mirror of
https://github.com/openssl/openssl.git
synced 2026-01-18 17:11:31 +01:00
5366490822
Fixes #7894 This allows SHAKE to squeeze multiple times with different output sizes. The existing EVP_DigestFinalXOF() API has been left as a one shot operation. A similar interface is used by another toolkit. The low level SHA3_Squeeze() function needed to change slightly so that it can handle multiple squeezes. This involves changing the assembler code so that it passes a boolean to indicate whether the Keccak function should be called on entry. At the provider level, the squeeze is buffered, so that it only requests a multiple of the blocksize when SHA3_Squeeze() is called. On the first call the value is zero, on subsequent calls the value passed is 1. This PR is derived from the excellent work done by @nmathewson in https://github.com/openssl/openssl/pull/7921 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21511)
73 lines
1.6 KiB
Plaintext
73 lines
1.6 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
EVP_MD-BLAKE2 - The BLAKE2 EVP_MD implementation
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
Support for computing BLAKE2 digests through the B<EVP_MD> API.
|
|
|
|
=head2 Identities
|
|
|
|
This implementation is only available with the default provider, and
|
|
includes the following varieties:
|
|
|
|
=over 4
|
|
|
|
=item BLAKE2S-256
|
|
|
|
Known names are "BLAKE2S-256" and "BLAKE2s256".
|
|
|
|
=item BLAKE2B-512
|
|
|
|
Known names are "BLAKE2B-512" and "BLAKE2b512".
|
|
|
|
=back
|
|
|
|
=head2 Settable Parameters
|
|
|
|
"BLAKE2B-512" supports the following EVP_MD_CTX_set_params() key
|
|
described in L<EVP_DigestInit(3)/PARAMETERS>.
|
|
|
|
=over 4
|
|
|
|
=item "xoflen" (B<OSSL_DIGEST_PARAM_XOFLEN>) <unsigned integer>
|
|
|
|
=back
|
|
|
|
=head2 Gettable Parameters
|
|
|
|
This implementation supports the common gettable parameters described
|
|
in L<EVP_MD-common(7)>.
|
|
|
|
=head2 Settable Context Parameters
|
|
|
|
The BLAKE2B-512 implementation supports the following L<OSSL_PARAM(3)> entries,
|
|
settable for an B<EVP_MD_CTX> with L<EVP_MD_CTX_set_params(3)>:
|
|
|
|
=over 4
|
|
|
|
=item "size" (B<OSSL_DIGEST_PARAM_SIZE>) <unsigned integer>
|
|
|
|
Sets a different digest length for the L<EVP_DigestFinal(3)> output.
|
|
The value of the "size" parameter should not exceed 255 and it must be set
|
|
during the L<EVP_DigestInit_ex2(3)> call.
|
|
|
|
=back
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<provider-digest(7)>, L<OSSL_PROVIDER-default(7)>
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|