summaryrefslogtreecommitdiffstats
path: root/doc/man7
diff options
context:
space:
mode:
authorPauli <pauli@openssl.org>2021-03-24 14:02:48 +1000
committerPauli <pauli@openssl.org>2021-03-26 18:21:37 +1000
commit4551763efc8c9d2e39f3d39430cb4657d155cde6 (patch)
tree77b8a4224f97df38897ad4e97a721f5a0194110a /doc/man7
parent10b63e9756cf932cbaba5f725445a2a032a7f271 (diff)
doc: life-cycle descritpion for MACs
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14522)
Diffstat (limited to 'doc/man7')
-rw-r--r--doc/man7/life_cycle-mac.pod210
-rw-r--r--doc/man7/mac.pngbin0 -> 50554 bytes
2 files changed, 210 insertions, 0 deletions
diff --git a/doc/man7/life_cycle-mac.pod b/doc/man7/life_cycle-mac.pod
new file mode 100644
index 0000000000..b9812f7cae
--- /dev/null
+++ b/doc/man7/life_cycle-mac.pod
@@ -0,0 +1,210 @@
+=pod
+
+=head1 NAME
+
+life_cycle-mac - The MAC algorithm life-cycle
+
+=head1 DESCRIPTION
+
+All message authentication codes (MACs)
+go through a number of stages in their life-cycle:
+
+=over 4
+
+=item start
+
+This state represents the MAC before it has been allocated. It is the
+starting state for any life-cycle transitions.
+
+=item newed
+
+This state represents the MAC after it has been allocated.
+
+=item initialised
+
+This state represents the MAC when it is set up and capable of processing
+input.
+
+=item updated
+
+This state represents the MAC when it is set up and capable of processing
+additional input or generating output.
+
+=item finaled
+
+This state represents the MAC when it has generated output.
+
+=item freed
+
+This state is entered when the MAC is freed. It is the terminal state
+for all life-cycle transitions.
+
+=back
+
+=head2 State Transition Diagram
+
+The usual life-cycle of a MAC is illustrated:
+
+=begin man
+
+ +-------------------+
+ | start |
+ +-------------------+
+ |
+ | EVP_MAC_CTX_new
+ v
+ +-------------------+
+ | newed |
+ +-------------------+
+ |
+ | EVP_MAC_init
+ v
+ +-------------------+
+ +> | initialised | <+
+ | +-------------------+ |
+ | | |
+ | | EVP_MAC_update | EVP_MAC_init
+ | v |
+ EVP_MAC_init | +-------------------+ |
+ | | updated | -+
+ | +-------------------+
+ | |
+ | | EVP_MAC_final
+ | v
+ | +-------------------+
+ +- | finaled |
+ +-------------------+
+ |
+ | EVP_MAC_CTX_free
+ v
+ +-------------------+
+ | freed |
+ +-------------------+
+
+=end man
+
+=for html <img src="mac.png">
+
+=head2 Formal State Transitions
+
+This section defines all of the legal state transitions.
+This is the canonical list.
+
+=begin man
+
+ Function Call ------------- Current State -------------
+ start newed initialised updated finaled freed
+ EVP_MAC_CTX_new newed
+ EVP_MAC_init initialised initialised initialised initialised
+ EVP_MAC_update updated updated
+ EVP_MAC_final finaled
+ EVP_MAC_CTX_free freed freed freed freed freed
+ EVP_MAC_gettable_ctx_params newed initialised updated
+ EVP_MAC_settable_ctx_params newed initialised updated
+ EVP_MAC_CTX_gettable_params newed initialised updated
+ EVP_MAC_CTX_settable_params newed initialised updated
+
+=end man
+
+=begin html
+
+<table style="border:1px solid; border-collapse:collapse">
+<tr><th style="border:1px solid" align="left">Function Call</th>
+ <th style="border:1px solid" colspan="6">Current State</th></tr>
+<tr><th style="border:1px solid"></th>
+ <th style="border:1px solid" align="center">start</th>
+ <th style="border:1px solid" align="center">newed</th>
+ <th style="border:1px solid" align="center">initialised</th>
+ <th style="border:1px solid" align="center">updated</th>
+ <th style="border:1px solid" align="center">finaled</th>
+ <th style="border:1px solid" align="center">freed</th></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_new</th>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_init</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_update</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_final</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">finaled</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_free</th>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center">freed</td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_gettable_ctx_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_settable_ctx_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_gettable_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_settable_params</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">newed</td>
+ <td style="border:1px solid" align="center">initialised</td>
+ <td style="border:1px solid" align="center">updated</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
+</table>
+
+=end html
+
+=head1 NOTES
+
+At some point the EVP layer will begin enforcing the transitions described
+herein.
+
+=head1 SEE ALSO
+
+L<provider-mac(7)>, L<EVP_MAC(3)>.
+
+=head1 HISTORY
+
+The provider MAC interface was introduced in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/mac.png b/doc/man7/mac.png
new file mode 100644
index 0000000000..1c486e1ba4
--- /dev/null
+++ b/doc/man7/mac.png
Binary files differ
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 10:20:15 +0000