Properly limit the variable output size for BLAKE2

The upper limit of the output size is the default output size of
the respective algorithm variants.

Reviewed-by: Matt Caswell

Properly limit the variable output size for BLAKE2

The upper limit of the output size is the default output size of
the respective algorithm variants.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/22659)

show more ...

Implement BLAKE2s with the same macro as BLAKE2b

This avoids code duplication and provides variable-size support
for BLAKE2s like 786b9a8

Test data obtained with libb2 with the

Implement BLAKE2s with the same macro as BLAKE2b

This avoids code duplication and provides variable-size support
for BLAKE2s like 786b9a8

Test data obtained with libb2 with the following programs:

==> b2.c <==
#include <blake2.h>
#include <unistd.h>

int main() {
char buf[16] = {};
blake2s(buf, 0, 0, 16, 0, 0);
write(1, buf, 16);
}

==> b3.c <==
#include <blake2.h>
#include <unistd.h>

int main() {
char buf[10] = {};
blake2s(buf, "\x61", 0, 10, 1, 0);
write(1, buf, 10);
}

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22444)

show more ...

Blake2b: Use OSSL_DIGEST_PARAM_SIZE as settable instead of XOFLEN

BLAKE2 is not really an extensible output function unlike SHAKE
as the digest size must be set during the context initia

Blake2b: Use OSSL_DIGEST_PARAM_SIZE as settable instead of XOFLEN

BLAKE2 is not really an extensible output function unlike SHAKE
as the digest size must be set during the context initialization.
Thus it makes no sense to use OSSL_DIGEST_PARAM_XOFLEN.

We also need to adjust EVP_DigestFinal_ex() to query the
OSSL_DIGEST_PARAM_SIZE as gettable ctx param for the size.

Fixes #22488

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22491)

show more ...

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes

providers: add XOF support to blake2b

Signed-off-by: Čestmír Kalina <ckalina@redhat.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>

providers: add XOF support to blake2b

Signed-off-by: Čestmír Kalina <ckalina@redhat.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12256)

show more ...

Update copyright year

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13144)

Add evp_test fixes.

Changed many tests so they also test fips (and removed 'availablein = default' from some tests).
Seperated the monolithic evppkey.txt file into smaller maintainable g

Add evp_test fixes.

Changed many tests so they also test fips (and removed 'availablein = default' from some tests).
Seperated the monolithic evppkey.txt file into smaller maintainable groups.
Changed the availablein option so it must be first - this then skips the entire test before any fetching happens.
Changed the code so that all the OPENSSL_NO_XXXX tests are done in code via methods such as is_cipher_disabled(alg),
before the fetch happens.
Added missing libctx's found by adding a libctx to test_evp.
Broke up large data files for cipher, kdf's and mac's into smaller pieces so they no longer need 'AvailableIn = default'
Added missing algorithm aliases for cipher/digests to the providers.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12236)

show more ...