diff options
author | Antoine Salon <asalon@vmware.com> | 2018-12-20 15:20:00 -0800 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-02-06 09:18:43 +0000 |
commit | fc3c0223e8a70bfe8f8aefc98b819f7d852f3594 (patch) | |
tree | 8770ed1f8c49d947b36ec8f0f07eb9af5a960aa1 /crypto/blake2 | |
parent | 18568864169d970bcbda300e76f6fb1a1015a0d5 (diff) | |
download | openssl-fc3c0223e8a70bfe8f8aefc98b819f7d852f3594.zip openssl-fc3c0223e8a70bfe8f8aefc98b819f7d852f3594.tar.gz openssl-fc3c0223e8a70bfe8f8aefc98b819f7d852f3594.tar.bz2 |
blake2b: add support for parameter setting and keyed hash
The param block structure is used as a container for parameter values
Added blake2b keyed init
Signed-off-by: Antoine Salon <asalon@vmware.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7726)
Diffstat (limited to 'crypto/blake2')
-rw-r--r-- | crypto/blake2/blake2_locl.h | 14 | ||||
-rw-r--r-- | crypto/blake2/blake2b.c | 55 | ||||
-rw-r--r-- | crypto/blake2/m_blake2b.c | 8 |
3 files changed, 70 insertions, 7 deletions
diff --git a/crypto/blake2/blake2_locl.h b/crypto/blake2/blake2_locl.h index 33bd64b..96af325 100644 --- a/crypto/blake2/blake2_locl.h +++ b/crypto/blake2/blake2_locl.h @@ -83,10 +83,22 @@ struct blake2b_ctx_st { typedef struct blake2s_ctx_st BLAKE2S_CTX; typedef struct blake2b_ctx_st BLAKE2B_CTX; -int BLAKE2b_Init(BLAKE2B_CTX *c); +int BLAKE2b_Init(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P); +int BLAKE2b_Init_key(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P, const void *key); int BLAKE2b_Update(BLAKE2B_CTX *c, const void *data, size_t datalen); int BLAKE2b_Final(unsigned char *md, BLAKE2B_CTX *c); +/* + * These setters are internal and do not check the validity of their parameters. + * See blake2b_mac_ctrl for validation logic. + */ + +void blake2b_param_init(BLAKE2B_PARAM *P); +void blake2b_param_set_digest_length(BLAKE2B_PARAM *P, uint8_t outlen); +void blake2b_param_set_key_length(BLAKE2B_PARAM *P, uint8_t keylen); +void blake2b_param_set_personal(BLAKE2B_PARAM *P, const uint8_t *personal, size_t length); +void blake2b_param_set_salt(BLAKE2B_PARAM *P, const uint8_t *salt, size_t length); + int BLAKE2s_Init(BLAKE2S_CTX *c); int BLAKE2s_Update(BLAKE2S_CTX *c, const void *data, size_t datalen); int BLAKE2s_Final(unsigned char *md, BLAKE2S_CTX *c); diff --git a/crypto/blake2/blake2b.c b/crypto/blake2/blake2b.c index fb128e4..b5eb928 100644 --- a/crypto/blake2/blake2b.c +++ b/crypto/blake2/blake2b.c @@ -80,10 +80,9 @@ static void blake2b_init_param(BLAKE2B_CTX *S, const BLAKE2B_PARAM *P) } } -/* Initialize the hashing context. Always returns 1. */ -int BLAKE2b_Init(BLAKE2B_CTX *c) +/* Initialize the parameter block with default values */ +void blake2b_param_init(BLAKE2B_PARAM *P) { - BLAKE2B_PARAM P[1]; P->digest_length = BLAKE2B_DIGEST_LENGTH; P->key_length = 0; P->fanout = 1; @@ -95,10 +94,60 @@ int BLAKE2b_Init(BLAKE2B_CTX *c) memset(P->reserved, 0, sizeof(P->reserved)); memset(P->salt, 0, sizeof(P->salt)); memset(P->personal, 0, sizeof(P->personal)); +} + +void blake2b_param_set_digest_length(BLAKE2B_PARAM *P, uint8_t outlen) +{ + P->digest_length = outlen; +} + +void blake2b_param_set_key_length(BLAKE2B_PARAM *P, uint8_t keylen) +{ + P->key_length = keylen; +} + +void blake2b_param_set_personal(BLAKE2B_PARAM *P, const uint8_t *personal, size_t len) +{ + memcpy(P->personal, personal, len); + memset(P->personal + len, 0, BLAKE2B_PERSONALBYTES - len); +} + +void blake2b_param_set_salt(BLAKE2B_PARAM *P, const uint8_t *salt, size_t len) +{ + memcpy(P->salt, salt, len); + memset(P->salt + len, 0, BLAKE2B_SALTBYTES - len); +} + +/* + * Initialize the hashing context with the given parameter block. + * Always returns 1. + */ +int BLAKE2b_Init(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P) +{ blake2b_init_param(c, P); return 1; } +/* + * Initialize the hashing context with the given parameter block and key. + * Always returns 1. + */ +int BLAKE2b_Init_key(BLAKE2B_CTX *c, const BLAKE2B_PARAM *P, const void *key) +{ + blake2b_init_param(c, P); + + /* Pad the key to form first data block */ + { + uint8_t block[BLAKE2B_BLOCKBYTES] = {0}; + + memcpy(block, key, P->key_length); + BLAKE2b_Update(c, block, BLAKE2B_BLOCKBYTES); + OPENSSL_cleanse(block, BLAKE2B_BLOCKBYTES); + } + + return 1; +} + /* Permute the state while xoring in the block of data. */ static void blake2b_compress(BLAKE2B_CTX *S, const uint8_t *blocks, diff --git a/crypto/blake2/m_blake2b.c b/crypto/blake2/m_blake2b.c index a37ab89..2fb80f8 100644 --- a/crypto/blake2/m_blake2b.c +++ b/crypto/blake2/m_blake2b.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -25,7 +25,9 @@ static int init(EVP_MD_CTX *ctx) { - return BLAKE2b_Init(EVP_MD_CTX_md_data(ctx)); + BLAKE2B_PARAM P; + blake2b_param_init(&P); + return BLAKE2b_Init(EVP_MD_CTX_md_data(ctx), &P); } static int update(EVP_MD_CTX *ctx, const void *data, size_t count) @@ -49,7 +51,7 @@ static const EVP_MD blake2b_md = { NULL, NULL, BLAKE2B_BLOCKBYTES, - sizeof(EVP_MD *) + sizeof(BLAKE2B_CTX), + sizeof(BLAKE2B_CTX), }; const EVP_MD *EVP_blake2b512(void) |