From b3831fbb0bf63f77ce45e359b5031cd3f6c56fa2 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 5 Mar 2018 17:23:57 +0000 Subject: [PATCH] Add the function EVP_PKEY_new_CMAC_key() Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/5520) --- crypto/err/openssl.txt | 2 ++ crypto/evp/evp_err.c | 3 +++ crypto/evp/p_lib.c | 28 ++++++++++++++++++++++++++++ include/openssl/evp.h | 2 ++ include/openssl/evperr.h | 2 ++ util/libcrypto.num | 1 + 6 files changed, 38 insertions(+) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index f33e9612c0..1e396adfe1 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -703,6 +703,7 @@ EVP_F_EVP_PKEY_GET0_SIPHASH:172:EVP_PKEY_get0_siphash EVP_F_EVP_PKEY_KEYGEN:146:EVP_PKEY_keygen EVP_F_EVP_PKEY_KEYGEN_INIT:147:EVP_PKEY_keygen_init EVP_F_EVP_PKEY_NEW:106:EVP_PKEY_new +EVP_F_EVP_PKEY_NEW_CMAC_KEY:193:EVP_PKEY_new_CMAC_key EVP_F_EVP_PKEY_NEW_PRIVATE_KEY:191:EVP_PKEY_new_private_key EVP_F_EVP_PKEY_NEW_PUBLIC_KEY:192:EVP_PKEY_new_public_key EVP_F_EVP_PKEY_PARAMGEN:148:EVP_PKEY_paramgen @@ -2085,6 +2086,7 @@ EVP_R_INVALID_KEY:163:invalid key EVP_R_INVALID_KEY_LENGTH:130:invalid key length EVP_R_INVALID_OPERATION:148:invalid operation EVP_R_KEYGEN_FAILURE:120:keygen failure +EVP_R_KEY_SETUP_FAILED:180:key setup failed EVP_R_MEMORY_LIMIT_EXCEEDED:172:memory limit exceeded EVP_R_MESSAGE_DIGEST_IS_NULL:159:message digest is null EVP_R_METHOD_NOT_SUPPORTED:144:method not supported diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index d45f2b96b1..7ab2a249fd 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -93,6 +93,8 @@ static const ERR_STRING_DATA EVP_str_functs[] = { {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_KEYGEN_INIT, 0), "EVP_PKEY_keygen_init"}, {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW, 0), "EVP_PKEY_new"}, + {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_CMAC_KEY, 0), + "EVP_PKEY_new_CMAC_key"}, {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_PRIVATE_KEY, 0), "EVP_PKEY_new_private_key"}, {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_PUBLIC_KEY, 0), @@ -187,6 +189,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = { {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_KEY_LENGTH), "invalid key length"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_INVALID_OPERATION), "invalid operation"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_KEYGEN_FAILURE), "keygen failure"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_KEY_SETUP_FAILED), "key setup failed"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_MEMORY_LIMIT_EXCEEDED), "memory limit exceeded"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_MESSAGE_DIGEST_IS_NULL), diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index a92b169f7a..ee121c4a56 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include "internal/asn1_int.h" @@ -279,6 +280,33 @@ EVP_PKEY *EVP_PKEY_new_public_key(int type, ENGINE *e, return NULL; } +EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, + size_t len, const EVP_CIPHER *cipher) +{ + EVP_PKEY *ret = EVP_PKEY_new(); + CMAC_CTX *cmctx = CMAC_CTX_new(); + + if (ret == NULL + || cmctx == NULL + || !pkey_set_type(ret, e, EVP_PKEY_CMAC, NULL, -1)) { + /* EVPerr already called */ + goto err; + } + + if (!CMAC_Init(cmctx, priv, len, cipher, e)) { + EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED); + goto err; + } + + ret->pkey.ptr = cmctx; + return ret; + + err: + EVP_PKEY_free(ret); + CMAC_CTX_free(cmctx); + return NULL; + +} int EVP_PKEY_set_type(EVP_PKEY *pkey, int type) { diff --git a/include/openssl/evp.h b/include/openssl/evp.h index d80ca41e65..e8d46286d0 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1343,6 +1343,8 @@ EVP_PKEY *EVP_PKEY_new_private_key(int type, ENGINE *e, EVP_PKEY *EVP_PKEY_new_public_key(int type, ENGINE *e, const unsigned char *pub, size_t len); +EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, + size_t len, const EVP_CIPHER *cipher); void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data); void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx); diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h index 83dcd053ea..3cdd554f31 100644 --- a/include/openssl/evperr.h +++ b/include/openssl/evperr.h @@ -78,6 +78,7 @@ int ERR_load_EVP_strings(void); # define EVP_F_EVP_PKEY_KEYGEN 146 # define EVP_F_EVP_PKEY_KEYGEN_INIT 147 # define EVP_F_EVP_PKEY_NEW 106 +# define EVP_F_EVP_PKEY_NEW_CMAC_KEY 193 # define EVP_F_EVP_PKEY_NEW_PRIVATE_KEY 191 # define EVP_F_EVP_PKEY_NEW_PUBLIC_KEY 192 # define EVP_F_EVP_PKEY_PARAMGEN 148 @@ -139,6 +140,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_INVALID_KEY_LENGTH 130 # define EVP_R_INVALID_OPERATION 148 # define EVP_R_KEYGEN_FAILURE 120 +# define EVP_R_KEY_SETUP_FAILED 180 # define EVP_R_MEMORY_LIMIT_EXCEEDED 172 # define EVP_R_MESSAGE_DIGEST_IS_NULL 159 # define EVP_R_METHOD_NOT_SUPPORTED 144 diff --git a/util/libcrypto.num b/util/libcrypto.num index 401d9fd9f6..b74ed2bec2 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4524,3 +4524,4 @@ OSSL_STORE_SEARCH_get0_digest 4465 1_1_1 EXIST::FUNCTION: RAND_DRBG_set_reseed_defaults 4466 1_1_1 EXIST::FUNCTION: EVP_PKEY_new_private_key 4467 1_1_1 EXIST::FUNCTION: EVP_PKEY_new_public_key 4468 1_1_1 EXIST::FUNCTION: +EVP_PKEY_new_CMAC_key 4469 1_1_1 EXIST::FUNCTION: -- 2.34.1