openssl

mirror/openssl

Fork 0

mirror of https://github.com/openssl/openssl.git synced 2025-01-30 14:01:55 +08:00

Commit Graph

Author	SHA1	Message	Date
slontis	b7cf9dd239	SHAKE documentation updates for default output length. Fixes #18586 In order to not break existing applications the OpenSSL documentation related to SHAKE has been updated. Background: All digests algorithms (including XOF's) use the bitlen as the default output length. This results in a security strength of bitlen / 2. This means that SHAKE128 will by default have an output length of 16 bytes and a security strength of 64 bits. For SHAKE256 the default output length is 32 bytes and has a security strength of 128 bits. This behaviour was present in 1.1.1 and has been duplicated in the provider SHAKE algorithms for 3.0. The SHAKE XOF algorithms have a security strength of min(bitlen, output xof length in bits / 2). Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18622)	2022-08-17 16:17:42 +02:00
Richard Levitte	1e55cbc874	DOCS: Move implementation specific docs away from provider-digest(7) The provider- manuals are meant to describe the general interface for their respective operation. This is not the place to describe implementation specific details. This change creates a number of doc/man7/EVP_MD manuals, one for each algorithm or set of algorithms, as well as doc/man7/EVP_MD-common.pod to describe what's common to them all. While we're at it, correct the SHA3 settable context params array to match what's actually settable. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11270)	2020-03-10 13:32:06 +01:00

Author

SHA1

Message

Date

slontis

b7cf9dd239

SHAKE documentation updates for default output length.

Fixes #18586

In order to not break existing applications the OpenSSL documentation
related to SHAKE has been updated.

Background:

All digests algorithms (including XOF's) use the bitlen as the default output length.
This results in a security strength of bitlen / 2.

This means that SHAKE128 will by default have an output length of 16
bytes and a security strength of 64 bits.

For SHAKE256 the default output length is 32 bytes and has a security
strength of 128 bits.

This behaviour was present in 1.1.1 and has been duplicated in the
provider SHAKE algorithms for 3.0.

The SHAKE XOF algorithms have a security strength of
min(bitlen, output xof length in bits / 2).

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18622)

2022-08-17 16:17:42 +02:00

Richard Levitte

1e55cbc874

DOCS: Move implementation specific docs away from provider-digest(7)

The provider- manuals are meant to describe the general interface for
their respective operation.  This is not the place to describe
implementation specific details.

This change creates a number of doc/man7/EVP_MD manuals, one for each
algorithm or set of algorithms, as well as doc/man7/EVP_MD-common.pod
to describe what's common to them all.

While we're at it, correct the SHA3 settable context params array to
match what's actually settable.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11270)

2020-03-10 13:32:06 +01:00

2 Commits