Implement EVP_MAC_init_SKEY

Signed-off-by: Dmitry Belyavskiy <beldmit@gmail.com>
Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26753)

crypto/evp/mac_lib.c

@@ -115,9 +115,24 @@ size_t EVP_MAC_CTX_get_block_size(EVP_MAC_CTX *ctx)
 int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
                  const OSSL_PARAM params[])
 {
+    if (ctx->meth->init == NULL) {
+        ERR_raise(ERR_R_EVP_LIB, ERR_R_UNSUPPORTED);
+        return 0;
+    }
     return ctx->meth->init(ctx->algctx, key, keylen, params);
 }
 
+int EVP_MAC_init_SKEY(EVP_MAC_CTX *ctx, EVP_SKEY *skey, const OSSL_PARAM params[])
+{
+    if (ctx->meth->init_skey == NULL
+        || skey->skeymgmt->prov != ctx->meth->prov
+        || ctx->meth->init_skey == NULL) {
+        ERR_raise(ERR_R_EVP_LIB, ERR_R_UNSUPPORTED);
+        return 0;
+    }
+    return ctx->meth->init_skey(ctx->algctx, skey->keydata, params);
+}
+
 int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
 {
     return ctx->meth->update(ctx->algctx, data, datalen);

crypto/evp/mac_meth.c

@@ -60,7 +60,7 @@ static void *evp_mac_from_algorithm(int name_id,
 {
     const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_MAC *mac = NULL;
-    int fnmaccnt = 0, fnctxcnt = 0;
+    int fnmaccnt = 0, fnctxcnt = 0, mac_init_found = 0;
 
     if ((mac = evp_mac_new()) == NULL) {
         ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
@@ -96,7 +96,7 @@ static void *evp_mac_from_algorithm(int name_id,
             if (mac->init != NULL)
                 break;
             mac->init = OSSL_FUNC_mac_init(fns);
-            fnmaccnt++;
+            mac_init_found = 1;
             break;
         case OSSL_FUNC_MAC_UPDATE:
             if (mac->update != NULL)
@@ -143,8 +143,15 @@ static void *evp_mac_from_algorithm(int name_id,
                 break;
             mac->set_ctx_params = OSSL_FUNC_mac_set_ctx_params(fns);
             break;
+        case OSSL_FUNC_MAC_INIT_SKEY:
+            if (mac->init_skey != NULL)
+                break;
+            mac->init_skey = OSSL_FUNC_mac_init_skey(fns);
+            mac_init_found = 1;
+            break;
         }
     }
+    fnmaccnt += mac_init_found;
     if (fnmaccnt != 3
         || fnctxcnt != 2) {
         /*

doc/man3/EVP_MAC.pod

@@ -8,7 +8,7 @@ EVP_MAC_get0_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
 EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
 EVP_MAC_CTX_get0_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
 EVP_MAC_CTX_get_mac_size, EVP_MAC_CTX_get_block_size, EVP_Q_mac,
-EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, EVP_MAC_finalXOF,
+EVP_MAC_init, EVP_MAC_init_SKEY, EVP_MAC_update, EVP_MAC_final, EVP_MAC_finalXOF,
 EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
 EVP_MAC_CTX_gettable_params, EVP_MAC_CTX_settable_params,
 EVP_MAC_do_all_provided - EVP MAC routines
@@ -49,6 +49,7 @@ EVP_MAC_do_all_provided - EVP MAC routines
                           unsigned char *out, size_t outsize, size_t *outlen);
  int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
                   const OSSL_PARAM params[]);
+ int EVP_MAC_init_SKEY(EVP_MAC_CTX *ctx, EVP_SKEY *skey, const OSSL_PARAM params[]);
  int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
  int EVP_MAC_final(EVP_MAC_CTX *ctx,
                    unsigned char *out, size_t *outl, size_t outsize);
@@ -151,6 +152,9 @@ has been called on the same object).  See the NOTES section below.
 
 EVP_MAC_init() should be called before EVP_MAC_update() and EVP_MAC_final().
 
+EVP_MAC_init_SKEY() is similar to EVP_MAC_init() but it accepts an opaque
+B<EVP_SKEY> object as a key.
+
 EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input.
 
 EVP_MAC_final() does the final computation and stores the result in
@@ -384,8 +388,8 @@ success, 0 on error.
 
 EVP_Q_mac() returns a pointer to the computed MAC value, or NULL on error.
 
-EVP_MAC_init(), EVP_MAC_update(), EVP_MAC_final(), and EVP_MAC_finalXOF()
-return 1 on success, 0 on error.
+EVP_MAC_init(), EVP_MAC_init_SKEY(), EVP_MAC_update(), EVP_MAC_final(), and
+EVP_MAC_finalXOF() return 1 on success, 0 on error.
 
 EVP_MAC_CTX_get_mac_size() returns the expected output size, or 0 if it isn't
 set.  If it isn't set, a call to EVP_MAC_init() will set it.
@@ -491,6 +495,8 @@ L<life_cycle-mac(7)>
 
 These functions were added in OpenSSL 3.0.
 
+The EVP_MAC_init_SKEY() function was added in OpenSSL 3.5.
+
 =head1 COPYRIGHT
 
 Copyright 2018-2024 The OpenSSL Project Authors. All Rights Reserved.

doc/man7/provider-mac.pod

@@ -25,6 +25,7 @@ provider-mac - The mac library E<lt>-E<gt> provider functions
  /* Encryption/decryption */
  int OSSL_FUNC_mac_init(void *mctx, unsigned char *key, size_t keylen,
                         const OSSL_PARAM params[]);
+ int OSSL_FUNC_mac_init_skey(void *mctx, const void *key, const OSSL_PARAM params[]);
  int OSSL_FUNC_mac_update(void *mctx, const unsigned char *in, size_t inl);
  int OSSL_FUNC_mac_final(void *mctx, unsigned char *out, size_t *outl, size_t outsize);
 
@@ -71,6 +72,7 @@ macros in L<openssl-core_dispatch.h(7)>, as follows:
  OSSL_FUNC_mac_dupctx               OSSL_FUNC_MAC_DUPCTX
 
  OSSL_FUNC_mac_init                 OSSL_FUNC_MAC_INIT
+ OSSL_FUNC_mac_init_skey            OSSL_FUNC_MAC_INIT_SKEY
  OSSL_FUNC_mac_update               OSSL_FUNC_MAC_UPDATE
  OSSL_FUNC_mac_final                OSSL_FUNC_MAC_FINAL
 
@@ -84,7 +86,8 @@ macros in L<openssl-core_dispatch.h(7)>, as follows:
 
 A mac algorithm implementation may not implement all of these functions.
 In order to be a consistent set of functions, at least the following functions
-must be implemented: OSSL_FUNC_mac_newctx(), OSSL_FUNC_mac_freectx(), OSSL_FUNC_mac_init(),
+must be implemented: OSSL_FUNC_mac_newctx(), OSSL_FUNC_mac_freectx(),
+at least one of OSSL_FUNC_mac_init() or OSSL_FUNC_mac_init_skey(),
 OSSL_FUNC_mac_update(), OSSL_FUNC_mac_final().
 All other functions are optional.
 
@@ -112,6 +115,9 @@ OSSL_FUNC_mac_init() initialises a mac operation given a newly created provider
 side mac context in the I<mctx> parameter.  The I<params> are set before setting
 the MAC I<key> of I<keylen> bytes.
 
+OSSL_FUNC_mac_init_skey() is similar but uses an opaque provider-specific object
+to initialize the MAC context.
+
 OSSL_FUNC_mac_update() is called to supply data for MAC computation of a previously
 initialised mac operation.
 The I<mctx> parameter contains a pointer to a previously initialised provider
@@ -234,7 +240,8 @@ the EVP layer will begin enforcing the listed transitions.
 OSSL_FUNC_mac_newctx() and OSSL_FUNC_mac_dupctx() should return the newly created
 provider side mac context, or NULL on failure.
 
-OSSL_FUNC_mac_init(), OSSL_FUNC_mac_update(), OSSL_FUNC_mac_final(), OSSL_FUNC_mac_get_params(),
+OSSL_FUNC_mac_init(), OSSL_FUNC_mac_init_skey(),
+OSSL_FUNC_mac_update(), OSSL_FUNC_mac_final(), OSSL_FUNC_mac_get_params(),
 OSSL_FUNC_mac_get_ctx_params() and OSSL_FUNC_mac_set_ctx_params() should return 1 for
 success or 0 on error.
 
@@ -255,6 +262,8 @@ L<life_cycle-mac(7)>, L<EVP_MAC(3)>
 The provider MAC interface was introduced in OpenSSL 3.0.
 The parameters "no-short-mac" and "fips-indicator" were added in OpenSSL 3.4.
 
+The function OSSL_FUNC_mac_init_skey() was introduced in OpenSSL 3.5.
+
 =head1 COPYRIGHT
 
 Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.

include/crypto/evp.h

@@ -226,6 +226,7 @@ struct evp_mac_st {
     OSSL_FUNC_mac_get_params_fn *get_params;
     OSSL_FUNC_mac_get_ctx_params_fn *get_ctx_params;
     OSSL_FUNC_mac_set_ctx_params_fn *set_ctx_params;
+    OSSL_FUNC_mac_init_skey_fn *init_skey;
 };
 
 struct evp_kdf_st {

include/openssl/core_dispatch.h

@@ -475,6 +475,7 @@ OSSL_CORE_MAKE_FUNC(int, cipher_decrypt_skey_init, (void *cctx,
 # define OSSL_FUNC_MAC_GETTABLE_PARAMS              10
 # define OSSL_FUNC_MAC_GETTABLE_CTX_PARAMS          11
 # define OSSL_FUNC_MAC_SETTABLE_CTX_PARAMS          12
+# define OSSL_FUNC_MAC_INIT_SKEY                    13
 
 OSSL_CORE_MAKE_FUNC(void *, mac_newctx, (void *provctx))
 OSSL_CORE_MAKE_FUNC(void *, mac_dupctx, (void *src))
@@ -496,6 +497,7 @@ OSSL_CORE_MAKE_FUNC(int, mac_get_ctx_params,
                     (void *mctx, OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(int, mac_set_ctx_params,
                     (void *mctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, mac_init_skey, (void *mctx, void *key, const OSSL_PARAM params[]))
 
 /* KDFs and PRFs */
 

include/openssl/evp.h

@@ -1264,6 +1264,7 @@ unsigned char *EVP_Q_mac(OSSL_LIB_CTX *libctx, const char *name, const char *pro
                          unsigned char *out, size_t outsize, size_t *outlen);
 int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
                  const OSSL_PARAM params[]);
+int EVP_MAC_init_SKEY(EVP_MAC_CTX *ctx, EVP_SKEY *skey, const OSSL_PARAM params[]);
 int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
 int EVP_MAC_final(EVP_MAC_CTX *ctx,
                   unsigned char *out, size_t *outl, size_t outsize);

util/libcrypto.num

@@ -5907,6 +5907,12 @@ EVP_SKEYMGMT_get0_description           ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEYMGMT_is_a                       ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEYMGMT_do_all_provided            ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEYMGMT_names_do_all               ?	3_5_0	EXIST::FUNCTION:
+EVP_MAC_init_SKEY                       ?	3_5_0	EXIST::FUNCTION:
+EVP_SKEY_get0_key_id                    ?	3_5_0	EXIST::FUNCTION:
+EVP_SKEY_get0_skeymgmt_name             ?	3_5_0	EXIST::FUNCTION:
+EVP_SKEY_get0_provider_name             ?	3_5_0	EXIST::FUNCTION:
+EVP_SKEYMGMT_get0_gen_settable_params   ?	3_5_0	EXIST::FUNCTION:
+EVP_SKEYMGMT_get0_imp_settable_params   ?	3_5_0	EXIST::FUNCTION:
 OSSL_PROVIDER_add_conf_parameter        ?	3_5_0	EXIST::FUNCTION:
 OSSL_PROVIDER_get_conf_parameters       ?	3_5_0	EXIST::FUNCTION:
 OSSL_PROVIDER_conf_get_bool             ?	3_5_0	EXIST::FUNCTION: