From 4fcd296608dd08b957f5debe5b37bb60d8c7a576 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Fri, 15 Apr 2022 11:59:01 +0300
Subject: [PATCH] OpenSSL: Extend CMAC to support 192-bit AES

This is used with DPP and SAE when using P-384, so prepare the OpenSSL
implementation to support these cases to allow the internal CMAC
implementation in aes-omac1.c to be replaced.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/crypto/crypto_openssl.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 8ce1e48cb..3fb1f18d1 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -1757,6 +1757,9 @@ int omac1_aes_vector(const u8 *key, size_t key_len, size_t num_elem,
 	if (key_len == 32) {
 		if (!CMAC_Init(ctx, key, 32, EVP_aes_256_cbc(), NULL))
 			goto fail;
+	} else if (key_len == 24) {
+		if (!CMAC_Init(ctx, key, 24, EVP_aes_192_cbc(), NULL))
+			goto fail;
 	} else if (key_len == 16) {
 		if (!CMAC_Init(ctx, key, 16, EVP_aes_128_cbc(), NULL))
 			goto fail;
-- 
2.47.2