diff options
| author | Richard Levitte <levitte@openssl.org> | 2019-08-22 12:50:00 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2019-08-24 13:01:15 +0200 |
| commit | 703170d4b9da1b3adc0e4d87719a5156080b2dca (patch) | |
| tree | 5223ce61f34a098ed497c54ac271ee26a3d30f15 /crypto/kdf | |
| parent | Remove MAC cruft (diff) | |
| download | openssl-703170d4b9da1b3adc0e4d87719a5156080b2dca.tar.xz openssl-703170d4b9da1b3adc0e4d87719a5156080b2dca.zip | |
Get rid of the diversity of names for MAC parameters
The EVP_PKEY MAC implementations had a diversity of controls that were
really the same thing. We did reproduce that for the provider based
MACs, but are changing our minds on this. Instead of that, we now use
one parameter name for passing the name of the underlying ciphers or
digests to a MAC implementation, "cipher" and "digest", and one
parameter name for passing the output size of the MAC, "size".
Then we leave it to the EVP_PKEY->EVP_MAC bridge to translate "md"
to "digest", and "digestsize" to "size".
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9667)
Diffstat (limited to 'crypto/kdf')
| -rw-r--r-- | crypto/kdf/sskdf.c | 4 | ||||
| -rw-r--r-- | crypto/kdf/tls1_prf.c | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/crypto/kdf/sskdf.c b/crypto/kdf/sskdf.c index a4a9abff5a..916a06e5a1 100644 --- a/crypto/kdf/sskdf.c +++ b/crypto/kdf/sskdf.c @@ -168,7 +168,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom, || kmac_out_len == 64)) return 0; - params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_OUTLEN, + params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &kmac_out_len); if (EVP_MAC_CTX_set_params(ctx, params) <= 0) @@ -222,7 +222,7 @@ static int SSKDF_mac_kdm(EVP_MAC *kdf_mac, const EVP_MD *hmac_md, if (hmac_md != NULL) { const char *mdname = EVP_MD_name(hmac_md); params[params_n++] = - OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, (char *)mdname, strlen(mdname) + 1); } diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c index b53c417737..f5d2314681 100644 --- a/crypto/kdf/tls1_prf.c +++ b/crypto/kdf/tls1_prf.c @@ -251,7 +251,7 @@ static int tls1_prf_P_hash(const EVP_MD *md, /* TODO(3.0) rethink "flags", also see hmac.c in providers */ mac_flags = EVP_MD_CTX_FLAG_NON_FIPS_ALLOW; params[0] = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_FLAGS, &mac_flags); - params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_ALGORITHM, + params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, (char *)mdname, strlen(mdname) + 1); params[2] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, |