Lines Matching +full:mac +full:- +full:s
1 .\" -*- mode: troff; coding: utf-8 -*-
29 .\" Escape single quotes in literal strings from groff's Unicode transform.
58 .TH EVP_MAC 3ossl 2025-09-30 3.5.4 OpenSSL
73 EVP_MAC_do_all_provided \- EVP MAC routines
84 \& int EVP_MAC_up_ref(EVP_MAC *mac);
85 \& void EVP_MAC_free(EVP_MAC *mac);
86 \& int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
87 \& const char *EVP_MAC_get0_name(const EVP_MAC *mac);
88 \& int EVP_MAC_names_do_all(const EVP_MAC *mac,
91 \& const char *EVP_MAC_get0_description(const EVP_MAC *mac);
92 \& const OSSL_PROVIDER *EVP_MAC_get0_provider(const EVP_MAC *mac);
93 \& int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
95 \& EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac);
117 \& const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
118 \& const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
119 \& const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac);
124 \& void (*fn)(EVP_MAC *mac, void *arg),
136 the MAC algorithm itself and one for the underlying computation
140 "MAC context", which is to denote the MAC level context, and about a
145 \&\fBEVP_MAC\fR is a type that holds the implementation of a MAC.
147 \&\fBEVP_MAC_CTX\fR is a context type that holds internal MAC information
152 \&\fBEVP_MAC_fetch()\fR fetches an implementation of a MAC \fIalgorithm\fR, given
156 See "Message Authentication Code (MAC)" in \fBOSSL_PROVIDER\-default\fR\|(7) for the list
166 NULL is a valid parameter, for which this function is a no-op.
169 \&\fBEVP_MAC_CTX_new()\fR creates a new context for the MAC type \fImac\fR.
175 NULL is a valid parameter, for which this function is a no-op.
186 using the MAC algorithm \fIname\fR and the key \fIkey\fR with length \fIkeylen\fR.
187 The MAC algorithm is fetched using any given \fIlibctx\fR and property query
198 via the \fIkey\fR and \fIparams\fR arguments. The MAC \fIkey\fR has a length of
202 Providing non-NULL \fIparams\fR to this function is equivalent to calling
204 Note: There are additional requirements for some MAC algorithms during
205 re-initalization (i.e. calling \fBEVP_MAC_init()\fR on an EVP_MAC after \fBEVP_MAC_final()\fR
213 \&\fBEVP_MAC_update()\fR adds \fIdatalen\fR bytes from \fIdata\fR to the MAC input.
225 \&\fBEVP_MAC_finalXOF()\fR does the final computation for an XOF based MAC and stores
261 the parameters that can be retrieved in the context's current state.
268 be retrieved in the context's current state.
271 \&\fBEVP_MAC_CTX_get_mac_size()\fR returns the MAC output size for the given context.
273 \&\fBEVP_MAC_CTX_get_block_size()\fR returns the MAC block size for the given context.
274 Not all MAC algorithms support this.
276 \&\fBEVP_MAC_is_a()\fR checks if the given \fImac\fR is an implementation of an
277 algorithm that's identifiable with \fIname\fR.
280 of the given \fImac\fR.
282 \&\fBEVP_MAC_do_all_provided()\fR traverses all MAC implemented by all activated
287 \&\fBEVP_MAC_get0_name()\fR return the name of the given MAC. For fetched MACs
288 with multiple names, only one of them is returned; it's
291 \&\fBEVP_MAC_names_do_all()\fR traverses all names for \fImac\fR, and calls
294 \&\fBEVP_MAC_get0_description()\fR returns a description of the \fImac\fR, meant
296 of the mac implementation.
302 its own MAC implementations.
309 Its value is the MAC key as an array of bytes.
315 Some MAC implementations (GMAC) require an IV, this parameter sets the IV.
318 Some MAC implementations (KMAC, BLAKE2) accept a Customization String,
323 This option is used by BLAKE2 MAC.
326 It's a simple flag, the value 0 or 1 are expected.
329 .IP """digest-noinit"" (\fBOSSL_MAC_PARAM_DIGEST_NOINIT\fR) <integer>" 4
330 .IX Item """digest-noinit"" (OSSL_MAC_PARAM_DIGEST_NOINIT) <integer>"
331 A simple flag to set the MAC digest to not initialise the
336 .IP """digest-oneshot"" (\fBOSSL_MAC_PARAM_DIGEST_ONESHOT\fR) <integer>" 4
337 .IX Item """digest-oneshot"" (OSSL_MAC_PARAM_DIGEST_ONESHOT) <integer>"
338 A simple flag to set the MAC digest to be a oneshot operation.
351 For MAC implementations that use an underlying computation cipher or
362 For MAC implementations that support it, set the output size that
364 The allowed sizes vary between MAC implementations, but must never exceed
366 .IP """tls-data-size"" (\fBOSSL_MAC_PARAM_TLS_DATA_SIZE\fR) <unsigned integer>" 4
367 .IX Item """tls-data-size"" (OSSL_MAC_PARAM_TLS_DATA_SIZE) <unsigned integer>"
369 activated for calculating the MAC of a received mac-then-encrypt TLS record
372 having the MAC calculated including the received MAC and the record padding.
376 including the MAC itself and any padding. The entire record length must equal
377 the value passed in the "tls-data-size" parameter. The length passed in the
379 record after the MAC and any padding has been removed.
387 The MAC life-cycle is described in \fBlife_cycle\-mac\fR\|(7). In the future,
394 Some MAC algorithms store internal state that cannot be extracted during
395 re-initalization. For example GMAC cannot extract an \fBIV\fR from the
415 \&\fBEVP_MAC_get0_name()\fR returns a name of the MAC, or NULL on error.
417 \&\fBEVP_MAC_get0_provider()\fR returns a pointer to the provider for the MAC, or
428 \&\fBEVP_Q_mac()\fR returns a pointer to the computed MAC value, or NULL on error.
454 \& EVP_MAC *mac = EVP_MAC_fetch(NULL, getenv("MY_MAC"), NULL);
477 \& if (mac == NULL
479 \& || (ctx = EVP_MAC_CTX_new(mac)) == NULL
498 \& EVP_MAC_free(mac);
503 \& EVP_MAC_free(mac);
514 \& $ MY_MAC=cmac MY_KEY=secret0123456789 MY_MAC_CIPHER=aes\-128\-cbc \e
525 \&\fBEVP_MAC\-BLAKE2\fR\|(7),
526 \&\fBEVP_MAC\-CMAC\fR\|(7),
527 \&\fBEVP_MAC\-GMAC\fR\|(7),
528 \&\fBEVP_MAC\-HMAC\fR\|(7),
529 \&\fBEVP_MAC\-KMAC\fR\|(7),
530 \&\fBEVP_MAC\-Siphash\fR\|(7),
531 \&\fBEVP_MAC\-Poly1305\fR\|(7),
532 \&\fBprovider\-mac\fR\|(7),
533 \&\fBlife_cycle\-mac\fR\|(7)
541 Copyright 2018\-2025 The OpenSSL Project Authors. All Rights Reserved.