diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-03-29 19:42:33 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-05-08 14:35:03 +0200 |
| commit | 0a8a6afdfb71e42962921980b51942cea8632697 (patch) | |
| tree | 745f3e64cca2a9993fc2548f0a80a20dca231bcb /apps | |
| parent | bea31afef013aaf5638e96e9bed1b633c510d50d (diff) | |
Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC functions
This helps compensating for deprecated functions such as HMAC()
and reduces clutter in the crypto lib, apps, and tests.
Also fixes memory leaks in generate_cookie_callback() of apps/lib/s_cb.c.
and replaces 'B<...>' by 'I<...>' where appropriate in HMAC.pod
Partially fixes #14628.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14664)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/lib/s_cb.c | 35 |
1 files changed, 6 insertions, 29 deletions
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c index 0bb4b6c436..bdd5051ee6 100644 --- a/apps/lib/s_cb.c +++ b/apps/lib/s_cb.c @@ -739,10 +739,6 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned short port; BIO_ADDR *lpeer = NULL, *peer = NULL; int res = 0; - EVP_MAC *hmac = NULL; - EVP_MAC_CTX *ctx = NULL; - OSSL_PARAM params[2], *p = params; - size_t mac_len; /* Initialize a random secret */ if (!cookie_initialized) { @@ -780,32 +776,13 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie, memcpy(buffer, &port, sizeof(port)); BIO_ADDR_rawaddress(peer, buffer + sizeof(port), NULL); - /* Calculate HMAC of buffer using the secret */ - hmac = EVP_MAC_fetch(NULL, "HMAC", NULL); - if (hmac == NULL) { - BIO_printf(bio_err, "HMAC not found\n"); - goto end; - } - ctx = EVP_MAC_CTX_new(hmac); - if (ctx == NULL) { - BIO_printf(bio_err, "HMAC context allocation failed\n"); - goto end; - } - *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "SHA1", 0); - *p = OSSL_PARAM_construct_end(); - if (!EVP_MAC_init(ctx, cookie_secret, COOKIE_SECRET_LENGTH, params)) { - BIO_printf(bio_err, "HMAC context initialisation failed\n"); - goto end; - } - if (!EVP_MAC_update(ctx, buffer, length)) { - BIO_printf(bio_err, "HMAC context update failed\n"); - goto end; - } - if (!EVP_MAC_final(ctx, cookie, &mac_len, DTLS1_COOKIE_LENGTH)) { - BIO_printf(bio_err, "HMAC context final failed\n"); - goto end; + if (EVP_Q_mac(NULL, "HMAC", NULL, "SHA1", NULL, + cookie_secret, COOKIE_SECRET_LENGTH, buffer, length, + cookie, DTLS1_COOKIE_LENGTH, cookie_len) == NULL) { + BIO_printf(bio_err, + "Error calculating HMAC-SHA1 of buffer with secret\n"); + goto end; } - *cookie_len = (int)mac_len; res = 1; end: OPENSSL_free(buffer); |