GOST MAC algorithms don't support EVP_PKEY_new_raw_private_key()
authorMatt Caswell <matt@openssl.org>
Fri, 30 Mar 2018 13:33:55 +0000 (14:33 +0100)
committerMatt Caswell <matt@openssl.org>
Fri, 30 Mar 2018 18:28:33 +0000 (19:28 +0100)
We should use the old EVP_PKEY_new_mac_key() instead.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5808)

ssl/t1_enc.c

index 2b0706e..23d3efb 100644 (file)
@@ -257,7 +257,7 @@ int tls1_change_cipher_state(SSL *s, int which)
 
     if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
         /* TODO(size_t): Convert this function */
 
     if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
         /* TODO(size_t): Convert this function */
-        mac_key = EVP_PKEY_new_raw_private_key(mac_type, NULL, mac_secret,
+        mac_key = EVP_PKEY_new_mac_key(mac_type, NULL, mac_secret,
                                                (int)*mac_secret_size);
         if (mac_key == NULL
             || EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key) <= 0) {
                                                (int)*mac_secret_size);
         if (mac_key == NULL
             || EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key) <= 0) {