OpenSSL: Extend CMAC to support 192-bit AES

This is used with DPP and SAE when using P-384, so prepare the OpenSSL
implementation to support these cases to allow the internal CMAC
implementation in aes-omac1.c to be replaced.

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 8ce1e48cb88262f81c99954f10e2dbd3873acd37..3fb1f18d167f08506d2dc8be4385ed00b0c7e068 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -1757,6 +1757,9 @@ int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem,
        if (key_len == 32) {
                if (!CMAC_Init(ctx, key, 32, EVP_aes_256_cbc(), NULL))
                        goto fail;
+       } else if (key_len == 24) {
+               if (!CMAC_Init(ctx, key, 24, EVP_aes_192_cbc(), NULL))
+                       goto fail;
        } else if (key_len == 16) {
                if (!CMAC_Init(ctx, key, 16, EVP_aes_128_cbc(), NULL))
                        goto fail;