]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
test: updates for the new additional MAC_init arguments
authorPauli <ppzgs1@gmail.com>
Thu, 25 Feb 2021 03:50:01 +0000 (13:50 +1000)
committerPauli <ppzgs1@gmail.com>
Sun, 28 Feb 2021 07:25:49 +0000 (17:25 +1000)
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)

test/bad_dtls_test.c
test/ossl_shim/ossl_shim.cc
test/sslapitest.c

index bfbaa7953a7be7b3a55897e69641de50c2e58ac7..0eef2a22397f90b82920a860f45dea004bfea1a1 100644 (file)
@@ -286,7 +286,7 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
     unsigned char iv[16];
     unsigned char pad;
     unsigned char *enc;
-    OSSL_PARAM params[3];
+    OSSL_PARAM params[2];
 
     seq[0] = (seqnr >> 40) & 0xff;
     seq[1] = (seqnr >> 32) & 0xff;
@@ -309,11 +309,8 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
     EVP_MAC_free(hmac);
     params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
                                                  "SHA1", 0);
-    params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
-                                                  mac_key, 20);
-    params[2] = OSSL_PARAM_construct_end();
-    EVP_MAC_CTX_set_params(ctx, params);
-    EVP_MAC_init(ctx);
+    params[1] = OSSL_PARAM_construct_end();
+    EVP_MAC_init(ctx, mac_key, 20, params);
     EVP_MAC_update(ctx, epoch, 2);
     EVP_MAC_update(ctx, seq, 6);
     EVP_MAC_update(ctx, &type, 1);
index 380e6853c642da0a1786bbf1f3166809b22dfd44..eff0b3eb9b90c1ffad13f7abeb0e0984eaeed61e 100644 (file)
@@ -373,7 +373,7 @@ static int NewSessionCallback(SSL *ssl, SSL_SESSION *session) {
 static int TicketKeyCallback(SSL *ssl, uint8_t *key_name, uint8_t *iv,
                              EVP_CIPHER_CTX *ctx, EVP_MAC_CTX *hmac_ctx,
                              int encrypt) {
-  OSSL_PARAM params[3], *p = params;
+  OSSL_PARAM params[2], *p = params;
 
   if (!encrypt) {
     if (GetTestState(ssl)->ticket_decrypt_done) {
@@ -396,14 +396,10 @@ static int TicketKeyCallback(SSL *ssl, uint8_t *key_name, uint8_t *iv,
 
   *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
                                           const_cast<char *>("SHA256"), 0);
-  *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                           (void *)kZeros,
-                                           sizeof(kZeros));
   *p = OSSL_PARAM_construct_end();
 
   if (!EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, kZeros, iv, encrypt)
-      || !EVP_MAC_init(hmac_ctx)
-      || !EVP_MAC_CTX_set_params(hmac_ctx, params)) {
+      || !EVP_MAC_init(hmac_ctx, kZeros, sizeof(kZeros), params)) {
     return -1;
   }
 
index b6eb6c16db997836963594d935fe660b64a376cf..3fa60538e9a97cbba80a2efcc13b602534fff6b1 100644 (file)
@@ -6858,7 +6858,7 @@ static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
 {
     const unsigned char tick_aes_key[16] = "0123456789abcdef";
     unsigned char tick_hmac_key[16] = "0123456789abcdef";
-    OSSL_PARAM params[3];
+    OSSL_PARAM params[2];
     EVP_CIPHER *aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL);
     int ret;
 
@@ -6867,14 +6867,11 @@ static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
     memset(key_name, 0, 16);
     params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
                                                  "SHA256", 0);
-    params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
-                                                  tick_hmac_key,
-                                                  sizeof(tick_hmac_key));
-    params[2] = OSSL_PARAM_construct_end();
+    params[1] = OSSL_PARAM_construct_end();
     if (aes128cbc == NULL
             || !EVP_CipherInit_ex(ctx, aes128cbc, NULL, tick_aes_key, iv, enc)
-            || !EVP_MAC_CTX_set_params(hctx, params)
-            || !EVP_MAC_init(hctx))
+            || !EVP_MAC_init(hctx, tick_hmac_key, sizeof(tick_hmac_key),
+                             params))
         ret = -1;
     else
         ret = tick_key_renew ? 2 : 1;