[openssl] master update

Dr. Paul Dale pauli at openssl.org
Mon Jul 1 07:42:27 UTC 2019


The branch master has been updated
       via  3f1679b26101561ae6974e450b0c8876ece152c6 (commit)
      from  e955edcda6a567369e55ac5e33fb90a2d4ad39b0 (commit)


- Log -----------------------------------------------------------------
commit 3f1679b26101561ae6974e450b0c8876ece152c6
Author: Pauli <paul.dale at oracle.com>
Date:   Fri Jun 28 00:02:00 2019 +1000

    Add OIDs for kmac128, kmac256 and blake2.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/9277)

-----------------------------------------------------------------------

Summary of changes:
 crypto/objects/obj_dat.h   | 24 ++++++++++++++++--------
 crypto/objects/objects.txt | 16 ++++++++--------
 fuzz/oids.txt              |  4 ++++
 include/openssl/obj_mac.h  | 40 ++++++++++++++++++++++------------------
 4 files changed, 50 insertions(+), 34 deletions(-)

diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index 876bab2..5c47d6b 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[7775] = {
+static const unsigned char so[7813] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -1077,7 +1077,11 @@ static const unsigned char so[7775] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0C,       /* [ 7745] OBJ_hmacWithSHA512_224 */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0D,       /* [ 7753] OBJ_hmacWithSHA512_256 */
     0x28,0xCC,0x45,0x03,0x04,                      /* [ 7761] OBJ_gmac */
-    0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x75,       /* [ 7766] OBJ_SM2_with_SM3 */
+    0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x13,  /* [ 7766] OBJ_kmac128 */
+    0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x14,  /* [ 7775] OBJ_kmac256 */
+    0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x01,  /* [ 7784] OBJ_blake2bmac */
+    0x2B,0x06,0x01,0x04,0x01,0x8D,0x3A,0x0C,0x02,0x02,  /* [ 7794] OBJ_blake2smac */
+    0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x75,       /* [ 7804] OBJ_SM2_with_SM3 */
 };
 
 #define NUM_NID 1207
@@ -2278,15 +2282,15 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"hmacWithSHA512-224", "hmacWithSHA512-224", NID_hmacWithSHA512_224, 8, &so[7745]},
     {"hmacWithSHA512-256", "hmacWithSHA512-256", NID_hmacWithSHA512_256, 8, &so[7753]},
     {"GMAC", "gmac", NID_gmac, 5, &so[7761]},
-    {"KMAC128", "kmac128", NID_kmac128},
-    {"KMAC256", "kmac256", NID_kmac256},
+    {"KMAC128", "kmac128", NID_kmac128, 9, &so[7766]},
+    {"KMAC256", "kmac256", NID_kmac256, 9, &so[7775]},
     {"AES-128-SIV", "aes-128-siv", NID_aes_128_siv},
     {"AES-192-SIV", "aes-192-siv", NID_aes_192_siv},
     {"AES-256-SIV", "aes-256-siv", NID_aes_256_siv},
-    {"BLAKE2BMAC", "blake2bmac", NID_blake2bmac},
-    {"BLAKE2SMAC", "blake2smac", NID_blake2smac},
+    {"BLAKE2BMAC", "blake2bmac", NID_blake2bmac, 10, &so[7784]},
+    {"BLAKE2SMAC", "blake2smac", NID_blake2smac, 10, &so[7794]},
     {"SSHKDF", "sshkdf", NID_sshkdf},
-    {"SM2-SM3", "SM2-with-SM3", NID_SM2_with_SM3, 8, &so[7766]},
+    {"SM2-SM3", "SM2-with-SM3", NID_SM2_with_SM3, 8, &so[7804]},
     {"SSKDF", "sskdf", NID_sskdf},
     {"X963KDF", "x963kdf", NID_x963kdf},
 };
@@ -4695,7 +4699,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      125,    /* "zlib compression" */
 };
 
-#define NUM_OBJ 1073
+#define NUM_OBJ 1077
 static const unsigned int obj_objs[NUM_OBJ] = {
        0,    /* OBJ_undef                        0 */
      181,    /* OBJ_iso                          1 */
@@ -5547,6 +5551,8 @@ static const unsigned int obj_objs[NUM_OBJ] = {
     1103,    /* OBJ_hmac_sha3_256                2 16 840 1 101 3 4 2 14 */
     1104,    /* OBJ_hmac_sha3_384                2 16 840 1 101 3 4 2 15 */
     1105,    /* OBJ_hmac_sha3_512                2 16 840 1 101 3 4 2 16 */
+    1196,    /* OBJ_kmac128                      2 16 840 1 101 3 4 2 19 */
+    1197,    /* OBJ_kmac256                      2 16 840 1 101 3 4 2 20 */
      802,    /* OBJ_dsa_with_SHA224              2 16 840 1 101 3 4 3 1 */
      803,    /* OBJ_dsa_with_SHA256              2 16 840 1 101 3 4 3 2 */
     1106,    /* OBJ_dsa_with_SHA384              2 16 840 1 101 3 4 3 3 */
@@ -5664,6 +5670,8 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      138,    /* OBJ_ms_efs                       1 3 6 1 4 1 311 10 3 4 */
      648,    /* OBJ_ms_smartcard_login           1 3 6 1 4 1 311 20 2 2 */
      649,    /* OBJ_ms_upn                       1 3 6 1 4 1 311 20 2 3 */
+    1201,    /* OBJ_blake2bmac                   1 3 6 1 4 1 1722 12 2 1 */
+    1202,    /* OBJ_blake2smac                   1 3 6 1 4 1 1722 12 2 2 */
      951,    /* OBJ_ct_precert_scts              1 3 6 1 4 1 11129 2 4 2 */
      952,    /* OBJ_ct_precert_poison            1 3 6 1 4 1 11129 2 4 3 */
      953,    /* OBJ_ct_precert_signer            1 3 6 1 4 1 11129 2 4 4 */
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 5664389..dcdfa90 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -14,12 +14,6 @@ iso 3			: identified-organization
 # GMAC OID
 iso 0 9797 3 4                          : GMAC          : gmac
 
-# There are no OIDs for these yet...
-            : KMAC128   : kmac128
-            : KMAC256   : kmac256
-            : BLAKE2BMAC	: blake2bmac
-            : BLAKE2SMAC   	: blake2smac
-
 # HMAC OIDs
 identified-organization 6 1 5 5 8 1 1	: HMAC-MD5	: hmac-md5
 identified-organization 6 1 5 5 8 1 2	: HMAC-SHA1	: hmac-sha1
@@ -709,8 +703,10 @@ algorithm 29		: RSA-SHA1-2		: sha1WithRSA
 1 3 36 3 2 1		: RIPEMD160		: ripemd160
 1 3 36 3 3 1 2		: RSA-RIPEMD160		: ripemd160WithRSA
 
-1 3 6 1 4 1 1722 12 2 1 16 : BLAKE2b512        : blake2b512
-1 3 6 1 4 1 1722 12 2 2 8  : BLAKE2s256        : blake2s256
+1 3 6 1 4 1 1722 12 2 1 : BLAKE2BMAC	        : blake2bmac
+1 3 6 1 4 1 1722 12 2 2 : BLAKE2SMAC   	        : blake2smac
+blake2bmac 16           : BLAKE2b512            : blake2b512
+blake2smac 8            : BLAKE2s256            : blake2s256
 
 !Cname sxnet
 1 3 101 1 4 1		: SXNetID		: Strong Extranet ID
@@ -987,6 +983,10 @@ nist_hashalgs 16	: id-hmacWithSHA3-512	: hmac-sha3-512
 # how to handle them...
 # nist_hashalgs 17	: id-shake128-len	: shake128-len
 # nist_hashalgs 18	: id-shake256-len	: shake256-len
+nist_hashalgs 19        : KMAC128               : kmac128
+nist_hashalgs 20        : KMAC256               : kmac256
+# nist_hashalgs 21      : KMAC128-XOF           : kmac128-xof
+# nist_hashalgs 22      : KMAC256-XOF           : kmac256-xof
 
 # OIDs for dsa-with-sha224 and dsa-with-sha256
 !Alias dsa_with_sha2 nistAlgorithms 3
diff --git a/fuzz/oids.txt b/fuzz/oids.txt
index bd38a04..f0ff677 100644
--- a/fuzz/oids.txt
+++ b/fuzz/oids.txt
@@ -1064,4 +1064,8 @@ OBJ_id_tc26_gost_3410_2012_256_paramSetD="\x2A\x85\x03\x07\x01\x02\x01\x01\x04"
 OBJ_hmacWithSHA512_224="\x2A\x86\x48\x86\xF7\x0D\x02\x0C"
 OBJ_hmacWithSHA512_256="\x2A\x86\x48\x86\xF7\x0D\x02\x0D"
 OBJ_gmac="\x28\xCC\x45\x03\x04"
+OBJ_kmac128="\x60\x86\x48\x01\x65\x03\x04\x02\x13"
+OBJ_kmac256="\x60\x86\x48\x01\x65\x03\x04\x02\x14"
+OBJ_blake2bmac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x01"
+OBJ_blake2smac="\x2B\x06\x01\x04\x01\x8D\x3A\x0C\x02\x02"
 OBJ_SM2_with_SM3="\x2A\x81\x1C\xCF\x55\x01\x83\x75"
diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h
index 147bad1..3657f43 100644
--- a/include/openssl/obj_mac.h
+++ b/include/openssl/obj_mac.h
@@ -49,22 +49,6 @@
 #define NID_gmac                1195
 #define OBJ_gmac                OBJ_iso,0L,9797L,3L,4L
 
-#define SN_kmac128              "KMAC128"
-#define LN_kmac128              "kmac128"
-#define NID_kmac128             1196
-
-#define SN_kmac256              "KMAC256"
-#define LN_kmac256              "kmac256"
-#define NID_kmac256             1197
-
-#define SN_blake2bmac           "BLAKE2BMAC"
-#define LN_blake2bmac           "blake2bmac"
-#define NID_blake2bmac          1201
-
-#define SN_blake2smac           "BLAKE2SMAC"
-#define LN_blake2smac           "blake2smac"
-#define NID_blake2smac          1202
-
 #define SN_hmac_md5             "HMAC-MD5"
 #define LN_hmac_md5             "hmac-md5"
 #define NID_hmac_md5            780
@@ -2139,15 +2123,25 @@
 #define NID_ripemd160WithRSA            119
 #define OBJ_ripemd160WithRSA            1L,3L,36L,3L,3L,1L,2L
 
+#define SN_blake2bmac           "BLAKE2BMAC"
+#define LN_blake2bmac           "blake2bmac"
+#define NID_blake2bmac          1201
+#define OBJ_blake2bmac          1L,3L,6L,1L,4L,1L,1722L,12L,2L,1L
+
+#define SN_blake2smac           "BLAKE2SMAC"
+#define LN_blake2smac           "blake2smac"
+#define NID_blake2smac          1202
+#define OBJ_blake2smac          1L,3L,6L,1L,4L,1L,1722L,12L,2L,2L
+
 #define SN_blake2b512           "BLAKE2b512"
 #define LN_blake2b512           "blake2b512"
 #define NID_blake2b512          1056
-#define OBJ_blake2b512          1L,3L,6L,1L,4L,1L,1722L,12L,2L,1L,16L
+#define OBJ_blake2b512          OBJ_blake2bmac,16L
 
 #define SN_blake2s256           "BLAKE2s256"
 #define LN_blake2s256           "blake2s256"
 #define NID_blake2s256          1057
-#define OBJ_blake2s256          1L,3L,6L,1L,4L,1L,1722L,12L,2L,2L,8L
+#define OBJ_blake2s256          OBJ_blake2smac,8L
 
 #define SN_sxnet                "SXNetID"
 #define LN_sxnet                "Strong Extranet ID"
@@ -2997,6 +2991,16 @@
 #define NID_hmac_sha3_512               1105
 #define OBJ_hmac_sha3_512               OBJ_nist_hashalgs,16L
 
+#define SN_kmac128              "KMAC128"
+#define LN_kmac128              "kmac128"
+#define NID_kmac128             1196
+#define OBJ_kmac128             OBJ_nist_hashalgs,19L
+
+#define SN_kmac256              "KMAC256"
+#define LN_kmac256              "kmac256"
+#define NID_kmac256             1197
+#define OBJ_kmac256             OBJ_nist_hashalgs,20L
+
 #define OBJ_dsa_with_sha2               OBJ_nistAlgorithms,3L
 
 #define SN_dsa_with_SHA224              "dsa_with_SHA224"


More information about the openssl-commits mailing list