new manual page CMAC_Init(3);

OK tb@
author: schwarze <> 2020-06-24 16:06:27 +0000
committer: schwarze <> 2020-06-24 16:06:27 +0000
commit: 0957e35e584e81a70ad31e3756c631131ed5bba9 (patch)
tree: f63d9d8a23d818ff1055d16836d58ad95cce4489
parent: 971de0313dae5e09ce7bb6d784903540cad611cf (diff)
download: openbsd-0957e35e584e81a70ad31e3756c631131ed5bba9.tar.gz
openbsd-0957e35e584e81a70ad31e3756c631131ed5bba9.tar.bz2
openbsd-0957e35e584e81a70ad31e3756c631131ed5bba9.zip
5 files changed, 298 insertions, 7 deletions
diff --git a/src/lib/libcrypto/man/CMAC_Init.3 b/src/lib/libcrypto/man/CMAC_Init.3
new file mode 100644
index 0000000000..55196b3213
--- /dev/null
+++ b/src/lib/libcrypto/man/CMAC_Init.3
@@ -0,0 +1,287 @@
+.\" $OpenBSD: CMAC_Init.3,v 1.1 2020/06/24 16:06:27 schwarze Exp $
+.\"
+.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: June 24 2020 $
+.Dt CMAC_INIT 3
+.Os
+.Sh NAME
+.Nm CMAC_CTX_new ,
+.Nm CMAC_Init ,
+.Nm CMAC_Update ,
+.Nm CMAC_Final ,
+.Nm CMAC_resume ,
+.Nm CMAC_CTX_copy ,
+.Nm CMAC_CTX_get0_cipher_ctx ,
+.Nm CMAC_CTX_cleanup ,
+.Nm CMAC_CTX_free
+.Nd Cipher-based message authentication code
+.Sh SYNOPSIS
+.In openssl/cmac.h
+.Ft CMAC_CTX *
+.Fn CMAC_CTX_new void
+.Ft int
+.Fo CMAC_Init
+.Fa "CMAC_CTX *ctx"
+.Fa "const void *key"
+.Fa "size_t key_len"
+.Fa "const EVP_CIPHER *cipher"
+.Fa "ENGINE *impl"
+.Fc
+.Ft int
+.Fo CMAC_Update
+.Fa "CMAC_CTX *ctx"
+.Fa "const void *in_data"
+.Fa "size_t in_len"
+.Fc
+.Ft int
+.Fo CMAC_Final
+.Fa "CMAC_CTX *ctx"
+.Fa "unsigned char *out_mac"
+.Fa "size_t *out_len"
+.Fc
+.Ft int
+.Fn CMAC_resume "CMAC_CTX *ctx"
+.Ft int
+.Fo CMAC_CTX_copy
+.Fa "CMAC_CTX *out_ctx"
+.Fa "CMAC_CTX *in_ctx"
+.Fc
+.Ft EVP_CIPHER_CTX *
+.Fn CMAC_CTX_get0_cipher_ctx "CMAC_CTX *ctx"
+.Ft void
+.Fn CMAC_CTX_cleanup "CMAC_CTX *ctx"
+.Ft void
+.Fn CMAC_CTX_free "CMAC_CTX *ctx"
+.Sh DESCRIPTION
+CMAC is a message authentication code algorithm that can employ an
+arbitrary block cipher using a symmetric key.
+.Pp
+The present manual page describes low-level functions implementing CMAC.
+Instead of using these functions directly,
+application programs normally call
+.Xr EVP_PKEY_CTX_new_id 3
+with an argument of
+.Dv EVP_PKEY_CMAC
+and then pass the resulting
+.Vt EVP_MD_CTX
+object to
+.Xr EVP_DigestInit_ex 3 .
+.Pp
+The CMAC API is object-oriented.
+Calculating a message authentication code requires a
+.Vt CMAC_CTX
+object.
+Usually, the functions
+.Fn CMAC_CTX_new ,
+.Fn CMAC_Init ,
+.Fn CMAC_Update ,
+.Fn CMAC_Final ,
+and
+.Fn CMAC_CTX_free
+need to be called in this order.
+.Pp
+.Fn CMAC_CTX_new
+allocates a new
+.Vt CMAC_CTX
+object, initializes the embedded
+.Vt EVP_CIPHER_CTX
+object, and marks the object itself as uninitialized.
+.Pp
+.Fn CMAC_Init
+selects the given block
+.Fa cipher
+for use by
+.Fa ctx .
+Funtions to obtain suitable
+.Vt EVP_CIPHER
+objects are listed in the CIPHER LISTING section of the
+.Xr EVP_Cipher 3
+manual page.
+Unless
+.Fa key
+is
+.Dv NULL ,
+.Fn CMAC_Init
+also initializes
+.Fa ctx
+for use with the given symmetric
+.Fa key
+that is
+.Fa key_len
+bytes long.
+In particular, it calculates and internally stores the two subkeys
+and initializes
+.Fa ctx
+for subsequently feeding in data with
+.Fn CMAC_Update .
+To use the default cipher implementations provided by the library, pass
+.Dv NULL
+as the
+.Fa impl
+argument.
+.Pp
+If
+.Fa ctx
+is already initialized,
+.Fn CMAC_Init
+can be called again with
+.Fa key ,
+.Fa cipher ,
+and
+.Fa impl
+all set to
+.Dv NULL
+and
+.Fa key_len
+set to 0.
+In that case, any data already processed is discarded and
+.Fa ctx
+is re-initialized to start reading data anew.
+.Pp
+.Fn CMAC_Update
+processes
+.Fa in_len
+bytes of input data pointed to by
+.Fa in_data .
+Depending on the number of input bytes already cached in
+.Fa ctx ,
+on
+.Fa in_len ,
+and on the block size, this may encrypt zero or more blocks.
+Unless
+.Fa in_len
+is zero, this function leaves at least one byte and at most one
+block of input cached but unprocessed inside the
+.Fa ctx
+object.
+.Fn CMAC_Update
+can be called multiple times
+to concatenate several chunks of input data of varying sizes.
+.Pp
+.Fn CMAC_Final
+stores the length of the message authentication code in bytes,
+which equals the cipher block size, into
+.Pf * Fa out_len .
+Unless
+.Fa out_mac
+is
+.Dv NULL ,
+it encrypts the last block, padding it if required, and copies the
+resulting message authentication code to
+.Fa out_mac .
+The caller is responsible for providing a buffer of sufficient size.
+.Pp
+Calling
+.Fn CMAC_resume
+after
+.Fn CMAC_Final
+allows to subsequently append additional data with
+.Fn CMAC_Update .
+.Pp
+.Fn CMAC_CTX_copy
+performs a deep copy of the already initialized
+.Fa in_ctx
+into
+.Fa out_ctx .
+.Pp
+.Fn CMAC_CTX_cleanup
+zeros out both subkeys and all temporary data in
+.Fa ctx
+and in the embedded
+.Vt EVP_CIPHER_CTX
+object, frees all allocated memory associated with it,
+except for
+.Fa ctx
+itself, and marks it as uninitialized,
+such that it can be reused for subsequent
+.Fn CMAC_Init .
+.Pp
+.Fn CMAC_CTX_free
+calls
+.Fn CMAC_CTX_cleanup ,
+then frees
+.Fa ctx
+itself.
+If
+.Fa ctx
+is
+.Dv NULL ,
+no action occurs.
+.Sh RETURN VALUES
+.Fn CMAC_CTX_new
+returns the new context object or
+.Dv NULL
+in case of failure.
+It succeeds unless memory is exhausted.
+.Pp
+.Fn CMAC_Init ,
+.Fn CMAC_Update ,
+.Fn CMAC_Final ,
+.Fn CMAC_resume ,
+and
+.Fn CMAC_CTX_copy
+return 1 on success or 0 on failure.
+.Fn CMAC_Init
+fails if initializing the embedded
+.Vt EVP_CIPHER_CTX
+object fails.
+The others fail if
+.Fa in_ctx
+is uninitialized.
+.Fn CMAC_Update
+and
+.Fn CMAC_Final
+also fail if encrypting a block fails, and
+.Fn CMAC_CTX_copy
+if copying the embedded
+.Vt EVP_CIPHER_CTX
+object fails, which can for example happen when memory is exhausted.
+.Pp
+.Fn CMAC_CTX_get0_cipher_ctx
+returns an internal pointer to the
+.Vt EVP_CIPHER_CTX
+object that is embedded in
+.Fa ctx .
+.Sh ERRORS
+The CMAC code itself does not use the
+.In openssl/err.h
+framework, so in general, the reasons for failure cannot be found out with
+.Xr ERR_get_error 3 .
+However, since the
+.Xr EVP_Cipher 3
+functions are used internally, entries may still get pushed onto
+the error stack in some cases of failure.
+.Sh SEE ALSO
+.Xr EVP_aes_128_cbc 3 ,
+.Xr EVP_Cipher 3 ,
+.Xr EVP_DigestInit 3 ,
+.Xr EVP_PKEY_CTX_new_id 3 ,
+.Xr HMAC 3
+.Sh STANDARDS
+.Rs
+.%A Morris Dworkin
+.%T "Recommendation for Block Cipher Modes of Operation:\
+ The CMAC Mode for Authentication"
+.%I National Institute of Standards and Technology
+.%R NIST Special Publication 800-38B
+.%U https://doi.org/10.6028/NIST.SP.800-38B
+.%C Gaithersburg, Maryland
+.%D May 2005, updated October 6, 2016
+.Re
+.Sh HISTORY
+These functions first appeared in OpenSSL 1.0.1
+and have been available since
+.Ox 5.3 .
diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3
index cefd546af3..d8f452fe4c 100644
--- a/src/lib/libcrypto/man/EVP_DigestInit.3
+++ b/src/lib/libcrypto/man/EVP_DigestInit.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_DigestInit.3,v 1.18 2019/08/25 17:08:20 schwarze Exp $
+.\" $OpenBSD: EVP_DigestInit.3,v 1.19 2020/06/24 16:06:27 schwarze Exp $
 .\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
 .\" selective merge up to: OpenSSL a95d7574 Jul 2 12:16:38 2017 -0400
 .\"
@@ -68,7 +68,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: August 25 2019 $
+.Dd $Mdocdate: June 24 2020 $
 .Dt EVP_DIGESTINIT 3
 .Os
 .Sh NAME
@@ -671,6 +671,7 @@ main(int argc, char *argv[])
 .Ed
 .Sh SEE ALSO
 .Xr BIO_f_md 3 ,
+.Xr CMAC_Init 3 ,
 .Xr evp 3 ,
 .Xr EVP_BytesToKey 3 ,
 .Xr EVP_DigestSignInit 3 ,
diff --git a/src/lib/libcrypto/man/HMAC.3 b/src/lib/libcrypto/man/HMAC.3
index b2a0e2836e..b76d8b2869 100644
--- a/src/lib/libcrypto/man/HMAC.3
+++ b/src/lib/libcrypto/man/HMAC.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: HMAC.3,v 1.16 2019/12/14 09:04:51 tb Exp $
+.\" $OpenBSD: HMAC.3,v 1.17 2020/06/24 16:06:27 schwarze Exp $
 .\" full merge up to: OpenSSL crypto/hmac a528d4f0 Oct 27 13:40:11 2015 -0400
 .\" selective merge up to: OpenSSL man3/HMAC b3696a55 Sep 2 09:35:50 2017 -0400
 .\"
@@ -52,7 +52,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: December 14 2019 $
+.Dd $Mdocdate: June 24 2020 $
 .Dt HMAC 3
 .Os
 .Sh NAME
@@ -365,6 +365,7 @@ if none was set.
 returns the length in bytes of the underlying hash function output
 or 0 on error.
 .Sh SEE ALSO
+.Xr CMAC_Init 3 ,
 .Xr EVP_DigestInit 3
 .Sh STANDARDS
 RFC 2104
diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile
index c613fdc293..de6e446f2f 100644
--- a/src/lib/libcrypto/man/Makefile
+++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.168 2020/06/12 11:37:42 schwarze Exp $
+# $OpenBSD: Makefile,v 1.169 2020/06/24 16:06:26 schwarze Exp $
 .include <bsd.own.mk>
@@ -68,6 +68,7 @@ MAN=	\
        BN_swap.3 \
        BN_zero.3 \
        BUF_MEM_new.3 \
+        CMAC_Init.3 \
        CMS_ContentInfo_new.3 \
        CMS_add0_cert.3 \
        CMS_add1_recipient_cert.3 \
diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3
index cbc03543ae..9f29698e80 100644
--- a/src/lib/libcrypto/man/crypto.3
+++ b/src/lib/libcrypto/man/crypto.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: crypto.3,v 1.23 2019/11/02 15:28:04 schwarze Exp $
+.\"     $OpenBSD: crypto.3,v 1.24 2020/06/24 16:06:27 schwarze Exp $
 .\"     OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org> and
@@ -49,7 +49,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 2 2019 $
+.Dd $Mdocdate: June 24 2020 $
 .Dt CRYPTO 3
 .Os
 .Sh NAME
@@ -93,6 +93,7 @@ and
 .Sy Authentication codes and hash functions
 offered include
 .Xr EVP_DigestInit 3 ,
+.Xr CMAC_Init 3 ,
 .Xr HMAC 3 ,
 .Xr MD4 3 ,
 .Xr MD5 3 ,
author	schwarze <>	2020-06-24 16:06:27 +0000
committer	schwarze <>	2020-06-24 16:06:27 +0000
commit	0957e35e584e81a70ad31e3756c631131ed5bba9 (patch)
tree	f63d9d8a23d818ff1055d16836d58ad95cce4489
parent	971de0313dae5e09ce7bb6d784903540cad611cf (diff)
download	openbsd-0957e35e584e81a70ad31e3756c631131ed5bba9.tar.gz openbsd-0957e35e584e81a70ad31e3756c631131ed5bba9.tar.bz2 openbsd-0957e35e584e81a70ad31e3756c631131ed5bba9.zip

diff --git a/src/lib/libcrypto/man/CMAC_Init.3 b/src/lib/libcrypto/man/CMAC_Init.3 new file mode 100644 index 0000000000..55196b3213 --- /dev/null +++ b/src/lib/libcrypto/man/CMAC_Init.3
@@ -0,0 +1,287 @@
		1	.\" $OpenBSD: CMAC_Init.3,v 1.1 2020/06/24 16:06:27 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: June 24 2020 $
		18	.Dt CMAC_INIT 3
		19	.Os
		20	.Sh NAME
		21	.Nm CMAC_CTX_new ,
		22	.Nm CMAC_Init ,
		23	.Nm CMAC_Update ,
		24	.Nm CMAC_Final ,
		25	.Nm CMAC_resume ,
		26	.Nm CMAC_CTX_copy ,
		27	.Nm CMAC_CTX_get0_cipher_ctx ,
		28	.Nm CMAC_CTX_cleanup ,
		29	.Nm CMAC_CTX_free
		30	.Nd Cipher-based message authentication code
		31	.Sh SYNOPSIS
		32	.In openssl/cmac.h
		33	.Ft CMAC_CTX *
		34	.Fn CMAC_CTX_new void
		35	.Ft int
		36	.Fo CMAC_Init
		37	.Fa "CMAC_CTX *ctx"
		38	.Fa "const void *key"
		39	.Fa "size_t key_len"
		40	.Fa "const EVP_CIPHER *cipher"
		41	.Fa "ENGINE *impl"
		42	.Fc
		43	.Ft int
		44	.Fo CMAC_Update
		45	.Fa "CMAC_CTX *ctx"
		46	.Fa "const void *in_data"
		47	.Fa "size_t in_len"
		48	.Fc
		49	.Ft int
		50	.Fo CMAC_Final
		51	.Fa "CMAC_CTX *ctx"
		52	.Fa "unsigned char *out_mac"
		53	.Fa "size_t *out_len"
		54	.Fc
		55	.Ft int
		56	.Fn CMAC_resume "CMAC_CTX *ctx"
		57	.Ft int
		58	.Fo CMAC_CTX_copy
		59	.Fa "CMAC_CTX *out_ctx"
		60	.Fa "CMAC_CTX *in_ctx"
		61	.Fc
		62	.Ft EVP_CIPHER_CTX *
		63	.Fn CMAC_CTX_get0_cipher_ctx "CMAC_CTX *ctx"
		64	.Ft void
		65	.Fn CMAC_CTX_cleanup "CMAC_CTX *ctx"
		66	.Ft void
		67	.Fn CMAC_CTX_free "CMAC_CTX *ctx"
		68	.Sh DESCRIPTION
		69	CMAC is a message authentication code algorithm that can employ an
		70	arbitrary block cipher using a symmetric key.
		71	.Pp
		72	The present manual page describes low-level functions implementing CMAC.
		73	Instead of using these functions directly,
		74	application programs normally call
		75	.Xr EVP_PKEY_CTX_new_id 3
		76	with an argument of
		77	.Dv EVP_PKEY_CMAC
		78	and then pass the resulting
		79	.Vt EVP_MD_CTX
		80	object to
		81	.Xr EVP_DigestInit_ex 3 .
		82	.Pp
		83	The CMAC API is object-oriented.
		84	Calculating a message authentication code requires a
		85	.Vt CMAC_CTX
		86	object.
		87	Usually, the functions
		88	.Fn CMAC_CTX_new ,
		89	.Fn CMAC_Init ,
		90	.Fn CMAC_Update ,
		91	.Fn CMAC_Final ,
		92	and
		93	.Fn CMAC_CTX_free
		94	need to be called in this order.
		95	.Pp
		96	.Fn CMAC_CTX_new
		97	allocates a new
		98	.Vt CMAC_CTX
		99	object, initializes the embedded
		100	.Vt EVP_CIPHER_CTX
		101	object, and marks the object itself as uninitialized.
		102	.Pp
		103	.Fn CMAC_Init
		104	selects the given block
		105	.Fa cipher
		106	for use by
		107	.Fa ctx .
		108	Funtions to obtain suitable
		109	.Vt EVP_CIPHER
		110	objects are listed in the CIPHER LISTING section of the
		111	.Xr EVP_Cipher 3
		112	manual page.
		113	Unless
		114	.Fa key
		115	is
		116	.Dv NULL ,
		117	.Fn CMAC_Init
		118	also initializes
		119	.Fa ctx
		120	for use with the given symmetric
		121	.Fa key
		122	that is
		123	.Fa key_len
		124	bytes long.
		125	In particular, it calculates and internally stores the two subkeys
		126	and initializes
		127	.Fa ctx
		128	for subsequently feeding in data with
		129	.Fn CMAC_Update .
		130	To use the default cipher implementations provided by the library, pass
		131	.Dv NULL
		132	as the
		133	.Fa impl
		134	argument.
		135	.Pp
		136	If
		137	.Fa ctx
		138	is already initialized,
		139	.Fn CMAC_Init
		140	can be called again with
		141	.Fa key ,
		142	.Fa cipher ,
		143	and
		144	.Fa impl
		145	all set to
		146	.Dv NULL
		147	and
		148	.Fa key_len
		149	set to 0.
		150	In that case, any data already processed is discarded and
		151	.Fa ctx
		152	is re-initialized to start reading data anew.
		153	.Pp
		154	.Fn CMAC_Update
		155	processes
		156	.Fa in_len
		157	bytes of input data pointed to by
		158	.Fa in_data .
		159	Depending on the number of input bytes already cached in
		160	.Fa ctx ,
		161	on
		162	.Fa in_len ,
		163	and on the block size, this may encrypt zero or more blocks.
		164	Unless
		165	.Fa in_len
		166	is zero, this function leaves at least one byte and at most one
		167	block of input cached but unprocessed inside the
		168	.Fa ctx
		169	object.
		170	.Fn CMAC_Update
		171	can be called multiple times
		172	to concatenate several chunks of input data of varying sizes.
		173	.Pp
		174	.Fn CMAC_Final
		175	stores the length of the message authentication code in bytes,
		176	which equals the cipher block size, into
		177	.Pf * Fa out_len .
		178	Unless
		179	.Fa out_mac
		180	is
		181	.Dv NULL ,
		182	it encrypts the last block, padding it if required, and copies the
		183	resulting message authentication code to
		184	.Fa out_mac .
		185	The caller is responsible for providing a buffer of sufficient size.
		186	.Pp
		187	Calling
		188	.Fn CMAC_resume
		189	after
		190	.Fn CMAC_Final
		191	allows to subsequently append additional data with
		192	.Fn CMAC_Update .
		193	.Pp
		194	.Fn CMAC_CTX_copy
		195	performs a deep copy of the already initialized
		196	.Fa in_ctx
		197	into
		198	.Fa out_ctx .
		199	.Pp
		200	.Fn CMAC_CTX_cleanup
		201	zeros out both subkeys and all temporary data in
		202	.Fa ctx
		203	and in the embedded
		204	.Vt EVP_CIPHER_CTX
		205	object, frees all allocated memory associated with it,
		206	except for
		207	.Fa ctx
		208	itself, and marks it as uninitialized,
		209	such that it can be reused for subsequent
		210	.Fn CMAC_Init .
		211	.Pp
		212	.Fn CMAC_CTX_free
		213	calls
		214	.Fn CMAC_CTX_cleanup ,
		215	then frees
		216	.Fa ctx
		217	itself.
		218	If
		219	.Fa ctx
		220	is
		221	.Dv NULL ,
		222	no action occurs.
		223	.Sh RETURN VALUES
		224	.Fn CMAC_CTX_new
		225	returns the new context object or
		226	.Dv NULL
		227	in case of failure.
		228	It succeeds unless memory is exhausted.
		229	.Pp
		230	.Fn CMAC_Init ,
		231	.Fn CMAC_Update ,
		232	.Fn CMAC_Final ,
		233	.Fn CMAC_resume ,
		234	and
		235	.Fn CMAC_CTX_copy
		236	return 1 on success or 0 on failure.
		237	.Fn CMAC_Init
		238	fails if initializing the embedded
		239	.Vt EVP_CIPHER_CTX
		240	object fails.
		241	The others fail if
		242	.Fa in_ctx
		243	is uninitialized.
		244	.Fn CMAC_Update
		245	and
		246	.Fn CMAC_Final
		247	also fail if encrypting a block fails, and
		248	.Fn CMAC_CTX_copy
		249	if copying the embedded
		250	.Vt EVP_CIPHER_CTX
		251	object fails, which can for example happen when memory is exhausted.
		252	.Pp
		253	.Fn CMAC_CTX_get0_cipher_ctx
		254	returns an internal pointer to the
		255	.Vt EVP_CIPHER_CTX
		256	object that is embedded in
		257	.Fa ctx .
		258	.Sh ERRORS
		259	The CMAC code itself does not use the
		260	.In openssl/err.h
		261	framework, so in general, the reasons for failure cannot be found out with
		262	.Xr ERR_get_error 3 .
		263	However, since the
		264	.Xr EVP_Cipher 3
		265	functions are used internally, entries may still get pushed onto
		266	the error stack in some cases of failure.
		267	.Sh SEE ALSO
		268	.Xr EVP_aes_128_cbc 3 ,
		269	.Xr EVP_Cipher 3 ,
		270	.Xr EVP_DigestInit 3 ,
		271	.Xr EVP_PKEY_CTX_new_id 3 ,
		272	.Xr HMAC 3
		273	.Sh STANDARDS
		274	.Rs
		275	.%A Morris Dworkin
		276	.%T "Recommendation for Block Cipher Modes of Operation:\
		277	The CMAC Mode for Authentication"
		278	.%I National Institute of Standards and Technology
		279	.%R NIST Special Publication 800-38B
		280	.%U https://doi.org/10.6028/NIST.SP.800-38B
		281	.%C Gaithersburg, Maryland
		282	.%D May 2005, updated October 6, 2016
		283	.Re
		284	.Sh HISTORY
		285	These functions first appeared in OpenSSL 1.0.1
		286	and have been available since
		287	.Ox 5.3 .


diff --git a/src/lib/libcrypto/man/EVP_DigestInit.3 b/src/lib/libcrypto/man/EVP_DigestInit.3 index cefd546af3..d8f452fe4c 100644 --- a/src/lib/libcrypto/man/EVP_DigestInit.3 +++ b/src/lib/libcrypto/man/EVP_DigestInit.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: EVP_DigestInit.3,v 1.18 2019/08/25 17:08:20 schwarze Exp $	1	.\" $OpenBSD: EVP_DigestInit.3,v 1.19 2020/06/24 16:06:27 schwarze Exp $
2	.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000	2	.\" full merge up to: OpenSSL 7f572e95 Dec 2 13:57:04 2015 +0000
3	.\" selective merge up to: OpenSSL a95d7574 Jul 2 12:16:38 2017 -0400	3	.\" selective merge up to: OpenSSL a95d7574 Jul 2 12:16:38 2017 -0400
4	.\"	4	.\"
@@ -68,7 +68,7 @@
68	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	68	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
69	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	69	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
70	.\"	70	.\"
71	.Dd $Mdocdate: August 25 2019 $	71	.Dd $Mdocdate: June 24 2020 $
72	.Dt EVP_DIGESTINIT 3	72	.Dt EVP_DIGESTINIT 3
73	.Os	73	.Os
74	.Sh NAME	74	.Sh NAME
@@ -671,6 +671,7 @@ main(int argc, char *argv[])
671	.Ed	671	.Ed
672	.Sh SEE ALSO	672	.Sh SEE ALSO
673	.Xr BIO_f_md 3 ,	673	.Xr BIO_f_md 3 ,
		674	.Xr CMAC_Init 3 ,
674	.Xr evp 3 ,	675	.Xr evp 3 ,
675	.Xr EVP_BytesToKey 3 ,	676	.Xr EVP_BytesToKey 3 ,
676	.Xr EVP_DigestSignInit 3 ,	677	.Xr EVP_DigestSignInit 3 ,


diff --git a/src/lib/libcrypto/man/HMAC.3 b/src/lib/libcrypto/man/HMAC.3 index b2a0e2836e..b76d8b2869 100644 --- a/src/lib/libcrypto/man/HMAC.3 +++ b/src/lib/libcrypto/man/HMAC.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: HMAC.3,v 1.16 2019/12/14 09:04:51 tb Exp $	1	.\" $OpenBSD: HMAC.3,v 1.17 2020/06/24 16:06:27 schwarze Exp $
2	.\" full merge up to: OpenSSL crypto/hmac a528d4f0 Oct 27 13:40:11 2015 -0400	2	.\" full merge up to: OpenSSL crypto/hmac a528d4f0 Oct 27 13:40:11 2015 -0400
3	.\" selective merge up to: OpenSSL man3/HMAC b3696a55 Sep 2 09:35:50 2017 -0400	3	.\" selective merge up to: OpenSSL man3/HMAC b3696a55 Sep 2 09:35:50 2017 -0400
4	.\"	4	.\"
@@ -52,7 +52,7 @@
52	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	52	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
53	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	53	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
54	.\"	54	.\"
55	.Dd $Mdocdate: December 14 2019 $	55	.Dd $Mdocdate: June 24 2020 $
56	.Dt HMAC 3	56	.Dt HMAC 3
57	.Os	57	.Os
58	.Sh NAME	58	.Sh NAME
@@ -365,6 +365,7 @@ if none was set.
365	returns the length in bytes of the underlying hash function output	365	returns the length in bytes of the underlying hash function output
366	or 0 on error.	366	or 0 on error.
367	.Sh SEE ALSO	367	.Sh SEE ALSO
		368	.Xr CMAC_Init 3 ,
368	.Xr EVP_DigestInit 3	369	.Xr EVP_DigestInit 3
369	.Sh STANDARDS	370	.Sh STANDARDS
370	RFC 2104	371	RFC 2104


diff --git a/src/lib/libcrypto/man/Makefile b/src/lib/libcrypto/man/Makefile index c613fdc293..de6e446f2f 100644 --- a/src/lib/libcrypto/man/Makefile +++ b/src/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
1	# $OpenBSD: Makefile,v 1.168 2020/06/12 11:37:42 schwarze Exp $	1	# $OpenBSD: Makefile,v 1.169 2020/06/24 16:06:26 schwarze Exp $
2		2
3	.include <bsd.own.mk>	3	.include <bsd.own.mk>
4		4
@@ -68,6 +68,7 @@ MAN= \
68	BN_swap.3 \	68	BN_swap.3 \
69	BN_zero.3 \	69	BN_zero.3 \
70	BUF_MEM_new.3 \	70	BUF_MEM_new.3 \
		71	CMAC_Init.3 \
71	CMS_ContentInfo_new.3 \	72	CMS_ContentInfo_new.3 \
72	CMS_add0_cert.3 \	73	CMS_add0_cert.3 \
73	CMS_add1_recipient_cert.3 \	74	CMS_add1_recipient_cert.3 \


diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3 index cbc03543ae..9f29698e80 100644 --- a/src/lib/libcrypto/man/crypto.3 +++ b/src/lib/libcrypto/man/crypto.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: crypto.3,v 1.23 2019/11/02 15:28:04 schwarze Exp $	1	.\" $OpenBSD: crypto.3,v 1.24 2020/06/24 16:06:27 schwarze Exp $
2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100	2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
3	.\"	3	.\"
4	.\" This file was written by Ulf Moeller <ulf@openssl.org> and	4	.\" This file was written by Ulf Moeller <ulf@openssl.org> and
@@ -49,7 +49,7 @@
49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
51	.\"	51	.\"
52	.Dd $Mdocdate: November 2 2019 $	52	.Dd $Mdocdate: June 24 2020 $
53	.Dt CRYPTO 3	53	.Dt CRYPTO 3
54	.Os	54	.Os
55	.Sh NAME	55	.Sh NAME
@@ -93,6 +93,7 @@ and
93	.Sy Authentication codes and hash functions	93	.Sy Authentication codes and hash functions
94	offered include	94	offered include
95	.Xr EVP_DigestInit 3 ,	95	.Xr EVP_DigestInit 3 ,
		96	.Xr CMAC_Init 3 ,
96	.Xr HMAC 3 ,	97	.Xr HMAC 3 ,
97	.Xr MD4 3 ,	98	.Xr MD4 3 ,
98	.Xr MD5 3 ,	99	.Xr MD5 3 ,