diff options
| author | Richard Levitte <levitte@openssl.org> | 2018-10-12 22:27:18 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2018-10-29 13:35:19 +0100 |
| commit | 567db2c17d4ea8a0164d7abd8aed65b7a634bb40 (patch) | |
| tree | 064c9a50082bc9cda43b96dcde3f7eba5a0c6bd5 /crypto/include | |
| parent | f9e43929c46b38667f67e02765fe0f1c0d3061d6 (diff) | |
Add EVP_MAC API
We currently implement EVP MAC methods as EVP_PKEY methods. This
change creates a separate EVP API for MACs, to replace the current
EVP_PKEY ones.
A note about this EVP API and how it interfaces with underlying MAC
implementations:
Other EVP APIs pass the EVP API context down to implementations, and
it can be observed that the implementations use the pointer to their
own private data almost exclusively. The EVP_MAC API deviates from
that pattern by passing the pointer to the implementation's private
data directly, and thereby deny the implementations access to the
EVP_MAC context structure. This change is made to provide a clearer
separation between the EVP library itself and the implementations of
its supported algorithm classes.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7393)
Diffstat (limited to 'crypto/include')
| -rw-r--r-- | crypto/include/internal/evp_int.h | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h index d86aed36f0..5bc9408676 100644 --- a/crypto/include/internal/evp_int.h +++ b/crypto/include/internal/evp_int.h @@ -112,6 +112,31 @@ extern const EVP_PKEY_METHOD hkdf_pkey_meth; extern const EVP_PKEY_METHOD poly1305_pkey_meth; extern const EVP_PKEY_METHOD siphash_pkey_meth; +/* struct evp_mac_impl_st is defined by the implementation */ +typedef struct evp_mac_impl_st EVP_MAC_IMPL; +struct evp_mac_st { + int type; + EVP_MAC_IMPL *(*new) (void); + int (*copy) (EVP_MAC_IMPL *macdst, EVP_MAC_IMPL *macsrc); + void (*free) (EVP_MAC_IMPL *macctx); + size_t (*size) (EVP_MAC_IMPL *macctx); + int (*init) (EVP_MAC_IMPL *macctx); + int (*update) (EVP_MAC_IMPL *macctx, const unsigned char *data, + size_t datalen); + int (*final) (EVP_MAC_IMPL *macctx, unsigned char *out); + int (*ctrl) (EVP_MAC_IMPL *macctx, int cmd, va_list args); + int (*ctrl_str) (EVP_MAC_IMPL *macctx, const char *type, const char *value); +}; + +/* + * This function is internal for now, but can be made external when needed. + * The documentation would read: + * + * EVP_add_mac() adds the MAC implementation C<mac> to the internal + * object database. + */ +int EVP_add_mac(const EVP_MAC *mac); + struct evp_md_st { int type; int pkey_type; |