diff options
author | Richard Levitte <levitte@openssl.org> | 2018-09-06 22:52:38 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2018-09-09 01:47:56 +0200 |
commit | d74f23d2dbf2de0f374bff004c135242cfb65174 (patch) | |
tree | 766fdbfde67286e37c872b562e4887203399a483 /crypto/siphash | |
parent | 2725232132207ee30fd16e596885e3b0bd810fc4 (diff) |
SipHash: add separate setter for the hash size
This was originally part of SipHash_Init. However, there are cases
where there isn't any key material to initialize from when setting the
hash size, and we do allow doing so with a EVP_PKEY control. The
solution is to provide a separate hash_size setter and to use it in
the corresponding EVP_PKEY_METHOD.
Fixes #7143
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7145)
Diffstat (limited to 'crypto/siphash')
-rw-r--r-- | crypto/siphash/siphash.c | 28 | ||||
-rw-r--r-- | crypto/siphash/siphash_pmeth.c | 17 |
2 files changed, 25 insertions, 20 deletions
diff --git a/crypto/siphash/siphash.c b/crypto/siphash/siphash.c index 72fd5198b8..e2352fc730 100644 --- a/crypto/siphash/siphash.c +++ b/crypto/siphash/siphash.c @@ -80,17 +80,32 @@ size_t SipHash_hash_size(SIPHASH *ctx) return ctx->hash_size; } +static size_t siphash_adjust_hash_size(size_t hash_size) +{ + if (hash_size == 0) + hash_size = SIPHASH_MAX_DIGEST_SIZE; + return hash_size; +} + +int SipHash_set_hash_size(SIPHASH *ctx, size_t hash_size) +{ + hash_size = siphash_adjust_hash_size(hash_size); + if (hash_size != SIPHASH_MIN_DIGEST_SIZE + && hash_size != SIPHASH_MAX_DIGEST_SIZE) + return 0; + + ctx->hash_size = hash_size; + return 1; +} + /* hash_size = crounds = drounds = 0 means SipHash24 with 16-byte output */ -int SipHash_Init(SIPHASH *ctx, const unsigned char *k, int hash_size, int crounds, int drounds) +int SipHash_Init(SIPHASH *ctx, const unsigned char *k, int crounds, int drounds) { uint64_t k0 = U8TO64_LE(k); uint64_t k1 = U8TO64_LE(k + 8); - if (hash_size == 0) - hash_size = SIPHASH_MAX_DIGEST_SIZE; - else if (hash_size != SIPHASH_MIN_DIGEST_SIZE && - hash_size != SIPHASH_MAX_DIGEST_SIZE) - return 0; + /* If the hash size wasn't set, i.e. is zero */ + ctx->hash_size = siphash_adjust_hash_size(ctx->hash_size); if (drounds == 0) drounds = SIPHASH_D_ROUNDS; @@ -99,7 +114,6 @@ int SipHash_Init(SIPHASH *ctx, const unsigned char *k, int hash_size, int cround ctx->crounds = crounds; ctx->drounds = drounds; - ctx->hash_size = hash_size; ctx->len = 0; ctx->total_inlen = 0; diff --git a/crypto/siphash/siphash_pmeth.c b/crypto/siphash/siphash_pmeth.c index 5c981bdb0b..66e552fec5 100644 --- a/crypto/siphash/siphash_pmeth.c +++ b/crypto/siphash/siphash_pmeth.c @@ -95,16 +95,13 @@ static int siphash_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) SIPHASH_PKEY_CTX *pctx = EVP_PKEY_CTX_get_data(ctx); const unsigned char* key; size_t len; - int hash_size; key = EVP_PKEY_get0_siphash(EVP_PKEY_CTX_get0_pkey(ctx), &len); if (key == NULL || len != SIPHASH_KEY_SIZE) return 0; EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT); EVP_MD_CTX_set_update_fn(mctx, int_update); - /* use default rounds (2,4) */ - hash_size = SipHash_hash_size(&pctx->ctx); - return SipHash_Init(&pctx->ctx, key, hash_size, 0, 0); + return SipHash_Init(&pctx->ctx, key, 0, 0); } static int siphash_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx) @@ -122,7 +119,6 @@ static int pkey_siphash_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) SIPHASH_PKEY_CTX *pctx = EVP_PKEY_CTX_get_data(ctx); const unsigned char *key; size_t len; - int hash_size; switch (type) { @@ -131,12 +127,7 @@ static int pkey_siphash_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) break; case EVP_PKEY_CTRL_SET_DIGEST_SIZE: - if (p1 != SIPHASH_MIN_DIGEST_SIZE && - p1 != SIPHASH_MAX_DIGEST_SIZE) { - return 0; - } - /* use default rounds (2,4) */ - return SipHash_Init(&pctx->ctx, ASN1_STRING_get0_data(&pctx->ktmp), p1, 0, 0); + return SipHash_set_hash_size(&pctx->ctx, p1); case EVP_PKEY_CTRL_SET_MAC_KEY: case EVP_PKEY_CTRL_DIGESTINIT: @@ -152,8 +143,8 @@ static int pkey_siphash_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) !ASN1_OCTET_STRING_set(&pctx->ktmp, key, len)) return 0; /* use default rounds (2,4) */ - hash_size = SipHash_hash_size(&pctx->ctx); - return SipHash_Init(&pctx->ctx, ASN1_STRING_get0_data(&pctx->ktmp), hash_size, 0, 0); + return SipHash_Init(&pctx->ctx, ASN1_STRING_get0_data(&pctx->ktmp), + 0, 0); default: return -2; |