The branch master has been updated
via eb1b66f00ca4e1fb6f9e815e8686768b6d81722d (commit)
via 36b6db08fe3dbb58ba2a45a6170f21b5149dfe26 (commit)
via edc9ce8ef42308c316452875a17578744ed94556 (commit)
from 2abffec0f02ef400ca434890f5baf08fc24dd7ca (commit)
- Log -----------------------------------------------------------------
commit eb1b66f00ca4e1fb6f9e815e8686768b6d81722d
Author: Pauli <pa...@openssl.org>
Date: Mon May 24 14:22:17 2021 +1000
mac: add a getter for the MAC block size.
Fixes #12342
Reviewed-by: Richard Levitte <levi...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15427)
commit 36b6db08fe3dbb58ba2a45a6170f21b5149dfe26
Author: Pauli <pa...@openssl.org>
Date: Mon May 24 14:16:44 2021 +1000
test: add evp_tests for the MAC size and block size
Reviewed-by: Richard Levitte <levi...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15427)
commit edc9ce8ef42308c316452875a17578744ed94556
Author: Pauli <pa...@openssl.org>
Date: Mon May 24 14:15:41 2021 +1000
doc: document the MAC block size getter
Reviewed-by: Richard Levitte <levi...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15427)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/mac_lib.c | 14 ++++++--
doc/man3/EVP_MAC.pod | 13 +++++--
doc/man7/EVP_MAC-BLAKE2.pod | 7 ++++
doc/man7/EVP_MAC-CMAC.pod | 13 +++++--
doc/man7/EVP_MAC-HMAC.pod | 13 +++++--
doc/man7/EVP_MAC-KMAC.pod | 8 +++++
doc/man7/provider-mac.pod | 8 +++++
include/openssl/core_names.h | 1 +
include/openssl/evp.h | 1 +
providers/implementations/macs/blake2_mac_impl.c | 10 ++++--
providers/implementations/macs/blake2b_mac.c | 1 +
providers/implementations/macs/blake2s_mac.c | 1 +
providers/implementations/macs/cmac_prov.c | 10 ++++--
providers/implementations/macs/hmac_prov.c | 24 ++++++++++---
providers/implementations/macs/kmac_prov.c | 21 ++++++-----
test/evp_test.c | 44 ++++++++++++++++++++++--
test/recipes/30-test_evp_data/evpmac_blake.txt | 8 +++++
test/recipes/30-test_evp_data/evpmac_common.txt | 28 +++++++++++++++
util/libcrypto.num | 1 +
19 files changed, 197 insertions(+), 29 deletions(-)
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index eef37e882c..9356595efd 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -82,14 +82,14 @@ EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx)
return ctx->meth;
}
-size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
+static size_t get_size_t_ctx_param(EVP_MAC_CTX *ctx, const char *name)
{
size_t sz = 0;
if (ctx->algctx != NULL) {
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &sz);
+ params[0] = OSSL_PARAM_construct_size_t(name, &sz);
if (ctx->meth->get_ctx_params != NULL) {
if (ctx->meth->get_ctx_params(ctx->algctx, params))
return sz;
@@ -105,6 +105,16 @@ size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
return 0;
}
+size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
+{
+ return get_size_t_ctx_param(ctx, OSSL_MAC_PARAM_SIZE);
+}
+
+size_t EVP_MAC_CTX_get_block_size(EVP_MAC_CTX *ctx)
+{
+ return get_size_t_ctx_param(ctx, OSSL_MAC_PARAM_BLOCK_SIZE);
+}
+
int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
const OSSL_PARAM params[])
{
diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index d053375dcf..0fc34009ec 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -7,7 +7,7 @@ EVP_MAC_number, EVP_MAC_name, EVP_MAC_names_do_all,
EVP_MAC_description,
EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
-EVP_MAC_CTX_get_mac_size, EVP_Q_mac,
+EVP_MAC_CTX_get_mac_size, EVP_MAC_CTX_get_block_size, EVP_Q_mac,
EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, EVP_MAC_finalXOF,
EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
EVP_MAC_CTX_gettable_params, EVP_MAC_CTX_settable_params,
@@ -42,6 +42,7 @@ EVP_MAC_do_all_provided - EVP MAC routines
int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx);
+ size_t EVP_MAC_CTX_get_block_size(EVP_MAC_CTX *ctx);
unsigned char *EVP_Q_mac(OSSL_LIB_CTX *libctx, const char *name, const char
*propq,
const char *subalg, const OSSL_PARAM *params,
const void *key, size_t keylen,
@@ -212,6 +213,9 @@ for the use of B<OSSL_PARAM> as a parameter descriptor.
EVP_MAC_CTX_get_mac_size() returns the MAC output size for the given context.
+EVP_MAC_CTX_get_block_size() returns the MAC block size for the given context.
+Not all MAC algorithms support this.
+
EVP_MAC_is_a() checks if the given I<mac> is an implementation of an
algorithm that's identifiable with I<name>.
@@ -378,8 +382,11 @@ EVP_Q_mac() returns a pointer to the computed MAC value,
or NULL on error.
EVP_MAC_init(), EVP_MAC_update(), EVP_MAC_final(), and EVP_MAC_finalXOF()
return 1 on success, 0 on error.
-EVP_MAC_CTX_get_mac_size() returns the expected output size, or 0 if it isn't
set.
-If it isn't set, a call to EVP_MAC_init() should get it set.
+EVP_MAC_CTX_get_mac_size() returns the expected output size, or 0 if it isn't
+set. If it isn't set, a call to EVP_MAC_init() will set it.
+
+EVP_MAC_CTX_get_block_size() returns the block size, or 0 if it isn't set.
+If it isn't set, a call to EVP_MAC_init() will set it.
EVP_MAC_do_all_provided() returns nothing at all.
diff --git a/doc/man7/EVP_MAC-BLAKE2.pod b/doc/man7/EVP_MAC-BLAKE2.pod
index 809a29a0fe..5557e15353 100644
--- a/doc/man7/EVP_MAC-BLAKE2.pod
+++ b/doc/man7/EVP_MAC-BLAKE2.pod
@@ -31,6 +31,8 @@ All these parameters can be set with EVP_MAC_CTX_set_params().
Furthermore, the "size" parameter can be retrieved with
EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_mac_size().
The length of the "size" parameter should not exceed that of a B<size_t>.
+Likewise, the "block-size" parameter can be retrieved with
+EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_block_size().
=over 4
@@ -60,6 +62,11 @@ It can be any number between 1 and 32 for EVP_MAC_BLAKE2S or
between 1
and 64 for EVP_MAC_BLAKE2B.
It is 32 and 64 respectively by default.
+=item "block-size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
+
+Gets the MAC block size.
+By default, it is 64 for EVP_MAC_BLAKE2S and 128 for EVP_MAC_BLAKE2B.
+
=back
=head1 SEE ALSO
diff --git a/doc/man7/EVP_MAC-CMAC.pod b/doc/man7/EVP_MAC-CMAC.pod
index 4beac89d9c..cf80586f02 100644
--- a/doc/man7/EVP_MAC-CMAC.pod
+++ b/doc/man7/EVP_MAC-CMAC.pod
@@ -55,11 +55,20 @@ EVP_MAC_CTX_get_params():
=item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
-=back
-
The "size" parameter can also be retrieved with with
EVP_MAC_CTX_get_mac_size().
The length of the "size" parameter is equal to that of an B<unsigned int>.
+=back
+
+=over 4
+
+=item "block-size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
+
+Gets the MAC block size. The "block-size" parameter can also be retrieved with
+EVP_MAC_CTX_get_block_size().
+
+=back
+
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
diff --git a/doc/man7/EVP_MAC-HMAC.pod b/doc/man7/EVP_MAC-HMAC.pod
index 790f01f094..ea2eda9ec8 100644
--- a/doc/man7/EVP_MAC-HMAC.pod
+++ b/doc/man7/EVP_MAC-HMAC.pod
@@ -69,11 +69,20 @@ The following parameter can be retrieved with
EVP_MAC_CTX_get_params():
=item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
-=back
-
The "size" parameter can also be retrieved with EVP_MAC_CTX_get_mac_size().
The length of the "size" parameter is equal to that of an B<unsigned int>.
+=back
+
+=over 4
+
+=item "block-size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
+
+Gets the MAC block size. The "block-size" parameter can also be retrieved with
+EVP_MAC_CTX_get_block_size().
+
+=back
+
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
diff --git a/doc/man7/EVP_MAC-KMAC.pod b/doc/man7/EVP_MAC-KMAC.pod
index 85986d5449..0197a4b3c1 100644
--- a/doc/man7/EVP_MAC-KMAC.pod
+++ b/doc/man7/EVP_MAC-KMAC.pod
@@ -31,6 +31,9 @@ All these parameters can be set with EVP_MAC_CTX_set_params().
Furthermore, the "size" parameter can be retrieved with
EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_mac_size().
The length of the "size" parameter should not exceed that of a B<size_t>.
+Likewise, the "block-size" parameter can be retrieved with
+EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_block_size().
+
=over 4
@@ -49,6 +52,11 @@ It is an optional value of at most 256 bytes, and is empty
by default.
Sets the MAC size.
By default, it is 16 for C<KMAC-128> and 32 for C<KMAC-256>.
+=item "block-size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
+
+Gets the MAC block size.
+By default, it is 168 for C<KMAC-128> and 136 for C<KMAC-256>.
+
=item "xof" (B<OSSL_MAC_PARAM_XOF>) <integer>
The "xof" parameter value is expected to be 1 or 0. Use 1 to enable XOF mode.
diff --git a/doc/man7/provider-mac.pod b/doc/man7/provider-mac.pod
index 3d49e4f412..7ebe72f07d 100644
--- a/doc/man7/provider-mac.pod
+++ b/doc/man7/provider-mac.pod
@@ -183,6 +183,14 @@ should have as well, see the documentation of the
implementation.
=back
+=over 4
+
+=item "size" (B<OSSL_MAC_PARAM_BLOCK_SIZE>) <integer>
+
+Can be used to get the MAC block size (if supported by the algorithm).
+
+=back
+
=back
=head1 NOTES
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 36d9489e90..003c5c6bb0 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -169,6 +169,7 @@ extern "C" {
#define OSSL_MAC_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST /* utf8
string */
#define OSSL_MAC_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES /* utf8
string */
#define OSSL_MAC_PARAM_SIZE "size" /* size_t */
+#define OSSL_MAC_PARAM_BLOCK_SIZE "block-size" /* size_t */
#define OSSL_MAC_PARAM_TLS_DATA_SIZE "tls-data-size" /* size_t */
/* Known MAC names */
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index a793db6e0e..ee918104a8 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1179,6 +1179,7 @@ int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM
params[]);
int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx);
+size_t EVP_MAC_CTX_get_block_size(EVP_MAC_CTX *ctx);
unsigned char *EVP_Q_mac(OSSL_LIB_CTX *libctx, const char *name, const char
*propq,
const char *subalg, const OSSL_PARAM *params,
const void *key, size_t keylen,
diff --git a/providers/implementations/macs/blake2_mac_impl.c
b/providers/implementations/macs/blake2_mac_impl.c
index e1ffa04bfd..3c6b0c2c0c 100644
--- a/providers/implementations/macs/blake2_mac_impl.c
+++ b/providers/implementations/macs/blake2_mac_impl.c
@@ -146,6 +146,7 @@ static int blake2_mac_final(void *vmacctx,
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
+ OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *blake2_gettable_ctx_params(ossl_unused void *ctx,
@@ -158,8 +159,13 @@ static int blake2_get_ctx_params(void *vmacctx, OSSL_PARAM
params[])
{
OSSL_PARAM *p;
- if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
- return OSSL_PARAM_set_size_t(p, blake2_mac_size(vmacctx));
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, blake2_mac_size(vmacctx)))
+ return 0;
+
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, BLAKE2_BLOCKBYTES))
+ return 0;
return 1;
}
diff --git a/providers/implementations/macs/blake2b_mac.c
b/providers/implementations/macs/blake2b_mac.c
index 0bc5b1c275..b445cbd578 100644
--- a/providers/implementations/macs/blake2b_mac.c
+++ b/providers/implementations/macs/blake2b_mac.c
@@ -14,6 +14,7 @@
#define BLAKE2_OUTBYTES BLAKE2B_OUTBYTES
#define BLAKE2_PERSONALBYTES BLAKE2B_PERSONALBYTES
#define BLAKE2_SALTBYTES BLAKE2B_SALTBYTES
+#define BLAKE2_BLOCKBYTES BLAKE2B_BLOCKBYTES
/* Function names */
#define BLAKE2_PARAM_INIT ossl_blake2b_param_init
diff --git a/providers/implementations/macs/blake2s_mac.c
b/providers/implementations/macs/blake2s_mac.c
index cb500e29ab..6b3fa28bd3 100644
--- a/providers/implementations/macs/blake2s_mac.c
+++ b/providers/implementations/macs/blake2s_mac.c
@@ -14,6 +14,7 @@
#define BLAKE2_OUTBYTES BLAKE2S_OUTBYTES
#define BLAKE2_PERSONALBYTES BLAKE2S_PERSONALBYTES
#define BLAKE2_SALTBYTES BLAKE2S_SALTBYTES
+#define BLAKE2_BLOCKBYTES BLAKE2S_BLOCKBYTES
/* Function names */
#define BLAKE2_PARAM_INIT ossl_blake2s_param_init
diff --git a/providers/implementations/macs/cmac_prov.c
b/providers/implementations/macs/cmac_prov.c
index 0795c245a7..85625c8681 100644
--- a/providers/implementations/macs/cmac_prov.c
+++ b/providers/implementations/macs/cmac_prov.c
@@ -145,6 +145,7 @@ static int cmac_final(void *vmacctx, unsigned char *out,
size_t *outl,
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
+ OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *cmac_gettable_ctx_params(ossl_unused void *ctx,
@@ -157,8 +158,13 @@ static int cmac_get_ctx_params(void *vmacctx, OSSL_PARAM
params[])
{
OSSL_PARAM *p;
- if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
- return OSSL_PARAM_set_size_t(p, cmac_size(vmacctx));
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx)))
+ return 0;
+
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, cmac_size(vmacctx)))
+ return 0;
return 1;
}
diff --git a/providers/implementations/macs/hmac_prov.c
b/providers/implementations/macs/hmac_prov.c
index f291e574ca..3a0679ce8f 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -134,13 +134,20 @@ static void *hmac_dup(void *vsrc)
return dst;
}
-static size_t hmac_size(void *vmacctx)
+static size_t hmac_size(struct hmac_data_st *macctx)
{
- struct hmac_data_st *macctx = vmacctx;
-
return HMAC_size(macctx->ctx);
}
+static int hmac_block_size(struct hmac_data_st *macctx)
+{
+ const EVP_MD *md = ossl_prov_digest_md(&macctx->digest);
+
+ if (md == NULL)
+ return 0;
+ return EVP_MD_block_size(md);
+}
+
static int hmac_setkey(struct hmac_data_st *macctx,
const unsigned char *key, size_t keylen)
{
@@ -234,6 +241,7 @@ static int hmac_final(void *vmacctx, unsigned char *out,
size_t *outl,
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
+ OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *hmac_gettable_ctx_params(ossl_unused void *ctx,
@@ -244,10 +252,16 @@ static const OSSL_PARAM
*hmac_gettable_ctx_params(ossl_unused void *ctx,
static int hmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
+ struct hmac_data_st *macctx = vmacctx;
OSSL_PARAM *p;
- if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
- return OSSL_PARAM_set_size_t(p, hmac_size(vmacctx));
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, hmac_size(macctx)))
+ return 0;
+
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL
+ && !OSSL_PARAM_set_int(p, hmac_block_size(macctx)))
+ return 0;
return 1;
}
diff --git a/providers/implementations/macs/kmac_prov.c
b/providers/implementations/macs/kmac_prov.c
index c95cf57ffb..4ee57ca1c2 100644
--- a/providers/implementations/macs/kmac_prov.c
+++ b/providers/implementations/macs/kmac_prov.c
@@ -239,13 +239,6 @@ static void *kmac_dup(void *vsrc)
return dst;
}
-static size_t kmac_size(void *vmacctx)
-{
- struct kmac_data_st *kctx = vmacctx;
-
- return kctx->out_len;
-}
-
static int kmac_setkey(struct kmac_data_st *kctx, const unsigned char *key,
size_t keylen)
{
@@ -361,6 +354,7 @@ static int kmac_final(void *vmacctx, unsigned char *out,
size_t *outl,
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
+ OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL),
OSSL_PARAM_END
};
static const OSSL_PARAM *kmac_gettable_ctx_params(ossl_unused void *ctx,
@@ -371,10 +365,19 @@ static const OSSL_PARAM
*kmac_gettable_ctx_params(ossl_unused void *ctx,
static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
+ struct kmac_data_st *kctx = vmacctx;
OSSL_PARAM *p;
+ int sz;
+
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, kctx->out_len))
+ return 0;
- if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
- return OSSL_PARAM_set_size_t(p, kmac_size(vmacctx));
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL) {
+ sz = EVP_MD_block_size(ossl_prov_digest_md(&kctx->digest));
+ if (!OSSL_PARAM_set_int(p, sz))
+ return 0;
+ }
return 1;
}
diff --git a/test/evp_test.c b/test/evp_test.c
index abb0485459..bf4777eb56 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1033,6 +1033,10 @@ typedef struct mac_data_st {
int xof;
/* Collection of controls */
STACK_OF(OPENSSL_STRING) *controls;
+ /* Output size */
+ int output_size;
+ /* Block size */
+ int block_size;
} MAC_DATA;
static int mac_test_init(EVP_TEST *t, const char *alg)
@@ -1076,6 +1080,7 @@ static int mac_test_init(EVP_TEST *t, const char *alg)
mdat->mac_name = OPENSSL_strdup(alg);
mdat->mac = mac;
mdat->controls = sk_OPENSSL_STRING_new_null();
+ mdat->output_size = mdat->block_size = -1;
t->data = mdat;
return 1;
}
@@ -1130,6 +1135,18 @@ static int mac_test_parse(EVP_TEST *t,
if (strcmp(keyword, "Ctrl") == 0)
return sk_OPENSSL_STRING_push(mdata->controls,
OPENSSL_strdup(value)) != 0;
+ if (strcmp(keyword, "OutputSize") == 0) {
+ mdata->output_size = atoi(value);
+ if (mdata->output_size < 0)
+ return -1;
+ return 1;
+ }
+ if (strcmp(keyword, "BlockSize") == 0) {
+ mdata->block_size = atoi(value);
+ if (mdata->block_size < 0)
+ return -1;
+ return 1;
+ }
return 0;
}
@@ -1271,8 +1288,8 @@ static int mac_test_run_mac(EVP_TEST *t)
EVP_MAC_CTX *ctx = NULL;
unsigned char *got = NULL;
size_t got_len;
- int i;
- OSSL_PARAM params[21];
+ int i, block_size = -1, output_size = -1;
+ OSSL_PARAM params[21], sizes[3], *psizes = sizes;
size_t params_n = 0;
size_t params_n_allocstart = 0;
const OSSL_PARAM *defined_params =
@@ -1364,6 +1381,29 @@ static int mac_test_run_mac(EVP_TEST *t)
t->err = "MAC_INIT_ERROR";
goto err;
}
+ if (expected->output_size >= 0)
+ *psizes++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_SIZE,
+ &output_size);
+ if (expected->block_size >= 0)
+ *psizes++ = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_BLOCK_SIZE,
+ &block_size);
+ if (psizes != sizes) {
+ *psizes = OSSL_PARAM_construct_end();
+ if (!TEST_true(EVP_MAC_CTX_get_params(ctx, sizes))) {
+ t->err = "INTERNAL_ERROR";
+ goto err;
+ }
+ if (expected->output_size >= 0
+ && !TEST_int_eq(output_size, expected->output_size)) {
+ t->err = "TEST_FAILURE";
+ goto err;
+ }
+ if (expected->block_size >= 0
+ && !TEST_int_eq(block_size, expected->block_size)) {
+ t->err = "TEST_FAILURE";
+ goto err;
+ }
+ }
if (!EVP_MAC_update(ctx, expected->input, expected->input_len)) {
t->err = "MAC_UPDATE_ERROR";
goto err;
diff --git a/test/recipes/30-test_evp_data/evpmac_blake.txt
b/test/recipes/30-test_evp_data/evpmac_blake.txt
index cd9a75e82e..13cb22fff3 100644
--- a/test/recipes/30-test_evp_data/evpmac_blake.txt
+++ b/test/recipes/30-test_evp_data/evpmac_blake.txt
@@ -17,16 +17,20 @@ MAC = BLAKE2BMAC
Key =
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
Input =
Output =
10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568
+OutputSize = 64
+BlockSize = 128
MAC = BLAKE2BMAC
Key =
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
Input = 00
Output =
961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd
+BlockSize = 128
MAC = BLAKE2BMAC
Key =
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
Input = 0001
Output =
da2cfbe2d8409a0f38026113884f84b50156371ae304c4430173d08a99d9fb1b983164a3770706d537f49e0c916d9f32b95cc37a95b99d857436f0232c88a965
+OutputSize = 64
MAC = BLAKE2BMAC
Key =
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
@@ -77,16 +81,20 @@ MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Input =
Output = 48a8997da407876b3d79c0d92325ad3b89cbb754d86ab71aee047ad345fd2c49
+OutputSize = 32
+BlockSize = 64
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Input = 00
Output = 40d15fee7c328830166ac3f918650f807e7e01e177258cdc0a39b11f598066f1
+BlockSize = 64
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Input = 0001
Output = 6bb71300644cd3991b26ccd4d274acd1adeab8b1d7914546c1198bbe9fc9d803
+OutputSize = 32
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
diff --git a/test/recipes/30-test_evp_data/evpmac_common.txt
b/test/recipes/30-test_evp_data/evpmac_common.txt
index 0229659807..e2fbfac414 100644
--- a/test/recipes/30-test_evp_data/evpmac_common.txt
+++ b/test/recipes/30-test_evp_data/evpmac_common.txt
@@ -20,6 +20,8 @@ Algorithm = MD5
Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
Input = "Hi There"
Output = 9294727a3638bb1c13f48ef8158bfc9d
+OutputSize = 16
+BlockSize = 64
Availablein = default
MAC = HMAC
@@ -27,6 +29,7 @@ Algorithm = MD5
Key = "Jefe"
Input = "what do ya want for nothing?"
Output = 750c783e6ab0b503eaa86e310a5db738
+OutputSize = 16
Availablein = default
MAC = HMAC
@@ -34,6 +37,7 @@ Algorithm = MD5
Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Input =
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
Output = 56be34521d144c88dbb8c733f0e8b3f6
+BlockSize = 64
Title = SHA1
@@ -44,18 +48,22 @@ Algorithm = SHA1
Input = "Sample message for keylen=blocklen"
Key =
000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
Output = 5FD596EE78D5553C8FF4E72D266DFD192366DA29
+OutputSize = 20
+BlockSize = 64
MAC = HMAC
Algorithm = SHA1
Input = "Sample message for keylen<blocklen"
Key = 000102030405060708090A0B0C0D0E0F10111213
Output = 4C99FF0CB1B31BD33F8431DBAF4D17FCD356A807
+OutputSize = 20
MAC = HMAC
Algorithm = SHA1
Input = "Sample message for keylen=blocklen"
Key =
000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263
Output = 2D51B2F7750E410584662E38F133435F4C4FD42A
+BlockSize = 64
Title = SHA2
@@ -64,6 +72,8 @@ Algorithm = SHA224
Input = "Sample message for keylen=blocklen"
Key =
000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
Output = C7405E3AE058E8CD30B08B4140248581ED174CB34E1224BCC1EFC81B
+OutputSize = 28
+BlockSize = 64
MAC = HMAC
Algorithm = SHA224
@@ -82,6 +92,8 @@ Algorithm = SHA256
Input = "Sample message for keylen=blocklen"
Key =
000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F
Output = 8BB9A1DB9806F20DF7F77B82138C7914D174D59E13DC4D0169C9057B133E1D62
+OutputSize = 32
+BlockSize = 64
MAC = HMAC
Algorithm = SHA256
@@ -100,6 +112,8 @@ Algorithm = SHA384
Input = "Sample message for keylen=blocklen"
Key =
000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
Output =
63C5DAA5E651847CA897C95814AB830BEDEDC7D25E83EEF9195CD45857A37F448947858F5AF50CC2B1B730DDF29671A9
+OutputSize = 48
+BlockSize = 128
MAC = HMAC
Algorithm = SHA384
@@ -118,6 +132,8 @@ Algorithm = SHA512
Input = "Sample message for keylen=blocklen"
Key =
000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F
Output =
FC25E240658CA785B7A811A8D3F7B4CA48CFA26A8A366BF2CD1F836B05FCB024BD36853081811D6CEA4216EBAD79DA1CFCB95EA4586B8A0CE356596A55FB1347
+OutputSize = 64
+BlockSize = 128
MAC = HMAC
Algorithm = SHA512
@@ -140,6 +156,8 @@ Algorithm = SHA3-224
Input = "Sample message for keylen<blocklen"
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b
Output = 332cfd59347fdb8e576e77260be4aba2d6dc53117b3bfb52c6d18c04
+OutputSize = 28
+BlockSize = 144
MAC = HMAC
Algorithm = SHA3-224
@@ -158,6 +176,8 @@ Algorithm = SHA3-256
Input = "Sample message for keylen<blocklen"
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Output = 4fe8e202c4f058e8dddc23d8c34e467343e23555e24fc2f025d598f558f67205
+OutputSize = 32
+BlockSize = 136
MAC = HMAC
Algorithm = SHA3-256
@@ -176,6 +196,8 @@ Algorithm = SHA3-384
Input = "Sample message for keylen<blocklen"
Key =
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f
Output =
d588a3c51f3f2d906e8298c1199aa8ff6296218127f6b38a90b6afe2c5617725bc99987f79b22a557b6520db710b7f42
+OutputSize = 48
+BlockSize = 104
MAC = HMAC
Algorithm = SHA3-384
@@ -194,6 +216,8 @@ Algorithm = SHA3-512
Input = "Sample message for keylen<blocklen"
Key =
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f
Output =
4efd629d6c71bf86162658f29943b1c308ce27cdfa6db0d9c3ce81763f9cbce5f7ebe9868031db1a8f8eb7b6b95e5c5e3f657a8996c86a2f6527e307f0213196
+OutputSize = 64
+BlockSize = 72
MAC = HMAC
Algorithm = SHA3-512
@@ -311,6 +335,8 @@ Input = 00010203
Custom = ""
Output = E5780B0D3EA6F7D3A429C5706AA43A00FADBD7D49628839E3187243F456EE14E
Ctrl = xof:0
+OutputSize = 32
+BlockSize = 168
MAC = KMAC128
Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
@@ -330,6 +356,8 @@ Key =
404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
Input = 00010203
Custom = "My Tagged Application"
Output =
20C570C31346F703C9AC36C61C03CB64C3970D0CFC787E9B79599D273A68D2F7F69D4CC3DE9D104A351689F27CF6F5951F0103F33F4F24871024D9C27773A8DD
+OutputSize = 64
+BlockSize = 136
MAC = KMAC256
Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 0ac771216c..b20c18d782 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5414,3 +5414,4 @@ OSSL_LIB_CTX_new_from_dispatch 5541 3_0_0
EXIST::FUNCTION:
OSSL_LIB_CTX_new_child 5542 3_0_0 EXIST::FUNCTION:
OSSL_PROVIDER_get0_dispatch 5543 3_0_0 EXIST::FUNCTION:
PKCS5_PBE_keyivgen_ex 5544 3_0_0 EXIST::FUNCTION:
+EVP_MAC_CTX_get_block_size 5545 3_0_0 EXIST::FUNCTION:
