[openssl-dev] Keyed hashing APIs for EVP?
Bill Cox
waywardgeek at google.com
Sat Jan 16 19:46:52 UTC 2016
Another question: BLAKE2 passes the output length to the Blake2b_Init and
Blake2s_Init functions. It is used to force the resulting output hash to
depend on the output length, which in general sounds like a reasonable
security precaution. Also, it is an error for outlen to be greater than
the block size (64 for BLAKE2b, 32 for BLAKE2s).
The EVP digest functions do not seem to take an output length, which seems
OK. If I am allowed to add a blake2.h under openssl/include/openssl,
should the public API for the BLAKE2 Init functions take outlen as a
parameter, or should I make them like the other digest functions? I worry
that people will get confused if they pass the actual used output length to
BLAKE2b_Init, and wind up with a different hash output than when using the
EVP APIs instead. OTOH, I hate to leave out a feature that slightly
improves security. Which wins in this case?
Thanks,
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160116/24c61fa8/attachment.html>
More information about the openssl-dev
mailing list