diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man7/EVP_MAC-CMAC.7')
| -rw-r--r-- | secure/lib/libcrypto/man/man7/EVP_MAC-CMAC.7 | 136 |
1 files changed, 136 insertions, 0 deletions
diff --git a/secure/lib/libcrypto/man/man7/EVP_MAC-CMAC.7 b/secure/lib/libcrypto/man/man7/EVP_MAC-CMAC.7 new file mode 100644 index 000000000000..9b21397475b5 --- /dev/null +++ b/secure/lib/libcrypto/man/man7/EVP_MAC-CMAC.7 @@ -0,0 +1,136 @@ +.\" -*- mode: troff; coding: utf-8 -*- +.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45) +.\" +.\" Standard preamble: +.\" ======================================================================== +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R +.fi +.. +.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>. +.ie n \{\ +. ds C` "" +. ds C' "" +'br\} +.el\{\ +. ds C` +. ds C' +'br\} +.\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" +.\" If the F register is >0, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX +.. +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{\ +. if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 +. \} +. \} +.\} +.rr rF +.\" ======================================================================== +.\" +.IX Title "EVP_MAC-CMAC 7ossl" +.TH EVP_MAC-CMAC 7ossl 2025-09-30 3.5.4 OpenSSL +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh +.SH NAME +EVP_MAC\-CMAC \- The CMAC EVP_MAC implementation +.SH DESCRIPTION +.IX Header "DESCRIPTION" +Support for computing CMAC MACs through the \fBEVP_MAC\fR API. +.PP +This implementation uses EVP_CIPHER functions to get access to the underlying +cipher. +.SS Identity +.IX Subsection "Identity" +This implementation is identified with this name and properties, to be +used with \fBEVP_MAC_fetch()\fR: +.IP """CMAC"", ""provider=default"" or ""provider=fips""" 4 +.IX Item """CMAC"", ""provider=default"" or ""provider=fips""" +.SS "Supported parameters" +.IX Subsection "Supported parameters" +The general description of these parameters can be found in +"PARAMETERS" in \fBEVP_MAC\fR\|(3). +.PP +The following parameter can be set with \fBEVP_MAC_CTX_set_params()\fR: +.IP """key"" (\fBOSSL_MAC_PARAM_KEY\fR) <octet string>" 4 +.IX Item """key"" (OSSL_MAC_PARAM_KEY) <octet string>" +Sets the MAC key. +Setting this parameter is identical to passing a \fIkey\fR to \fBEVP_MAC_init\fR\|(3). +.IP """cipher"" (\fBOSSL_MAC_PARAM_CIPHER\fR) <UTF8 string>" 4 +.IX Item """cipher"" (OSSL_MAC_PARAM_CIPHER) <UTF8 string>" +Sets the name of the underlying cipher to be used. The mode of the cipher +must be CBC. +.IP """properties"" (\fBOSSL_MAC_PARAM_PROPERTIES\fR) <UTF8 string>" 4 +.IX Item """properties"" (OSSL_MAC_PARAM_PROPERTIES) <UTF8 string>" +Sets the properties to be queried when trying to fetch the underlying cipher. +This must be given together with the cipher naming parameter to be considered +valid. +.IP """encrypt-check"" (\fBOSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK\fR) <integer>" 4 +.IX Item """encrypt-check"" (OSSL_CIPHER_PARAM_FIPS_ENCRYPT_CHECK) <integer>" +This option is used by the OpenSSL FIPS provider. +If required this parameter should be set before \fBEVP_MAC_init()\fR +.Sp +The default value of 1 causes an error when a unapproved Triple-DES encryption +operation is triggered. +Setting this to 0 will ignore the error and set the approved +"fips-indicator" to 0. +This option breaks FIPS compliance if it causes the approved "fips-indicator" +to return 0. +.PP +The following parameters can be retrieved with +\&\fBEVP_MAC_CTX_get_params()\fR: +.IP """size"" (\fBOSSL_MAC_PARAM_SIZE\fR) <unsigned integer>" 4 +.IX Item """size"" (OSSL_MAC_PARAM_SIZE) <unsigned integer>" +The "size" parameter can also be retrieved with with \fBEVP_MAC_CTX_get_mac_size()\fR. +The length of the "size" parameter is equal to that of an \fBunsigned int\fR. +.IP """block-size"" (\fBOSSL_MAC_PARAM_BLOCK_SIZE\fR) <unsigned integer>" 4 +.IX Item """block-size"" (OSSL_MAC_PARAM_BLOCK_SIZE) <unsigned integer>" +Gets the MAC block size. The "block-size" parameter can also be retrieved with +\&\fBEVP_MAC_CTX_get_block_size()\fR. +.IP """fips-indicator"" (\fBOSSL_CIPHER_PARAM_FIPS_APPROVED_INDICATOR\fR) <integer>" 4 +.IX Item """fips-indicator"" (OSSL_CIPHER_PARAM_FIPS_APPROVED_INDICATOR) <integer>" +This option is used by the OpenSSL FIPS provider. +.Sp +A getter that returns 1 if the operation is FIPS approved, or 0 otherwise. +This may be used after calling \fBEVP_MAC_final()\fR. +It may return 0 if the "encrypt-check" option is set to 0. +.SH "SEE ALSO" +.IX Header "SEE ALSO" +\&\fBEVP_MAC_CTX_get_params\fR\|(3), \fBEVP_MAC_CTX_set_params\fR\|(3), +"PARAMETERS" in \fBEVP_MAC\fR\|(3), \fBOSSL_PARAM\fR\|(3) +.SH COPYRIGHT +.IX Header "COPYRIGHT" +Copyright 2018\-2024 The OpenSSL Project Authors. All Rights Reserved. +.PP +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +<https://www.openssl.org/source/license.html>. |