diff options
| author | Pauli <ppzgs1@gmail.com> | 2021-02-25 04:54:13 +0100 |
|---|---|---|
| committer | Pauli <ppzgs1@gmail.com> | 2021-02-28 08:25:49 +0100 |
| commit | c23f96f3f6f385a3d7ce3b3a4c48f9b531cec41f (patch) | |
| tree | 26b807464622bf0eadf8fc87a408bf042be7dede /providers | |
| parent | prov: update gmac to have additional init arguments (diff) | |
| download | openssl-c23f96f3f6f385a3d7ce3b3a4c48f9b531cec41f.tar.xz openssl-c23f96f3f6f385a3d7ce3b3a4c48f9b531cec41f.zip | |
prov: update hmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/implementations/macs/hmac_prov.c | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index 6d7d3d5118..7188232d7d 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -141,22 +141,39 @@ static size_t hmac_size(void *vmacctx) return HMAC_size(macctx->ctx); } -static int hmac_init(void *vmacctx) +static int hmac_setkey(struct hmac_data_st *macctx, + const unsigned char *key, size_t keylen) { - struct hmac_data_st *macctx = vmacctx; const EVP_MD *digest; - int rv = 1; - if (!ossl_prov_is_running()) + if (macctx->keylen > 0) + OPENSSL_secure_clear_free(macctx->key, macctx->keylen); + /* Keep a copy of the key in case we need it for TLS HMAC */ + macctx->key = OPENSSL_secure_malloc(keylen > 0 ? keylen : 1); + if (macctx->key == NULL) return 0; + memcpy(macctx->key, key, keylen); + macctx->keylen = keylen; digest = ossl_prov_digest_md(&macctx->digest); /* HMAC_Init_ex doesn't tolerate all zero params, so we must be careful */ - if (macctx->tls_data_size == 0 && digest != NULL) - rv = HMAC_Init_ex(macctx->ctx, NULL, 0, digest, - ossl_prov_digest_engine(&macctx->digest)); + if (key != NULL || (macctx->tls_data_size == 0 && digest != NULL)) + return HMAC_Init_ex(macctx->ctx, key, keylen, digest, + ossl_prov_digest_engine(&macctx->digest)); + return 1; +} + +static int hmac_init(void *vmacctx, const unsigned char *key, + size_t keylen, const OSSL_PARAM params[]) +{ + struct hmac_data_st *macctx = vmacctx; + + if (!ossl_prov_is_running() || !hmac_set_ctx_params(macctx, params)) + return 0; - return rv; + if (key != NULL && !hmac_setkey(macctx, key, keylen)) + return 0; + return 1; } static int hmac_update(void *vmacctx, const unsigned char *data, |