[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Wed May 5 12:12:37 UTC 2021
The branch master has been updated
via b039c87a4ca3dd4e4ebbea4a5d1fd3821497f900 (commit)
via 6a38b09a7fa6eaac6bcbe567382fbe7d3d719503 (commit)
via f14a2c9d7ac79afb36cacbf910a6363c7abc3135 (commit)
via a59c69724d7cbc3a4ec9f7774da9da83871ea944 (commit)
from f7050588bc76901e0a147c158e64ac3140dc8bfd (commit)
- Log -----------------------------------------------------------------
commit b039c87a4ca3dd4e4ebbea4a5d1fd3821497f900
Author: Pauli <pauli at openssl.org>
Date: Wed Apr 28 12:58:35 2021 +1000
mac: add EVP_MAC_finalXOF() function
Fixes #14140
Fixes #13232
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15061)
commit 6a38b09a7fa6eaac6bcbe567382fbe7d3d719503
Author: Pauli <pauli at openssl.org>
Date: Wed Apr 28 12:58:08 2021 +1000
mac: allow XOF MACs to be specified either via control or via the dedicated function
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15061)
commit f14a2c9d7ac79afb36cacbf910a6363c7abc3135
Author: Pauli <pauli at openssl.org>
Date: Thu Apr 29 11:08:42 2021 +1000
mac: update life-cycle description and diagrams to include finalXOF
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15061)
commit a59c69724d7cbc3a4ec9f7774da9da83871ea944
Author: Pauli <pauli at openssl.org>
Date: Wed Apr 28 13:01:22 2021 +1000
doc: document EVP_MAC_finalXOF()
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15061)
-----------------------------------------------------------------------
Summary of changes:
crypto/err/openssl.txt | 1 +
crypto/evp/evp_err.c | 5 ++-
crypto/evp/mac_lib.c | 49 +++++++++++++++++---
doc/life-cycles/lifecycles.ods | Bin 16717 -> 16752 bytes
doc/life-cycles/mac.dot | 6 ++-
doc/man3/EVP_MAC.pod | 10 +++--
doc/man7/life_cycle-mac.pod | 14 ++++--
doc/man7/mac.png | Bin 50554 -> 56417 bytes
include/openssl/evp.h | 1 +
include/openssl/evperr.h | 3 +-
test/evp_test.c | 50 +++++++++++++++------
test/recipes/30-test_evp_data/evpmac_common.txt | 57 +++++++++++++++++++++++-
util/libcrypto.num | 1 +
13 files changed, 164 insertions(+), 33 deletions(-)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 1e51d23219..728356148f 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -727,6 +727,7 @@ EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\
EVP_R_PRIVATE_KEY_DECODE_ERROR:145:private key decode error
EVP_R_PRIVATE_KEY_ENCODE_ERROR:146:private key encode error
EVP_R_PUBLIC_KEY_NOT_RSA:106:public key not rsa
+EVP_R_SETTING_XOF_FAILED:227:setting xof failed
EVP_R_SET_DEFAULT_PROPERTY_FAILURE:209:set default property failure
EVP_R_TOO_MANY_RECORDS:183:too many records
EVP_R_UNABLE_TO_ENABLE_LOCKING:212:unable to enable locking
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 7fa3fbf400..ad95f5ef02 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -133,10 +133,10 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_NULL_MAC_PKEY_CTX), "null mac pkey ctx"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ONLY_ONESHOT_SUPPORTED),
"only oneshot supported"},
- {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
- "operation not supported for this keytype"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_INITIALIZED),
"operation not initialized"},
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+ "operation not supported for this keytype"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_OUTPUT_WOULD_OVERFLOW),
"output would overflow"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARAMETER_TOO_LARGE),
@@ -151,6 +151,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_ENCODE_ERROR),
"private key encode error"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
+ {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_SETTING_XOF_FAILED), "setting xof failed"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_SET_DEFAULT_PROPERTY_FAILURE),
"set default property failure"},
{ERR_PACK(ERR_LIB_EVP, 0, EVP_R_TOO_MANY_RECORDS), "too many records"},
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 3d60905a9e..6f97de94de 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -116,21 +116,56 @@ int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
return ctx->meth->update(ctx->data, data, datalen);
}
-int EVP_MAC_final(EVP_MAC_CTX *ctx,
- unsigned char *out, size_t *outl, size_t outsize)
+static int evp_mac_final(EVP_MAC_CTX *ctx, int xof,
+ unsigned char *out, size_t *outl, size_t outsize)
{
size_t l;
- int res = 1;
+ int res;
+ OSSL_PARAM params[2];
+
+ if (ctx == NULL || ctx->meth == NULL) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
+ return 0;
+ }
+ if (ctx->meth->final == NULL) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_FINAL_ERROR);
+ return 0;
+ }
- if (out != NULL)
- res = ctx->meth->final(ctx->data, out, &l, outsize);
- else
- l = EVP_MAC_CTX_get_mac_size(ctx);
+ if (out == NULL) {
+ if (outl == NULL) {
+ ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+ *outl = EVP_MAC_CTX_get_mac_size(ctx);
+ return 1;
+ }
+ if (xof) {
+ params[0] = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_XOF, &xof);
+ params[1] = OSSL_PARAM_construct_end();
+
+ if (EVP_MAC_CTX_set_params(ctx, params) <= 0) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_SETTING_XOF_FAILED);
+ return 0;
+ }
+ }
+ res = ctx->meth->final(ctx->data, out, &l, outsize);
if (outl != NULL)
*outl = l;
return res;
}
+int EVP_MAC_final(EVP_MAC_CTX *ctx,
+ unsigned char *out, size_t *outl, size_t outsize)
+{
+ return evp_mac_final(ctx, 0, out, outl, outsize);
+}
+
+int EVP_MAC_finalXOF(EVP_MAC_CTX *ctx, unsigned char *out, size_t outsize)
+{
+ return evp_mac_final(ctx, 1, out, NULL, outsize);
+}
+
/*
* The {get,set}_params functions return 1 if there is no corresponding
* function in the implementation. This is the same as if there was one,
diff --git a/doc/life-cycles/lifecycles.ods b/doc/life-cycles/lifecycles.ods
index b8f198a8e5..f80a76e622 100644
Binary files a/doc/life-cycles/lifecycles.ods and b/doc/life-cycles/lifecycles.ods differ
diff --git a/doc/life-cycles/mac.dot b/doc/life-cycles/mac.dot
index c52701742c..799d90e7d3 100644
--- a/doc/life-cycles/mac.dot
+++ b/doc/life-cycles/mac.dot
@@ -11,9 +11,11 @@ digraph mac {
initialised -> updated [label="EVP_MAC_update"];
updated -> updated [label="EVP_MAC_update"];
updated -> finaled [label="EVP_MAC_final"];
+ updated -> finaled [label="EVP_MAC_finalXOF",
+ fontcolor="#808080", color="#808080"];
/* Once this works it should go back in:
- updated -> finaled [label="EVP_MAC_final_XOF", style=dashed];
- finaled -> finaled [label="EVP_MAC_final_XOF", style=dashed];
+ finaled -> finaled [label="EVP_MAC_final_XOF",
+ fontcolor="#808080", color="#808080"];
*/
finaled -> end [label="EVP_MAC_CTX_free"];
updated -> initialised [label="EVP_MAC_init", style=dashed,
diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index b6b5430a35..27930eb89a 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -8,7 +8,7 @@ EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
EVP_MAC_CTX_get_mac_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final,
-EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
+EVP_MAC_finalXOF, EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
EVP_MAC_CTX_gettable_params, EVP_MAC_CTX_settable_params,
EVP_MAC_do_all_provided - EVP MAC routines
@@ -46,6 +46,7 @@ EVP_MAC_do_all_provided - EVP MAC routines
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
+ int EVP_MAC_finalXOF(EVP_MAC_CTX *ctx, unsigned char *out, size_t outsize);
const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
@@ -140,6 +141,9 @@ dynamically, simply call with I<out> being NULL and I<outl>
pointing at a valid location, then allocate space and make a second
call with I<out> pointing at the allocated space.
+EVP_MAC_finalXOF() does the final computation for an XOF based MAC and stores
+the result in the memory pointed at by I<out> of size I<outsize>.
+
EVP_MAC_get_params() retrieves details about the implementation
I<mac>.
The set of parameters given with I<params> determine exactly what
@@ -347,8 +351,8 @@ EVP_MAC_CTX_free() returns nothing at all.
EVP_MAC_CTX_get_params() and EVP_MAC_CTX_set_params() return 1 on
success, 0 on error.
-EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0
-on error.
+EVP_MAC_init(), EVP_MAC_update(), EVP_MAC_final() and EVP_MAC_finalXOF()
+return 1 on success, 0 on error.
EVP_MAC_CTX_get_mac_size() returns the expected output size, or 0 if it isn't set.
If it isn't set, a call to EVP_MAC_init() should get it set.
diff --git a/doc/man7/life_cycle-mac.pod b/doc/man7/life_cycle-mac.pod
index 0e7590740d..17be432ab0 100644
--- a/doc/man7/life_cycle-mac.pod
+++ b/doc/man7/life_cycle-mac.pod
@@ -68,9 +68,9 @@ The usual life-cycle of a MAC is illustrated:
EVP_MAC_init | +-------------------+ |
| | updated | -+
| +-------------------+
- | |
- | | EVP_MAC_final
- | v
+ | | |
+ | | EVP_MAC_final | EVP_MAC_finalXOF
+ | v v
| +-------------------+
+- | finaled |
+-------------------+
@@ -98,6 +98,7 @@ This is the canonical list.
EVP_MAC_init initialised initialised initialised initialised
EVP_MAC_update updated updated
EVP_MAC_final finaled
+ EVP_MAC_finalXOF finaled
EVP_MAC_CTX_free freed freed freed freed freed
EVP_MAC_CTX_get_params newed initialised updated
EVP_MAC_CTX_set_params newed initialised updated
@@ -146,6 +147,13 @@ This is the canonical list.
<td style="border:1px solid" align="center">finaled</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
+<tr><th style="border:1px solid" align="left">EVP_MAC_finalXOF</th>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center">finaled</td>
+ <td style="border:1px solid" align="center"></td>
+ <td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MAC_CTX_free</th>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
diff --git a/doc/man7/mac.png b/doc/man7/mac.png
index 1c486e1ba4..620f50a6f3 100644
Binary files a/doc/man7/mac.png and b/doc/man7/mac.png differ
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index f527de4d4c..91b84ebf6f 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1181,6 +1181,7 @@ int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
+int EVP_MAC_finalXOF(EVP_MAC_CTX *ctx, unsigned char *out, size_t outsize);
const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac);
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index b2e08b14b6..ffa8bacd5b 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -95,8 +95,8 @@
# define EVP_R_NO_OPERATION_SET 149
# define EVP_R_NULL_MAC_PKEY_CTX 208
# define EVP_R_ONLY_ONESHOT_SUPPORTED 177
-# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
# define EVP_R_OPERATION_NOT_INITIALIZED 151
+# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE 150
# define EVP_R_OUTPUT_WOULD_OVERFLOW 202
# define EVP_R_PARAMETER_TOO_LARGE 187
# define EVP_R_PARTIALLY_OVERLAPPING 162
@@ -105,6 +105,7 @@
# define EVP_R_PRIVATE_KEY_DECODE_ERROR 145
# define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146
# define EVP_R_PUBLIC_KEY_NOT_RSA 106
+# define EVP_R_SETTING_XOF_FAILED 227
# define EVP_R_SET_DEFAULT_PROPERTY_FAILURE 209
# define EVP_R_TOO_MANY_RECORDS 183
# define EVP_R_UNABLE_TO_ENABLE_LOCKING 212
diff --git a/test/evp_test.c b/test/evp_test.c
index 79ca676c87..abb0485459 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1029,6 +1029,8 @@ typedef struct mac_data_st {
/* MAC salt (blake2) */
unsigned char *salt;
size_t salt_len;
+ /* XOF mode? */
+ int xof;
/* Collection of controls */
STACK_OF(OPENSSL_STRING) *controls;
} MAC_DATA;
@@ -1123,6 +1125,8 @@ static int mac_test_parse(EVP_TEST *t,
return parse_bin(value, &mdata->input, &mdata->input_len);
if (strcmp(keyword, "Output") == 0)
return parse_bin(value, &mdata->output, &mdata->output_len);
+ if (strcmp(keyword, "XOF") == 0)
+ return mdata->xof = 1;
if (strcmp(keyword, "Ctrl") == 0)
return sk_OPENSSL_STRING_push(mdata->controls,
OPENSSL_strdup(value)) != 0;
@@ -1164,6 +1168,10 @@ static int mac_test_run_pkey(EVP_TEST *t)
size_t got_len;
int i;
+ /* We don't do XOF mode via PKEY */
+ if (expected->xof)
+ return 1;
+
if (expected->alg == NULL)
TEST_info("Trying the EVP_PKEY %s test", OBJ_nid2sn(expected->type));
else
@@ -1360,20 +1368,34 @@ static int mac_test_run_mac(EVP_TEST *t)
t->err = "MAC_UPDATE_ERROR";
goto err;
}
- if (!EVP_MAC_final(ctx, NULL, &got_len, 0)) {
- t->err = "MAC_FINAL_LENGTH_ERROR";
- goto err;
- }
- if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
- t->err = "TEST_FAILURE";
- goto err;
- }
- if (!EVP_MAC_final(ctx, got, &got_len, got_len)
- || !memory_err_compare(t, "TEST_MAC_ERR",
- expected->output, expected->output_len,
- got, got_len)) {
- t->err = "TEST_MAC_ERR";
- goto err;
+ if (expected->xof) {
+ if (!TEST_ptr(got = OPENSSL_malloc(expected->output_len))) {
+ t->err = "TEST_FAILURE";
+ goto err;
+ }
+ if (!EVP_MAC_finalXOF(ctx, got, expected->output_len)
+ || !memory_err_compare(t, "TEST_MAC_ERR",
+ expected->output, expected->output_len,
+ got, expected->output_len)) {
+ t->err = "MAC_FINAL_ERROR";
+ goto err;
+ }
+ } else {
+ if (!EVP_MAC_final(ctx, NULL, &got_len, 0)) {
+ t->err = "MAC_FINAL_LENGTH_ERROR";
+ goto err;
+ }
+ if (!TEST_ptr(got = OPENSSL_malloc(got_len))) {
+ t->err = "TEST_FAILURE";
+ goto err;
+ }
+ if (!EVP_MAC_final(ctx, got, &got_len, got_len)
+ || !memory_err_compare(t, "TEST_MAC_ERR",
+ expected->output, expected->output_len,
+ got, got_len)) {
+ t->err = "TEST_MAC_ERR";
+ goto err;
+ }
}
t->err = NULL;
err:
diff --git a/test/recipes/30-test_evp_data/evpmac_common.txt b/test/recipes/30-test_evp_data/evpmac_common.txt
index e2219ca12a..0229659807 100644
--- a/test/recipes/30-test_evp_data/evpmac_common.txt
+++ b/test/recipes/30-test_evp_data/evpmac_common.txt
@@ -346,6 +346,61 @@ Ctrl = size:64
Title = KMAC XOF Tests (From NIST)
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Output = CD83740BBD92CCC8CF032B1481A0F4460E7CA9DD12B08A0C4031178BACD6EC35
+XOF = 1
+
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Custom = "My Tagged Application"
+Output = 31A44527B4ED9F5C6101D11DE6D26F0620AA5C341DEF41299657FE9DF1A3B16C
+XOF = 1
+
+MAC = KMAC128
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = "My Tagged Application"
+Output = 47026C7CD793084AA0283C253EF658490C0DB61438B8326FE9BDDF281B83AE0F
+XOF = 1
+Ctrl = size:32
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 00010203
+Custom = "My Tagged Application"
+Output = 1755133F1534752AAD0748F2C706FB5C784512CAB835CD15676B16C0C6647FA96FAA7AF634A0BF8FF6DF39374FA00FAD9A39E322A7C92065A64EB1FB0801EB2B
+XOF = 1
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = ""
+Output = FF7B171F1E8A2B24683EED37830EE797538BA8DC563F6DA1E667391A75EDC02CA633079F81CE12A25F45615EC89972031D18337331D24CEB8F8CA8E6A19FD98B
+XOF = 1
+
+MAC = KMAC256
+Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7
+Custom = "My Tagged Application"
+Output = D5BE731C954ED7732846BB59DBE3A8E30F83E77A4BFF4459F2F1C2B4ECEBB8CE67BA01C62E8AB8578D2D499BD1BB276768781190020A306A97DE281DCC30305D
+Ctrl = size:64
+XOF = 1
+
+Title = KMAC long customisation string (from NIST ACVP)
+
+MAC = KMAC256
+Key = 9743DBF93102FAF11227B154B8ACD16CF142671F7AA16C559A393A38B4CEF461ED29A6A328D7379C99718790E38B54CA25E9E831CBEA463EE704D1689F94629AB795DF0C77F756DA743309C0E054596BA2D9CC1768ACF7CD351D9A7EB1ABD0A3
+Input = BA63AC9C711F143CCE7FF92D0322649D1BE437D805FD225C0A2879A008373EC3BCCDB09971FAD2BCE5F4347AF7E5238EF01A90ED34193D6AFC1D
+Custom = "]J&/.?L/c&}p(b!X|?>i7!]CAH6P at 1<R'6|uOu2Vu^kCM!$ Een^pn&Zlale){mQhKjqe,)'-fsX6:u at D6+ZA^b70A)n)LMxo:Y!62;:[hP*yLERjL at rq30+iRaD#9|"
+Output = 4057EFD76A63049418AFC54559589821322B6029808A3BCAE4D49E961F909F5F667ACAD56BBCFB8033DCB4CC10AF1B53F014B8
+Ctrl = size:51
+XOF = 1
+
+Title = KMAC XOF Tests via ctrl (From NIST)
+
MAC = KMAC128
Key = 404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F
Input = 00010203
@@ -389,7 +444,7 @@ Output = D5BE731C954ED7732846BB59DBE3A8E30F83E77A4BFF4459F2F1C2B4ECEBB8CE67BA01C
Ctrl = size:64
Ctrl = xof:1
-Title = KMAC long customisation string (from NIST ACVP)
+Title = KMAC long customisation string via ctrl (from NIST ACVP)
MAC = KMAC256
Key = 9743DBF93102FAF11227B154B8ACD16CF142671F7AA16C559A393A38B4CEF461ED29A6A328D7379C99718790E38B54CA25E9E831CBEA463EE704D1689F94629AB795DF0C77F756DA743309C0E054596BA2D9CC1768ACF7CD351D9A7EB1ABD0A3
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 835b06b20b..da5936f1ab 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4413,6 +4413,7 @@ EVP_MAC_CTX_get_mac_size ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_init ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_update ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_final ? 3_0_0 EXIST::FUNCTION:
+EVP_MAC_finalXOF ? 3_0_0 EXIST::FUNCTION:
EVP_PKEY_supports_digest_nid ? 3_0_0 EXIST::FUNCTION:
SRP_VBASE_add0_user ? 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,SRP
SRP_user_pwd_new ? 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,SRP
More information about the openssl-commits
mailing list