git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Arne Schwabe <arne@rfc2549.org>
	Tue, 19 Oct 2021 18:31:07 +0000 (20:31 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Wed, 27 Oct 2021 18:21:22 +0000 (20:21 +0200)
commit	7865ffdcbc603894f268d892d638b111e8b61c36
tree	f390107c005f3e3f774a9c9ccdf0b192c64ce583	tree
parent	14e4f3b1583749adf104be362a3e2422e0c9e524	commit \| diff

Use new EVP_MAC API for HMAC implementation

The old API is deprecated in OpenSSL 3.0 and the new API does not yet
exist in OpenSSL 1.1. Emulating the new API would be more complex than
just having two implementations. So this switches to a new hmac
implementation for OpenSSL 3.0.

Unfortunately the new API does not have an easy to reset an HMAC,
so we need to keep the key around to emulate a reset functionality.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211019183127.614175-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23013.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

src/openvpn/crypto_backend.h		diff \| blob \| blame \| history
src/openvpn/crypto_mbedtls.c		diff \| blob \| blame \| history
src/openvpn/crypto_openssl.c		diff \| blob \| blame \| history
src/openvpn/crypto_openssl.h		diff \| blob \| blame \| history