#include <openssl/dh.h>
#include <openssl/cmac.h>
#include <openssl/engine.h>
+#include <openssl/params.h>
+#include <openssl/core_names.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
+#include "internal/provider.h"
static void EVP_PKEY_free_it(EVP_PKEY *x);
return pkey->ameth->pkey_security_bits(pkey);
}
-int EVP_PKEY_size(EVP_PKEY *pkey)
+int EVP_PKEY_size(const EVP_PKEY *pkey)
{
if (pkey && pkey->ameth && pkey->ameth->pkey_size)
return pkey->ameth->pkey_size(pkey);
size_t len, const EVP_CIPHER *cipher)
{
#ifndef OPENSSL_NO_CMAC
+ const char *engine_name = e != NULL ? ENGINE_get_name(e) : NULL;
+ const char *cipher_name = EVP_CIPHER_name(cipher);
+ const OSSL_PROVIDER *prov = EVP_CIPHER_provider(cipher);
+ OPENSSL_CTX *libctx =
+ prov == NULL ? NULL : ossl_provider_library_context(prov);
EVP_PKEY *ret = EVP_PKEY_new();
- EVP_MAC_CTX *cmctx = EVP_MAC_CTX_new_id(EVP_MAC_CMAC);
+ EVP_MAC *cmac = EVP_MAC_fetch(libctx, OSSL_MAC_NAME_CMAC, NULL);
+ EVP_MAC_CTX *cmctx = cmac != NULL ? EVP_MAC_CTX_new(cmac) : NULL;
+ OSSL_PARAM params[4];
+ size_t paramsn = 0;
if (ret == NULL
|| cmctx == NULL
goto err;
}
- if (EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_ENGINE, e) <= 0
- || EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_CIPHER, cipher) <= 0
- || EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_KEY, priv, len) <= 0) {
+ if (engine_name != NULL)
+ params[paramsn++] =
+ OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ENGINE,
+ (char *)engine_name,
+ strlen(engine_name) + 1);
+ params[paramsn++] =
+ OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
+ (char *)cipher_name,
+ strlen(cipher_name) + 1);
+ params[paramsn++] =
+ OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+ (char *)priv, len);
+ params[paramsn] = OSSL_PARAM_construct_end();
+
+ if (!EVP_MAC_CTX_set_params(cmctx, params)) {
EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED);
goto err;
}
err:
EVP_PKEY_free(ret);
EVP_MAC_CTX_free(cmctx);
+ EVP_MAC_free(cmac);
return NULL;
#else
EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY,
pkey->pmeth_engine = e;
return 1;
}
+
+ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey)
+{
+ return pkey->engine;
+}
#endif
int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
{
return ret;
}
-RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
+RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey)
{
if (pkey->type != EVP_PKEY_RSA) {
EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
return ret;
}
-DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey)
+DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey)
{
if (pkey->type != EVP_PKEY_DSA) {
EVPerr(EVP_F_EVP_PKEY_GET0_DSA, EVP_R_EXPECTING_A_DSA_KEY);
return ret;
}
-EC_KEY *EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
+EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey)
{
if (pkey->type != EVP_PKEY_EC) {
EVPerr(EVP_F_EVP_PKEY_GET0_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
return ret;
}
-DH *EVP_PKEY_get0_DH(EVP_PKEY *pkey)
+DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey)
{
if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) {
EVPerr(EVP_F_EVP_PKEY_GET0_DH, EVP_R_EXPECTING_A_DH_KEY);
static void EVP_PKEY_free_it(EVP_PKEY *x)
{
/* internal function; x is never NULL */
+
+ evp_keymgmt_clear_pkey_cache(x);
+
if (x->ameth && x->ameth->pkey_free) {
x->ameth->pkey_free(x);
x->pkey.ptr = NULL;