Adapt other EVP code to use EVP_MAC instead of direct implementation calls

The EVP_PKEY methods for CMAC and HMAC needed a rework, although it wasn't much change apart from name changes. This also meant that EVP_PKEY_new_CMAC_key() needed an adjustment. (the possibility to rewrite this function to work with any MAC is yet to be explored) Reviewed-by: N Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7484)

Adapt other EVP code to use EVP_MAC instead of direct implementation calls
The EVP_PKEY methods for CMAC and HMAC needed a rework, although it wasn't much change apart from name changes. This also meant that EVP_PKEY_new_CMAC_key() needed an adjustment. (the possibility to rewrite this function to work with any MAC is yet to be explored) Reviewed-by: N Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7484)
b8d77c9b · Richard Levitte · e74a435f · b8d77c9b · b8d77c9b
隐藏空白更改
内联并排

Showing with 8 addition and 7 deletion

crypto/cmac/cm_ameth.c crypto/cmac/cm_ameth.c +3 -4

crypto/evp/p_lib.c crypto/evp/p_lib.c +5 -3

未找到文件。
--- a/crypto/cmac/cm_ameth.c
+++ b/crypto/cmac/cm_ameth.c
 /*
- * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
@@ -10,7 +10,6 @@
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/cmac.h>
 #include "internal/asn1_int.h"

 /*
@@ -25,8 +24,8 @@ static int cmac_size(const EVP_PKEY *pkey)

 static void cmac_key_free(EVP_PKEY *pkey)
 {
-    CMAC_CTX *cmctx = EVP_PKEY_get0(pkey);
-    CMAC_CTX_free(cmctx);
+    EVP_MAC_CTX *cmctx = EVP_PKEY_get0(pkey);
+    EVP_MAC_CTX_free(cmctx);
 }

 const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {

--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -319,7 +319,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
 {
 #ifndef OPENSSL_NO_CMAC
    EVP_PKEY *ret = EVP_PKEY_new();
-    CMAC_CTX *cmctx = CMAC_CTX_new();
+    EVP_MAC_CTX *cmctx = EVP_MAC_CTX_new_id(EVP_MAC_CMAC);

    if (ret == NULL
            || cmctx == NULL
@@ -328,7 +328,9 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
        goto err;
    }

-    if (!CMAC_Init(cmctx, priv, len, cipher, e)) {
+    if (EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_ENGINE, e) <= 0
+        || EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_CIPHER, cipher) <= 0
+        || EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_KEY, priv, len) <= 0) {
        EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED);
        goto err;
    }
@@ -338,7 +340,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,

 err:
    EVP_PKEY_free(ret);
-    CMAC_CTX_free(cmctx);
+    EVP_MAC_CTX_free(cmctx);
    return NULL;
 #else
    EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY,