diff options
author | slontis <shane.lontis@oracle.com> | 2023-07-21 15:05:38 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-11-10 13:27:00 +0100 |
commit | 536649082212e7c643ab8d7bab89f620fbcd37f0 (patch) | |
tree | d5f28d382eb86111b2d2672db4f7ab0a836bc9c5 /util | |
parent | 9257a89b6f25dfa5aeee7114baec8ea992fcf5e5 (diff) |
Add EVP_DigestSqueeze() API.
Fixes #7894
This allows SHAKE to squeeze multiple times with different output sizes.
The existing EVP_DigestFinalXOF() API has been left as a one shot
operation. A similar interface is used by another toolkit.
The low level SHA3_Squeeze() function needed to change slightly so
that it can handle multiple squeezes. This involves changing the
assembler code so that it passes a boolean to indicate whether
the Keccak function should be called on entry.
At the provider level, the squeeze is buffered, so that it only requests
a multiple of the blocksize when SHA3_Squeeze() is called. On the first
call the value is zero, on subsequent calls the value passed is 1.
This PR is derived from the excellent work done by @nmathewson in
https://github.com/openssl/openssl/pull/7921
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21511)
Diffstat (limited to 'util')
-rw-r--r-- | util/libcrypto.num | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num index a16f93db47..b64b0ddc5c 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5536,3 +5536,4 @@ X509_STORE_CTX_set_get_crl ? 3_2_0 EXIST::FUNCTION: X509_STORE_CTX_set_current_reasons ? 3_2_0 EXIST::FUNCTION: OSSL_STORE_delete ? 3_2_0 EXIST::FUNCTION: BIO_ADDR_copy ? 3_2_0 EXIST::FUNCTION:SOCK +EVP_DigestSqueeze ? 3_2_0 EXIST::FUNCTION: |