bytepad(out, &out_len, kmac_string, sizeof(kmac_string), |
There was a problem hiding this comment.
Do we support a sequence like:
init()
init()
update()
final()
where the effects of the first init are ignored?
I don't see why we should and if that assumption is correct, the code is here if fine.
There was a problem hiding this comment.
Hmm this should probably be made to work.. So I will cache md and not do the digestInit to the kmac_init().
slontis
force-pushed
the
new-kmac
branch
2 times, most recently
from
a458bad
to
2beca10
Compare
slontis
force-pushed
the
new-kmac
branch
2 times, most recently
from
b2ea98f
to
b369a18
Compare
crypto/kmac/kmac.c
Outdated
|
|
||
| switch (cmd) { | ||
| case EVP_MAC_CTRL_SET_XOF: | ||
| kctx->xof_mode = va_arg(args, size_t); |
There was a problem hiding this comment.
The documentation claims the type should be unsigned long not size_t.
doc/man7/EVP_MAC_KMAC.pod
Outdated
|
|
||
| EVP_MAC_ctrl_str() type string: "xof" | ||
|
|
||
| The value string is expected to be an unsigned long. Use 1 to enable XOF mode. |
There was a problem hiding this comment.
This type doesn't match the code (in two different ways). How about using an int?
paulidale
added
approval: review pending
crypto/kmac/kmac.c
Outdated
| * right_encoded(requested output length). | ||
|
|
||
| * All other Ctrl functions should be set before init(). | ||
| * EVP_MAC_CTRL_SET_MD must be set before EVP_MAC_CTRL_SET_KEY. |
crypto/kmac/kmac.c
Outdated
| /* | ||
| * The following Ctrl functions can be set any time before final(): | ||
| * - EVP_MAC_CTRL_SET_SIZE: The requested output length. | ||
| * - EVP_MAC_CTRL_SET_XOF_MODE: If set, this indicates that |
include/openssl/evp.h
Outdated
| @@ -1027,6 +1030,9 @@ void EVP_MAC_do_all_sorted(void (*fn) | |||
| # define EVP_MAC_CTRL_SET_CIPHER 0x05 /* EVP_CIPHER * */ | |||
| # define EVP_MAC_CTRL_SET_SIZE 0x06 /* size_t */ | |||
| # define EVP_MAC_CTRL_SET_IV 0x07 /* unsigned char *, size_t */ | |||
| # define EVP_MAC_CTRL_SET_CUSTOM 0x08 /* unsigned char *, size_t */ | |||
| # define EVP_MAC_CTRL_SET_XOF 0x09 /* unsigned long */ | |||
|
|
|||
doc/man7/EVP_MAC_KMAC.pod
Outdated
|
|
||
| =item B<EVP_MAC_CTRL_SET_KEY> | ||
|
|
||
| This can only be used after B<EVP_MAC_CTRL_SET_MD> has been set. |
There was a problem hiding this comment.
Also, you should probably specify that this can't be called after EVP_MAC_init
|
|
||
| =back | ||
|
|
||
| =item B<EVP_MAC_CTRL_SET_CUSTOM> |
There was a problem hiding this comment.
You should probably specify that this can't be called after EVP_MAC_init
doc/man7/EVP_MAC_KMAC.pod
Outdated
| EVP_MAC_ctrl_str() type string: "outlen" | ||
|
|
||
| The value string is expected to contain a decimal number. This can be used to | ||
| override the default value that is specified by the digest. |
There was a problem hiding this comment.
This probably needs to be rephrased, since you don't set the MD any more.
doc/man3/EVP_MAC.pod
Outdated
|
|
||
| =item B<EVP_MAC_CTRL_SET_XOF> | ||
|
|
||
| This control expects one argument: C<unsigned long flags> |
include/openssl/evp.h
Outdated
| @@ -1027,6 +1030,9 @@ void EVP_MAC_do_all_sorted(void (*fn) | |||
| # define EVP_MAC_CTRL_SET_CIPHER 0x05 /* EVP_CIPHER * */ | |||
| # define EVP_MAC_CTRL_SET_SIZE 0x06 /* size_t */ | |||
| # define EVP_MAC_CTRL_SET_IV 0x07 /* unsigned char *, size_t */ | |||
| # define EVP_MAC_CTRL_SET_CUSTOM 0x08 /* unsigned char *, size_t */ | |||
| # define EVP_MAC_CTRL_SET_XOF 0x09 /* unsigned long */ | |||
There was a problem hiding this comment.
should all be updated now.
|
Could a test case with |
levitte
added
approval: done
|
Merged to master. Thanks for the patience everyone. |
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from #7597)
Checklist