/*
- * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
* Note that unlike other SSL tests, we don't test against our own SSL
* server method. Firstly because we don't have one; we *only* support
* DTLS1_BAD_VER as a client. And secondly because even if that were
- * fixed up it's the wrong thing to test against — because if changes
+ * fixed up it's the wrong thing to test against - because if changes
* are made in generic DTLS code which don't take DTLS1_BAD_VER into
* account, there's plenty of scope for making those changes such that
* they break *both* the client and the server in the same way.
*/
#include <string.h>
+#include <openssl/core_names.h>
+#include <openssl/params.h>
#include <openssl/opensslconf.h>
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/kdf.h>
-#include "../ssl/packet_locl.h"
+#include "internal/packet.h"
#include "internal/nelem.h"
#include "testutil.h"
static unsigned char seq[6] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
static unsigned char ver[2] = { 0x01, 0x00 }; /* DTLS1_BAD_VER */
unsigned char lenbytes[2];
- HMAC_CTX *ctx;
+ EVP_MAC *hmac;
+ EVP_MAC_CTX *ctx;
EVP_CIPHER_CTX *enc_ctx;
unsigned char iv[16];
unsigned char pad;
unsigned char *enc;
+ OSSL_PARAM params[3];
seq[0] = (seqnr >> 40) & 0xff;
seq[1] = (seqnr >> 32) & 0xff;
memcpy(enc, msg, len);
/* Append HMAC to data */
- ctx = HMAC_CTX_new();
- HMAC_Init_ex(ctx, mac_key, 20, EVP_sha1(), NULL);
- HMAC_Update(ctx, epoch, 2);
- HMAC_Update(ctx, seq, 6);
- HMAC_Update(ctx, &type, 1);
- HMAC_Update(ctx, ver, 2); /* Version */
- lenbytes[0] = len >> 8;
- lenbytes[1] = len & 0xff;
- HMAC_Update(ctx, lenbytes, 2); /* Length */
- HMAC_Update(ctx, enc, len); /* Finally the data itself */
- HMAC_Final(ctx, enc + len, NULL);
- HMAC_CTX_free(ctx);
+ hmac = EVP_MAC_fetch(NULL, "HMAC", NULL);
+ ctx = EVP_MAC_new_ctx(hmac);
+ EVP_MAC_free(hmac);
+ params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+ "SHA1", 0);
+ params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
+ mac_key, 20);
+ params[2] = OSSL_PARAM_construct_end();
+ EVP_MAC_set_ctx_params(ctx, params);
+ EVP_MAC_init(ctx);
+ EVP_MAC_update(ctx, epoch, 2);
+ EVP_MAC_update(ctx, seq, 6);
+ EVP_MAC_update(ctx, &type, 1);
+ EVP_MAC_update(ctx, ver, 2); /* Version */
+ lenbytes[0] = (unsigned char)(len >> 8);
+ lenbytes[1] = (unsigned char)(len);
+ EVP_MAC_update(ctx, lenbytes, 2); /* Length */
+ EVP_MAC_update(ctx, enc, len); /* Finally the data itself */
+ EVP_MAC_final(ctx, enc + len, NULL, SHA_DIGEST_LENGTH);
+ EVP_MAC_free_ctx(ctx);
/* Append padding bytes */
len += SHA_DIGEST_LENGTH;
BIO_write(rbio, ver, 2);
BIO_write(rbio, epoch, 2);
BIO_write(rbio, seq, 6);
- lenbytes[0] = (len + sizeof(iv)) >> 8;
- lenbytes[1] = (len + sizeof(iv)) & 0xff;
+ lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8);
+ lenbytes[1] = (unsigned char)(len + sizeof(iv));
BIO_write(rbio, lenbytes, 2);
BIO_write(rbio, iv, sizeof(iv));