if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) ABORT;
if (!BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
+ if (!EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
"84F3B9CAC2FC632551")) ABORT;
if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+ if (!EC_POINT_get_affine_coordinates(group, P, x, y, ctx)) ABORT;
fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x");
BN_print_fp(stdout, x);
fprintf(stdout, "\n y = 0x");
if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
"9859F741E082542A385502F25DBF55296C3A545E3872760AB7")) ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT;
+ if (!EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
"FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) ABORT;
if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+ if (!EC_POINT_get_affine_coordinates(group, P, x, y, ctx)) ABORT;
fprintf(stdout, "\nNIST curve P-384 -- Generator:\n x = 0x");
BN_print_fp(stdout, x);
fprintf(stdout, "\n y = 0x");
if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
"B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
"3C1856A429BF97E7E31C2E5BD66")) ABORT;
- if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT;
+ if (!EC_POINT_set_compressed_coordinates(group, P, x, 0, ctx)) ABORT;
if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT;
if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
"FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
"C9B8899C47AEBB6FB71E91386409")) ABORT;
if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) ABORT;
- if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT;
+ if (!EC_POINT_get_affine_coordinates(group, P, x, y, ctx)) ABORT;
fprintf(stdout, "\nNIST curve P-521 -- Generator:\n x = 0x");
BN_print_fp(stdout, x);
fprintf(stdout, "\n y = 0x");
Q_CHECK = EC_POINT_new(NISTP);
if(!BN_hex2bn(&x, test->Qx)) ABORT;
if(!BN_hex2bn(&y, test->Qy)) ABORT;
- if(!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx)) ABORT;
+ if(!EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, y, ctx)) ABORT;
if (!BN_hex2bn(&x, test->Gx)) ABORT;
if (!BN_hex2bn(&y, test->Gy)) ABORT;
- if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx)) ABORT;
+ if (!EC_POINT_set_affine_coordinates(NISTP, G, x, y, ctx)) ABORT;
if (!BN_hex2bn(&order, test->order)) ABORT;
if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) ABORT;
static uint8_t allzero[SHA256_DIGEST_LENGTH] = { 0x00 };
/* The random function H(x) = HMAC-SHA256(0^32, x) */
-static void pwd_hmac_final(HMAC_CTX *hmac_ctx, uint8_t *digest)
+static void pwd_hmac_final(EVP_MD_CTX *hmac_ctx, uint8_t digest[static SHA256_DIGEST_LENGTH])
{
- unsigned int mdlen = SHA256_DIGEST_LENGTH;
- HMAC_Final(hmac_ctx, digest, &mdlen);
- HMAC_CTX_reset(hmac_ctx);
+ size_t mdlen = SHA256_DIGEST_LENGTH;
+
+ EVP_DigestSignFinal(hmac_ctx, digest, &mdlen);
+ EVP_MD_CTX_reset(hmac_ctx);
}
/* a counter-based KDF based on NIST SP800-108 */
static void eap_pwd_kdf(uint8_t *key, int keylen, char const *label,
int label_len, uint8_t *result, int result_bit_len)
{
- HMAC_CTX *hmac_ctx;
+ EVP_MD_CTX *hmac_ctx;
+ EVP_PKEY *hmac_pkey;
uint8_t digest[SHA256_DIGEST_LENGTH];
uint16_t i, ctr, L;
int result_byte_len, len = 0;
- unsigned int mdlen = SHA256_DIGEST_LENGTH;
+ size_t mdlen = SHA256_DIGEST_LENGTH;
uint8_t mask = 0xff;
- MEM(hmac_ctx = HMAC_CTX_new());
result_byte_len = (result_bit_len + 7) / 8;
ctr = 0;
L = htons(result_bit_len);
+
+ MEM(hmac_ctx = EVP_MD_CTX_new());
+ MEM(hmac_pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, key, keylen));
while (len < result_byte_len) {
ctr++; i = htons(ctr);
- HMAC_Init_ex(hmac_ctx, key, keylen, EVP_sha256(), NULL);
- if (ctr > 1) HMAC_Update(hmac_ctx, digest, mdlen);
- HMAC_Update(hmac_ctx, (uint8_t *) &i, sizeof(uint16_t));
- HMAC_Update(hmac_ctx, (uint8_t const *)label, label_len);
- HMAC_Update(hmac_ctx, (uint8_t *) &L, sizeof(uint16_t));
- HMAC_Final(hmac_ctx, digest, &mdlen);
+ EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_pkey);
+ if (ctr > 1) EVP_DigestSignUpdate(hmac_ctx, digest, mdlen);
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t *) &i, sizeof(uint16_t));
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t const *)label, label_len);
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t *) &L, sizeof(uint16_t));
+ EVP_DigestSignFinal(hmac_ctx, digest, &mdlen);
if ((len + (int) mdlen) > result_byte_len) {
memcpy(result + len, digest, result_byte_len - len);
} else {
memcpy(result + len, digest, mdlen);
}
len += mdlen;
- HMAC_CTX_reset(hmac_ctx);
+ EVP_MD_CTX_reset(hmac_ctx);
}
/* since we're expanding to a bit length, mask off the excess */
result[result_byte_len - 1] &= mask;
}
- HMAC_CTX_free(hmac_ctx);
+ EVP_MD_CTX_free(hmac_ctx);
+ EVP_PKEY_free(hmac_pkey);
}
static BIGNUM *consttime_BN (void)
p = BN_new();
a = BN_new();
b = BN_new();
- EC_GROUP_get_curve_GFp(group, p, a, b, bnctx);
+ EC_GROUP_get_curve(group, p, a, b, bnctx);
BN_sub(pm1, p, BN_value_one());
char const *id_peer, int id_peer_len,
uint32_t *token, BN_CTX *bnctx)
{
- BIGNUM *x_candidate = NULL, *rnd = NULL, *y_sqrd = NULL, *qr = NULL, *qnr = NULL;
- HMAC_CTX *ctx = NULL;
- uint8_t pwe_digest[SHA256_DIGEST_LENGTH], *prfbuf = NULL, *xbuf = NULL, *pm1buf = NULL, ctr;
- int nid, is_odd, primebitlen, primebytelen, ret = 0, found = 0, mask;
- int save, i, rbits, qr_or_qnr, save_is_odd = 0, cmp;
- unsigned int skip;
-
- ctx = HMAC_CTX_new();
- if (ctx == NULL) {
- DEBUG("failed allocating HMAC context");
- goto fail;
- }
+ BIGNUM *x_candidate = NULL, *rnd = NULL, *y_sqrd = NULL, *qr = NULL, *qnr = NULL;
+ EVP_MD_CTX *hmac_ctx;
+ EVP_PKEY *hmac_pkey;
+ uint8_t pwe_digest[SHA256_DIGEST_LENGTH], *prfbuf = NULL, *xbuf = NULL, *pm1buf = NULL, ctr;
+ int nid, is_odd, primebitlen, primebytelen, ret = 0, found = 0, mask;
+ int save, i, rbits, qr_or_qnr, save_is_odd = 0, cmp;
+ unsigned int skip;
+
+ MEM(hmac_ctx = EVP_MD_CTX_new());
+ MEM(hmac_pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, allzero, sizeof(allzero)));
switch (grp_num) { /* from IANA registry for IKE D-H groups */
case 19:
goto fail;
}
- if (!EC_GROUP_get_curve_GFp(session->group, session->prime, NULL, NULL, NULL)) {
+ if (!EC_GROUP_get_curve(session->group, session->prime, NULL, NULL, NULL)) {
DEBUG("unable to get prime for GFp curve");
goto fail;
}
* pwd-seed = H(token | peer-id | server-id | password |
* counter)
*/
- HMAC_Init_ex(ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(),NULL);
- HMAC_Update(ctx, (uint8_t *)token, sizeof(*token));
- HMAC_Update(ctx, (uint8_t const *)id_peer, id_peer_len);
- HMAC_Update(ctx, (uint8_t const *)id_server, id_server_len);
- HMAC_Update(ctx, (uint8_t const *)password, password_len);
- HMAC_Update(ctx, (uint8_t *)&ctr, sizeof(ctr));
- pwd_hmac_final(ctx, pwe_digest);
+ EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_pkey);
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t *)token, sizeof(*token));
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t const *)id_peer, id_peer_len);
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t const *)id_server, id_server_len);
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t const *)password, password_len);
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t *)&ctr, sizeof(ctr));
+ pwd_hmac_final(hmac_ctx, pwe_digest);
BN_bin2bn(pwe_digest, SHA256_DIGEST_LENGTH, rnd);
eap_pwd_kdf(pwe_digest, SHA256_DIGEST_LENGTH, "EAP-pwd Hunting And Pecking",
* now we can savely construct PWE
*/
BN_bin2bn(xbuf, primebytelen, x_candidate);
- if (!EC_POINT_set_compressed_coordinates_GFp(session->group, session->pwe,
- x_candidate, save_is_odd, NULL)) {
+ if (!EC_POINT_set_compressed_coordinates(session->group, session->pwe,
+ x_candidate, save_is_odd, NULL)) {
goto fail;
}
if (xbuf) talloc_free(xbuf);
if (pm1buf) talloc_free(pm1buf);
- HMAC_CTX_free(ctx);
+ EVP_MD_CTX_free(hmac_ctx);
+ EVP_PKEY_free(hmac_pkey);
return ret;
}
goto finish;
}
- if (!EC_POINT_set_affine_coordinates_GFp(session->group, session->peer_element, x, y, bn_ctx)) {
+ if (!EC_POINT_set_affine_coordinates(session->group, session->peer_element, x, y, bn_ctx)) {
REDEBUG("Unable to get coordinates of peer's element");
goto finish;
}
goto finish;
}
- if (!EC_POINT_get_affine_coordinates_GFp(session->group, K, session->k, NULL, bn_ctx)) {
+ if (!EC_POINT_get_affine_coordinates(session->group, K, session->k, NULL, bn_ctx)) {
REDEBUG("Unable to get shared secret from K");
goto finish;
}
int compute_server_confirm(request_t *request, pwd_session_t *session, uint8_t *out, BN_CTX *bn_ctx)
{
BIGNUM *x = NULL, *y = NULL;
- HMAC_CTX *hmac_ctx = NULL;
+ EVP_MD_CTX *hmac_ctx;
+ EVP_PKEY *hmac_pkey;
uint8_t *cruft = NULL;
int offset, req = -1;
* commit is H(k | server_element | server_scalar | peer_element |
* peer_scalar | ciphersuite)
*/
- MEM(hmac_ctx = HMAC_CTX_new());
- HMAC_Init_ex(hmac_ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(), NULL);
+ MEM(hmac_ctx = EVP_MD_CTX_new());
+ MEM(hmac_pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, allzero, sizeof(allzero)));
+ EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_pkey);
/*
* Zero the memory each time because this is mod prime math and some
*/
offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k);
BN_bn2bin(session->k, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
/*
* next is server element: x, y
*/
- if (!EC_POINT_get_affine_coordinates_GFp(session->group, session->my_element, x, y, bn_ctx)) {
+ if (!EC_POINT_get_affine_coordinates(session->group, session->my_element, x, y, bn_ctx)) {
REDEBUG("Unable to get coordinates of server element");
goto finish;
}
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
BN_bn2bin(x, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
BN_bn2bin(y, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
/*
* and server scalar
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar);
BN_bn2bin(session->my_scalar, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->order));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->order));
/*
* next is peer element: x, y
*/
- if (!EC_POINT_get_affine_coordinates_GFp(session->group, session->peer_element, x, y, bn_ctx)) {
+ if (!EC_POINT_get_affine_coordinates(session->group, session->peer_element, x, y, bn_ctx)) {
REDEBUG("Unable to get coordinates of peer's element");
goto finish;
}
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
BN_bn2bin(x, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
BN_bn2bin(y, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
/*
* and peer scalar
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar);
BN_bn2bin(session->peer_scalar, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->order));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->order));
/*
* finally, ciphersuite
*/
- HMAC_Update(hmac_ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
pwd_hmac_final(hmac_ctx, out);
req = 0;
finish:
- HMAC_CTX_free(hmac_ctx);
+ EVP_MD_CTX_free(hmac_ctx);
+ EVP_PKEY_free(hmac_pkey);
talloc_free(cruft);
BN_free(x);
BN_free(y);
int compute_peer_confirm(request_t *request, pwd_session_t *session, uint8_t *out, BN_CTX *bn_ctx)
{
BIGNUM *x = NULL, *y = NULL;
- HMAC_CTX *hmac_ctx = NULL;
+ EVP_MD_CTX *hmac_ctx;
+ EVP_PKEY *hmac_pkey;
uint8_t *cruft = NULL;
int offset, req = -1;
* commit is H(k | server_element | server_scalar | peer_element |
* peer_scalar | ciphersuite)
*/
- MEM(hmac_ctx = HMAC_CTX_new());
- HMAC_Init_ex(hmac_ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(), NULL);
+ MEM(hmac_ctx = EVP_MD_CTX_new());
+ MEM(hmac_pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, allzero, sizeof(allzero)));
+ EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_pkey);
/*
* Zero the memory each time because this is mod prime math and some
*/
offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k);
BN_bn2bin(session->k, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
/*
* then peer element: x, y
*/
- if (!EC_POINT_get_affine_coordinates_GFp(session->group, session->peer_element, x, y, bn_ctx)) {
+ if (!EC_POINT_get_affine_coordinates(session->group, session->peer_element, x, y, bn_ctx)) {
REDEBUG("Unable to get coordinates of peer's element");
goto finish;
}
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
BN_bn2bin(x, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
BN_bn2bin(y, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
/*
* and peer scalar
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar);
BN_bn2bin(session->peer_scalar, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->order));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->order));
/*
* then server element: x, y
*/
- if (!EC_POINT_get_affine_coordinates_GFp(session->group, session->my_element, x, y, bn_ctx)) {
+ if (!EC_POINT_get_affine_coordinates(session->group, session->my_element, x, y, bn_ctx)) {
REDEBUG("Unable to get coordinates of server element");
goto finish;
}
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(x);
BN_bn2bin(x, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(y);
BN_bn2bin(y, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
/*
* and server scalar
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar);
BN_bn2bin(session->my_scalar, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->order));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->order));
/*
* finally, ciphersuite
*/
- HMAC_Update(hmac_ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
pwd_hmac_final(hmac_ctx, out);
req = 0;
finish:
- HMAC_CTX_free(hmac_ctx);
+ EVP_MD_CTX_free(hmac_ctx);
+ EVP_PKEY_free(hmac_pkey);
talloc_free(cruft);
BN_free(x);
BN_free(y);
int compute_keys(UNUSED request_t *request, pwd_session_t *session, uint8_t *peer_confirm, uint8_t *msk, uint8_t *emsk)
{
- HMAC_CTX *hmac_ctx;
+ EVP_MD_CTX *hmac_ctx;
+ EVP_PKEY *hmac_pkey;
uint8_t mk[SHA256_DIGEST_LENGTH], *cruft;
uint8_t session_id[SHA256_DIGEST_LENGTH + 1];
uint8_t msk_emsk[128]; /* 64 each */
int offset;
MEM(cruft = talloc_array(session, uint8_t, BN_num_bytes(session->prime)));
- MEM(hmac_ctx = HMAC_CTX_new());
+ MEM(hmac_ctx = EVP_MD_CTX_new());
+ MEM(hmac_pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, allzero, sizeof(allzero)));
/*
* first compute the session-id = TypeCode | H(ciphersuite | scal_p |
* scal_s)
*/
session_id[0] = FR_EAP_METHOD_PWD;
- HMAC_Init_ex(hmac_ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(), NULL);
- HMAC_Update(hmac_ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
+ EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_pkey);
+ EVP_DigestSignUpdate(hmac_ctx, (uint8_t *)&session->ciphersuite, sizeof(session->ciphersuite));
offset = BN_num_bytes(session->order) - BN_num_bytes(session->peer_scalar);
memset(cruft, 0, BN_num_bytes(session->prime));
BN_bn2bin(session->peer_scalar, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->order));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->order));
offset = BN_num_bytes(session->order) - BN_num_bytes(session->my_scalar);
memset(cruft, 0, BN_num_bytes(session->prime));
BN_bn2bin(session->my_scalar, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->order));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->order));
pwd_hmac_final(hmac_ctx, (uint8_t *)&session_id[1]);
/* then compute MK = H(k | commit-peer | commit-server) */
- HMAC_Init_ex(hmac_ctx, allzero, SHA256_DIGEST_LENGTH, EVP_sha256(), NULL);
+ EVP_DigestSignInit(hmac_ctx, NULL, EVP_sha256(), NULL, hmac_pkey);
memset(cruft, 0, BN_num_bytes(session->prime));
offset = BN_num_bytes(session->prime) - BN_num_bytes(session->k);
BN_bn2bin(session->k, cruft + offset);
- HMAC_Update(hmac_ctx, cruft, BN_num_bytes(session->prime));
+ EVP_DigestSignUpdate(hmac_ctx, cruft, BN_num_bytes(session->prime));
- HMAC_Update(hmac_ctx, peer_confirm, SHA256_DIGEST_LENGTH);
+ EVP_DigestSignUpdate(hmac_ctx, peer_confirm, SHA256_DIGEST_LENGTH);
- HMAC_Update(hmac_ctx, session->my_confirm, SHA256_DIGEST_LENGTH);
+ EVP_DigestSignUpdate(hmac_ctx, session->my_confirm, SHA256_DIGEST_LENGTH);
pwd_hmac_final(hmac_ctx, mk);
memcpy(msk, msk_emsk, 64);
memcpy(emsk, msk_emsk + 64, 64);
- HMAC_CTX_free(hmac_ctx);
+ EVP_MD_CTX_free(hmac_ctx);
+ EVP_PKEY_free(hmac_pkey);
talloc_free(cruft);
return 0;
}
projects / thirdparty / freeradius-server.git / commitdiff
