Wire SHAKE to EVP.

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4137)
author: Andy Polyakov <appro@openssl.org> 2017-08-10 22:47:32 +0200
committer: Andy Polyakov <appro@openssl.org> 2017-08-12 12:20:56 +0200
commit: bbde4740ebcb37ca66d058a0dec1286ed7f8eee7 (patch)
tree: f1b2b6615c4dbc61b0174c68a2c54787b9263dda /crypto
parent: cd8d1456c97ad17fb147f4fdcbb5ba8c983b8bb8 (diff)
2 files changed, 16 insertions, 4 deletions
diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
index cfc3f0452d..86b2fc8584 100644
--- a/crypto/evp/c_alld.c
+++ b/crypto/evp/c_alld.c
@@ -50,8 +50,6 @@ void openssl_add_all_digests_int(void)
     EVP_add_digest(EVP_sha3_256());
     EVP_add_digest(EVP_sha3_384());
     EVP_add_digest(EVP_sha3_512());
-#if 0
     EVP_add_digest(EVP_shake128());
     EVP_add_digest(EVP_shake256());
-#endif
 }
diff --git a/crypto/evp/m_sha3.c b/crypto/evp/m_sha3.c
index 3fe2b07a05..9691d934e7 100644
--- a/crypto/evp/m_sha3.c
+++ b/crypto/evp/m_sha3.c
@@ -121,6 +121,19 @@ static int sha3_final(EVP_MD_CTX *evp_ctx, unsigned char *md)
     return 1;
 }
 
+static int shake_ctrl(EVP_MD_CTX *evp_ctx, int cmd, int p1, void *p2)
+{
+    KECCAK1600_CTX *ctx = evp_ctx->md_data;
+
+    switch (cmd) {
+    case EVP_MD_CTRL_XOF_LEN:
+        ctx->md_size = p1;
+        return 1;
+    default:
+        return 0;
+    }
+}
+
 #define EVP_MD_SHA3(bitlen)                     \
 const EVP_MD *EVP_sha3_##bitlen(void)           \
 {                                               \
@@ -151,8 +164,8 @@ const EVP_MD *EVP_shake##bitlen(void)           \
     static const EVP_MD shake##bitlen##_md = {  \
         NID_shake##bitlen,                      \
         0,                                      \
-        512,                                    \
-        0,                                      \
+        bitlen / 8,                             \
+        EVP_MD_FLAG_XOF,                        \
         shake_init,                             \
         sha3_update,                            \
         sha3_final,                             \
@@ -160,6 +173,7 @@ const EVP_MD *EVP_shake##bitlen(void)           \
         NULL,                                   \
         (KECCAK1600_WIDTH - bitlen * 2) / 8,    \
         sizeof(KECCAK1600_CTX),                 \
+        shake_ctrl                              \
     };                                          \
     return &shake##bitlen##_md;                 \
 }
author	Andy Polyakov <appro@openssl.org>	2017-08-10 22:47:32 +0200
committer	Andy Polyakov <appro@openssl.org>	2017-08-12 12:20:56 +0200
commit	bbde4740ebcb37ca66d058a0dec1286ed7f8eee7 (patch)
tree	f1b2b6615c4dbc61b0174c68a2c54787b9263dda /crypto
parent	cd8d1456c97ad17fb147f4fdcbb5ba8c983b8bb8 (diff)