Attaching a cipher to a EVP_MD_CTX?

Hal Murray halmurray+openssl at
Sun Mar 5 04:35:50 UTC 2023

I'm cleaning up code that uses cmac.h
The context is NTP authentication with only 48 bytes of data for each packet.

The current code uses one context, several ciphers, and many keys.

CMAC_init() takes both a key and cipher.

EVP_MAC_init() takes a key and params.

If you want to switch ciphers, you have to put it into a param.  I'm using:
        params[0] =
          OSSL_PARAM_construct_utf8_string("cipher", 'AES-128-CBC", 0);
        EVP_MAC_CTX_set_params(ctx, params);

Is there something I've missed that would take a cipher and avoid the string 

Numbers, on a 3.5 GHz PC:
  AES-128, 48 byte packets:
   971 ns  load cipher and key each time
   462 ns, preload cipher, load key each time
   210 ns, preload cipher and key, EVP_MAC_init(ctx, NULL, 0, NULL)

   850 ns, CMAC_Init(ctx, key, keylength, cipher, NULL)

Notice that loading a key doubles the time to process short packets like 
these.  What's it doing?

But those numbers open the door to a time-space tradeoff.  I haven't been down 
that rathole yet.

These are my opinions.  I hate spam.

More information about the openssl-users mailing list