Attaching a cipher to a EVP_MD_CTX?

Viktor Dukhovni openssl-users at dukhovni.org
Sun Mar 5 06:21:49 UTC 2023


On Sat, Mar 04, 2023 at 08:35:50PM -0800, Hal Murray wrote:

> The current code uses one context, several ciphers, and many keys.
> 
> CMAC_init() takes both a key and cipher.
> 
> EVP_MAC_init() takes a key and params.
> 
> If you want to switch ciphers, you have to put it into a param.  I'm using:
>         params[0] =
>           OSSL_PARAM_construct_utf8_string("cipher", 'AES-128-CBC", 0);
> and
>         EVP_MAC_CTX_set_params(ctx, params);
> 
> Is there something I've missed that would take a cipher and avoid the string 
> compares?

I don't see anything non-deprecated that takes an already fetched
cipher.

> But those numbers open the door to a time-space tradeoff.  I haven't been down 
> that rathole yet.

If you memoise a fully initialised EVP_MAC_CTX for a particular cipher
and key, you can perform multiple MAC operations, by creating an
ephemeral copy of the initialised context via:

    EVP_MAC_CTX_dup(3).

For example:

    https://github.com/openssl/openssl/blob/master/crypto/modes/siv128.c#L89-L126

This is likely cheaper than fetching the algorithms for each operation.
I am inclined to agree that it should be possible to initialise the
context with an already fetched cipher.

If in an already initialised and then duplicated context you then want
to set just the key, you can call EVP_MAC_CTX_set_params() on the
duplicated context with parameters that include just the key.  The
pre-initialised context need not have a key.

-- 
    Viktor.


More information about the openssl-users mailing list