diff options
| author | Matt Caswell <matt@openssl.org> | 2020-06-18 10:26:22 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-07-16 14:21:07 +0200 |
| commit | 865adf97c9b8271788ee7293ecde9e8a643a1c45 (patch) | |
| tree | d4fe29fa8c0587aa4316dc550d57526559f6f6f3 | |
| parent | Add latest changes and news in CHANGES.md and NEWS.md (diff) | |
| download | openssl-865adf97c9b8271788ee7293ecde9e8a643a1c45.tar.xz openssl-865adf97c9b8271788ee7293ecde9e8a643a1c45.zip | |
Revert "The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_*"
The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.
This reverts commit d9c2fd51e2e278bc3f7793a104ff7b4879f6d63a.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12186)
36 files changed, 207 insertions, 233 deletions
diff --git a/CHANGES.md b/CHANGES.md index a7cb2c5bb1..3a267d6c25 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -424,8 +424,8 @@ OpenSSL 3.0 and HMAC_CTX_get_md. Use of these low level functions has been informally discouraged for a long - time. Instead applications should use L<EVP_MAC_new_ctx(3)>, - L<EVP_MAC_free_ctx(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)> + time. Instead applications should use L<EVP_MAC_CTX_new(3)>, + L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)> and L<EVP_MAC_final(3)>. *Paul Dale* @@ -448,8 +448,8 @@ OpenSSL 3.0 CMAC_CTX_copy, CMAC_Init, CMAC_Update, CMAC_Final and CMAC_resume. Use of these low level functions has been informally discouraged for a long - time. Instead applications should use L<EVP_MAC_new_ctx(3)>, - L<EVP_MAC_free_ctx(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)> + time. Instead applications should use L<EVP_MAC_CTX_new(3)>, + L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)> and L<EVP_MAC_final(3)>. *Paul Dale* diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c index 7efdd65d46..c8687bec8f 100644 --- a/apps/fipsinstall.c +++ b/apps/fipsinstall.c @@ -375,7 +375,7 @@ opthelp: goto end; } - ctx = EVP_MAC_new_ctx(mac); + ctx = EVP_MAC_CTX_new(mac); if (ctx == NULL) { BIO_printf(bio_err, "Unable to create MAC CTX for module check\n"); goto end; @@ -389,7 +389,7 @@ opthelp: if (params == NULL) goto end; - if (!EVP_MAC_set_ctx_params(ctx, params)) { + if (!EVP_MAC_CTX_set_params(ctx, params)) { BIO_printf(bio_err, "MAC parameter error\n"); ERR_print_errors(bio_err); ok = 0; @@ -399,7 +399,7 @@ opthelp: goto end; } - ctx2 = EVP_MAC_dup_ctx(ctx); + ctx2 = EVP_MAC_CTX_dup(ctx); if (ctx2 == NULL) { BIO_printf(bio_err, "Unable to create MAC CTX for install indicator\n"); goto end; @@ -459,8 +459,8 @@ cleanup: BIO_free(module_bio); sk_OPENSSL_STRING_free(opts); EVP_MAC_free(mac); - EVP_MAC_free_ctx(ctx2); - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx2); + EVP_MAC_CTX_free(ctx); OPENSSL_free(read_buffer); free_config_and_unload(conf); return ret; diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c index de72bde9ed..ba9ef12afb 100644 --- a/apps/lib/s_cb.c +++ b/apps/lib/s_cb.c @@ -788,7 +788,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie, BIO_printf(bio_err, "HMAC not found\n"); goto end; } - ctx = EVP_MAC_new_ctx(hmac); + ctx = EVP_MAC_CTX_new(hmac); if (ctx == NULL) { BIO_printf(bio_err, "HMAC context allocation failed\n"); goto end; @@ -797,7 +797,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie, *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, cookie_secret, COOKIE_SECRET_LENGTH); *p = OSSL_PARAM_construct_end(); - if (!EVP_MAC_set_ctx_params(ctx, params)) { + if (!EVP_MAC_CTX_set_params(ctx, params)) { BIO_printf(bio_err, "HMAC context parameter setting failed\n"); goto end; } diff --git a/apps/mac.c b/apps/mac.c index e84321b83a..30f0daabcc 100644 --- a/apps/mac.c +++ b/apps/mac.c @@ -114,7 +114,7 @@ opthelp: goto opthelp; } - ctx = EVP_MAC_new_ctx(mac); + ctx = EVP_MAC_CTX_new(mac); if (ctx == NULL) goto err; @@ -126,7 +126,7 @@ opthelp: if (params == NULL) goto err; - if (!EVP_MAC_set_ctx_params(ctx, params)) { + if (!EVP_MAC_CTX_set_params(ctx, params)) { BIO_printf(bio_err, "MAC parameter error\n"); ERR_print_errors(bio_err); ok = 0; @@ -199,7 +199,7 @@ err: sk_OPENSSL_STRING_free(opts); BIO_free(in); BIO_free(out); - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); EVP_MAC_free(mac); return ret; } diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c index ece3d8f91c..aa06cdc98a 100644 --- a/crypto/cmac/cm_ameth.c +++ b/crypto/cmac/cm_ameth.c @@ -31,9 +31,9 @@ static int cmac_size(const EVP_PKEY *pkey) static void cmac_key_free(EVP_PKEY *pkey) { EVP_MAC_CTX *cmctx = EVP_PKEY_get0(pkey); - EVP_MAC *mac = cmctx == NULL ? NULL : EVP_MAC_get_ctx_mac(cmctx); + EVP_MAC *mac = cmctx == NULL ? NULL : EVP_MAC_CTX_mac(cmctx); - EVP_MAC_free_ctx(cmctx); + EVP_MAC_CTX_free(cmctx); EVP_MAC_free(mac); } diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c index a087bc4423..f674eeeff7 100644 --- a/crypto/crmf/crmf_pbm.c +++ b/crypto/crmf/crmf_pbm.c @@ -202,8 +202,8 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, macparams[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, basekey, bklen); if ((mac = EVP_MAC_fetch(NULL, "HMAC", NULL)) == NULL - || (mctx = EVP_MAC_new_ctx(mac)) == NULL - || !EVP_MAC_set_ctx_params(mctx, macparams) + || (mctx = EVP_MAC_CTX_new(mac)) == NULL + || !EVP_MAC_CTX_set_params(mctx, macparams) || !EVP_MAC_init(mctx) || !EVP_MAC_update(mctx, msg, msglen) || !EVP_MAC_final(mctx, mac_res, outlen, EVP_MAX_MD_SIZE)) @@ -214,7 +214,7 @@ int OSSL_CRMF_pbm_new(const OSSL_CRMF_PBMPARAMETER *pbmp, err: /* cleanup */ OPENSSL_cleanse(basekey, bklen); - EVP_MAC_free_ctx(mctx); + EVP_MAC_CTX_free(mctx); EVP_MAC_free(mac); EVP_MD_CTX_free(ctx); diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 579c2dce9a..fe937e6139 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -843,6 +843,8 @@ EVP_F_EVP_KEYEXCH_FETCH:245:EVP_KEYEXCH_fetch EVP_F_EVP_KEYEXCH_FROM_DISPATCH:244:evp_keyexch_from_dispatch EVP_F_EVP_MAC_CTRL:209:EVP_MAC_ctrl EVP_F_EVP_MAC_CTRL_STR:210:EVP_MAC_ctrl_str +EVP_F_EVP_MAC_CTX_DUP:211:EVP_MAC_CTX_dup +EVP_F_EVP_MAC_CTX_NEW:213:EVP_MAC_CTX_new EVP_F_EVP_MAC_INIT:212:EVP_MAC_init EVP_F_EVP_MD_BLOCK_SIZE:232:EVP_MD_block_size EVP_F_EVP_MD_CTX_COPY_EX:110:EVP_MD_CTX_copy_ex diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index 8fe9708797..b7bfe8921f 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -19,14 +19,14 @@ #include "internal/provider.h" #include "evp_local.h" -EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac) +EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac) { EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX)); if (ctx == NULL || (ctx->data = mac->newctx(ossl_provider_ctx(mac->prov))) == NULL || !EVP_MAC_up_ref(mac)) { - EVPerr(0, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_MAC_CTX_NEW, ERR_R_MALLOC_FAILURE); if (ctx != NULL) mac->freectx(ctx->data); OPENSSL_free(ctx); @@ -37,7 +37,7 @@ EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac) return ctx; } -void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx) +void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx) { if (ctx != NULL) { ctx->meth->freectx(ctx->data); @@ -48,7 +48,7 @@ void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx) OPENSSL_free(ctx); } -EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src) +EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src) { EVP_MAC_CTX *dst; @@ -57,27 +57,27 @@ EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src) dst = OPENSSL_malloc(sizeof(*dst)); if (dst == NULL) { - EVPerr(0, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_MAC_CTX_DUP, ERR_R_MALLOC_FAILURE); return NULL; } *dst = *src; if (!EVP_MAC_up_ref(dst->meth)) { - EVPerr(0, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_MAC_CTX_DUP, ERR_R_MALLOC_FAILURE); OPENSSL_free(dst); return NULL; } dst->data = src->meth->dupctx(src->data); if (dst->data == NULL) { - EVP_MAC_free_ctx(dst); + EVP_MAC_CTX_free(dst); return NULL; } return dst; } -EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx) +EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx) { return ctx->meth; } @@ -144,14 +144,14 @@ int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]) return 1; } -int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]) +int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]) { if (ctx->meth->get_ctx_params != NULL) return ctx->meth->get_ctx_params(ctx->data, params); return 1; } -int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]) +int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]) { if (ctx->meth->set_ctx_params != NULL) return ctx->meth->set_ctx_params(ctx->data, params); diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 4dc1e0a5b2..aa11608688 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -595,7 +595,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, prov == NULL ? NULL : ossl_provider_library_context(prov); EVP_PKEY *ret = EVP_PKEY_new(); EVP_MAC *cmac = EVP_MAC_fetch(libctx, OSSL_MAC_NAME_CMAC, NULL); - EVP_MAC_CTX *cmctx = cmac != NULL ? EVP_MAC_new_ctx(cmac) : NULL; + EVP_MAC_CTX *cmctx = cmac != NULL ? EVP_MAC_CTX_new(cmac) : NULL; OSSL_PARAM params[4]; size_t paramsn = 0; @@ -620,7 +620,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, (char *)priv, len); params[paramsn] = OSSL_PARAM_construct_end(); - if (!EVP_MAC_set_ctx_params(cmctx, params)) { + if (!EVP_MAC_CTX_set_params(cmctx, params)) { EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED); goto err; } @@ -630,7 +630,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, err: EVP_PKEY_free(ret); - EVP_MAC_free_ctx(cmctx); + EVP_MAC_CTX_free(cmctx); EVP_MAC_free(cmac); return NULL; # else diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c index 784fca956d..7e36b3c6bd 100644 --- a/crypto/evp/pkey_mac.c +++ b/crypto/evp/pkey_mac.c @@ -74,7 +74,7 @@ static int pkey_mac_init(EVP_PKEY_CTX *ctx) } if (mac != NULL) { - hctx->ctx = EVP_MAC_new_ctx(mac); + hctx->ctx = EVP_MAC_CTX_new(mac); if (hctx->ctx == NULL) { OPENSSL_free(hctx); return 0; @@ -119,7 +119,7 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) EVP_PKEY_CTX_set_data(dst, dctx); dst->keygen_info_count = 0; - dctx->ctx = EVP_MAC_dup_ctx(sctx->ctx); + dctx->ctx = EVP_MAC_CTX_dup(sctx->ctx); if (dctx->ctx == NULL) goto err; @@ -131,7 +131,7 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src) * fetches the MAC method anew in this case. Therefore, its reference * count must be adjusted here. */ - if (!EVP_MAC_up_ref(EVP_MAC_get_ctx_mac(dctx->ctx))) + if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(dctx->ctx))) goto err; dctx->type = sctx->type; @@ -166,8 +166,7 @@ static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx) MAC_PKEY_CTX *hctx = ctx == NULL ? NULL : EVP_PKEY_CTX_get_data(ctx); if (hctx != NULL) { - EVP_MAC *mac = hctx->ctx != NULL ? EVP_MAC_get_ctx_mac(hctx->ctx) - : NULL; + EVP_MAC *mac = hctx->ctx != NULL ? EVP_MAC_CTX_mac(hctx->ctx) : NULL; switch (hctx->type) { case MAC_TYPE_RAW: @@ -175,7 +174,7 @@ static void pkey_mac_cleanup(EVP_PKEY_CTX *ctx) hctx->raw_data.ktmp.length); break; } - EVP_MAC_free_ctx(hctx->ctx); + EVP_MAC_CTX_free(hctx->ctx); EVP_MAC_free(mac); OPENSSL_free(hctx); EVP_PKEY_CTX_set_data(ctx, NULL); @@ -210,10 +209,10 @@ static int pkey_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) return 0; } - cmkey = EVP_MAC_dup_ctx(hctx->ctx); + cmkey = EVP_MAC_CTX_dup(hctx->ctx); if (cmkey == NULL) return 0; - if (!EVP_MAC_up_ref(EVP_MAC_get_ctx_mac(hctx->ctx))) + if (!EVP_MAC_up_ref(EVP_MAC_CTX_mac(hctx->ctx))) return 0; EVP_PKEY_assign(pkey, nid, cmkey); } @@ -259,7 +258,7 @@ static int pkey_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) } if (set_key) { - if (!EVP_MAC_is_a(EVP_MAC_get_ctx_mac(hctx->ctx), + if (!EVP_MAC_is_a(EVP_MAC_CTX_mac(hctx->ctx), OBJ_nid2sn(EVP_PKEY_id(EVP_PKEY_CTX_get0_pkey(ctx))))) return 0; key = EVP_PKEY_get0(EVP_PKEY_CTX_get0_pkey(ctx)); @@ -284,7 +283,7 @@ static int pkey_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, key->data, key->length); params[params_n++] = OSSL_PARAM_construct_end(); - rv = EVP_MAC_set_ctx_params(hctx->ctx, params); + rv = EVP_MAC_CTX_set_params(hctx->ctx, params); } return rv; } @@ -334,7 +333,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 0; } - if (!EVP_MAC_set_ctx_params(hctx->ctx, params) + if (!EVP_MAC_CTX_set_params(hctx->ctx, params) || !EVP_MAC_init(hctx->ctx)) return 0; } @@ -355,10 +354,10 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) if (ctx->pkey == NULL) return 0; - new_mac_ctx = EVP_MAC_dup_ctx(ctx->pkey->pkey.ptr); + new_mac_ctx = EVP_MAC_CTX_dup(ctx->pkey->pkey.ptr); if (new_mac_ctx == NULL) return 0; - EVP_MAC_free_ctx(hctx->ctx); + EVP_MAC_CTX_free(hctx->ctx); hctx->ctx = new_mac_ctx; } break; @@ -393,13 +392,13 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 0; } - if (!EVP_MAC_set_ctx_params(hctx->ctx, params)) + if (!EVP_MAC_CTX_set_params(hctx->ctx, params)) return 0; params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &verify); - if (!EVP_MAC_get_ctx_params(hctx->ctx, params)) + if (!EVP_MAC_CTX_get_params(hctx->ctx, params)) return 0; /* @@ -437,7 +436,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) return 0; } - return EVP_MAC_set_ctx_params(hctx->ctx, params); + return EVP_MAC_CTX_set_params(hctx->ctx, params); } break; default: @@ -482,7 +481,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) key->data, key->length); params[params_n] = OSSL_PARAM_construct_end(); - return EVP_MAC_set_ctx_params(hctx->ctx, params); + return EVP_MAC_CTX_set_params(hctx->ctx, params); } break; case MAC_TYPE_MAC: @@ -517,7 +516,7 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx, EVPerr(0, EVP_R_FETCH_FAILED); return 0; } - mac = EVP_MAC_get_ctx_mac(hctx->ctx); + mac = EVP_MAC_CTX_mac(hctx->ctx); /* * Translation of some control names that are equivalent to a single @@ -539,7 +538,7 @@ static int pkey_mac_ctrl_str(EVP_PKEY_CTX *ctx, return 0; params[1] = OSSL_PARAM_construct_end(); - ok = EVP_MAC_set_ctx_params(hctx->ctx, params); + ok = EVP_MAC_CTX_set_params(hctx->ctx, params); OPENSSL_free(params[0].data); return ok; } diff --git a/crypto/modes/siv128.c b/crypto/modes/siv128.c index f7fadf26d4..d3655674b4 100644 --- a/crypto/modes/siv128.c +++ b/crypto/modes/siv128.c @@ -94,7 +94,7 @@ __owur static ossl_inline int siv128_do_s2v_p(SIV128_CONTEXT *ctx, SIV_BLOCK *ou EVP_MAC_CTX *mac_ctx; int ret = 0; - mac_ctx = EVP_MAC_dup_ctx(ctx->mac_ctx_init); + mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init); if (mac_ctx == NULL) return 0; @@ -121,7 +121,7 @@ __owur static ossl_inline int siv128_do_s2v_p(SIV128_CONTEXT *ctx, SIV_BLOCK *ou ret = 1; err: - EVP_MAC_free_ctx(mac_ctx); + EVP_MAC_CTX_free(mac_ctx); return ret; } @@ -182,20 +182,20 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen, /* TODO(3.0) library context */ || (ctx->mac = EVP_MAC_fetch(NULL, OSSL_MAC_NAME_CMAC, NULL)) == NULL - || (ctx->mac_ctx_init = EVP_MAC_new_ctx(ctx->mac)) == NULL - || !EVP_MAC_set_ctx_params(ctx->mac_ctx_init, params) + || (ctx->mac_ctx_init = EVP_MAC_CTX_new(ctx->mac)) == NULL + || !EVP_MAC_CTX_set_params(ctx->mac_ctx_init, params) || !EVP_EncryptInit_ex(ctx->cipher_ctx, ctr, NULL, key + klen, NULL) - || (mac_ctx = EVP_MAC_dup_ctx(ctx->mac_ctx_init)) == NULL + || (mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init)) == NULL || !EVP_MAC_update(mac_ctx, zero, sizeof(zero)) || !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len, sizeof(ctx->d.byte))) { EVP_CIPHER_CTX_free(ctx->cipher_ctx); - EVP_MAC_free_ctx(ctx->mac_ctx_init); - EVP_MAC_free_ctx(mac_ctx); + EVP_MAC_CTX_free(ctx->mac_ctx_init); + EVP_MAC_CTX_free(mac_ctx); EVP_MAC_free(ctx->mac); return 0; } - EVP_MAC_free_ctx(mac_ctx); + EVP_MAC_CTX_free(mac_ctx); ctx->final_ret = -1; ctx->crypto_ok = 1; @@ -211,8 +211,8 @@ int CRYPTO_siv128_copy_ctx(SIV128_CONTEXT *dest, SIV128_CONTEXT *src) memcpy(&dest->d, &src->d, sizeof(src->d)); if (!EVP_CIPHER_CTX_copy(dest->cipher_ctx, src->cipher_ctx)) return 0; - EVP_MAC_free_ctx(dest->mac_ctx_init); - dest->mac_ctx_init = EVP_MAC_dup_ctx(src->mac_ctx_init); + EVP_MAC_CTX_free(dest->mac_ctx_init); + dest->mac_ctx_init = EVP_MAC_CTX_dup(src->mac_ctx_init); if (dest->mac_ctx_init == NULL) return 0; return 1; @@ -232,15 +232,15 @@ int CRYPTO_siv128_aad(SIV128_CONTEXT *ctx, const unsigned char *aad, siv128_dbl(&ctx->d); - if ((mac_ctx = EVP_MAC_dup_ctx(ctx->mac_ctx_init)) == NULL + if ((mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init)) == NULL || !EVP_MAC_update(mac_ctx, aad, len) || !EVP_MAC_final(mac_ctx, mac_out.byte, &out_len, sizeof(mac_out.byte)) || out_len != SIV_LEN) { - EVP_MAC_free_ctx(mac_ctx); + EVP_MAC_CTX_free(mac_ctx); return 0; } - EVP_MAC_free_ctx(mac_ctx); + EVP_MAC_CTX_free(mac_ctx); siv128_xorblock(&ctx->d, &mac_out); @@ -352,7 +352,7 @@ int CRYPTO_siv128_cleanup(SIV128_CONTEXT *ctx) if (ctx != NULL) { EVP_CIPHER_CTX_free(ctx->cipher_ctx); ctx->cipher_ctx = NULL; - EVP_MAC_free_ctx(ctx->mac_ctx_init); + EVP_MAC_CTX_free(ctx->mac_ctx_init); ctx->mac_ctx_init = NULL; EVP_MAC_free(ctx->mac); ctx->mac = NULL; diff --git a/doc/man1/openssl-mac.pod.in b/doc/man1/openssl-mac.pod.in index ff1b83fbd3..4c9cc3bc31 100644 --- a/doc/man1/openssl-mac.pod.in +++ b/doc/man1/openssl-mac.pod.in @@ -49,7 +49,7 @@ Output the MAC in binary form. Uses hexadecimal text format if not specified. Passes options to the MAC algorithm. A comprehensive list of controls can be found in the EVP_MAC implementation documentation. -Common parameter names used by EVP_MAC_get_ctx_params() are: +Common parameter names used by EVP_MAC_CTX_get_params() are: =over 4 diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod index b8fa1ce630..9e35d57c17 100644 --- a/doc/man3/EVP_MAC.pod +++ b/doc/man3/EVP_MAC.pod @@ -5,8 +5,8 @@ EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free, EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_names_do_all, EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params, -EVP_MAC_CTX, EVP_MAC_new_ctx, EVP_MAC_free_ctx, EVP_MAC_dup_ctx, -EVP_MAC_get_ctx_mac, EVP_MAC_get_ctx_params, EVP_MAC_set_ctx_params, +EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup, +EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params, EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params, EVP_MAC_do_all_provided - EVP MAC routines @@ -30,12 +30,12 @@ EVP_MAC_do_all_provided - EVP MAC routines const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac); int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); - EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac); - void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx); - EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src); - EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx); - int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); - int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); + EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); + void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); + EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); + EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx); + int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); + int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); size_t EVP_MAC_size(EVP_MAC_CTX *ctx); int EVP_MAC_init(EVP_MAC_CTX *ctx); @@ -96,18 +96,18 @@ NULL is a valid parameter, for which this function is a no-op. =head2 Context manipulation functions -EVP_MAC_new_ctx() creates a new context for the MAC type I<mac>. +EVP_MAC_CTX_new() creates a new context for the MAC type I<mac>. The created context can then be used with most other functions described here. -EVP_MAC_free_ctx() frees the contents of the context, including an +EVP_MAC_CTX_free() frees the contents of the context, including an underlying context if there is one, as well as the context itself. NULL is a valid parameter, for which this function is a no-op. -EVP_MAC_dup_ctx() duplicates the I<src> context and returns a newly allocated +EVP_MAC_CTX_dup() duplicates the I<src> context and returns a newly allocated context. -EVP_MAC_get_ctx_mac() returns the B<EVP_MAC> associated with the context +EVP_MAC_CTX_mac() returns the B<EVP_MAC> associated with the context I<ctx>. =head2 Computing functions @@ -136,14 +136,14 @@ parameters should be retrieved. Note that a parameter that is unknown in the underlying context is simply ignored. -EVP_MAC_get_ctx_params() retrieves chosen parameters, given the +EVP_MAC_CTX_get_params() retrieves chosen parameters, given the context I<ctx> and its underlying context. The set of parameters given with I<params> determine exactly what parameters should be retrieved. Note that a parameter that is unknown in the underlying context is simply ignored. -EVP_MAC_set_ctx_params() passes chosen parameters to the underlying +EVP_MAC_CTX_set_params() passes chosen parameters to the underlying context, given a context I<ctx>. The set of parameters given with I<params> determine exactly what parameters are passed down. @@ -155,8 +155,8 @@ defined by the implementation. EVP_MAC_gettable_params(), EVP_MAC_gettable_ctx_params() and EVP_MAC_settable_ctx_params() get a constant B<OSSL_PARAM> array that describes the retrievable and settable parameters, i.e. parameters that -can be used with EVP_MAC_get_params(), EVP_MAC_get_ctx_params() -and EVP_MAC_set_ctx_params(), respectively. +can be used with EVP_MAC_get_params(), EVP_MAC_CTX_get_params() +and EVP_MAC_CTX_set_params(), respectively. See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor. =head2 Information functions @@ -270,12 +270,12 @@ the given name, otherwise 0. EVP_MAC_provider() returns a pointer to the provider for the MAC, or NULL on error. -EVP_MAC_new_ctx() and EVP_MAC_dup_ctx() return a pointer to a newly +EVP_MAC_CTX_new() and EVP_MAC_CTX_dup() return a pointer to a newly created EVP_MAC_CTX, or NULL if allocation failed. -EVP_MAC_free_ctx() returns nothing at all. +EVP_MAC_CTX_free() returns nothing at all. -EVP_MAC_get_ctx_params() and EVP_MAC_set_ctx_params() return 1 on +EVP_MAC_CTX_get_params() and EVP_MAC_CTX_set_params() return 1 on success, 0 on error. EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0 @@ -327,8 +327,8 @@ EVP_MAC_do_all_provided() returns nothing at all. if (mac == NULL || key == NULL - || (ctx = EVP_MAC_new_ctx(mac)) == NULL - || EVP_MAC_set_ctx_params(ctx, params) <= 0) + || (ctx = EVP_MAC_CTX_new(mac)) == NULL + || EVP_MAC_CTX_set_params(ctx, params) <= 0) goto err; if (!EVP_MAC_init(ctx)) @@ -347,12 +347,12 @@ EVP_MAC_do_all_provided() returns nothing at all. printf("%02X", buf[i]); printf("\n"); - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); EVP_MAC_free(mac); exit(0); err: - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); EVP_MAC_free(mac); fprintf(stderr, "Something went wrong\n"); ERR_print_errors_fp(stderr); diff --git a/doc/man3/HMAC.pod b/doc/man3/HMAC.pod index f441208585..816d6e325d 100644 --- a/doc/man3/HMAC.pod +++ b/doc/man3/HMAC.pod @@ -54,7 +54,7 @@ L<openssl_user_macros(7)>: =head1 DESCRIPTION All of the functions described on this page are deprecated. Applications should -instead use L<EVP_MAC_new_ctx(3)>, L<EVP_MAC_free_ctx(3)>, L<EVP_MAC_init(3)>, +instead use L<EVP_MAC_CTX_new(3)>, L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)> and L<EVP_MAC_final(3)>. HMAC is a MAC (message authentication code), i.e. a keyed hash diff --git a/doc/man3/OSSL_PARAM_allocate_from_text.pod b/doc/man3/OSSL_PARAM_allocate_from_text.pod index 539b2179c4..011685c8c8 100644 --- a/doc/man3/OSSL_PARAM_allocate_from_text.pod +++ b/doc/man3/OSSL_PARAM_allocate_from_text.pod @@ -175,7 +175,7 @@ Can be written like this instead: goto err; } params[params_n] = OSSL_PARAM_construct_end(); - if (!EVP_MAC_set_ctx_params(ctx, params)) + if (!EVP_MAC_CTX_set_params(ctx, params)) goto err; while (params_n-- > 0) OPENSSL_free(params[params_n].data); diff --git a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod index ee726b3b64..a81dc76591 100644 --- a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod +++ b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod @@ -49,7 +49,7 @@ ticket information or it starts a full TLS handshake to create a new session ticket. Before the callback function is started I<ctx> and I<hctx> have been -initialised with L<EVP_CIPHER_CTX_reset(3)> and L<EVP_MAC_new_ctx(3)> +initialised with L<EVP_CIPHER_CTX_reset(3)> and L<EVP_MAC_CTX_new(3)> respectively. For new sessions tickets, when the client doesn't present a session ticket, or @@ -66,7 +66,7 @@ maximum IV length is B<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>. The initialization vector I<iv> should be a random value. The cipher context I<ctx> should use the initialisation vector I<iv>. The cipher context can be set using L<EVP_EncryptInit_ex(3)>. The hmac context and digest can be set using -L<EVP_MAC_set_ctx_params(3)> with the B<OSSL_MAC_PARAM_KEY> and +L<EVP_MAC_CTX_set_params(3)> with the B<OSSL_MAC_PARAM_KEY> and B<OSSL_MAC_PARAM_DIGEST> parameters respectively. When the client presents a session ticket, the callback function with be called @@ -76,7 +76,7 @@ the session ticket. The OpenSSL library expects that the I<name> will be used to retrieve a cryptographic parameters and that the cryptographic context I<ctx> will be set with the retrieved parameters and the initialization vector I<iv>. using a function like L<EVP_DecryptInit_ex(3)>. The key material and -digest for I<hctx> need to be set using L<EVP_MAC_set_ctx_params(3)> with the +digest for I<hctx> need to be set using L<EVP_MAC_CTX_set_params(3)> with the B<OSSL_MAC_PARAM_KEY> and B<OSSL_MAC_PARAM_DIGEST> parameters respectively. If the I<name> is still valid but a renewal of the ticket is required the @@ -120,8 +120,8 @@ The SSL_CTX_set_tlsext_ticket_key_cb() function is identical to SSL_CTX_set_tlsext_ticket_key_evp_cb() except that it takes a deprecated HMAC_CTX pointer instead of an EVP_MAC_CTX one. Before this callback function is started I<hctx> will have been -initialised with L<EVP_MAC_new_ctx(3)> and the digest set with -L<EVP_MAC_set_ctx_params(3)>. +initialised with L<EVP_MAC_CTX_new(3)> and the digest set with +L<EVP_MAC_CTX_set_params(3)>. The I<hctx> key material can be set using L<HMAC_Init_ex(3)>. =head1 NOTES @@ -186,7 +186,7 @@ Reference Implementation: params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "sha256", 0); params[2] = OSSL_PARAM_construct_end(); - EVP_MAC_set_ctx_params(hctx, params); + EVP_MAC_CTX_set_params(hctx, params); return 1; @@ -202,7 +202,7 @@ Reference Implementation: params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "sha256", 0); params[2] = OSSL_PARAM_construct_end(); - EVP_MAC_set_ctx_params(hctx, params); + EVP_MAC_CTX_set_params(hctx, params); EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, key->aes_key, iv); diff --git a/doc/man7/EVP_MAC-BLAKE2.pod b/doc/man7/EVP_MAC-BLAKE2.pod index d5673fa8e2..90b065340d 100644 --- a/doc/man7/EVP_MAC-BLAKE2.pod +++ b/doc/man7/EVP_MAC-BLAKE2.pod @@ -27,9 +27,9 @@ properties, to be used with EVP_MAC_fetch(): The general description of these parameters can be found in L<EVP_MAC(3)/PARAMETERS>. -All these parameters can be set with EVP_MAC_set_ctx_params(). +All these parameters can be set with EVP_MAC_CTX_set_params(). Furthermore, the "size" parameter can be retrieved with -EVP_MAC_get_ctx_params(), or with EVP_MAC_size(). +EVP_MAC_CTX_get_params(), or with EVP_MAC_size(). The length of the "size" parameter should not exceed that of a B<size_t>. =over 4 @@ -61,7 +61,7 @@ It is 32 and 64 respectively by default. =head1 SEE ALSO -L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>, +L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)> =head1 HISTORY diff --git a/doc/man7/EVP_MAC-CMAC.pod b/doc/man7/EVP_MAC-CMAC.pod index 699a50824b..c210d693ce 100644 --- a/doc/man7/EVP_MAC-CMAC.pod +++ b/doc/man7/EVP_MAC-CMAC.pod @@ -24,7 +24,7 @@ used with EVP_MAC_fetch(): The general description of these parameters can be found in L<EVP_MAC(3)/PARAMETERS>. -The following parameter can be set with EVP_MAC_set_ctx_params(): +The following parameter can be set with EVP_MAC_CTX_set_params(): =over 4 @@ -37,7 +37,7 @@ The following parameter can be set with EVP_MAC_set_ctx_params(): =back The following parameters can be retrieved with -EVP_MAC_get_ctx_params(): +EVP_MAC_CTX_get_params(): =over 4 @@ -50,7 +50,7 @@ The length of the "size" parameter is equal to that of an B<unsigned int>. =head1 SEE ALSO -L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>, +L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)> =head1 COPYRIGHT diff --git a/doc/man7/EVP_MAC-GMAC.pod b/doc/man7/EVP_MAC-GMAC.pod index 8e4d28e7b1..7c9477c215 100644 --- a/doc/man7/EVP_MAC-GMAC.pod +++ b/doc/man7/EVP_MAC-GMAC.pod @@ -24,7 +24,7 @@ used with EVP_MAC_fetch(): The general description of these parameters can be found in L<EVP_MAC(3)/PARAMETERS>. -The following parameter can be set with EVP_MAC_set_ctx_params(): +The following parameter can be set with EVP_MAC_CTX_set_params(): =over 4 @@ -39,7 +39,7 @@ The following parameter can be set with EVP_MAC_set_ctx_params(): =back The following parameters can be retrieved with -EVP_MAC_get_ctx_params(): +EVP_MAC_CTX_get_params(): =over 4 @@ -52,7 +52,7 @@ The length of the "size" parameter is equal to that of an B<unsigned int>. =head1 SEE ALSO -L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>, +L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)> =head1 COPYRIGHT diff --git a/doc/man7/EVP_MAC-HMAC.pod b/doc/man7/EVP_MAC-HMAC.pod index 31ff102ae6..7f0ec35b43 100644 --- a/doc/man7/EVP_MAC-HMAC.pod +++ b/doc/man7/EVP_MAC-HMAC.pod @@ -24,7 +24,7 @@ used with EVP_MAC_fetch(): The general description of these parameters can be found in L<EVP_MAC(3)/PARAMETERS>. -The following parameter can be set with EVP_MAC_set_ctx_params(): +The following parameter can be set with EVP_MAC_CTX_set_params(): =over 4 @@ -41,7 +41,7 @@ The following parameter can be set with EVP_MAC_set_ctx_params(): The "flags" parameter is passed directly to HMAC_CTX_set_flags(). The following parameter can be retrieved with -EVP_MAC_get_ctx_params(): +EVP_MAC_CTX_get_params(): =over 4 @@ -54,7 +54,7 @@ The length of the "size" parameter is equal to that of an B<unsigned int>. =head1 SEE ALSO -L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>, +L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)>, L<HMAC(3)> =head1 COPYRIGHT diff --git a/doc/man7/EVP_MAC-KMAC.pod b/doc/man7/EVP_MAC-KMAC.pod index 88044540c5..df7ac1ddf6 100644 --- a/doc/man7/EVP_MAC-KMAC.pod +++ b/doc/man7/EVP_MAC-KMAC.pod @@ -27,9 +27,9 @@ properties, to be used with EVP_MAC_fetch(): The general description of these parameters can be found in L<EVP_MAC(3)/PARAMETERS>. -All these parameters can be set with EVP_MAC_set_ctx_params(). +All these parameters can be set with EVP_MAC_CTX_set_params(). Furthermore, the "size" parameter can be retrieved with -EVP_MAC_get_ctx_params(), or with EVP_MAC_size(). +EVP_MAC_CTX_get_params(), or with EVP_MAC_size(). The length of the "size" parameter should not exceed that of a B<size_t>. =over 4 @@ -50,7 +50,7 @@ the input stream is set to zero. =head1 SEE ALSO -L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>, +L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)> =head1 COPYRIGHT diff --git a/doc/man7/EVP_MAC-Poly1305.pod b/doc/man7/EVP_MAC-Poly1305.pod index 8e288172a1..da9953a1d5 100644 --- a/doc/man7/EVP_MAC-Poly1305.pod +++ b/doc/man7/EVP_MAC-Poly1305.pod @@ -24,7 +24,7 @@ used with EVP_MAC_fetch(): The general description of these parameters can be found in L<EVP_MAC(3)/PARAMETERS>. -The following parameter can be set with EVP_MAC_set_ctx_params(): +The following parameter can be set with EVP_MAC_CTX_set_params(): =over 4 @@ -33,7 +33,7 @@ The following parameter can be set with EVP_MAC_set_ctx_params(): =back The following parameters can be retrieved with -EVP_MAC_get_ctx_params(): +EVP_MAC_CTX_get_params(): =over 4 @@ -46,7 +46,7 @@ The length of the "size" parameter should not exceed that of an B<unsigned int>. =head1 SEE ALSO -L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>, +L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)> =head1 COPYRIGHT diff --git a/doc/man7/EVP_MAC-Siphash.pod b/doc/man7/EVP_MAC-Siphash.pod index a65e5919aa..d8013b3369 100644 --- a/doc/man7/EVP_MAC-Siphash.pod +++ b/doc/man7/EVP_MAC-Siphash.pod @@ -25,9 +25,9 @@ used with EVP_MAC_fetch(): The general description of these parameters can be found in L<EVP_MAC(3)/PARAMETERS>. -All these parameters can be set with EVP_MAC_set_ctx_params(). +All these parameters can be set with EVP_MAC_CTX_set_params(). Furthermore, the "size" parameter can be retrieved with -EVP_MAC_get_ctx_params(), or with EVP_MAC_size(). +EVP_MAC_CTX_get_params(), or with EVP_MAC_size(). The length of the "size" parameter should not exceed that of a B<size_t>. =over 4 @@ -40,7 +40,7 @@ The length of the "size" parameter should not exceed that of a B<size_t>. =head1 SEE ALSO -L<EVP_MAC_get_ctx_params(3)>, L<EVP_MAC_set_ctx_params(3)>, +L<EVP_MAC_CTX_get_params(3)>, L<EVP_MAC_CTX_set_params(3)>, L<EVP_MAC(3)/PARAMETERS>, L<OSSL_PARAM(3)> =head1 COPYRIGHT diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 85a939b5c3..923550e9db 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -26,8 +26,6 @@ # include <openssl/evperr.h> # include <openssl/params.h> -# include <openssl/mac.h> - # define EVP_MAX_MD_SIZE 64/* longest known is SHA512 */ # define EVP_MAX_KEY_LENGTH 64 # define EVP_MAX_IV_LENGTH 16 @@ -1073,6 +1071,40 @@ void EVP_MD_do_all_provided(OPENSSL_CTX *libctx, void (*fn)(EVP_MD *md, void *arg), void *arg); +/* MAC stuff */ + +EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, + const char *properties); +int EVP_MAC_up_ref(EVP_MAC *mac); +void EVP_MAC_free(EVP_MAC *mac); +int EVP_MAC_number(const EVP_MAC *mac); +int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); +const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac); +int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); + +EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac); +void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx); +EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src); +EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx); +int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); +int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); + +size_t EVP_MAC_size(EVP_MAC_CTX *ctx); +int EVP_MAC_init(EVP_MAC_CTX *ctx); +int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen); +int EVP_MAC_final(EVP_MAC_CTX *ctx, + unsigned char *out, size_t *outl, size_t outsize); +const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac); +const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac); +const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac); + +void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx, + void (*fn)(EVP_MAC *mac, void *arg), + void *arg); +void EVP_MAC_names_do_all(const EVP_MAC *mac, + void (*fn)(const char *name, void *data), + void *data); + /* RAND stuff */ EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm, const char *properties); diff --git a/include/openssl/mac.h b/include/openssl/mac.h deleted file mode 100644 index 8411669bc9..0000000000 --- a/include/openssl/mac.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright 2019-2020=-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* MAC stuff */ - -#ifndef OPENSSL_EVP_MAC_H -# define OPENSSL_EVP_MAC_H -# pragma once - -# include <openssl/opensslconf.h> -# include <openssl/types.h> -# include <openssl/core.h> - -# ifdef __cplusplus -extern "C" { -# endif - -EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, - const char *properties); -int EVP_MAC_up_ref(EVP_MAC *mac); -void EVP_MAC_free(EVP_MAC *mac); -int EVP_MAC_number(const EVP_MAC *mac); -int EVP_MAC_is_a(const EVP_MAC *mac, const char *name); -const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac); -int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]); - -EVP_MAC_CTX *EVP_MAC_new_ctx(EVP_MAC *mac); -void EVP_MAC_free_ctx(EVP_MAC_CTX *ctx); -EVP_MAC_CTX *EVP_MAC_dup_ctx(const EVP_MAC_CTX *src); -EVP_MAC *EVP_MAC_get_ctx_mac(EVP_MAC_CTX *ctx); -int EVP_MAC_get_ctx_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); -int EVP_MAC_set_ctx_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); - -size_t EVP_MAC_size(EVP_MAC_CTX *ctx); -int EVP_MAC_init(EVP_MAC_CTX *ctx); -int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen); -int EVP_MAC_final(EVP_MAC_CTX *ctx, - unsigned char *out, size_t *outl, size_t outsize); -const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac); -const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac); -const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac); - -void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx, - void (*fn)(EVP_MAC *mac, void *arg), - void *arg); -void EVP_MAC_names_do_all(const EVP_MAC *mac, - void (*fn)(const char *name, void *data), - void *data); - -# ifdef __cplusplus -} -# endif -#endif /* OPENSSL_EVP_MAC_H */ diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index a0787a67e5..f6155e7dce 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -192,8 +192,8 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx, if (macname != NULL) { EVP_MAC *mac = EVP_MAC_fetch(libctx, macname, properties); - EVP_MAC_free_ctx(*macctx); - *macctx = mac == NULL ? NULL : EVP_MAC_new_ctx(mac); + EVP_MAC_CTX_free(*macctx); + *macctx = mac == NULL ? NULL : EVP_MAC_CTX_new(mac); /* The context holds on to the MAC */ EVP_MAC_free(mac); if (*macctx == NULL) @@ -244,10 +244,10 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx, #endif *mp = OSSL_PARAM_construct_end(); - if (EVP_MAC_set_ctx_params(*macctx, mac_params)) + if (EVP_MAC_CTX_set_params(*macctx, mac_params)) return 1; - EVP_MAC_free_ctx(*macctx); + EVP_MAC_CTX_free(*macctx); *macctx = NULL; return 0; } diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index a4a3cb5c89..58aa42eed8 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -147,7 +147,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC); mac = EVP_MAC_fetch(libctx, MAC_NAME, NULL); - ctx = EVP_MAC_new_ctx(mac); + ctx = EVP_MAC_CTX_new(mac); if (mac == NULL || ctx == NULL) goto err; @@ -157,7 +157,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex sizeof(fixed_key)); *p = OSSL_PARAM_construct_end(); - if (EVP_MAC_set_ctx_params(ctx, params) <= 0 + if (EVP_MAC_CTX_set_params(ctx, params) <= 0 || !EVP_MAC_init(ctx)) goto err; @@ -178,7 +178,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex ret = 1; err: OSSL_SELF_TEST_onend(ev, ret); - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); EVP_MAC_free(mac); return ret; } diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c index 9cf18d84a2..d25da76d17 100644 --- a/providers/implementations/kdfs/kbkdf.c +++ b/providers/implementations/kdfs/kbkdf.c @@ -122,7 +122,7 @@ static void kbkdf_reset(void *vctx) KBKDF *ctx = (KBKDF *)vctx; void *provctx = ctx->provctx; - EVP_MAC_free_ctx(ctx->ctx_init); + EVP_MAC_CTX_free(ctx->ctx_init); OPENSSL_clear_free(ctx->context, ctx->context_len); OPENSSL_clear_free(ctx->label, ctx->label_len); OPENSSL_clear_free(ctx->ki, ctx->ki_len); @@ -151,7 +151,7 @@ static int derive(EVP_MAC_CTX *ctx_init, kbkdf_mode mode, unsigned char *iv, for (counter = 1; written < ko_len; counter++) { i = be32(counter); - ctx = EVP_MAC_dup_ctx(ctx_init); + ctx = EVP_MAC_CTX_dup(ctx_init); if (ctx == NULL) goto done; @@ -172,13 +172,13 @@ static int derive(EVP_MAC_CTX *ctx_init, kbkdf_mode mode, unsigned char *iv, written += h; k_i_len = h; - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); ctx = NULL; } ret = 1; done: - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); return ret; } @@ -247,9 +247,9 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) NULL, NULL, libctx)) return 0; else if (ctx->ctx_init != NULL - && !EVP_MAC_is_a(EVP_MAC_get_ctx_mac(ctx->ctx_init), + && !EVP_MAC_is_a(EVP_MAC_CTX_mac(ctx->ctx_init), OSSL_MAC_NAME_HMAC) - && !EVP_MAC_is_a(EVP_MAC_get_ctx_mac(ctx->ctx_init), + && !EVP_MAC_is_a(EVP_MAC_CTX_mac(ctx->ctx_init), OSSL_MAC_NAME_CMAC)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MAC); return 0; @@ -288,7 +288,7 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ctx->ki, ctx->ki_len); mparams[1] = OSSL_PARAM_construct_end(); - if (!EVP_MAC_set_ctx_params(ctx->ctx_init, mparams) + if (!EVP_MAC_CTX_set_params(ctx->ctx_init, mparams) || !EVP_MAC_init(ctx->ctx_init)) return 0; } diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index 6d6e3295c8..5ef73644f0 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -168,7 +168,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, (void *)custom, custom_len); params[1] = OSSL_PARAM_construct_end(); - if (!EVP_MAC_set_ctx_params(ctx, params)) + if (!EVP_MAC_CTX_set_params(ctx, params)) return 0; /* By default only do one iteration if kmac_out_len is not specified */ @@ -186,7 +186,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &kmac_out_len); - if (EVP_MAC_set_ctx_params(ctx, params) <= 0) + if (EVP_MAC_CTX_set_params(ctx, params) <= 0) return 0; /* @@ -233,7 +233,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init, (void *)salt, salt_len); *p = OSSL_PARAM_construct_end(); - if (!EVP_MAC_set_ctx_params(ctx_init, params)) + if (!EVP_MAC_CTX_set_params(ctx_init, params)) goto end; if (!kmac_init(ctx_init, kmac_custom, kmac_custom_len, kmac_out_len, @@ -256,7 +256,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init, c[2] = (unsigned char)((counter >> 8) & 0xff); c[3] = (unsigned char)(counter & 0xff); - ctx = EVP_MAC_dup_ctx(ctx_init); + ctx = EVP_MAC_CTX_dup(ctx_init); if (!(ctx != NULL && EVP_MAC_update(ctx, c, sizeof(c)) && EVP_MAC_update(ctx, z, z_len) @@ -275,7 +275,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init, memcpy(out, mac, len); break; } - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); ctx = NULL; } ret = 1; @@ -285,7 +285,7 @@ end: else OPENSSL_cleanse(mac_buf, sizeof(mac_buf)); - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); return ret; } @@ -304,7 +304,7 @@ static void sskdf_reset(void *vctx) KDF_SSKDF *ctx = (KDF_SSKDF *)vctx; void *provctx = ctx->provctx; - EVP_MAC_free_ctx(ctx->macctx); + EVP_MAC_CTX_free(ctx->macctx); ossl_prov_digest_reset(&ctx->digest); OPENSSL_clear_free(ctx->secret, ctx->secret_len); OPENSSL_clear_free(ctx->info, ctx->info_len); @@ -362,7 +362,7 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen) const unsigned char *custom = NULL; size_t custom_len = 0; int default_salt_len; - EVP_MAC *mac = EVP_MAC_get_ctx_mac(ctx->macctx); + EVP_MAC *mac = EVP_MAC_CTX_mac(ctx->macctx); /* * TODO(3.0) investigate the necessity to have all these controls. diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index d90a1bd072..73437531f6 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -117,8 +117,8 @@ static void kdf_tls1_prf_reset(void *vctx) TLS1_PRF *ctx = (TLS1_PRF *)vctx; void *provctx = ctx->provctx; - EVP_MAC_free_ctx(ctx->P_hash); - EVP_MAC_free_ctx(ctx->P_sha1); + EVP_MAC_CTX_free(ctx->P_hash); + EVP_MAC_CTX_free(ctx->P_sha1); OPENSSL_clear_free(ctx->sec, ctx->seclen); OPENSSL_cleanse(ctx->seed, ctx->seedlen); memset(ctx, 0, sizeof(*ctx)); @@ -165,7 +165,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) NULL, SN_sha1, libctx)) return 0; } else { - EVP_MAC_free_ctx(ctx->P_sha1); + EVP_MAC_CTX_free(ctx->P_sha1); if (!ossl_prov_macctx_load_from_params(&ctx->P_hash, params, OSSL_MAC_NAME_HMAC, NULL, NULL, libctx)) @@ -282,7 +282,7 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, (void *)sec, sec_len); *p = OSSL_PARAM_construct_end(); - if (!EVP_MAC_set_ctx_params(ctx_init, params)) + if (!EVP_MAC_CTX_set_params(ctx_init, params)) goto err; if (!EVP_MAC_init(ctx_init)) goto err; @@ -290,7 +290,7 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, if (chunk == 0) goto err; /* A(0) = seed */ - ctx_Ai = EVP_MAC_dup_ctx(ctx_init); + ctx_Ai = EVP_MAC_CTX_dup(ctx_init); if (ctx_Ai == NULL) goto err; if (seed != NULL && !EVP_MAC_update(ctx_Ai, seed, seed_len)) @@ -300,18 +300,18 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, /* calc: A(i) = HMAC_<hash>(secret, A(i-1)) */ if (!EVP_MAC_final(ctx_Ai, Ai, &Ai_len, sizeof(Ai))) goto err; - EVP_MAC_free_ctx(ctx_Ai); + EVP_MAC_CTX_free(ctx_Ai); ctx_Ai = NULL; /* calc next chunk: HMAC_<hash>(secret, A(i) + seed) */ - ctx = EVP_MAC_dup_ctx(ctx_init); + ctx = EVP_MAC_CTX_dup(ctx_init); if (ctx == NULL) goto err; if (!EVP_MAC_update(ctx, Ai, Ai_len)) goto err; /* save state for calculating next A(i) value */ if (olen > chunk) { - ctx_Ai = EVP_MAC_dup_ctx(ctx); + ctx_Ai = EVP_MAC_CTX_dup(ctx); if (ctx_Ai == NULL) goto err; } @@ -326,15 +326,15 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, } if (!EVP_MAC_final(ctx, out, NULL, olen)) goto err; - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); ctx = NULL; out += chunk; olen -= chunk; } ret = 1; err: - EVP_MAC_free_ctx(ctx); - EVP_MAC_free_ctx(ctx_Ai); + EVP_MAC_CTX_free(ctx); + EVP_MAC_CTX_free(ctx_Ai); OPENSSL_cleanse(Ai, sizeof(Ai)); return ret; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 41228d58e9..bf955bf3ec 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3390,12 +3390,12 @@ SSL_HMAC *ssl_hmac_new(const SSL_CTX *ctx) } #endif mac = EVP_MAC_fetch(ctx->libctx, "HMAC", NULL); - if (mac == NULL || (ret->ctx = EVP_MAC_new_ctx(mac)) == NULL) + if (mac == NULL || (ret->ctx = EVP_MAC_CTX_new(mac)) == NULL) goto err; EVP_MAC_free(mac); return ret; err: - EVP_MAC_free_ctx(ret->ctx); + EVP_MAC_CTX_free(ret->ctx); EVP_MAC_free(mac); OPENSSL_free(ret); return NULL; @@ -3404,7 +3404,7 @@ SSL_HMAC *ssl_hmac_new(const SSL_CTX *ctx) void ssl_hmac_free(SSL_HMAC *ctx) { if (ctx != NULL) { - EVP_MAC_free_ctx(ctx->ctx); + EVP_MAC_CTX_free(ctx->ctx); #ifndef OPENSSL_NO_DEPRECATED_3_0 HMAC_CTX_free(ctx->old_ctx); #endif @@ -3432,7 +3432,7 @@ int ssl_hmac_init(SSL_HMAC *ctx, void *key, size_t len, char *md) *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, md, 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key, len); *p = OSSL_PARAM_construct_end(); - if (EVP_MAC_set_ctx_params(ctx->ctx, params) && EVP_MAC_init(ctx->ctx)) + if (EVP_MAC_CTX_set_params(ctx->ctx, params) && EVP_MAC_init(ctx->ctx)) return 1; } #ifndef OPENSSL_NO_DEPRECATED_3_0 diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 95e28d6d54..cf8e42c97e 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -360,9 +360,9 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen, } *p++ = OSSL_PARAM_construct_end(); - ctx = EVP_MAC_new_ctx(hmac); + ctx = EVP_MAC_CTX_new(hmac); if (ctx == NULL - || !EVP_MAC_set_ctx_params(ctx, params) + || !EVP_MAC_CTX_set_params(ctx, params) || !EVP_MAC_init(ctx) || !EVP_MAC_update(ctx, hash, hashlen) /* outsize as per sizeof(peer_finish_md) */ @@ -375,7 +375,7 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen, ret = hashlen; err: OPENSSL_cleanse(finsecret, sizeof(finsecret)); - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); EVP_MAC_free(hmac); return ret; } diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c index d2d6a6b426..bfbaa7953a 100644 --- a/test/bad_dtls_test.c +++ b/test/bad_dtls_test.c @@ -305,14 +305,14 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, /* Append HMAC to data */ hmac = EVP_MAC_fetch(NULL, "HMAC", NULL); - ctx = EVP_MAC_new_ctx(hmac); + ctx = EVP_MAC_CTX_new(hmac); EVP_MAC_free(hmac); params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "SHA1", 0); params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, mac_key, 20); params[2] = OSSL_PARAM_construct_end(); - EVP_MAC_set_ctx_params(ctx, params); + EVP_MAC_CTX_set_params(ctx, params); EVP_MAC_init(ctx); EVP_MAC_update(ctx, epoch, 2); EVP_MAC_update(ctx, seq, 6); @@ -323,7 +323,7 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, EVP_MAC_update(ctx, lenbytes, 2); /* Length */ EVP_MAC_update(ctx, enc, len); /* Finally the data itself */ EVP_MAC_final(ctx, enc + len, NULL, SHA_DIGEST_LENGTH); - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); /* Append padding bytes */ len += SHA_DIGEST_LENGTH; diff --git a/test/evp_test.c b/test/evp_test.c index 7e93b41f32..b9cbefd81e 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1341,12 +1341,12 @@ static int mac_test_run_mac(EVP_TEST *t) } params[params_n] = OSSL_PARAM_construct_end(); - if ((ctx = EVP_MAC_new_ctx(expected->mac)) == NULL) { + if ((ctx = EVP_MAC_CTX_new(expected->mac)) == NULL) { t->err = "MAC_CREATE_ERROR"; goto err; } - if (!EVP_MAC_set_ctx_params(ctx, params)) { + if (!EVP_MAC_CTX_set_params(ctx, params)) { t->err = "MAC_BAD_PARAMS"; goto err; } @@ -1378,7 +1378,7 @@ static int mac_test_run_mac(EVP_TEST *t) while (params_n-- > params_n_allocstart) { OPENSSL_free(params[params_n].data); } - EVP_MAC_free_ctx(ctx); + EVP_MAC_CTX_free(ctx); OPENSSL_free(got); return 1; } diff --git a/test/sslapitest.c b/test/sslapitest.c index 1a91f96fb9..ccee736592 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -7044,7 +7044,7 @@ static int tick_key_evp_cb(SSL *s, unsigned char key_name[16], params[2] = OSSL_PARAM_construct_end(); if (aes128cbc == NULL || !EVP_CipherInit_ex(ctx, aes128cbc, NULL, tick_aes_key, iv, enc) - || !EVP_MAC_set_ctx_params(hctx, params) + || !EVP_MAC_CTX_set_params(hctx, params) || !EVP_MAC_init(hctx)) ret = -1; else diff --git a/util/libcrypto.num b/util/libcrypto.num index 2627608f55..a179ee8eb1 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4424,10 +4424,10 @@ OCSP_resp_get0_respdata 4530 3_0_0 EXIST::FUNCTION:OCSP EVP_MD_CTX_set_pkey_ctx 4531 3_0_0 EXIST::FUNCTION: EVP_PKEY_meth_set_digest_custom 4532 3_0_0 EXIST::FUNCTION: EVP_PKEY_meth_get_digest_custom 4533 3_0_0 EXIST::FUNCTION: -EVP_MAC_new_ctx ? 3_0_0 EXIST::FUNCTION: -EVP_MAC_free_ctx ? 3_0_0 EXIST::FUNCTION: -EVP_MAC_dup_ctx ? 3_0_0 EXIST::FUNCTION: -EVP_MAC_get_ctx_mac ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_CTX_new ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_CTX_free ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_CTX_dup ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION: EVP_MAC_size ? 3_0_0 EXIST::FUNCTION: EVP_MAC_init ? 3_0_0 EXIST::FUNCTION: EVP_MAC_update ? 3_0_0 EXIST::FUNCTION: @@ -4700,8 +4700,8 @@ EVP_CIPHER_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION: EVP_MD_get_params ? 3_0_0 EXIST::FUNCTION: EVP_MAC_fetch ? 3_0_0 EXIST::FUNCTION: EVP_MAC_settable_ctx_params ? 3_0_0 EXIST::FUNCTION: -EVP_MAC_set_ctx_params ? 3_0_0 EXIST::FUNCTION: -EVP_MAC_get_ctx_params ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_CTX_set_params ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_CTX_get_params ? 3_0_0 EXIST::FUNCTION: EVP_MAC_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION: EVP_MAC_free ? 3_0_0 EXIST::FUNCTION: EVP_MAC_up_ref ? 3_0_0 EXIST::FUNCTION: |