return 1;
}
-EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
- size_t len, const EVP_CIPHER *cipher)
+static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len,
+ const char *cipher_name,
+ const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
+ const char *propq, ENGINE *e)
{
# ifndef OPENSSL_NO_CMAC
# ifndef OPENSSL_NO_ENGINE
const char *engine_id = e != NULL ? ENGINE_get_id(e) : NULL;
# endif
- const char *cipher_name = EVP_CIPHER_name(cipher);
- const OSSL_PROVIDER *prov = EVP_CIPHER_provider(cipher);
- OPENSSL_CTX *libctx =
- prov == NULL ? NULL : ossl_provider_library_context(prov);
- EVP_PKEY *ret = EVP_PKEY_new();
- EVP_MAC *cmac = EVP_MAC_fetch(libctx, OSSL_MAC_NAME_CMAC, NULL);
- EVP_MAC_CTX *cmctx = cmac != NULL ? EVP_MAC_CTX_new(cmac) : NULL;
- OSSL_PARAM params[4];
- size_t paramsn = 0;
-
- if (ret == NULL
- || cmctx == NULL
- || !pkey_set_type(ret, e, EVP_PKEY_CMAC, NULL, -1, NULL)) {
- /* EVPerr already called */
+ OSSL_PARAM params[4], *p = params;
+ EVP_PKEY *pkey = NULL;
+ EVP_PKEY_CTX *ctx;
+
+ if (cipher != NULL)
+ cipher_name = EVP_CIPHER_name(cipher);
+
+ if (cipher_name == NULL) {
+ EVPerr(0, EVP_R_KEY_SETUP_FAILED);
+ return NULL;
+ }
+
+ ctx = EVP_PKEY_CTX_new_from_name(libctx, "CMAC", propq);
+ if (ctx == NULL) {
+ EVPerr(0, ERR_R_MALLOC_FAILURE);
goto err;
}
+ if (!EVP_PKEY_key_fromdata_init(ctx)) {
+ EVPerr(0, EVP_R_KEY_SETUP_FAILED);
+ goto err;
+ }
+
+ *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
+ (void *)priv, len);
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER,
+ (char *)cipher_name, 0);
# ifndef OPENSSL_NO_ENGINE
if (engine_id != NULL)
- params[paramsn++] =
- OSSL_PARAM_construct_utf8_string("engine", (char *)engine_id, 0);
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_ENGINE,
+ (char *)engine_id, 0);
# endif
+ *p = OSSL_PARAM_construct_end();
- params[paramsn++] =
- OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
- (char *)cipher_name, 0);
- params[paramsn++] =
- OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- (char *)priv, len);
- params[paramsn] = OSSL_PARAM_construct_end();
-
- if (!EVP_MAC_CTX_set_params(cmctx, params)) {
- EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED);
+ if (!EVP_PKEY_fromdata(ctx, &pkey, params)) {
+ EVPerr(0, EVP_R_KEY_SETUP_FAILED);
goto err;
}
- ret->pkey.ptr = cmctx;
- return ret;
-
err:
- EVP_PKEY_free(ret);
- EVP_MAC_CTX_free(cmctx);
- EVP_MAC_free(cmac);
- return NULL;
+ EVP_PKEY_CTX_free(ctx);
+
+ return pkey;
# else
- EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ EVPerr(0, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return NULL;
# endif
}
+EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
+ size_t len,
+ const char *cipher_name,
+ OPENSSL_CTX *libctx,
+ const char *propq)
+{
+ return new_cmac_key_int(priv, len, cipher_name, NULL, libctx, propq, NULL);
+}
+
+EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+ size_t len, const EVP_CIPHER *cipher)
+{
+ return new_cmac_key_int(priv, len, NULL, cipher, NULL, NULL, e);
+}
+
int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
{
return pkey_set_type(pkey, NULL, type, NULL, -1, NULL);
* support
*/
case EVP_PKEY_SM2:
- case EVP_PKEY_CMAC:
return 1;
default:
return 0;
static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2)
{
- /*
- * GOST CMS format is different for different cipher algorithms.
- * Most of other algorithms don't have such a difference
- * so this ctrl is just ignored.
- */
- if (cmd == EVP_PKEY_CTRL_CIPHER)
- return -2;
-
# ifndef OPENSSL_NO_DH
if (keytype == EVP_PKEY_DHX) {
switch (cmd) {
case EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES:
return EVP_PKEY_CTX_set_scrypt_maxmem_bytes(ctx, p1);
}
+ } else if (optype == EVP_PKEY_OP_KEYGEN) {
+ OSSL_PARAM params[2], *p = params;
+
+ switch (cmd) {
+ case EVP_PKEY_CTRL_CIPHER:
+ {
+ char *ciphname = (char *)EVP_CIPHER_name(p2);
+
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_CIPHER,
+ ciphname, 0);
+ *p = OSSL_PARAM_construct_end();
+
+ return EVP_PKEY_CTX_set_params(ctx, params);
+ }
+ case EVP_PKEY_CTRL_SET_MAC_KEY:
+ {
+ *p++ = OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
+ p2, p1);
+ *p = OSSL_PARAM_construct_end();
+
+ return EVP_PKEY_CTX_set_params(ctx, params);
+ }
+ }
}
switch (cmd) {
case EVP_PKEY_CTRL_MD:
return -2;
}
}
+
+ /*
+ * GOST CMS format is different for different cipher algorithms.
+ * Most of other algorithms don't have such a difference
+ * so this ctrl is just ignored.
+ */
+ if (cmd == EVP_PKEY_CTRL_CIPHER)
+ return -2;
+
return 0;
}
*/
#define OSSL_ALG_PARAM_DIGEST "digest" /* utf8_string */
#define OSSL_ALG_PARAM_CIPHER "cipher" /* utf8_string */
+#define OSSL_ALG_PARAM_ENGINE "engine" /* utf8_string */
#define OSSL_ALG_PARAM_MAC "mac" /* utf8_string */
#define OSSL_ALG_PARAM_PROPERTIES "properties"/* utf8_string */
#define OSSL_PKEY_PARAM_MAX_SIZE "max-size" /* integer */
#define OSSL_PKEY_PARAM_SECURITY_BITS "security-bits" /* integer */
#define OSSL_PKEY_PARAM_DIGEST OSSL_ALG_PARAM_DIGEST
+#define OSSL_PKEY_PARAM_CIPHER OSSL_ALG_PARAM_CIPHER /* utf8 string */
+#define OSSL_PKEY_PARAM_ENGINE OSSL_ALG_PARAM_ENGINE /* utf8 string */
#define OSSL_PKEY_PARAM_PROPERTIES OSSL_ALG_PARAM_PROPERTIES
#define OSSL_PKEY_PARAM_DEFAULT_DIGEST "default-digest" /* utf8 string */
#define OSSL_PKEY_PARAM_MANDATORY_DIGEST "mandatory-digest" /* utf8 string */
#define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties"
#define OSSL_PKEY_PARAM_TLS_ENCODED_PT "tls-encoded-pt"
#define OSSL_PKEY_PARAM_GROUP_NAME "group"
-
-/* Diffie-Hellman/DSA public/private key */
#define OSSL_PKEY_PARAM_PUB_KEY "pub"
#define OSSL_PKEY_PARAM_PRIV_KEY "priv"
int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
size_t *len);
+EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
+ size_t len,
+ const char *cipher_name,
+ OPENSSL_CTX *libctx,
+ const char *propq);
EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
size_t len, const EVP_CIPHER *cipher);
/* TODO legacy stuff, to be removed */
/* Inside the FIPS module, we don't support legacy ciphers */
#if !defined(FIPS_MODULE) && !defined(OPENSSL_NO_ENGINE)
- p = OSSL_PARAM_locate_const(params, "engine");
+ p = OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_ENGINE);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING)
return 0;
{ "SIPHASH", "provider=default", mac_siphash_signature_functions },
#ifndef OPENSSL_NO_POLY1305
{ "POLY1305", "provider=default", mac_poly1305_signature_functions },
+#endif
+#ifndef OPENSSL_NO_CMAC
+ { "CMAC", "provider=default", mac_cmac_signature_functions },
#endif
{ NULL, NULL, NULL }
};
{ "SIPHASH", "provider=default", mac_keymgmt_functions },
#ifndef OPENSSL_NO_POLY1305
{ "POLY1305", "provider=default", mac_keymgmt_functions },
+#endif
+#ifndef OPENSSL_NO_CMAC
+ { "CMAC", "provider=default", cmac_keymgmt_functions },
#endif
{ NULL, NULL, NULL }
};
{ "ECDSA", FIPS_DEFAULT_PROPERTIES, ecdsa_signature_functions },
#endif
{ "HMAC", FIPS_DEFAULT_PROPERTIES, mac_hmac_signature_functions },
+#ifndef OPENSSL_NO_CMAC
+ { "CMAC", FIPS_DEFAULT_PROPERTIES, mac_cmac_signature_functions },
+#endif
{ NULL, NULL, NULL }
};
{ "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
{ "HKDF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
{ "HMAC", FIPS_DEFAULT_PROPERTIES, mac_keymgmt_functions },
+#ifndef OPENSSL_NO_CMAC
+ { "CMAC", FIPS_DEFAULT_PROPERTIES, cmac_keymgmt_functions },
+#endif
{ NULL, NULL, NULL }
};
extern const OSSL_DISPATCH ec_keymgmt_functions[];
extern const OSSL_DISPATCH kdf_keymgmt_functions[];
extern const OSSL_DISPATCH mac_keymgmt_functions[];
+extern const OSSL_DISPATCH cmac_keymgmt_functions[];
/* Key Exchange */
extern const OSSL_DISPATCH dh_keyexch_functions[];
extern const OSSL_DISPATCH mac_hmac_signature_functions[];
extern const OSSL_DISPATCH mac_siphash_signature_functions[];
extern const OSSL_DISPATCH mac_poly1305_signature_functions[];
+extern const OSSL_DISPATCH mac_cmac_signature_functions[];
/* Asym Cipher */
extern const OSSL_DISPATCH rsa_asym_cipher_functions[];
CRYPTO_REF_COUNT refcnt;
unsigned char *priv_key;
size_t priv_key_len;
+ char *cipher_name;
+ char *engine_name;
+ int cmac;
};
typedef struct mac_key_st MAC_KEY;
-MAC_KEY *mac_key_new(OPENSSL_CTX *libctx);
+MAC_KEY *mac_key_new(OPENSSL_CTX *libctx, int cmac);
void mac_key_free(MAC_KEY *mackey);
int mac_key_up_ref(MAC_KEY *mackey);
#include "prov/providercommon.h"
#include "prov/provider_ctx.h"
#include "prov/macsignature.h"
-
+#include "e_os.h" /* strcasecmp */
static OSSL_FUNC_keymgmt_new_fn mac_new;
static OSSL_FUNC_keymgmt_free_fn mac_free;
int selection;
unsigned char *priv_key;
size_t priv_key_len;
+ char *cipher_name;
};
-MAC_KEY *mac_key_new(OPENSSL_CTX *libctx)
+MAC_KEY *mac_key_new(OPENSSL_CTX *libctx, int cmac)
{
MAC_KEY *mackey = OPENSSL_zalloc(sizeof(*mackey));
}
mackey->libctx = libctx;
mackey->refcnt = 1;
+ mackey->cmac = cmac;
return mackey;
}
return;
OPENSSL_secure_clear_free(mackey->priv_key, mackey->priv_key_len);
+ OPENSSL_free(mackey->cipher_name);
+ OPENSSL_free(mackey->engine_name);
CRYPTO_THREAD_lock_free(mackey->lock);
OPENSSL_free(mackey);
}
static void *mac_new(void *provctx)
{
- return mac_key_new(PROV_LIBRARY_CONTEXT_OF(provctx));
+ return mac_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), 0);
+}
+
+static void *mac_new_cmac(void *provctx)
+{
+ return mac_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), 1);
}
static void mac_free(void *mackey)
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
if ((key1->priv_key == NULL && key2->priv_key != NULL)
|| (key1->priv_key != NULL && key2->priv_key == NULL)
- || key1->priv_key_len != key2->priv_key_len)
+ || key1->priv_key_len != key2->priv_key_len
+ || (key1->cipher_name == NULL && key2->cipher_name != NULL)
+ || (key1->cipher_name != NULL && key2->cipher_name == NULL))
ok = 0;
else
ok = ok && (key1->priv_key == NULL /* implies key2->privkey == NULL */
|| CRYPTO_memcmp(key1->priv_key, key2->priv_key,
key1->priv_key_len) == 0);
+ if (key1->cipher_name != NULL)
+ ok = ok && (strcasecmp(key1->cipher_name, key2->cipher_name) == 0);
}
return ok;
}
}
memcpy(key->priv_key, p->data, p->data_size);
key->priv_key_len = p->data_size;
+ }
- return 1;
+ if (key->cmac) {
+ p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_CIPHER);
+ if (p != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+ return 0;
+ }
+ key->cipher_name = OPENSSL_strdup(p->data);
+ if (key->cipher_name == NULL) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+ p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENGINE);
+ if (p != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+ return 0;
+ }
+ key->engine_name = OPENSSL_strdup(p->data);
+ if (key->engine_name == NULL) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
}
+
+ if (key->priv_key != NULL && (!key->cmac || key->cipher_name != NULL))
+ return 1;
+
return 0;
}
key->priv_key, key->priv_key_len))
return 0;
+ if (key->cipher_name != NULL
+ && !ossl_param_build_set_utf8_string(tmpl, params,
+ OSSL_PKEY_PARAM_CIPHER,
+ key->cipher_name))
+ return 0;
+
+ if (key->engine_name != NULL
+ && !ossl_param_build_set_utf8_string(tmpl, params,
+ OSSL_PKEY_PARAM_ENGINE,
+ key->engine_name))
+ return 0;
+
return 1;
}
return NULL;
}
+static const OSSL_PARAM cmac_key_types[] = {
+ OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+ OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_CIPHER, NULL, 0),
+ OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_ENGINE, NULL, 0),
+ OSSL_PARAM_END
+};
+static const OSSL_PARAM *cmac_imexport_types(int selection)
+{
+ if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
+ return cmac_key_types;
+ return NULL;
+}
+
static int mac_get_params(void *key, OSSL_PARAM params[])
{
return key_to_params(key, NULL, params);
return gettable_params;
}
+static const OSSL_PARAM *cmac_gettable_params(void *provctx)
+{
+ static const OSSL_PARAM gettable_params[] = {
+ OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+ OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_CIPHER, NULL, 0),
+ OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_ENGINE, NULL, 0),
+ OSSL_PARAM_END
+ };
+ return gettable_params;
+}
+
+
static int mac_set_params(void *keydata, const OSSL_PARAM params[])
{
MAC_KEY *key = keydata;
OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx);
struct mac_gen_ctx *gctx = NULL;
- if ((gctx = OPENSSL_malloc(sizeof(*gctx))) != NULL) {
+ if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) {
gctx->libctx = libctx;
gctx->selection = selection;
}
return gctx;
}
-
static int mac_gen_set_params(void *genctx, const OSSL_PARAM params[])
{
struct mac_gen_ctx *gctx = genctx;
return 1;
}
+static int cmac_gen_set_params(void *genctx, const OSSL_PARAM params[])
+{
+ struct mac_gen_ctx *gctx = genctx;
+ const OSSL_PARAM *p;
+
+ if (!mac_gen_set_params(genctx, params))
+ return 0;
+
+ p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_CIPHER);
+ if (p != NULL) {
+ if (p->data_type != OSSL_PARAM_UTF8_STRING) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
+ return 0;
+ }
+ gctx->cipher_name = OPENSSL_strdup(p->data);
+ if (gctx->cipher_name == NULL) {
+ ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
static const OSSL_PARAM *mac_gen_settable_params(void *provctx)
{
static OSSL_PARAM settable[] = {
return settable;
}
+static const OSSL_PARAM *cmac_gen_settable_params(void *provctx)
+{
+ static OSSL_PARAM settable[] = {
+ OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, NULL, 0),
+ OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_CIPHER, NULL, 0),
+ OSSL_PARAM_END
+ };
+ return settable;
+}
+
static void *mac_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg)
{
struct mac_gen_ctx *gctx = genctx;
if (gctx == NULL)
return NULL;
- if ((key = mac_key_new(gctx->libctx)) == NULL) {
+ if ((key = mac_key_new(gctx->libctx, 0)) == NULL) {
ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
return NULL;
}
*/
key->priv_key = gctx->priv_key;
key->priv_key_len = gctx->priv_key_len;
+ key->cipher_name = gctx->cipher_name;
gctx->priv_key_len = 0;
gctx->priv_key = NULL;
+ gctx->cipher_name = NULL;
return key;
}
struct mac_gen_ctx *gctx = genctx;
OPENSSL_secure_clear_free(gctx->priv_key, gctx->priv_key_len);
+ OPENSSL_free(gctx->cipher_name);
OPENSSL_free(gctx);
}
{ OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))mac_gen_cleanup },
{ 0, NULL }
};
+
+const OSSL_DISPATCH cmac_keymgmt_functions[] = {
+ { OSSL_FUNC_KEYMGMT_NEW, (void (*)(void))mac_new_cmac },
+ { OSSL_FUNC_KEYMGMT_FREE, (void (*)(void))mac_free },
+ { OSSL_FUNC_KEYMGMT_GET_PARAMS, (void (*) (void))mac_get_params },
+ { OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS, (void (*) (void))cmac_gettable_params },
+ { OSSL_FUNC_KEYMGMT_SET_PARAMS, (void (*) (void))mac_set_params },
+ { OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS, (void (*) (void))mac_settable_params },
+ { OSSL_FUNC_KEYMGMT_HAS, (void (*)(void))mac_has },
+ { OSSL_FUNC_KEYMGMT_MATCH, (void (*)(void))mac_match },
+ { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))mac_import },
+ { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, (void (*)(void))cmac_imexport_types },
+ { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))mac_export },
+ { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, (void (*)(void))cmac_imexport_types },
+ { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))mac_gen_init },
+ { OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS, (void (*)(void))cmac_gen_set_params },
+ { OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS,
+ (void (*)(void))cmac_gen_settable_params },
+ { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))mac_gen },
+ { OSSL_FUNC_KEYMGMT_GEN_CLEANUP, (void (*)(void))mac_gen_cleanup },
+ { 0, NULL }
+};
MAC_NEWCTX(hmac, "HMAC")
MAC_NEWCTX(siphash, "SIPHASH")
MAC_NEWCTX(poly1305, "POLY1305")
+MAC_NEWCTX(cmac, "CMAC")
static int mac_digest_sign_init(void *vpmacctx, const char *mdname, void *vkey)
{
PROV_MAC_CTX *pmacctx = (PROV_MAC_CTX *)vpmacctx;
- OSSL_PARAM params[4], *p = params;
+ OSSL_PARAM params[5], *p = params;
if (pmacctx == NULL || vkey == NULL || !mac_key_up_ref(vkey))
return 0;
if (mdname != NULL)
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
(char *)mdname, 0);
+ if (pmacctx->key->cipher_name != NULL)
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
+ pmacctx->key->cipher_name, 0);
+ if (pmacctx->key->engine_name != NULL)
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_ENGINE,
+ pmacctx->key->engine_name, 0);
*p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
pmacctx->key->priv_key,
pmacctx->key->priv_key_len);
MAC_SIGNATURE_FUNCTIONS(hmac)
MAC_SIGNATURE_FUNCTIONS(siphash)
MAC_SIGNATURE_FUNCTIONS(poly1305)
+MAC_SIGNATURE_FUNCTIONS(cmac)
t->err = "MAC_KEY_CREATE_ERROR";
goto err;
}
- key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len,
- cipher);
+ key = EVP_PKEY_new_CMAC_key_with_libctx(expected->key,
+ expected->key_len,
+ EVP_CIPHER_name(cipher),
+ libctx, NULL);
} else {
key = EVP_PKEY_new_raw_private_key_with_libctx(libctx,
OBJ_nid2sn(expected->type),
OSSL_PARAM_get_utf8_string_ptr ? 3_0_0 EXIST::FUNCTION:
OSSL_PARAM_get_octet_string_ptr ? 3_0_0 EXIST::FUNCTION:
OSSL_DECODER_CTX_set_passphrase_cb ? 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_CTX_set_mac_key ? 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_new_CMAC_key_with_libctx ? 3_0_0 EXIST::FUNCTION: