From: Vitaly Chikunov Date: Sat, 9 May 2020 04:46:17 +0000 (+0300) Subject: test_digest: Do HMAC using EVP_MAC API X-Git-Tag: v3.0.0~132 X-Git-Url: http://wagner.pp.ru/gitweb/?a=commitdiff_plain;h=3c0db93862faa4b5f302bf6f310c5f86f4dded24;p=openssl-gost%2Fengine.git test_digest: Do HMAC using EVP_MAC API They say `HMAC' API is deprecated since 3.0, thus `EVP_MAC' API should be used. https://www.openssl.org/docs/manmaster/man3/HMAC_CTX_free.html --- diff --git a/test_digest.c b/test_digest.c index 5d26eb7..ce7f60a 100644 --- a/test_digest.c +++ b/test_digest.c @@ -8,11 +8,16 @@ */ #include +#include #include -#include #include #include #include +#if OPENSSL_VERSION_MAJOR < 3 +# include +#else +# include +#endif #include #include #include @@ -445,35 +450,68 @@ static void hexdump(const void *ptr, size_t len) printf("\n"); } +#if OPENSSL_VERSION_MAJOR < 3 static int do_hmac(const EVP_MD *type, const char *plaintext, unsigned int psize, const char *etalon, int mdsize, const char *key, unsigned int key_size) { + unsigned int len; + unsigned char md[EVP_MAX_MD_SIZE]; + HMAC_CTX *ctx; T(ctx = HMAC_CTX_new()); T(HMAC_Init_ex(ctx, key, key_size, type, NULL)); - if (mdsize) - T(HMAC_size(ctx) == mdsize); - else - T(mdsize = HMAC_size(ctx)); T(HMAC_Update(ctx, (const unsigned char *)plaintext, psize)); - - unsigned int len; - unsigned char md[EVP_MAX_MD_SIZE]; T(HMAC_Final(ctx, md, &len)); - HMAC_CTX_free(ctx); - T(len == mdsize); - if (memcmp(md, etalon, mdsize) != 0) { + if (mdsize) + T(len == mdsize); + if (memcmp(md, etalon, len) != 0) { printf(cRED "hmac mismatch\n" cNORM); - hexdump(etalon, mdsize); - hexdump(md, mdsize); + hexdump(etalon, len); + hexdump(md, len); return 1; } + return 0; +} +#else +static int do_hmac(const EVP_MD *type, const char *plaintext, + unsigned int psize, const char *etalon, int mdsize, + const char *key, unsigned int key_size) +{ + size_t len; + unsigned char md[EVP_MAX_MD_SIZE]; + EVP_MAC *hmac; + T(hmac = EVP_MAC_fetch(NULL, "HMAC", NULL)); + EVP_MAC_CTX *ctx; + T(ctx = EVP_MAC_CTX_new(hmac)); + OSSL_PARAM params[] = { + OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_DIGEST, + (char *)EVP_MD_name(type), 0), + OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, (char *)key, key_size), + OSSL_PARAM_END + }; + T(EVP_MAC_CTX_set_params(ctx, params)); + T(EVP_MAC_init(ctx)); + T(EVP_MAC_update(ctx, (unsigned char *)plaintext, psize)); + T(EVP_MAC_final(ctx, md, &len, EVP_MAX_MD_SIZE)); + EVP_MAC_CTX_free(ctx); + EVP_MAC_free(hmac); + + if (mdsize) + T(len == mdsize); + if (memcmp(md, etalon, len) != 0) { + printf(cRED "hmac mismatch\n" cNORM); + hexdump(etalon, len); + hexdump(md, len); + return 1; + } return 0; } +#endif + static int do_digest(const EVP_MD *type, const char *plaintext, unsigned int psize, const char *etalon, int mdsize, int truncate, const char *key, unsigned int key_size, int acpkm, int acpkm_t,