diff options
| author | Todd Short <tshort@akamai.com> | 2017-01-11 16:38:44 -0500 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2017-02-01 14:14:36 -0500 |
| commit | 3f5616d734a92fdf99ab827f21e5b6cab85e7194 (patch) | |
| tree | 9c106795f72bc6622dfdca63d723ce0127011fc7 /crypto/siphash/siphash_ameth.c | |
| parent | 122fa088524571a3b60ebf301873f69afdac8f7a (diff) | |
Add support for parameterized SipHash
The core SipHash supports either 8 or 16-byte output and a configurable
number of rounds.
The default behavior, as added to EVP, is to use 16-byte output and
2,4 rounds, which matches the behavior of most implementations.
There is an EVP_PKEY_CTRL that can control the output size.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2216)
Diffstat (limited to 'crypto/siphash/siphash_ameth.c')
| -rw-r--r-- | crypto/siphash/siphash_ameth.c | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/crypto/siphash/siphash_ameth.c b/crypto/siphash/siphash_ameth.c new file mode 100644 index 0000000000..d819461f8d --- /dev/null +++ b/crypto/siphash/siphash_ameth.c @@ -0,0 +1,68 @@ +/* + * Copyright 2007-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <stdio.h> +#include "internal/cryptlib.h" +#include <openssl/evp.h> +#include "internal/asn1_int.h" +#include "internal/siphash.h" +#include "siphash_local.h" + +/* + * SIPHASH "ASN1" method. This is just here to indicate the maximum + * SIPHASH output length and to free up a SIPHASH key. + */ + +static int siphash_size(const EVP_PKEY *pkey) +{ + return SIPHASH_MAX_DIGEST_SIZE; +} + +static void siphash_key_free(EVP_PKEY *pkey) +{ + ASN1_OCTET_STRING *os = EVP_PKEY_get0(pkey); + + if (os != NULL) { + if (os->data != NULL) + OPENSSL_cleanse(os->data, os->length); + ASN1_OCTET_STRING_free(os); + } +} + +static int siphash_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) +{ + /* nothing (including ASN1_PKEY_CTRL_DEFAULT_MD_NID), is supported */ + return -2; +} + +static int siphash_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b) +{ + return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)); +} + +const EVP_PKEY_ASN1_METHOD siphash_asn1_meth = { + EVP_PKEY_SIPHASH, + EVP_PKEY_SIPHASH, + 0, + + "SIPHASH", + "OpenSSL SIPHASH method", + + 0, 0, siphash_pkey_public_cmp, 0, + + 0, 0, 0, + + siphash_size, + 0, 0, + 0, 0, 0, 0, 0, 0, 0, + + siphash_key_free, + siphash_pkey_ctrl, + 0, 0 +}; |