mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-07 09:00:28 +00:00
cryptocheck: Correct mismatch between OpenSSL use and OCF Blake2
This corrects a mistake introduced to the cryptocheck tool in r331418. Our CRYPTO_BLAKE2B and CRYPTO_BLAKE2S algorithms refer to either the plain, unkeyed hashes (specified with cri_klen = 0), or a Blake2-specific keyed MAC (when a cri_key is provided). In contrast, OpenSSL's Blake2 algorithms only provide the plain hash. Cryptocheck's T_HMAC corresponds to OpenSSL's HMAC() routine, which is the ordinary HMAC construction applied to any plain, unkeyed hash. We don't have any HMAC-Blake2 cipher modes in OCF, so fix the test to only test Blake2 as a plain hash. (Ideally we would test keyed Blake2 as well, but that is left as future work.) PR: 229795
This commit is contained in:
parent
07b9533326
commit
e236f904b2
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=336527
|
@ -155,9 +155,9 @@ struct alg {
|
|||
.evp_md = EVP_sha384 },
|
||||
{ .name = "sha512hmac", .mac = CRYPTO_SHA2_512_HMAC, .type = T_HMAC,
|
||||
.evp_md = EVP_sha512 },
|
||||
{ .name = "blake2b", .mac = CRYPTO_BLAKE2B, .type = T_HMAC,
|
||||
{ .name = "blake2b", .mac = CRYPTO_BLAKE2B, .type = T_HASH,
|
||||
.evp_md = EVP_blake2b512 },
|
||||
{ .name = "blake2s", .mac = CRYPTO_BLAKE2S, .type = T_HMAC,
|
||||
{ .name = "blake2s", .mac = CRYPTO_BLAKE2S, .type = T_HASH,
|
||||
.evp_md = EVP_blake2s256 },
|
||||
{ .name = "aes-cbc", .cipher = CRYPTO_AES_CBC, .type = T_BLKCIPHER,
|
||||
.evp_cipher = EVP_aes_128_cbc },
|
||||
|
|
Loading…
Reference in a new issue