openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_* 

functions are now EVP_MAC functions, usually with ctx in their names.

Before 3.0 is released, the names are mutable and this prevents more
inconsistencies being introduced.

There are no functional or code changes.
Just the renaming and a little reformatting.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11997)
This commit is contained in:
Pauli 2020-06-09 08:53:05 +10:00
parent 765d04c946
commit d9c2fd51e2
36 changed files with 226 additions and 207 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGES.md
View File

@ -361,8 +361,8 @@ OpenSSL 3.0
and HMAC_CTX_get_md.
Use of these low level functions has been informally discouraged for a long
time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
time. Instead applications should use L<EVP_MAC_new_ctx(3)>,
L<EVP_MAC_free_ctx(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
and L<EVP_MAC_final(3)>.
*Paul Dale*
@ -385,8 +385,8 @@ OpenSSL 3.0
CMAC_CTX_copy, CMAC_Init, CMAC_Update, CMAC_Final and CMAC_resume.
Use of these low level functions has been informally discouraged for a long
time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
time. Instead applications should use L<EVP_MAC_new_ctx(3)>,
L<EVP_MAC_free_ctx(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
and L<EVP_MAC_final(3)>.
*Paul Dale*

10
apps/fipsinstall.c
View File

@ -366,7 +366,7 @@ opthelp:
goto end;
}
ctx = EVP_MAC_CTX_new(mac);
ctx = EVP_MAC_new_ctx(mac);
if (ctx == NULL) {
BIO_printf(bio_err, "Unable to create MAC CTX for module check\n");
goto end;
@ -380,7 +380,7 @@ opthelp:
if (params == NULL)
goto end;
if (!EVP_MAC_CTX_set_params(ctx, params)) {
if (!EVP_MAC_set_ctx_params(ctx, params)) {
BIO_printf(bio_err, "MAC parameter error\n");
ERR_print_errors(bio_err);
ok = 0;
@ -390,7 +390,7 @@ opthelp:
goto end;
}
ctx2 = EVP_MAC_CTX_dup(ctx);
ctx2 = EVP_MAC_dup_ctx(ctx);
if (ctx2 == NULL) {
BIO_printf(bio_err, "Unable to create MAC CTX for install indicator\n");
goto end;
@ -450,8 +450,8 @@ cleanup:
BIO_free(module_bio);
sk_OPENSSL_STRING_free(opts);
EVP_MAC_free(mac);
EVP_MAC_CTX_free(ctx2);
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx2);
EVP_MAC_free_ctx(ctx);
OPENSSL_free(read_buffer);
free_config_and_unload(conf);
return ret;

4
apps/lib/s_cb.c
View File

@ -787,7 +787,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
BIO_printf(bio_err, "HMAC not found\n");
goto end;
}
ctx = EVP_MAC_CTX_new(hmac);
ctx = EVP_MAC_new_ctx(hmac);
if (ctx == NULL) {
BIO_printf(bio_err, "HMAC context allocation failed\n");
goto end;
@ -796,7 +796,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
*p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, cookie_secret,
COOKIE_SECRET_LENGTH);
*p = OSSL_PARAM_construct_end();
if (!EVP_MAC_CTX_set_params(ctx, params)) {
if (!EVP_MAC_set_ctx_params(ctx, params)) {
BIO_printf(bio_err, "HMAC context parameter setting failed\n");
goto end;
}

6
apps/mac.c
View File

@ -114,7 +114,7 @@ opthelp:
goto opthelp;
}
ctx = EVP_MAC_CTX_new(mac);
ctx = EVP_MAC_new_ctx(mac);
if (ctx == NULL)
goto err;
@ -126,7 +126,7 @@ opthelp:
if (params == NULL)
goto err;
if (!EVP_MAC_CTX_set_params(ctx, params)) {
if (!EVP_MAC_set_ctx_params(ctx, params)) {
BIO_printf(bio_err, "MAC parameter error\n");
ERR_print_errors(bio_err);
ok = 0;
@ -199,7 +199,7 @@ err:
sk_OPENSSL_STRING_free(opts);
BIO_free(in);
BIO_free(out);
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
EVP_MAC_free(mac);
return ret;
}

4
crypto/cmac/cm_ameth.c
View File

@ -31,9 +31,9 @@ static int cmac_size(const EVP_PKEY *pkey)
static void cmac_key_free(EVP_PKEY *pkey)
{
EVP_MAC_CTX *cmctx = EVP_PKEY_get0(pkey);
EVP_MAC *mac = cmctx == NULL ? NULL : EVP_MAC_CTX_mac(cmctx);
EVP_MAC *mac = cmctx == NULL ? NULL : EVP_MAC_get_ctx_mac(cmctx);
EVP_MAC_CTX_free(cmctx);
EVP_MAC_free_ctx(cmctx);
EVP_MAC_free(mac);
}

6
crypto/crmf/crmf_pbm.c
View File

@ -202,8 +202,8 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
macparams[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
basekey, bklen);
if ((mac = EVP_MAC_fetch(NULL, "HMAC", NULL)) == NULL
|| (mctx = EVP_MAC_CTX_new(mac)) == NULL
|| !EVP_MAC_CTX_set_params(mctx, macparams)
|| (mctx = EVP_MAC_new_ctx(mac)) == NULL
|| !EVP_MAC_set_ctx_params(mctx, macparams)
|| !EVP_MAC_init(mctx)
|| !EVP_MAC_update(mctx, msg, msglen)
|| !EVP_MAC_final(mctx, mac_res, outlen, EVP_MAX_MD_SIZE))
@ -214,7 +214,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp,
err:
/* cleanup */
OPENSSL_cleanse(basekey, bklen);
EVP_MAC_CTX_free(mctx);
EVP_MAC_free_ctx(mctx);
EVP_MAC_free(mac);
EVP_MD_CTX_free(ctx);

2
crypto/err/openssl.txt
View File

@ -845,8 +845,6 @@ EVP_F_EVP_KEYEXCH_FETCH:245:EVP_KEYEXCH_fetch
EVP_F_EVP_KEYEXCH_FROM_DISPATCH:244:evp_keyexch_from_dispatch
EVP_F_EVP_MAC_CTRL:209:EVP_MAC_ctrl
EVP_F_EVP_MAC_CTRL_STR:210:EVP_MAC_ctrl_str
EVP_F_EVP_MAC_CTX_DUP:211:EVP_MAC_CTX_dup
EVP_F_EVP_MAC_CTX_NEW:213:EVP_MAC_CTX_new
EVP_F_EVP_MAC_INIT:212:EVP_MAC_init
EVP_F_EVP_MD_BLOCK_SIZE:232:EVP_MD_block_size
EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex

20
crypto/evp/mac_lib.c
View File

@ -19,14 +19,14 @@
#include "internal/provider.h"
#include "evp_local.h"
EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac)
EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac)
{
EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX));
if (ctx == NULL
|| (ctx->data = mac->newctx(ossl_provider_ctx(mac->prov))) == NULL
|| !EVP_MAC_up_ref(mac)) {
EVPerr(EVP_F_EVP_MAC_CTX_NEW, ERR_R_MALLOC_FAILURE);
EVPerr(0, ERR_R_MALLOC_FAILURE);
if (ctx != NULL)
mac->freectx(ctx->data);
OPENSSL_free(ctx);
@ -37,7 +37,7 @@ EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac)
return ctx;
}
void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx)
void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx)
{
if (ctx != NULL) {
ctx->meth->freectx(ctx->data);
@ -48,7 +48,7 @@ void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx)
OPENSSL_free(ctx);
}
EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src)
EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src)
{
EVP_MAC_CTX *dst;
@ -57,27 +57,27 @@ EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src)
dst = OPENSSL_malloc(sizeof(*dst));
if (dst == NULL) {
EVPerr(EVP_F_EVP_MAC_CTX_DUP, ERR_R_MALLOC_FAILURE);
EVPerr(0, ERR_R_MALLOC_FAILURE);
return NULL;
}
*dst = *src;
if (!EVP_MAC_up_ref(dst->meth)) {
EVPerr(EVP_F_EVP_MAC_CTX_DUP, ERR_R_MALLOC_FAILURE);
EVPerr(0, ERR_R_MALLOC_FAILURE);
OPENSSL_free(dst);
return NULL;
}
dst->data = src->meth->dupctx(src->data);
if (dst->data == NULL) {
EVP_MAC_CTX_free(dst);
EVP_MAC_free_ctx(dst);
return NULL;
}
return dst;
}
EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx)
EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx)
{
return ctx->meth;
}
@ -144,14 +144,14 @@ int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[])
return 1;
}
int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[])
int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[])
{
if (ctx->meth->get_ctx_params != NULL)
return ctx->meth->get_ctx_params(ctx->data, params);
return 1;
}
int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[])
int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[])
{
if (ctx->meth->set_ctx_params != NULL)
return ctx->meth->set_ctx_params(ctx->data, params);

6
crypto/evp/p_lib.c
View File

@ -595,7 +595,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
prov == NULL ? NULL : ossl_provider_library_context(prov);
EVP_PKEY *ret = EVP_PKEY_new();
EVP_MAC *cmac = EVP_MAC_fetch(libctx, OSSL_MAC_NAME_CMAC, NULL);
EVP_MAC_CTX *cmctx = cmac != NULL ? EVP_MAC_CTX_new(cmac) : NULL;
EVP_MAC_CTX *cmctx = cmac != NULL ? EVP_MAC_new_ctx(cmac) : NULL;
OSSL_PARAM params[4];
size_t paramsn = 0;
@ -620,7 +620,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
(char *)priv, len);
params[paramsn] = OSSL_PARAM_construct_end();
if (!EVP_MAC_CTX_set_params(cmctx, params)) {
if (!EVP_MAC_set_ctx_params(cmctx, params)) {
EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED);
goto err;
}
@ -630,7 +630,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
err:
EVP_PKEY_free(ret);
EVP_MAC_CTX_free(cmctx);
EVP_MAC_free_ctx(cmctx);
EVP_MAC_free(cmac);
return NULL;
# else

37
crypto/evp/pkey_mac.c
View File

@ -71,7 +71,7 @@ static int pkey_mac_init(EVP_PKEY_CTX *ctx)
}
if (mac != NULL) {
hctx->ctx = EVP_MAC_CTX_new(mac);
hctx->ctx = EVP_MAC_new_ctx(mac);
if (hctx->ctx == NULL) {
OPENSSL_free(hctx);
return 0;
@ -116,7 +116,7 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
EVP_PKEY_CTX_set_data(dst, dctx);
dst->keygen_info_count = 0;
dctx->ctx = EVP_MAC_CTX_dup(sctx->ctx);
dctx->ctx = EVP_MAC_dup_ctx(sctx->ctx);
if (dctx->ctx == NULL)
goto err;
@ -128,7 +128,7 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
* fetches the MAC method anew in this case. Therefore, its reference
* count must be adjusted here.
*/
if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(dctx->ctx)))
if (!EVP_MAC_up_ref(EVP_MAC_get_ctx_mac(dctx->ctx)))
goto err;
dctx->type = sctx->type;
@ -163,7 +163,8 @@ static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx)
MAC_PKEY_CTX *hctx = ctx == NULL ? NULL : EVP_PKEY_CTX_get_data(ctx);
if (hctx != NULL) {
EVP_MAC *mac = hctx->ctx != NULL ? EVP_MAC_CTX_mac(hctx->ctx) : NULL;
EVP_MAC *mac = hctx->ctx != NULL ? EVP_MAC_get_ctx_mac(hctx->ctx)
: NULL;
switch (hctx->type) {
case MAC_TYPE_RAW:
@ -171,7 +172,7 @@ static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx)
hctx->raw_data.ktmp.length);
break;
}
EVP_MAC_CTX_free(hctx->ctx);
EVP_MAC_free_ctx(hctx->ctx);
EVP_MAC_free(mac);
OPENSSL_free(hctx);
EVP_PKEY_CTX_set_data(ctx, NULL);
@ -206,10 +207,10 @@ static int pkey_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
return 0;
}
cmkey = EVP_MAC_CTX_dup(hctx->ctx);
cmkey = EVP_MAC_dup_ctx(hctx->ctx);
if (cmkey == NULL)
return 0;
if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(hctx->ctx)))
if (!EVP_MAC_up_ref(EVP_MAC_get_ctx_mac(hctx->ctx)))
return 0;
EVP_PKEY_assign(pkey, nid, cmkey);
}
@ -255,7 +256,7 @@ static int pkey_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
}
if (set_key) {
if (!EVP_MAC_is_a(EVP_MAC_CTX_mac(hctx->ctx),
if (!EVP_MAC_is_a(EVP_MAC_get_ctx_mac(hctx->ctx),
OBJ_nid2sn(EVP_PKEY_id(EVP_PKEY_CTX_get0_pkey(ctx)))))
return 0;
key = EVP_PKEY_get0(EVP_PKEY_CTX_get0_pkey(ctx));
@ -280,7 +281,7 @@ static int pkey_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
key->data, key->length);
params[params_n++] = OSSL_PARAM_construct_end();
rv = EVP_MAC_CTX_set_params(hctx->ctx, params);
rv = EVP_MAC_set_ctx_params(hctx->ctx, params);
}
return rv;
}
@ -330,7 +331,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
return 0;
}
if (!EVP_MAC_CTX_set_params(hctx->ctx, params)
if (!EVP_MAC_set_ctx_params(hctx->ctx, params)
|| !EVP_MAC_init(hctx->ctx))
return 0;
}
@ -351,10 +352,10 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
if (ctx->pkey == NULL)
return 0;
new_mac_ctx = EVP_MAC_CTX_dup(ctx->pkey->pkey.ptr);
new_mac_ctx = EVP_MAC_dup_ctx(ctx->pkey->pkey.ptr);
if (new_mac_ctx == NULL)
return 0;
EVP_MAC_CTX_free(hctx->ctx);
EVP_MAC_free_ctx(hctx->ctx);
hctx->ctx = new_mac_ctx;
}
break;
@ -389,13 +390,13 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
return 0;
}
if (!EVP_MAC_CTX_set_params(hctx->ctx, params))
if (!EVP_MAC_set_ctx_params(hctx->ctx, params))
return 0;
params[0] =
OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &verify);
if (!EVP_MAC_CTX_get_params(hctx->ctx, params))
if (!EVP_MAC_get_ctx_params(hctx->ctx, params))
return 0;
/*
@ -433,7 +434,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
return 0;
}
return EVP_MAC_CTX_set_params(hctx->ctx, params);
return EVP_MAC_set_ctx_params(hctx->ctx, params);
}
break;
default:
@ -478,7 +479,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
key->data, key->length);
params[params_n] = OSSL_PARAM_construct_end();
return EVP_MAC_CTX_set_params(hctx->ctx, params);
return EVP_MAC_set_ctx_params(hctx->ctx, params);
}
break;
case MAC_TYPE_MAC:
@ -513,7 +514,7 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
EVPerr(0, EVP_R_FETCH_FAILED);
return 0;
}
mac = EVP_MAC_CTX_mac(hctx->ctx);
mac = EVP_MAC_get_ctx_mac(hctx->ctx);
/*
* Translation of some control names that are equivalent to a single
@ -535,7 +536,7 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx,
return 0;
params[1] = OSSL_PARAM_construct_end();
ok = EVP_MAC_CTX_set_params(hctx->ctx, params);
ok = EVP_MAC_set_ctx_params(hctx->ctx, params);
OPENSSL_free(params[0].data);
return ok;
}

28
crypto/modes/siv128.c
View File

@ -99,7 +99,7 @@ __owur static ossl_inline int siv128_do_s2v_p(SIV128_CONTEXT *ctx, SIV_BLOCK *ou
EVP_MAC_CTX *mac_ctx;
int ret = 0;
mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init);
mac_ctx = EVP_MAC_dup_ctx(ctx->mac_ctx_init);
if (mac_ctx == NULL)
return 0;
@ -126,7 +126,7 @@ __owur static ossl_inline int siv128_do_s2v_p(SIV128_CONTEXT *ctx, SIV_BLOCK *ou
ret = 1;
err:
EVP_MAC_CTX_free(mac_ctx);
EVP_MAC_free_ctx(mac_ctx);
return ret;
}
@ -187,20 +187,20 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
/* TODO(3.0) library context */
|| (ctx->mac =
EVP_MAC_fetch(NULL, OSSL_MAC_NAME_CMAC, NULL)) == NULL
|| (ctx->mac_ctx_init = EVP_MAC_CTX_new(ctx->mac)) == NULL
|| !EVP_MAC_CTX_set_params(ctx->mac_ctx_init, params)
|| (ctx->mac_ctx_init = EVP_MAC_new_ctx(ctx->mac)) == NULL
|| !EVP_MAC_set_ctx_params(ctx->mac_ctx_init, params)
|| !EVP_EncryptInit_ex(ctx->cipher_ctx, ctr, NULL, key + klen, NULL)
|| (mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init)) == NULL
|| (mac_ctx = EVP_MAC_dup_ctx(ctx->mac_ctx_init)) == NULL
|| !EVP_MAC_update(mac_ctx, zero, sizeof(zero))
|| !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len,
sizeof(ctx->d.byte))) {
EVP_CIPHER_CTX_free(ctx->cipher_ctx);
EVP_MAC_CTX_free(ctx->mac_ctx_init);
EVP_MAC_CTX_free(mac_ctx);
EVP_MAC_free_ctx(ctx->mac_ctx_init);
EVP_MAC_free_ctx(mac_ctx);
EVP_MAC_free(ctx->mac);
return 0;
}
EVP_MAC_CTX_free(mac_ctx);
EVP_MAC_free_ctx(mac_ctx);
ctx->final_ret = -1;
ctx->crypto_ok = 1;
@ -216,8 +216,8 @@ int CRYPTO_siv128_copy_ctx(SIV128_CONTEXT *dest, SIV128_CONTEXT *src)
memcpy(&dest->d, &src->d, sizeof(src->d));
if (!EVP_CIPHER_CTX_copy(dest->cipher_ctx, src->cipher_ctx))
return 0;
EVP_MAC_CTX_free(dest->mac_ctx_init);
dest->mac_ctx_init = EVP_MAC_CTX_dup(src->mac_ctx_init);
EVP_MAC_free_ctx(dest->mac_ctx_init);
dest->mac_ctx_init = EVP_MAC_dup_ctx(src->mac_ctx_init);
if (dest->mac_ctx_init == NULL)
return 0;
return 1;
@ -237,15 +237,15 @@ int CRYPTO_siv128_aad(SIV128_CONTEXT *ctx, const unsigned char *aad,
siv128_dbl(&ctx->d);
if ((mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init)) == NULL
if ((mac_ctx = EVP_MAC_dup_ctx(ctx->mac_ctx_init)) == NULL
|| !EVP_MAC_update(mac_ctx, aad, len)
|| !EVP_MAC_final(mac_ctx, mac_out.byte, &out_len,
sizeof(mac_out.byte))
|| out_len != SIV_LEN) {
EVP_MAC_CTX_free(mac_ctx);
EVP_MAC_free_ctx(mac_ctx);
return 0;
}
EVP_MAC_CTX_free(mac_ctx);
EVP_MAC_free_ctx(mac_ctx);
siv128_xorblock(&ctx->d, &mac_out);
@ -357,7 +357,7 @@ int CRYPTO_siv128_cleanup(SIV128_CONTEXT *ctx)
if (ctx != NULL) {
EVP_CIPHER_CTX_free(ctx->cipher_ctx);
ctx->cipher_ctx = NULL;
EVP_MAC_CTX_free(ctx->mac_ctx_init);
EVP_MAC_free_ctx(ctx->mac_ctx_init);
ctx->mac_ctx_init = NULL;
EVP_MAC_free(ctx->mac);
ctx->mac = NULL;

2
doc/man1/openssl-mac.pod.in
View File

@ -49,7 +49,7 @@ Output the MAC in binary form. Uses hexadecimal text format if not specified.
Passes options to the MAC algorithm.
A comprehensive list of controls can be found in the EVP_MAC implementation
documentation.
Common parameter names used by EVP_MAC_CTX_get_params() are:
Common parameter names used by EVP_MAC_get_ctx_params() are:
=over 4

46
doc/man3/EVP_MAC.pod
View File

@ -5,8 +5,8 @@
EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free,
EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_names_do_all,
EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
EVP_MAC_CTX, EVP_MAC_new_ctx, EVP_MAC_free_ctx, EVP_MAC_dup_ctx,
EVP_MAC_get_ctx_mac, EVP_MAC_get_ctx_params, EVP_MAC_set_ctx_params,
EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final,
EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params,
EVP_MAC_do_all_provided - EVP MAC routines
@ -30,12 +30,12 @@ EVP_MAC_do_all_provided - EVP MAC routines
const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac);
void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx);
int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac);
void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx);
EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src);
EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx);
int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
int EVP_MAC_init(EVP_MAC_CTX *ctx);
@ -96,18 +96,18 @@ NULL is a valid parameter, for which this function is a no-op.
=head2 Context manipulation functions
EVP_MAC_CTX_new() creates a new context for the MAC type I<mac>.
EVP_MAC_new_ctx() creates a new context for the MAC type I<mac>.
The created context can then be used with most other functions
described here.
EVP_MAC_CTX_free() frees the contents of the context, including an
EVP_MAC_free_ctx() frees the contents of the context, including an
underlying context if there is one, as well as the context itself.
NULL is a valid parameter, for which this function is a no-op.
EVP_MAC_CTX_dup() duplicates the I<src> context and returns a newly allocated
EVP_MAC_dup_ctx() duplicates the I<src> context and returns a newly allocated
context.
EVP_MAC_CTX_mac() returns the B<EVP_MAC> associated with the context
EVP_MAC_get_ctx_mac() returns the B<EVP_MAC> associated with the context
I<ctx>.
=head2 Computing functions
@ -136,14 +136,14 @@ parameters should be retrieved.
Note that a parameter that is unknown in the underlying context is
simply ignored.
EVP_MAC_CTX_get_params() retrieves chosen parameters, given the
EVP_MAC_get_ctx_params() retrieves chosen parameters, given the
context I<ctx> and its underlying context.
The set of parameters given with I<params> determine exactly what
parameters should be retrieved.
Note that a parameter that is unknown in the underlying context is
simply ignored.
EVP_MAC_CTX_set_params() passes chosen parameters to the underlying
EVP_MAC_set_ctx_params() passes chosen parameters to the underlying
context, given a context I<ctx>.
The set of parameters given with I<params> determine exactly what
parameters are passed down.
@ -155,8 +155,8 @@ defined by the implementation.
EVP_MAC_gettable_params(), EVP_MAC_gettable_ctx_params() and
EVP_MAC_settable_ctx_params() get a constant B<OSSL_PARAM> array that
describes the retrievable and settable parameters, i.e. parameters that
can be used with EVP_MAC_get_params(), EVP_MAC_CTX_get_params()
and EVP_MAC_CTX_set_params(), respectively.
can be used with EVP_MAC_get_params(), EVP_MAC_get_ctx_params()
and EVP_MAC_set_ctx_params(), respectively.
See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor.
=head2 Information functions
@ -270,12 +270,12 @@ the given name, otherwise 0.
EVP_MAC_provider() returns a pointer to the provider for the MAC, or
NULL on error.
EVP_MAC_CTX_new() and EVP_MAC_CTX_dup() return a pointer to a newly
EVP_MAC_new_ctx() and EVP_MAC_dup_ctx() return a pointer to a newly
created EVP_MAC_CTX, or NULL if allocation failed.
EVP_MAC_CTX_free() returns nothing at all.
EVP_MAC_free_ctx() returns nothing at all.
EVP_MAC_CTX_get_params() and EVP_MAC_CTX_set_params() return 1 on
EVP_MAC_get_ctx_params() and EVP_MAC_set_ctx_params() return 1 on
success, 0 on error.
EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0
@ -327,8 +327,8 @@ EVP_MAC_do_all_provided() returns nothing at all.
if (mac == NULL
|| key == NULL
|| (ctx = EVP_MAC_CTX_new(mac)) == NULL
|| EVP_MAC_CTX_set_params(ctx, params) <= 0)
|| (ctx = EVP_MAC_new_ctx(mac)) == NULL
|| EVP_MAC_set_ctx_params(ctx, params) <= 0)
goto err;
if (!EVP_MAC_init(ctx))
@ -347,12 +347,12 @@ EVP_MAC_do_all_provided() returns nothing at all.
printf("%02X", buf[i]);
printf("\n");
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
EVP_MAC_free(mac);
exit(0);
err:
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
EVP_MAC_free(mac);
fprintf(stderr, "Something went wrong\n");
ERR_print_errors_fp(stderr);

2
doc/man3/HMAC.pod
View File

@ -54,7 +54,7 @@ L<openssl_user_macros(7)>:
=head1 DESCRIPTION
All of the functions described on this page are deprecated. Applications should
instead use L<EVP_MAC_CTX_new(3)>, L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>,
instead use L<EVP_MAC_new_ctx(3)>, L<EVP_MAC_free_ctx(3)>, L<EVP_MAC_init(3)>,
L<EVP_MAC_update(3)> and L<EVP_MAC_final(3)>.
HMAC is a MAC (message authentication code), i.e. a keyed hash

2
doc/man3/OSSL_PARAM_allocate_from_text.pod
View File

@ -175,7 +175,7 @@ Can be written like this instead:
goto err;
}
params[params_n] = OSSL_PARAM_construct_end();
if (!EVP_MAC_CTX_set_params(ctx, params))
if (!EVP_MAC_set_ctx_params(ctx, params))
goto err;
while (params_n-- > 0)
OPENSSL_free(params[params_n].data);

14
doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
View File

@ -49,7 +49,7 @@ ticket information or it starts a full TLS handshake to create a new session
ticket.
Before the callback function is started I<ctx> and I<hctx> have been
initialised with L<EVP_CIPHER_CTX_reset(3)> and L<EVP_MAC_CTX_new(3)>
initialised with L<EVP_CIPHER_CTX_reset(3)> and L<EVP_MAC_new_ctx(3)>
respectively.
For new sessions tickets, when the client doesn't present a session ticket, or
@ -66,7 +66,7 @@ maximum IV length is B<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>.
The initialization vector I<iv> should be a random value. The cipher context
I<ctx> should use the initialisation vector I<iv>. The cipher context can be
set using L<EVP_EncryptInit_ex(3)>. The hmac context and digest can be set using
L<EVP_MAC_CTX_set_params(3)> with the B<OSSL_MAC_PARAM_KEY> and
L<EVP_MAC_set_ctx_params(3)> with the B<OSSL_MAC_PARAM_KEY> and
B<OSSL_MAC_PARAM_DIGEST> parameters respectively.
When the client presents a session ticket, the callback function with be called
@ -76,7 +76,7 @@ the session ticket. The OpenSSL library expects that the I<name> will be used
to retrieve a cryptographic parameters and that the cryptographic context
I<ctx> will be set with the retrieved parameters and the initialization vector
I<iv>. using a function like L<EVP_DecryptInit_ex(3)>. The key material and
digest for I<hctx> need to be set using L<EVP_MAC_CTX_set_params(3)> with the
digest for I<hctx> need to be set using L<EVP_MAC_set_ctx_params(3)> with the
B<OSSL_MAC_PARAM_KEY> and B<OSSL_MAC_PARAM_DIGEST> parameters respectively.
If the I<name> is still valid but a renewal of the ticket is required the
@ -120,8 +120,8 @@ The SSL_CTX_set_tlsext_ticket_key_cb() function is identical to
SSL_CTX_set_tlsext_ticket_key_evp_cb() except that it takes a deprecated
HMAC_CTX pointer instead of an EVP_MAC_CTX one.
Before this callback function is started I<hctx> will have been
initialised with L<EVP_MAC_CTX_new(3)> and the digest set with
L<EVP_MAC_CTX_set_params(3)>.
initialised with L<EVP_MAC_new_ctx(3)> and the digest set with
L<EVP_MAC_set_ctx_params(3)>.
The I<hctx> key material can be set using L<HMAC_Init_ex(3)>.
=head1 NOTES
@ -185,7 +185,7 @@ Reference Implementation:
params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
"sha256", 0);
params[2] = OSSL_PARAM_construct_end();
EVP_MAC_CTX_set_params(hctx, params);
EVP_MAC_set_ctx_params(hctx, params);
return 1;
@ -200,7 +200,7 @@ Reference Implementation:
params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
"sha256", 0);
params[2] = OSSL_PARAM_construct_end();
EVP_MAC_CTX_set_params(hctx, params);
EVP_MAC_set_ctx_params(hctx, params);
EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);

6
doc/man7/EVP_MAC-BLAKE2.pod
View File

@ -27,9 +27,9 @@ properties, to be used with EVP_MAC_fetch():
The general description of these parameters can be found in
L<EVP_MAC(3)/PARAMETERS>.
All these parameters can be set with EVP_MAC_CTX_set_params().
All these parameters can be set with EVP_MAC_set_ctx_params().
Furthermore, the "size" parameter can be retrieved with
EVP_MAC_CTX_get_params(), or with EVP_MAC_size().
EVP_MAC_get_ctx_params(), or with EVP_MAC_size().
The length of the "size" parameter should not exceed that of a B<size_t>.
=over 4
@ -61,7 +61,7 @@ It is 32 and 64 respectively by default.
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>,
L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>
=head1 HISTORY

6
doc/man7/EVP_MAC-CMAC.pod
View File

@ -24,7 +24,7 @@ used with EVP_MAC_fetch():
The general description of these parameters can be found in
L<EVP_MAC(3)/PARAMETERS>.
The following parameter can be set with EVP_MAC_CTX_set_params():
The following parameter can be set with EVP_MAC_set_ctx_params():
=over 4
@ -37,7 +37,7 @@ The following parameter can be set with EVP_MAC_CTX_set_params():
=back
The following parameters can be retrieved with
EVP_MAC_CTX_get_params():
EVP_MAC_get_ctx_params():
=over 4
@ -50,7 +50,7 @@ The length of the "size" parameter is equal to that of an B<unsigned int>.
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>,
L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>
=head1 COPYRIGHT

6
doc/man7/EVP_MAC-GMAC.pod
View File

@ -24,7 +24,7 @@ used with EVP_MAC_fetch():
The general description of these parameters can be found in
L<EVP_MAC(3)/PARAMETERS>.
The following parameter can be set with EVP_MAC_CTX_set_params():
The following parameter can be set with EVP_MAC_set_ctx_params():
=over 4
@ -39,7 +39,7 @@ The following parameter can be set with EVP_MAC_CTX_set_params():
=back
The following parameters can be retrieved with
EVP_MAC_CTX_get_params():
EVP_MAC_get_ctx_params():
=over 4
@ -52,7 +52,7 @@ The length of the "size" parameter is equal to that of an B<unsigned int>.
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>,
L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>
=head1 COPYRIGHT

6
doc/man7/EVP_MAC-HMAC.pod
View File

@ -24,7 +24,7 @@ used with EVP_MAC_fetch():
The general description of these parameters can be found in
L<EVP_MAC(3)/PARAMETERS>.
The following parameter can be set with EVP_MAC_CTX_set_params():
The following parameter can be set with EVP_MAC_set_ctx_params():
=over 4
@ -41,7 +41,7 @@ The following parameter can be set with EVP_MAC_CTX_set_params():
The "flags" parameter is passed directly to HMAC_CTX_set_flags().
The following parameter can be retrieved with
EVP_MAC_CTX_get_params():
EVP_MAC_get_ctx_params():
=over 4
@ -54,7 +54,7 @@ The length of the "size" parameter is equal to that of an B<unsigned int>.
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>,
L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>, L<HMAC(3)>
=head1 COPYRIGHT

6
doc/man7/EVP_MAC-KMAC.pod
View File

@ -27,9 +27,9 @@ properties, to be used with EVP_MAC_fetch():
The general description of these parameters can be found in
L<EVP_MAC(3)/PARAMETERS>.
All these parameters can be set with EVP_MAC_CTX_set_params().
All these parameters can be set with EVP_MAC_set_ctx_params().
Furthermore, the "size" parameter can be retrieved with
EVP_MAC_CTX_get_params(), or with EVP_MAC_size().
EVP_MAC_get_ctx_params(), or with EVP_MAC_size().
The length of the "size" parameter should not exceed that of a B<size_t>.
=over 4
@ -50,7 +50,7 @@ the input stream is set to zero.
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>,
L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>
=head1 COPYRIGHT

6
doc/man7/EVP_MAC-Poly1305.pod
View File

@ -24,7 +24,7 @@ used with EVP_MAC_fetch():
The general description of these parameters can be found in
L<EVP_MAC(3)/PARAMETERS>.
The following parameter can be set with EVP_MAC_CTX_set_params():
The following parameter can be set with EVP_MAC_set_ctx_params():
=over 4
@ -33,7 +33,7 @@ The following parameter can be set with EVP_MAC_CTX_set_params():
=back
The following parameters can be retrieved with
EVP_MAC_CTX_get_params():
EVP_MAC_get_ctx_params():
=over 4
@ -46,7 +46,7 @@ The length of the "size" parameter should not exceed that of an B<unsigned int>.
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>,
L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>
=head1 COPYRIGHT

6
doc/man7/EVP_MAC-Siphash.pod
View File

@ -25,9 +25,9 @@ used with EVP_MAC_fetch():
The general description of these parameters can be found in
L<EVP_MAC(3)/PARAMETERS>.
All these parameters can be set with EVP_MAC_CTX_set_params().
All these parameters can be set with EVP_MAC_set_ctx_params().
Furthermore, the "size" parameter can be retrieved with
EVP_MAC_CTX_get_params(), or with EVP_MAC_size().
EVP_MAC_get_ctx_params(), or with EVP_MAC_size().
The length of the "size" parameter should not exceed that of a B<size_t>.
=over 4
@ -40,7 +40,7 @@ The length of the "size" parameter should not exceed that of a B<size_t>.
=head1 SEE ALSO
L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>,
L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>,
L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>
=head1 COPYRIGHT

36
include/openssl/evp.h
View File

@ -26,6 +26,8 @@
# include <openssl/evperr.h>
# include <openssl/params.h>
# include <openssl/mac.h>
# define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */
# define EVP_MAX_KEY_LENGTH 64
# define EVP_MAX_IV_LENGTH 16
@ -1069,40 +1071,6 @@ void EVP_MD_do_all_provided(OPENSSL_CTX *libctx,
void (*fn)(EVP_MD *md, void *arg),
void *arg);
/* MAC stuff */
EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm,
const char *properties);
int EVP_MAC_up_ref(EVP_MAC *mac);
void EVP_MAC_free(EVP_MAC *mac);
int EVP_MAC_number(const EVP_MAC *mac);
int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac);
void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx);
int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
int EVP_MAC_init(EVP_MAC_CTX *ctx);
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac);
void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx,
void (*fn)(EVP_MAC *mac, void *arg),
void *arg);
void EVP_MAC_names_do_all(const EVP_MAC *mac,
void (*fn)(const char *name, void *data),
void *data);
/* PKEY stuff */
DEPRECATEDIN_3_0(int EVP_PKEY_decrypt_old(unsigned char *dec_key,
const unsigned char *enc_key,

52
include/openssl/mac.h Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright 2019=-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
/* MAC stuff */
#ifndef OPENSSL_EVP_MAC_H
# define OPENSSL_EVP_MAC_H
# pragma once
# include <openssl/opensslconf.h>
# include <openssl/types.h>
# include <openssl/core.h>
EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm,
const char *properties);
int EVP_MAC_up_ref(EVP_MAC *mac);
void EVP_MAC_free(EVP_MAC *mac);
int EVP_MAC_number(const EVP_MAC *mac);
int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac);
void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx);
EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src);
EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx);
int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
int EVP_MAC_init(EVP_MAC_CTX *ctx);
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac);
const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac);
const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac);
void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx,
void (*fn)(EVP_MAC *mac, void *arg),
void *arg);
void EVP_MAC_names_do_all(const EVP_MAC *mac,
void (*fn)(const char *name, void *data),
void *data);
#endif /* OPENSSL_EVP_MAC_H */

8
providers/common/provider_util.c
View File

@ -189,8 +189,8 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
if (macname != NULL) {
EVP_MAC *mac = EVP_MAC_fetch(libctx, macname, properties);
EVP_MAC_CTX_free(*macctx);
*macctx = mac == NULL ? NULL : EVP_MAC_CTX_new(mac);
EVP_MAC_free_ctx(*macctx);
*macctx = mac == NULL ? NULL : EVP_MAC_new_ctx(mac);
/* The context holds on to the MAC */
EVP_MAC_free(mac);
if (*macctx == NULL)
@ -241,10 +241,10 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx,
#endif
*mp = OSSL_PARAM_construct_end();
if (EVP_MAC_CTX_set_params(*macctx, mac_params))
if (EVP_MAC_set_ctx_params(*macctx, mac_params))
return 1;
EVP_MAC_CTX_free(*macctx);
EVP_MAC_free_ctx(*macctx);
*macctx = NULL;
return 0;
}

6
providers/fips/self_test.c
View File

@ -146,7 +146,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_BIO_read_ex_fn read_ex_cb,
OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);
mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL);
ctx = EVP_MAC_CTX_new(mac);
ctx = EVP_MAC_new_ctx(mac);
if (mac == NULL || ctx == NULL)
goto err;
@ -156,7 +156,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_BIO_read_ex_fn read_ex_cb,
sizeof(fixed_key));
*p = OSSL_PARAM_construct_end();
if (EVP_MAC_CTX_set_params(ctx, params) <= 0
if (EVP_MAC_set_ctx_params(ctx, params) <= 0
|| !EVP_MAC_init(ctx))
goto err;
@ -177,7 +177,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_BIO_read_ex_fn read_ex_cb,
ret = 1;
err:
OSSL_SELF_TEST_onend(ev, ret);
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
EVP_MAC_free(mac);
return ret;
}

14
providers/implementations/kdfs/kbkdf.c
View File

@ -123,7 +123,7 @@ static void kbkdf_reset(void *vctx)
{
KBKDF *ctx = (KBKDF *)vctx;
EVP_MAC_CTX_free(ctx->ctx_init);
EVP_MAC_free_ctx(ctx->ctx_init);
OPENSSL_clear_free(ctx->context, ctx->context_len);
OPENSSL_clear_free(ctx->label, ctx->label_len);
OPENSSL_clear_free(ctx->ki, ctx->ki_len);
@ -151,7 +151,7 @@ static int derive(EVP_MAC_CTX *ctx_init, kbkdf_mode mode, unsigned char *iv,
for (counter = 1; written < ko_len; counter++) {
i = be32(counter);
ctx = EVP_MAC_CTX_dup(ctx_init);
ctx = EVP_MAC_dup_ctx(ctx_init);
if (ctx == NULL)
goto done;
@ -172,13 +172,13 @@ static int derive(EVP_MAC_CTX *ctx_init, kbkdf_mode mode, unsigned char *iv,
written += h;
k_i_len = h;
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
ctx = NULL;
}
ret = 1;
done:
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
return ret;
}
@ -247,9 +247,9 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
NULL, NULL, libctx))
return 0;
else if (ctx->ctx_init != NULL
&& !EVP_MAC_is_a(EVP_MAC_CTX_mac(ctx->ctx_init),
&& !EVP_MAC_is_a(EVP_MAC_get_ctx_mac(ctx->ctx_init),
OSSL_MAC_NAME_HMAC)
&& !EVP_MAC_is_a(EVP_MAC_CTX_mac(ctx->ctx_init),
&& !EVP_MAC_is_a(EVP_MAC_get_ctx_mac(ctx->ctx_init),
OSSL_MAC_NAME_CMAC)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MAC);
return 0;
@ -288,7 +288,7 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
ctx->ki, ctx->ki_len);
mparams[1] = OSSL_PARAM_construct_end();
if (!EVP_MAC_CTX_set_params(ctx->ctx_init, mparams)
if (!EVP_MAC_set_ctx_params(ctx->ctx_init, mparams)
|| !EVP_MAC_init(ctx->ctx_init))
return 0;
}

16
providers/implementations/kdfs/sskdf.c
View File

@ -168,7 +168,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom,
(void *)custom, custom_len);
params[1] = OSSL_PARAM_construct_end();
if (!EVP_MAC_CTX_set_params(ctx, params))
if (!EVP_MAC_set_ctx_params(ctx, params))
return 0;
/* By default only do one iteration if kmac_out_len is not specified */
@ -186,7 +186,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom,
params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE,
&kmac_out_len);
if (EVP_MAC_CTX_set_params(ctx, params) <= 0)
if (EVP_MAC_set_ctx_params(ctx, params) <= 0)
return 0;
/*
@ -233,7 +233,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init,
(void *)salt, salt_len);
*p = OSSL_PARAM_construct_end();
if (!EVP_MAC_CTX_set_params(ctx_init, params))
if (!EVP_MAC_set_ctx_params(ctx_init, params))
goto end;
if (!kmac_init(ctx_init, kmac_custom, kmac_custom_len, kmac_out_len,
@ -256,7 +256,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init,
c[2] = (unsigned char)((counter >> 8) & 0xff);
c[3] = (unsigned char)(counter & 0xff);
ctx = EVP_MAC_CTX_dup(ctx_init);
ctx = EVP_MAC_dup_ctx(ctx_init);
if (!(ctx != NULL
&& EVP_MAC_update(ctx, c, sizeof(c))
&& EVP_MAC_update(ctx, z, z_len)
@ -275,7 +275,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init,
memcpy(out, mac, len);
break;
}
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
ctx = NULL;
}
ret = 1;
@ -285,7 +285,7 @@ end:
else
OPENSSL_cleanse(mac_buf, sizeof(mac_buf));
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
return ret;
}
@ -303,7 +303,7 @@ static void sskdf_reset(void *vctx)
{
KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
EVP_MAC_CTX_free(ctx->macctx);
EVP_MAC_free_ctx(ctx->macctx);
ossl_prov_digest_reset(&ctx->digest);
OPENSSL_clear_free(ctx->secret, ctx->secret_len);
OPENSSL_clear_free(ctx->info, ctx->info_len);
@ -360,7 +360,7 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
const unsigned char *custom = NULL;
size_t custom_len = 0;
int default_salt_len;
EVP_MAC *mac = EVP_MAC_CTX_mac(ctx->macctx);
EVP_MAC *mac = EVP_MAC_get_ctx_mac(ctx->macctx);
/*
* TODO(3.0) investigate the necessity to have all these controls.

22
providers/implementations/kdfs/tls1_prf.c
View File

@ -116,8 +116,8 @@ static void kdf_tls1_prf_reset(void *vctx)
{
TLS1_PRF *ctx = (TLS1_PRF *)vctx;
EVP_MAC_CTX_free(ctx->P_hash);
EVP_MAC_CTX_free(ctx->P_sha1);
EVP_MAC_free_ctx(ctx->P_hash);
EVP_MAC_free_ctx(ctx->P_sha1);
OPENSSL_clear_free(ctx->sec, ctx->seclen);
OPENSSL_cleanse(ctx->seed, ctx->seedlen);
memset(ctx, 0, sizeof(*ctx));
@ -163,7 +163,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
NULL, SN_sha1, libctx))
return 0;
} else {
EVP_MAC_CTX_free(ctx->P_sha1);
EVP_MAC_free_ctx(ctx->P_sha1);
if (!ossl_prov_macctx_load_from_params(&ctx->P_hash, params,
OSSL_MAC_NAME_HMAC,
NULL, NULL, libctx))
@ -280,7 +280,7 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init,
*p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
(void *)sec, sec_len);
*p = OSSL_PARAM_construct_end();
if (!EVP_MAC_CTX_set_params(ctx_init, params))
if (!EVP_MAC_set_ctx_params(ctx_init, params))
goto err;
if (!EVP_MAC_init(ctx_init))
goto err;
@ -288,7 +288,7 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init,
if (chunk == 0)
goto err;
/* A(0) = seed */
ctx_Ai = EVP_MAC_CTX_dup(ctx_init);
ctx_Ai = EVP_MAC_dup_ctx(ctx_init);
if (ctx_Ai == NULL)
goto err;
if (seed != NULL && !EVP_MAC_update(ctx_Ai, seed, seed_len))
@ -298,18 +298,18 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init,
/* calc: A(i) = HMAC_<hash>(secret, A(i-1)) */
if (!EVP_MAC_final(ctx_Ai, Ai, &Ai_len, sizeof(Ai)))
goto err;
EVP_MAC_CTX_free(ctx_Ai);
EVP_MAC_free_ctx(ctx_Ai);
ctx_Ai = NULL;
/* calc next chunk: HMAC_<hash>(secret, A(i) + seed) */
ctx = EVP_MAC_CTX_dup(ctx_init);
ctx = EVP_MAC_dup_ctx(ctx_init);
if (ctx == NULL)
goto err;
if (!EVP_MAC_update(ctx, Ai, Ai_len))
goto err;
/* save state for calculating next A(i) value */
if (olen > chunk) {
ctx_Ai = EVP_MAC_CTX_dup(ctx);
ctx_Ai = EVP_MAC_dup_ctx(ctx);
if (ctx_Ai == NULL)
goto err;
}
@ -324,15 +324,15 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init,
}
if (!EVP_MAC_final(ctx, out, NULL, olen))
goto err;
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
ctx = NULL;
out += chunk;
olen -= chunk;
}
ret = 1;
err:
EVP_MAC_CTX_free(ctx);
EVP_MAC_CTX_free(ctx_Ai);
EVP_MAC_free_ctx(ctx);
EVP_MAC_free_ctx(ctx_Ai);
OPENSSL_cleanse(Ai, sizeof(Ai));
return ret;
}

8
ssl/t1_lib.c
View File

@ -3149,12 +3149,12 @@ SSL_HMAC *ssl_hmac_new(const SSL_CTX *ctx)
}
#endif
mac = EVP_MAC_fetch(ctx->libctx, "HMAC", NULL);
if (mac == NULL || (ret->ctx = EVP_MAC_CTX_new(mac)) == NULL)
if (mac == NULL || (ret->ctx = EVP_MAC_new_ctx(mac)) == NULL)
goto err;
EVP_MAC_free(mac);
return ret;
err:
EVP_MAC_CTX_free(ret->ctx);
EVP_MAC_free_ctx(ret->ctx);
EVP_MAC_free(mac);
OPENSSL_free(ret);
return NULL;
@ -3163,7 +3163,7 @@ SSL_HMAC *ssl_hmac_new(const SSL_CTX *ctx)
void ssl_hmac_free(SSL_HMAC *ctx)
{
if (ctx != NULL) {
EVP_MAC_CTX_free(ctx->ctx);
EVP_MAC_free_ctx(ctx->ctx);
#ifndef OPENSSL_NO_DEPRECATED_3_0
HMAC_CTX_free(ctx->old_ctx);
#endif
@ -3191,7 +3191,7 @@ int ssl_hmac_init(SSL_HMAC *ctx, void *key, size_t len, char *md)
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, md, 0);
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key, len);
*p = OSSL_PARAM_construct_end();
if (EVP_MAC_CTX_set_params(ctx->ctx, params) && EVP_MAC_init(ctx->ctx))
if (EVP_MAC_set_ctx_params(ctx->ctx, params) && EVP_MAC_init(ctx->ctx))
return 1;
}
#ifndef OPENSSL_NO_DEPRECATED_3_0

6
ssl/tls13_enc.c
View File

@ -360,9 +360,9 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
}
*p++ = OSSL_PARAM_construct_end();
ctx = EVP_MAC_CTX_new(hmac);
ctx = EVP_MAC_new_ctx(hmac);
if (ctx == NULL
|| !EVP_MAC_CTX_set_params(ctx, params)
|| !EVP_MAC_set_ctx_params(ctx, params)
|| !EVP_MAC_init(ctx)
|| !EVP_MAC_update(ctx, hash, hashlen)
/* outsize as per sizeof(peer_finish_md) */
@ -375,7 +375,7 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
ret = hashlen;
err:
OPENSSL_cleanse(finsecret, sizeof(finsecret));
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
EVP_MAC_free(hmac);
return ret;
}

6
test/bad_dtls_test.c
View File

@ -305,14 +305,14 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
/* Append HMAC to data */
hmac = EVP_MAC_fetch(NULL, "HMAC", NULL);
ctx = EVP_MAC_CTX_new(hmac);
ctx = EVP_MAC_new_ctx(hmac);
EVP_MAC_free(hmac);
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
"SHA1", 0);
params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
mac_key, 20);
params[2] = OSSL_PARAM_construct_end();
EVP_MAC_CTX_set_params(ctx, params);
EVP_MAC_set_ctx_params(ctx, params);
EVP_MAC_init(ctx);
EVP_MAC_update(ctx, epoch, 2);
EVP_MAC_update(ctx, seq, 6);
@ -323,7 +323,7 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
EVP_MAC_update(ctx, lenbytes, 2); /* Length */
EVP_MAC_update(ctx, enc, len); /* Finally the data itself */
EVP_MAC_final(ctx, enc + len, NULL, SHA_DIGEST_LENGTH);
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
/* Append padding bytes */
len += SHA_DIGEST_LENGTH;

6
test/evp_test.c
View File

@ -1323,12 +1323,12 @@ static int mac_test_run_mac(EVP_TEST *t)
}
params[params_n] = OSSL_PARAM_construct_end();
if ((ctx = EVP_MAC_CTX_new(expected->mac)) == NULL) {
if ((ctx = EVP_MAC_new_ctx(expected->mac)) == NULL) {
t->err = "MAC_CREATE_ERROR";
goto err;
}
if (!EVP_MAC_CTX_set_params(ctx, params)) {
if (!EVP_MAC_set_ctx_params(ctx, params)) {
t->err = "MAC_BAD_PARAMS";
goto err;
}
@ -1360,7 +1360,7 @@ static int mac_test_run_mac(EVP_TEST *t)
while (params_n-- > params_n_allocstart) {
OPENSSL_free(params[params_n].data);
}
EVP_MAC_CTX_free(ctx);
EVP_MAC_free_ctx(ctx);
OPENSSL_free(got);
return 1;
}

2
test/sslapitest.c
View File

@ -6922,7 +6922,7 @@ static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
params[2] = OSSL_PARAM_construct_end();
if (aes128cbc == NULL
|| !EVP_CipherInit_ex(ctx, aes128cbc, NULL, tick_aes_key, iv, enc)
|| !EVP_MAC_CTX_set_params(hctx, params)
|| !EVP_MAC_set_ctx_params(hctx, params)
|| !EVP_MAC_init(hctx))
ret = -1;
else

12
util/libcrypto.num
View File

@ -4425,10 +4425,10 @@ OCSP_resp_get0_respdata 4530 3_0_0 EXIST::FUNCTION:OCSP
EVP_MD_CTX_set_pkey_ctx 4531 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_set_digest_custom 4532 3_0_0 EXIST::FUNCTION:
EVP_PKEY_meth_get_digest_custom 4533 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_new ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_free ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_dup ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_new_ctx ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_free_ctx ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_dup_ctx ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_get_ctx_mac ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_size ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_init ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_update ? 3_0_0 EXIST::FUNCTION:
@ -4701,8 +4701,8 @@ EVP_CIPHER_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION:
EVP_MD_get_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_fetch ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_settable_ctx_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_set_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_get_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_set_ctx_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_get_ctx_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_free ? 3_0_0 EXIST::FUNCTION:
EVP_MAC_up_ref ? 3_0_0 EXIST::FUNCTION: