diff options
author | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2015-10-25 14:50:41 +0200 |
---|---|---|
committer | Jussi Kivilinna <jussi.kivilinna@iki.fi> | 2015-10-28 20:12:22 +0200 |
commit | 577dc2b63ceca6a8a716256d034ea4e7414f65fa (patch) | |
tree | f66c541c2b1c5d2593c450241ec662f9711b6669 /cipher | |
parent | cee2e122ec6c1886957a8d47498eb63a6a921725 (diff) | |
download | libgcrypt-577dc2b63ceca6a8a716256d034ea4e7414f65fa.tar.gz |
md: add variable length output interface
* cipher/crc.c (_gcry_digest_spec_crc32)
(_gcry_digest_spec_crc32_rfc1510, _gcry_digest_spec_crc24_rfc2440): Set
'extract' NULL.
* cipher/gostr3411-94.c (_gcry_digest_spec_gost3411_94)
(_gcry_digest_spec_gost3411_cp): Ditto.
* cipher/keccak.c (_gcry_digest_spec_sha3_224)
(_gcry_digest_spec_sha3_256, _gcry_digest_spec_sha3_384)
(_gcry_digest_spec_sha3_512): Ditto.
* cipher/md2.c (_gcry_digest_spec_md2): Ditto.
* cipher/md4.c (_gcry_digest_spec_md4): Ditto.
* cipher/md5.c (_gcry_digest_spec_md5): Ditto.
* cipher/rmd160.c (_gcry_digest_spec_rmd160): Ditto.
* cipher/sha1.c (_gcry_digest_spec_sha1): Ditto.
* cipher/sha256.c (_gcry_digest_spec_sha224)
(_gcry_digest_spec_sha256): Ditto.
* cipher/sha512.c (_gcry_digest_spec_sha384)
(_gcry_digest_spec_sha512): Ditto.
* cipher/stribog.c (_gcry_digest_spec_stribog_256)
(_gcry_digest_spec_stribog_512): Ditto.
* cipher/tiger.c (_gcry_digest_spec_tiger)
(_gcry_digest_spec_tiger1, _gcry_digest_spec_tiger2): Ditto.
* cipher/whirlpool.c (_gcry_digest_spec_whirlpool): Ditto.
* cipher/md.c (md_enable): Do not allow combination of HMAC and
'expandable-output function'.
(md_final): Check if spec->read is NULL before calling.
(md_read): Ditto.
(md_extract, _gcry_md_extract): New.
* doc/gcrypt.texi: Add SHA3 algorithms and gcry_md_extract.
* src/cipher-proto.h (gcry_md_extract_t): New.
(gcry_md_spec_t): Add 'extract'.
* src/gcrypt-int.g (_gcry_md_extract): New.
* src/gcrypt.h.in (gcry_md_extract): New.
* src/libgcrypt.def: Add gcry_md_extract.
* src/libgcrypt.vers: Add gcry_md_extract.
* src/visibility.c (gcry_md_extract): New.
* src/visibility.h (gcry_md_extract): New.
--
Patch adds new interface for reading output from 'expandable-output
function' MD algorithms that can give variable length output (ie.
SHAKE algorithms from FIPS-202). New function to read output is
gpg_error_t gcry_md_extract(gcry_md_hd_t md, int algo,
void *buffer, size_t length);
Function implicitly finalizes algorithm so that no new input can
be given. Subsequents calls of the function return more output
bytes from the algorithm.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Diffstat (limited to 'cipher')
-rw-r--r-- | cipher/crc.c | 8 | ||||
-rw-r--r-- | cipher/gostr3411-94.c | 4 | ||||
-rw-r--r-- | cipher/keccak.c | 8 | ||||
-rw-r--r-- | cipher/md.c | 67 | ||||
-rw-r--r-- | cipher/md2.c | 2 | ||||
-rw-r--r-- | cipher/md4.c | 2 | ||||
-rw-r--r-- | cipher/md5.c | 2 | ||||
-rw-r--r-- | cipher/rmd160.c | 2 | ||||
-rw-r--r-- | cipher/sha1.c | 2 | ||||
-rw-r--r-- | cipher/sha256.c | 4 | ||||
-rw-r--r-- | cipher/sha512.c | 4 | ||||
-rw-r--r-- | cipher/stribog.c | 2 | ||||
-rw-r--r-- | cipher/tiger.c | 6 | ||||
-rw-r--r-- | cipher/whirlpool.c | 2 |
14 files changed, 89 insertions, 26 deletions
diff --git a/cipher/crc.c b/cipher/crc.c index 9105dfe1..46a185a8 100644 --- a/cipher/crc.c +++ b/cipher/crc.c @@ -785,7 +785,7 @@ gcry_md_spec_t _gcry_digest_spec_crc32 = { GCRY_MD_CRC32, {0, 1}, "CRC32", NULL, 0, NULL, 4, - crc32_init, crc32_write, crc32_final, crc32_read, + crc32_init, crc32_write, crc32_final, crc32_read, NULL, sizeof (CRC_CONTEXT) }; @@ -793,8 +793,7 @@ gcry_md_spec_t _gcry_digest_spec_crc32_rfc1510 = { GCRY_MD_CRC32_RFC1510, {0, 1}, "CRC32RFC1510", NULL, 0, NULL, 4, - crc32rfc1510_init, crc32_write, - crc32rfc1510_final, crc32_read, + crc32rfc1510_init, crc32_write, crc32rfc1510_final, crc32_read, NULL, sizeof (CRC_CONTEXT) }; @@ -802,7 +801,6 @@ gcry_md_spec_t _gcry_digest_spec_crc24_rfc2440 = { GCRY_MD_CRC24_RFC2440, {0, 1}, "CRC24RFC2440", NULL, 0, NULL, 3, - crc24rfc2440_init, crc24rfc2440_write, - crc24rfc2440_final, crc32_read, + crc24rfc2440_init, crc24rfc2440_write, crc24rfc2440_final, crc32_read, NULL, sizeof (CRC_CONTEXT) }; diff --git a/cipher/gostr3411-94.c b/cipher/gostr3411-94.c index 7b16e611..a782427f 100644 --- a/cipher/gostr3411-94.c +++ b/cipher/gostr3411-94.c @@ -343,13 +343,13 @@ gcry_md_spec_t _gcry_digest_spec_gost3411_94 = { GCRY_MD_GOSTR3411_94, {0, 0}, "GOSTR3411_94", NULL, 0, NULL, 32, - gost3411_init, _gcry_md_block_write, gost3411_final, gost3411_read, + gost3411_init, _gcry_md_block_write, gost3411_final, gost3411_read, NULL, sizeof (GOSTR3411_CONTEXT) }; gcry_md_spec_t _gcry_digest_spec_gost3411_cp = { GCRY_MD_GOSTR3411_CP, {0, 0}, "GOSTR3411_CP", asn, DIM (asn), oid_spec_gostr3411, 32, - gost3411_cp_init, _gcry_md_block_write, gost3411_final, gost3411_read, + gost3411_cp_init, _gcry_md_block_write, gost3411_final, gost3411_read, NULL, sizeof (GOSTR3411_CONTEXT) }; diff --git a/cipher/keccak.c b/cipher/keccak.c index 3a72294a..d46d9cb1 100644 --- a/cipher/keccak.c +++ b/cipher/keccak.c @@ -927,7 +927,7 @@ gcry_md_spec_t _gcry_digest_spec_sha3_224 = { GCRY_MD_SHA3_224, {0, 1}, "SHA3-224", sha3_224_asn, DIM (sha3_224_asn), oid_spec_sha3_224, 28, - sha3_224_init, keccak_write, keccak_final, keccak_read, + sha3_224_init, keccak_write, keccak_final, keccak_read, NULL, sizeof (KECCAK_CONTEXT), run_selftests }; @@ -935,7 +935,7 @@ gcry_md_spec_t _gcry_digest_spec_sha3_256 = { GCRY_MD_SHA3_256, {0, 1}, "SHA3-256", sha3_256_asn, DIM (sha3_256_asn), oid_spec_sha3_256, 32, - sha3_256_init, keccak_write, keccak_final, keccak_read, + sha3_256_init, keccak_write, keccak_final, keccak_read, NULL, sizeof (KECCAK_CONTEXT), run_selftests }; @@ -943,7 +943,7 @@ gcry_md_spec_t _gcry_digest_spec_sha3_384 = { GCRY_MD_SHA3_384, {0, 1}, "SHA3-384", sha3_384_asn, DIM (sha3_384_asn), oid_spec_sha3_384, 48, - sha3_384_init, keccak_write, keccak_final, keccak_read, + sha3_384_init, keccak_write, keccak_final, keccak_read, NULL, sizeof (KECCAK_CONTEXT), run_selftests }; @@ -951,7 +951,7 @@ gcry_md_spec_t _gcry_digest_spec_sha3_512 = { GCRY_MD_SHA3_512, {0, 1}, "SHA3-512", sha3_512_asn, DIM (sha3_512_asn), oid_spec_sha3_512, 64, - sha3_512_init, keccak_write, keccak_final, keccak_read, + sha3_512_init, keccak_write, keccak_final, keccak_read, NULL, sizeof (KECCAK_CONTEXT), run_selftests }; diff --git a/cipher/md.c b/cipher/md.c index 948d269b..6ef8fee9 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -408,6 +408,12 @@ md_enable (gcry_md_hd_t hd, int algorithm) } } + if (!err && h->flags.hmac && spec->read == NULL) + { + /* Expandable output function cannot act as part of HMAC. */ + err = GPG_ERR_DIGEST_ALGO; + } + if (!err) { size_t size = (sizeof (*entry) @@ -638,11 +644,16 @@ md_final (gcry_md_hd_t a) for (r = a->ctx->list; r; r = r->next) { - byte *p = r->spec->read (&r->context.c); + byte *p; size_t dlen = r->spec->mdlen; byte *hash; gcry_err_code_t err; + if (r->spec->read == NULL) + continue; + + p = r->spec->read (&r->context.c); + if (a->ctx->flags.secure) hash = xtrymalloc_secure (dlen); else @@ -821,6 +832,8 @@ md_read( gcry_md_hd_t a, int algo ) { if (r->next) log_debug ("more than one algorithm in md_read(0)\n"); + if (r->spec->read == NULL) + return NULL; return r->spec->read (&r->context.c); } } @@ -828,7 +841,11 @@ md_read( gcry_md_hd_t a, int algo ) { for (r = a->ctx->list; r; r = r->next) if (r->spec->algo == algo) - return r->spec->read (&r->context.c); + { + if (r->spec->read == NULL) + return NULL; + return r->spec->read (&r->context.c); + } } BUG(); return NULL; @@ -850,6 +867,52 @@ _gcry_md_read (gcry_md_hd_t hd, int algo) } +/**************** + * If ALGO is null get the digest for the used algo (which should be + * only one) + */ +static gcry_err_code_t +md_extract(gcry_md_hd_t a, int algo, void *out, size_t outlen) +{ + GcryDigestEntry *r = a->ctx->list; + + if (!algo) + { + /* Return the first algorithm */ + if (r && r->spec->extract) + { + if (r->next) + log_debug ("more than one algorithm in md_extract(0)\n"); + r->spec->extract (&r->context.c, out, outlen); + return 0; + } + } + else + { + for (r = a->ctx->list; r; r = r->next) + if (r->spec->algo == algo && r->spec->extract) + { + r->spec->extract (&r->context.c, out, outlen); + return 0; + } + } + + return GPG_ERR_DIGEST_ALGO; +} + + +/* + * Expand the output from XOF class digest, this function implictly finalizes + * the hash. + */ +gcry_err_code_t +_gcry_md_extract (gcry_md_hd_t hd, int algo, void *out, size_t outlen) +{ + _gcry_md_ctl (hd, GCRYCTL_FINALIZE, NULL, 0); + return md_extract (hd, algo, out, outlen); +} + + /* * Read out an intermediate digest. Not yet functional. */ diff --git a/cipher/md2.c b/cipher/md2.c index 97682e58..e339b28d 100644 --- a/cipher/md2.c +++ b/cipher/md2.c @@ -177,6 +177,6 @@ gcry_md_spec_t _gcry_digest_spec_md2 = { GCRY_MD_MD2, {0, 0}, "MD2", asn, DIM (asn), oid_spec_md2, 16, - md2_init, _gcry_md_block_write, md2_final, md2_read, + md2_init, _gcry_md_block_write, md2_final, md2_read, NULL, sizeof (MD2_CONTEXT) }; diff --git a/cipher/md4.c b/cipher/md4.c index c9b41542..afa63823 100644 --- a/cipher/md4.c +++ b/cipher/md4.c @@ -286,6 +286,6 @@ gcry_md_spec_t _gcry_digest_spec_md4 = { GCRY_MD_MD4, {0, 0}, "MD4", asn, DIM (asn), oid_spec_md4,16, - md4_init, _gcry_md_block_write, md4_final, md4_read, + md4_init, _gcry_md_block_write, md4_final, md4_read, NULL, sizeof (MD4_CONTEXT) }; diff --git a/cipher/md5.c b/cipher/md5.c index f17af7a9..66cc5f62 100644 --- a/cipher/md5.c +++ b/cipher/md5.c @@ -312,6 +312,6 @@ gcry_md_spec_t _gcry_digest_spec_md5 = { GCRY_MD_MD5, {0, 1}, "MD5", asn, DIM (asn), oid_spec_md5, 16, - md5_init, _gcry_md_block_write, md5_final, md5_read, + md5_init, _gcry_md_block_write, md5_final, md5_read, NULL, sizeof (MD5_CONTEXT) }; diff --git a/cipher/rmd160.c b/cipher/rmd160.c index 2695db29..cf7531e5 100644 --- a/cipher/rmd160.c +++ b/cipher/rmd160.c @@ -526,6 +526,6 @@ gcry_md_spec_t _gcry_digest_spec_rmd160 = { GCRY_MD_RMD160, {0, 0}, "RIPEMD160", asn, DIM (asn), oid_spec_rmd160, 20, - rmd160_init, _gcry_md_block_write, rmd160_final, rmd160_read, + rmd160_init, _gcry_md_block_write, rmd160_final, rmd160_read, NULL, sizeof (RMD160_CONTEXT) }; diff --git a/cipher/sha1.c b/cipher/sha1.c index 554d55ce..0de84121 100644 --- a/cipher/sha1.c +++ b/cipher/sha1.c @@ -573,7 +573,7 @@ gcry_md_spec_t _gcry_digest_spec_sha1 = { GCRY_MD_SHA1, {0, 1}, "SHA1", asn, DIM (asn), oid_spec_sha1, 20, - sha1_init, _gcry_md_block_write, sha1_final, sha1_read, + sha1_init, _gcry_md_block_write, sha1_final, sha1_read, NULL, sizeof (SHA1_CONTEXT), run_selftests }; diff --git a/cipher/sha256.c b/cipher/sha256.c index 63869d54..bc326e0c 100644 --- a/cipher/sha256.c +++ b/cipher/sha256.c @@ -633,7 +633,7 @@ gcry_md_spec_t _gcry_digest_spec_sha224 = { GCRY_MD_SHA224, {0, 1}, "SHA224", asn224, DIM (asn224), oid_spec_sha224, 28, - sha224_init, _gcry_md_block_write, sha256_final, sha256_read, + sha224_init, _gcry_md_block_write, sha256_final, sha256_read, NULL, sizeof (SHA256_CONTEXT), run_selftests }; @@ -642,7 +642,7 @@ gcry_md_spec_t _gcry_digest_spec_sha256 = { GCRY_MD_SHA256, {0, 1}, "SHA256", asn256, DIM (asn256), oid_spec_sha256, 32, - sha256_init, _gcry_md_block_write, sha256_final, sha256_read, + sha256_init, _gcry_md_block_write, sha256_final, sha256_read, NULL, sizeof (SHA256_CONTEXT), run_selftests }; diff --git a/cipher/sha512.c b/cipher/sha512.c index 4be1cab2..1196db93 100644 --- a/cipher/sha512.c +++ b/cipher/sha512.c @@ -877,7 +877,7 @@ gcry_md_spec_t _gcry_digest_spec_sha512 = { GCRY_MD_SHA512, {0, 1}, "SHA512", sha512_asn, DIM (sha512_asn), oid_spec_sha512, 64, - sha512_init, _gcry_md_block_write, sha512_final, sha512_read, + sha512_init, _gcry_md_block_write, sha512_final, sha512_read, NULL, sizeof (SHA512_CONTEXT), run_selftests }; @@ -903,7 +903,7 @@ gcry_md_spec_t _gcry_digest_spec_sha384 = { GCRY_MD_SHA384, {0, 1}, "SHA384", sha384_asn, DIM (sha384_asn), oid_spec_sha384, 48, - sha384_init, _gcry_md_block_write, sha512_final, sha512_read, + sha384_init, _gcry_md_block_write, sha512_final, sha512_read, NULL, sizeof (SHA512_CONTEXT), run_selftests }; diff --git a/cipher/stribog.c b/cipher/stribog.c index de167a7f..7f38e6fd 100644 --- a/cipher/stribog.c +++ b/cipher/stribog.c @@ -1326,6 +1326,7 @@ gcry_md_spec_t _gcry_digest_spec_stribog_256 = GCRY_MD_STRIBOG256, {0, 0}, "STRIBOG256", NULL, 0, NULL, 32, stribog_init_256, _gcry_md_block_write, stribog_final, stribog_read_256, + NULL, sizeof (STRIBOG_CONTEXT) }; @@ -1334,5 +1335,6 @@ gcry_md_spec_t _gcry_digest_spec_stribog_512 = GCRY_MD_STRIBOG512, {0, 0}, "STRIBOG512", NULL, 0, NULL, 64, stribog_init_512, _gcry_md_block_write, stribog_final, stribog_read_512, + NULL, sizeof (STRIBOG_CONTEXT) }; diff --git a/cipher/tiger.c b/cipher/tiger.c index 8a08953e..078133a5 100644 --- a/cipher/tiger.c +++ b/cipher/tiger.c @@ -840,7 +840,7 @@ gcry_md_spec_t _gcry_digest_spec_tiger = { GCRY_MD_TIGER, {0, 0}, "TIGER192", NULL, 0, NULL, 24, - tiger_init, _gcry_md_block_write, tiger_final, tiger_read, + tiger_init, _gcry_md_block_write, tiger_final, tiger_read, NULL, sizeof (TIGER_CONTEXT) }; @@ -863,7 +863,7 @@ gcry_md_spec_t _gcry_digest_spec_tiger1 = { GCRY_MD_TIGER1, {0, 0}, "TIGER", asn1, DIM (asn1), oid_spec_tiger1, 24, - tiger1_init, _gcry_md_block_write, tiger_final, tiger_read, + tiger1_init, _gcry_md_block_write, tiger_final, tiger_read, NULL, sizeof (TIGER_CONTEXT) }; @@ -874,7 +874,7 @@ gcry_md_spec_t _gcry_digest_spec_tiger2 = { GCRY_MD_TIGER2, {0, 0}, "TIGER2", NULL, 0, NULL, 24, - tiger2_init, _gcry_md_block_write, tiger_final, tiger_read, + tiger2_init, _gcry_md_block_write, tiger_final, tiger_read, NULL, sizeof (TIGER_CONTEXT) }; diff --git a/cipher/whirlpool.c b/cipher/whirlpool.c index 5f224a14..8a069392 100644 --- a/cipher/whirlpool.c +++ b/cipher/whirlpool.c @@ -1525,6 +1525,6 @@ gcry_md_spec_t _gcry_digest_spec_whirlpool = { GCRY_MD_WHIRLPOOL, {0, 0}, "WHIRLPOOL", NULL, 0, NULL, 64, - whirlpool_init, whirlpool_write, whirlpool_final, whirlpool_read, + whirlpool_init, whirlpool_write, whirlpool_final, whirlpool_read, NULL, sizeof (whirlpool_context_t) }; |