siphash: Add the C and D round parameters for SipHash.

This represents a gap in functionality from the low level APIs. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14310)
2025-02-17 14:32:04 +08:00 · 2021-02-25 09:52:26 +10:00 · 2021-02-25 09:52:26 +10:00 · ae7d90a159
commit ae7d90a159
parent 1d73e2adae
5 changed files with 36 additions and 12 deletions
--- a/crypto/siphash/siphash.c
+++ b/crypto/siphash/siphash.c
@ -30,10 +30,6 @@
 #include "crypto/siphash.h"
 #include "siphash_local.h"

-/* default: SipHash-2-4 */
-#define SIPHASH_C_ROUNDS 2
-#define SIPHASH_D_ROUNDS 4
-
 #define ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b))))

 #define U32TO8_LE(p, v)                                                        \
@ -146,7 +142,7 @@ void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen)
    uint64_t m;
    const uint8_t *end;
    int left;
-    int i;
+    unsigned int i;
    uint64_t v0 = ctx->v0;
    uint64_t v1 = ctx->v1;
    uint64_t v2 = ctx->v2;
@ -202,7 +198,7 @@ void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen)
 int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen)
 {
    /* finalize hash */
-    int i;
+    unsigned int i;
    uint64_t b = ctx->total_inlen << 56;
    uint64_t v0 = ctx->v0;
    uint64_t v1 = ctx->v1;
--- a/crypto/siphash/siphash_local.h
+++ b/crypto/siphash/siphash_local.h
@ -16,8 +16,13 @@ struct siphash_st {
    uint64_t v2;
    uint64_t v3;
    unsigned int len;
-    int hash_size;
-    int crounds;
-    int drounds;
+    unsigned int hash_size;
+    unsigned int crounds;
+    unsigned int drounds;
    unsigned char leavings[SIPHASH_BLOCK_SIZE];
 };
+
+/* default: SipHash-2-4 */
+#define SIPHASH_C_ROUNDS 2
+#define SIPHASH_D_ROUNDS 4
+
--- a/doc/man7/EVP_MAC-Siphash.pod
+++ b/doc/man7/EVP_MAC-Siphash.pod
@ -36,6 +36,14 @@ The length of the "size" parameter should not exceed that of a B<size_t>.

 =item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>

+=item "c-rounds" (B<OSSL_MAC_PARAM_C_ROUNDS>) <unsigned integer>
+
+Specifies the number of rounds per message block.  By default this is I<2>.
+
+=item "d-rounds" (B<OSSL_MAC_PARAM_D_ROUNDS>) <unsigned integer>
+
+Specifies the number of finalisation rounds.  By default this is I<4>.
+
 =back

 =head1 SEE ALSO
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@ -158,6 +158,8 @@ extern "C" {
 #define OSSL_MAC_PARAM_XOF            "xof"            /* int, 0 or 1 */
 #define OSSL_MAC_PARAM_DIGEST_NOINIT  "digest-noinit"  /* int, 0 or 1 */
 #define OSSL_MAC_PARAM_DIGEST_ONESHOT "digest-oneshot" /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_C_ROUNDS       "c-rounds"       /* unsigned int */
+#define OSSL_MAC_PARAM_D_ROUNDS       "d-rounds"       /* unsigned int */

 /*
 * If "engine" or "properties" are specified, they should always be paired
--- a/providers/implementations/macs/siphash_prov.c
+++ b/providers/implementations/macs/siphash_prov.c
@ -88,7 +88,6 @@ static size_t siphash_size(void *vmacctx)

 static int siphash_init(void *vmacctx)
 {
-    /* Not much to do here, actual initialization happens through controls */
    return ossl_prov_is_running();
 }

@ -140,6 +139,8 @@ static int siphash_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
 static const OSSL_PARAM known_settable_ctx_params[] = {
    OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
    OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
+    OSSL_PARAM_uint(OSSL_MAC_PARAM_C_ROUNDS, NULL),
+    OSSL_PARAM_uint(OSSL_MAC_PARAM_D_ROUNDS, NULL),
    OSSL_PARAM_END
 };

@ -153,10 +154,10 @@ static int siphash_set_params(void *vmacctx, const OSSL_PARAM *params)
 {
    struct siphash_data_st *ctx = vmacctx;
    const OSSL_PARAM *p = NULL;
+    unsigned int u;
+    size_t size;

    if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
-        size_t size;
-
        if (!OSSL_PARAM_get_size_t(p, &size)
            || !SipHash_set_hash_size(&ctx->siphash, size))
            return 0;
@ -166,6 +167,18 @@ static int siphash_set_params(void *vmacctx, const OSSL_PARAM *params)
            || p->data_size != SIPHASH_KEY_SIZE
            || !SipHash_Init(&ctx->siphash, p->data, 0, 0))
            return 0;
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_C_ROUNDS)) != NULL) {
+        if (!OSSL_PARAM_get_uint(p, &ctx->siphash.crounds))
+            return 0;
+        if (ctx->siphash.crounds == 0)
+            ctx->siphash.crounds = SIPHASH_C_ROUNDS;
+    }
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_D_ROUNDS)) != NULL) {
+        if (!OSSL_PARAM_get_uint(p, &ctx->siphash.drounds))
+            return 0;
+        if (ctx->siphash.drounds == 0)
+            ctx->siphash.drounds = SIPHASH_D_ROUNDS;
+    }
    return 1;
 }