Add support for setting raw private HMAC keys (e32b52a2) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

apps/dgst.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -277,7 +277,7 @@ int dgst_main(int argc, char **argv)
		}

		if (hmac_key != NULL) {
		sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, impl,
		sigkey = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, impl,
		(unsigned char *)hmac_key, -1);
		if (sigkey == NULL)
		goto end;

+4 −2

Original line number	Diff line number	Diff line
		@@ -219,7 +219,8 @@ static int pkey_set_type(EVP_PKEY pkey, ENGINE e, int type, const char *str,
		return 1;
		}

		EVP_PKEY EVP_PKEY_new_private_key(int type, ENGINE e, unsigned char *priv,
		EVP_PKEY EVP_PKEY_new_private_key(int type, ENGINE e,
		const unsigned char *priv,
		size_t len)
		{
		EVP_PKEY *ret = EVP_PKEY_new();
		@@ -248,7 +249,8 @@ EVP_PKEY EVP_PKEY_new_private_key(int type, ENGINE e, unsigned char *priv,
		return NULL;
		}

		EVP_PKEY EVP_PKEY_new_public_key(int type, ENGINE e, unsigned char *pub,
		EVP_PKEY EVP_PKEY_new_public_key(int type, ENGINE e,
		const unsigned char *pub,
		size_t len)
		{
		EVP_PKEY *ret = EVP_PKEY_new();

+36 −1

Original line number	Diff line number	Diff line
		@@ -11,6 +11,7 @@
		#include "internal/cryptlib.h"
		#include <openssl/evp.h>
		#include "internal/asn1_int.h"
		#include "internal/evp_int.h"

		/*
		* HMAC "ASN1" method. This is just here to indicate the maximum HMAC output
		@@ -49,6 +50,28 @@ static int hmac_pkey_public_cmp(const EVP_PKEY a, const EVP_PKEY b)
		return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
		}

		static int hmac_set_priv_key(EVP_PKEY pkey, const unsigned char priv,
		size_t len)
		{
		ASN1_OCTET_STRING *os;

		if (pkey->pkey.ptr != NULL)
		return 0;

		os = ASN1_OCTET_STRING_new();
		if (os == NULL)
		return 0;


		if (!ASN1_OCTET_STRING_set(os, priv, len)) {
		ASN1_OCTET_STRING_free(os);
		return 0;
		}

		pkey->pkey.ptr = os;
		return 1;
		}

		const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
		EVP_PKEY_HMAC,
		EVP_PKEY_HMAC,
		@@ -67,5 +90,17 @@ const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {

		hmac_key_free,
		hmac_pkey_ctrl,
		0, 0
		NULL,
		NULL,

		NULL,
		NULL,
		NULL,

		NULL,
		NULL,
		NULL,

		hmac_set_priv_key,
		NULL,
		};

+1 −1

Original line number	Diff line number	Diff line
		@@ -193,7 +193,7 @@ static int tls1_prf_P_hash(const EVP_MD *md,
		if (ctx == NULL \|\| ctx_tmp == NULL \|\| ctx_init == NULL)
		goto err;
		EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
		mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
		mac_key = EVP_PKEY_new_private_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
		if (mac_key == NULL)
		goto err;
		if (!EVP_DigestSignInit(ctx_init, NULL, md, NULL, mac_key))

+4 −2

Original line number	Diff line number	Diff line
		@@ -1337,9 +1337,11 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX ctx, int dat, int datlen);

		EVP_PKEY EVP_PKEY_new_mac_key(int type, ENGINE e,
		const unsigned char *key, int keylen);
		EVP_PKEY EVP_PKEY_new_private_key(int type, ENGINE e, unsigned char *priv,
		EVP_PKEY EVP_PKEY_new_private_key(int type, ENGINE e,
		const unsigned char *priv,
		size_t len);
		EVP_PKEY EVP_PKEY_new_public_key(int type, ENGINE e, unsigned char *pub,
		EVP_PKEY EVP_PKEY_new_public_key(int type, ENGINE e,
		const unsigned char *pub,
		size_t len);

		void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX ctx, void data);