mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-06 13:26:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
26e4bac4db
openssl/doc/man7/life_cycle-digest.pod
slontis 5366490822 Add EVP_DigestSqueeze() API. 
Fixes #7894

This allows SHAKE to squeeze multiple times with different output sizes.

The existing EVP_DigestFinalXOF() API has been left as a one shot
operation. A similar interface is used by another toolkit.

The low level SHA3_Squeeze() function needed to change slightly so
that it can handle multiple squeezes. This involves changing the
assembler code so that it passes a boolean to indicate whether
the Keccak function should be called on entry.
At the provider level, the squeeze is buffered, so that it only requests
a multiple of the blocksize when SHA3_Squeeze() is called. On the first
call the value is zero, on subsequent calls the value passed is 1.

This PR is derived from the excellent work done by @nmathewson in
https://github.com/openssl/openssl/pull/7921

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21511)
2023-11-10 13:27:00 +01:00

278 lines
15 KiB
Plaintext
Raw Blame History

=pod
=head1 NAME
life_cycle-digest - The digest algorithm life-cycle
=head1 DESCRIPTION
All message digests (MDs) go through a number of stages in their life-cycle:
=over 4
=item start
This state represents the MD before it has been allocated. It is the
starting state for any life-cycle transitions.
=item newed
This state represents the MD after it has been allocated.
=item initialised
This state represents the MD when it is set up and capable of processing
input.
=item updated
This state represents the MD when it is set up and capable of processing
additional input or generating output.
=item finaled
This state represents the MD when it has generated output.
For an XOF digest, this state represents the MD when it has generated a
single-shot output.
=item squeezed
For an XOF digest, this state represents the MD when it has generated output.
It can be called multiple times to generate more output. The output length is
variable for each call.
=item freed
This state is entered when the MD is freed. It is the terminal state
for all life-cycle transitions.
=back
=head2 State Transition Diagram
The usual life-cycle of a MD is illustrated:
=begin man
+--------------------+
| start |
+--------------------+
| EVP_MD_CTX_reset
| EVP_MD_CTX_new +-------------------------------------------------+
v v |
EVP_MD_CTX_reset + - - - - - - - - - - - - - - - - - - - - - - + EVP_MD_CTX_reset |
+-------------------> ' newed ' <--------------------+ |
| + - - - - - - - - - - - - - - - - - - - - - - + | |
| | | |
| | EVP_DigestInit | |
| v | |
| EVP_DigestInit + - - - - - - - - - - - - - - - - - - - - - - + | |
+----+-------------------> ' initialised ' <+ EVP_DigestInit | |
| | + - - - - - - - - - - - - - - - - - - - - - - + | | |
| | | ^ | | |
| | | EVP_DigestUpdate | EVP_DigestInit | | |
| | v | | | |
| | +---------------------------------------------+ | | |
| +-------------------- | | | | |
| | | | | |
| EVP_DigestUpdate | | | | |
| +-------------------- | | | | |
| | | updated | | | |
| +-------------------> | | | | |
| | | | | |
| | | | | |
+----+------------------------- | | -+-------------------+----+ |
| | +---------------------------------------------+ | | | |
| | | | | | |
| | | EVP_DigestSqueeze +-------------------+ | | |
| | v | | | |
| | EVP_DigestSqueeze +---------------------------------------------+ | | |
| | +-------------------- | | | | |
| | | | squeezed | | | |
| | +-------------------> | | ---------------------+ | |
| | +---------------------------------------------+ | |
| | | | |
| | +---------------------------------------+ | |
| | | | |
| | +---------------------------------------------+ EVP_DigestFinalXOF | | |
| +------------------------- | finaled | <--------------------+----+ |
| +---------------------------------------------+ | |
| EVP_DigestFinal ^ | | | |
+---------------------------------+ | | EVP_MD_CTX_free | |
| v | |
| +------------------+ EVP_MD_CTX_free | |
| | freed | <--------------------+ |
| +------------------+ |
| |
+------------------------------------------------------+
=end man
=for html <img src="img/digest.png">
=head2 Formal State Transitions
This section defines all of the legal state transitions.
This is the canonical list.
=begin man
Function Call --------------------- Current State -----------------------------------
start newed initialised updated finaled squeezed freed
EVP_MD_CTX_new newed
EVP_DigestInit initialised initialised initialised initialised initialised
EVP_DigestUpdate updated updated
EVP_DigestFinal finaled
EVP_DigestFinalXOF finaled
EVP_DigestSqueeze squeezed squeezed
EVP_MD_CTX_free freed freed freed freed freed
EVP_MD_CTX_reset newed newed newed newed
EVP_MD_CTX_get_params newed initialised updated
EVP_MD_CTX_set_params newed initialised updated
EVP_MD_CTX_gettable_params newed initialised updated
EVP_MD_CTX_settable_params newed initialised updated
EVP_MD_CTX_copy_ex newed initialised updated squeezed
=end man
=begin html
<table style="border:1px solid; border-collapse:collapse">
<tr><th style="border:1px solid" align="left">Function Call</th>
<th style="border:1px solid" colspan="6">Current State</th></tr>
<tr><th style="border:1px solid"></th>
<th style="border:1px solid" align="center">start</th>
<th style="border:1px solid" align="center">newed</th>
<th style="border:1px solid" align="center">initialised</th>
<th style="border:1px solid" align="center">updated</th>
<th style="border:1px solid" align="center">finaled</th>
<th style="border:1px solid" align="center">squeezed</th>
<th style="border:1px solid" align="center">freed</th></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_new</th>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_DigestInit</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_DigestUpdate</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_DigestFinal</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">finaled</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_DigestSqueeze</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">squeezed</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">squeezed</td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_DigestFinalXOF</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">finaled</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_free</th>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center">freed</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_reset</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_get_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_set_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_gettable_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_settable_params</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center"></td></tr>
<tr><th style="border:1px solid" align="left">EVP_MD_CTX_copy_ex</th>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">newed</td>
<td style="border:1px solid" align="center">initialised</td>
<td style="border:1px solid" align="center">updated</td>
<td style="border:1px solid" align="center"></td>
<td style="border:1px solid" align="center">squeezed</td>
<td style="border:1px solid" align="center"></td></tr>
</table>
=end html
=head1 NOTES
At some point the EVP layer will begin enforcing the transitions described
herein.
=head1 SEE ALSO
L<provider-digest(7)>, L<EVP_DigestInit(3)>
=head1 COPYRIGHT
Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in New Issue View Git Blame Copy Permalink