[openssl] master update
Kurt Roeckx
kurt at openssl.org
Thu Jun 6 15:42:09 UTC 2019
The branch master has been updated
via 7ed66e2634e6cfbb16a1ef975572e79a479217a8 (commit)
via be5fc053ed40bb714944f93e2d35265d2096f71f (commit)
from e6071f29c24cd22ac7857bf88917598265cc90a9 (commit)
- Log -----------------------------------------------------------------
commit 7ed66e2634e6cfbb16a1ef975572e79a479217a8
Author: Kurt Roeckx <kurt at roeckx.be>
Date: Wed Dec 19 00:36:40 2018 +0100
Change EVP_MAC method from copy to dup
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
GH: #7651
commit be5fc053ed40bb714944f93e2d35265d2096f71f
Author: Kurt Roeckx <kurt at roeckx.be>
Date: Sun Nov 4 19:16:20 2018 +0100
Replace EVP_MAC_CTX_copy() by EVP_MAC_CTX_dup()
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
GH: #7651
-----------------------------------------------------------------------
Summary of changes:
crypto/blake2/blake2b_mac.c | 12 ++++++--
crypto/blake2/blake2s_mac.c | 12 ++++++--
crypto/cmac/cm_meth.c | 18 ++++++++----
crypto/err/openssl.txt | 3 +-
crypto/evp/evp_err.c | 3 +-
crypto/evp/mac_lib.c | 24 ++++++++++-----
crypto/evp/pkey_mac.c | 46 ++++++++++++++++++-----------
crypto/gmac/gmac.c | 18 ++++++++++--
crypto/hmac/hm_meth.c | 19 ++++++++----
crypto/include/internal/evp_int.h | 2 +-
crypto/kdf/sskdf.c | 8 +++--
crypto/kdf/tls1_prf.c | 21 +++++++++-----
crypto/kmac/kmac.c | 19 +++++++++---
crypto/modes/modes_lcl.h | 1 -
crypto/modes/siv128.c | 61 +++++++++++++++++++++++----------------
crypto/poly1305/poly1305_meth.c | 12 ++++++--
crypto/siphash/siphash_meth.c | 13 +++++++--
doc/man3/EVP_MAC.pod | 21 +++++++-------
include/openssl/evp.h | 2 +-
include/openssl/evperr.h | 3 +-
util/libcrypto.num | 2 +-
21 files changed, 215 insertions(+), 105 deletions(-)
diff --git a/crypto/blake2/blake2b_mac.c b/crypto/blake2/blake2b_mac.c
index b38e9b8..f6025b1 100644
--- a/crypto/blake2/blake2b_mac.c
+++ b/crypto/blake2/blake2b_mac.c
@@ -39,10 +39,16 @@ static void blake2b_mac_free(EVP_MAC_IMPL *macctx)
}
}
-static int blake2b_mac_copy(EVP_MAC_IMPL *dst, EVP_MAC_IMPL *src)
+static EVP_MAC_IMPL *blake2b_mac_dup(const EVP_MAC_IMPL *src)
{
+ EVP_MAC_IMPL *dst;
+
+ dst = OPENSSL_zalloc(sizeof(*dst));
+ if (dst == NULL)
+ return NULL;
+
*dst = *src;
- return 1;
+ return dst;
}
static int blake2b_mac_init(EVP_MAC_IMPL *macctx)
@@ -177,7 +183,7 @@ static size_t blake2b_mac_size(EVP_MAC_IMPL *macctx)
const EVP_MAC blake2b_mac_meth = {
EVP_MAC_BLAKE2B,
blake2b_mac_new,
- blake2b_mac_copy,
+ blake2b_mac_dup,
blake2b_mac_free,
blake2b_mac_size,
blake2b_mac_init,
diff --git a/crypto/blake2/blake2s_mac.c b/crypto/blake2/blake2s_mac.c
index 04dbf4e..9ce8db1 100644
--- a/crypto/blake2/blake2s_mac.c
+++ b/crypto/blake2/blake2s_mac.c
@@ -39,10 +39,16 @@ static void blake2s_mac_free(EVP_MAC_IMPL *macctx)
}
}
-static int blake2s_mac_copy(EVP_MAC_IMPL *dst, EVP_MAC_IMPL *src)
+static EVP_MAC_IMPL *blake2s_mac_dup(const EVP_MAC_IMPL *src)
{
+ EVP_MAC_IMPL *dst;
+
+ dst = OPENSSL_malloc(sizeof(*dst));
+ if (dst == NULL)
+ return NULL;
+
*dst = *src;
- return 1;
+ return dst;
}
static int blake2s_mac_init(EVP_MAC_IMPL *macctx)
@@ -177,7 +183,7 @@ static size_t blake2s_mac_size(EVP_MAC_IMPL *macctx)
const EVP_MAC blake2s_mac_meth = {
EVP_MAC_BLAKE2S,
blake2s_mac_new,
- blake2s_mac_copy,
+ blake2s_mac_dup,
blake2s_mac_free,
blake2s_mac_size,
blake2s_mac_init,
diff --git a/crypto/cmac/cm_meth.c b/crypto/cmac/cm_meth.c
index 3f20e6c..07acf05 100644
--- a/crypto/cmac/cm_meth.c
+++ b/crypto/cmac/cm_meth.c
@@ -46,14 +46,22 @@ static void cmac_free(EVP_MAC_IMPL *cctx)
}
}
-static int cmac_copy(EVP_MAC_IMPL *cdst, EVP_MAC_IMPL *csrc)
+static EVP_MAC_IMPL *cmac_dup(const EVP_MAC_IMPL *csrc)
{
- if (!CMAC_CTX_copy(cdst->ctx, csrc->ctx))
- return 0;
+ EVP_MAC_IMPL *cdst = cmac_new();
+
+ if (cdst == NULL)
+ return NULL;
+
+ if (!CMAC_CTX_copy(cdst->ctx, csrc->ctx)) {
+ cmac_free(cdst);
+ return NULL;
+ }
cdst->tmpengine = csrc->tmpengine;
cdst->tmpcipher = csrc->tmpcipher;
- return 1;
+
+ return cdst;
}
static size_t cmac_size(EVP_MAC_IMPL *cctx)
@@ -153,7 +161,7 @@ static int cmac_ctrl_str(EVP_MAC_IMPL *cctx, const char *type,
const EVP_MAC cmac_meth = {
EVP_MAC_CMAC,
cmac_new,
- cmac_copy,
+ cmac_dup,
cmac_free,
cmac_size,
cmac_init,
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 72057ac..3fb8c96 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -809,7 +809,7 @@ EVP_F_EVP_KDF_CTX_NEW:240:EVP_KDF_CTX_new
EVP_F_EVP_KDF_CTX_NEW_ID:226:EVP_KDF_CTX_new_id
EVP_F_EVP_MAC_CTRL:209:EVP_MAC_ctrl
EVP_F_EVP_MAC_CTRL_STR:210:EVP_MAC_ctrl_str
-EVP_F_EVP_MAC_CTX_COPY:211:EVP_MAC_CTX_copy
+EVP_F_EVP_MAC_CTX_DUP:211:EVP_MAC_CTX_dup
EVP_F_EVP_MAC_CTX_NEW:213:EVP_MAC_CTX_new
EVP_F_EVP_MAC_INIT:212:EVP_MAC_init
EVP_F_EVP_MD_BLOCK_SIZE:232:EVP_MD_block_size
@@ -880,6 +880,7 @@ EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen
EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen
EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen
EVP_F_PKEY_KDF_CTRL:227:pkey_kdf_ctrl
+EVP_F_PKEY_MAC_COPY:241:pkey_mac_copy
EVP_F_PKEY_MAC_INIT:214:pkey_mac_init
EVP_F_PKEY_SET_TYPE:158:pkey_set_type
EVP_F_POLY1305_CTRL:216:poly1305_ctrl
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 836f5ee..199fabb 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -78,7 +78,7 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTX_NEW_ID, 0), "EVP_KDF_CTX_new_id"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTRL, 0), "EVP_MAC_ctrl"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTRL_STR, 0), "EVP_MAC_ctrl_str"},
- {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTX_COPY, 0), "EVP_MAC_CTX_copy"},
+ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTX_DUP, 0), "EVP_MAC_CTX_dup"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTX_NEW, 0), "EVP_MAC_CTX_new"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_INIT, 0), "EVP_MAC_init"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_BLOCK_SIZE, 0), "EVP_MD_block_size"},
@@ -179,6 +179,7 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0),
"PKCS5_v2_scrypt_keyivgen"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_KDF_CTRL, 0), "pkey_kdf_ctrl"},
+ {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_MAC_COPY, 0), "pkey_mac_copy"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_MAC_INIT, 0), "pkey_mac_init"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_POLY1305_CTRL, 0), "poly1305_ctrl"},
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 39efff0..ee4a68f 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -48,18 +48,28 @@ void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx)
OPENSSL_free(ctx);
}
-int EVP_MAC_CTX_copy(EVP_MAC_CTX *dst, const EVP_MAC_CTX *src)
+EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src)
{
- EVP_MAC_IMPL *macdata;
+ EVP_MAC_CTX *dst;
- if (src->data != NULL && !dst->meth->copy(dst->data, src->data))
- return 0;
+ if (src->data == NULL)
+ return NULL;
+
+ dst = OPENSSL_malloc(sizeof(*dst));
+ if (dst == NULL) {
+ EVPerr(EVP_F_EVP_MAC_CTX_DUP, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
- macdata = dst->data;
*dst = *src;
- dst->data = macdata;
- return 1;
+ dst->data = src->meth->dup(src->data);
+ if (dst->data == NULL) {
+ EVP_MAC_CTX_free(dst);
+ return NULL;
+ }
+
+ return dst;
}
const EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx)
diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c
index fc627f1..fafe3c9 100644
--- a/crypto/evp/pkey_mac.c
+++ b/crypto/evp/pkey_mac.c
@@ -10,6 +10,7 @@
#include <openssl/err.h>
#include <openssl/evp.h>
#include "internal/evp_int.h"
+#include "evp_locl.h"
/* MAC PKEY context structure */
@@ -75,15 +76,25 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
{
MAC_PKEY_CTX *sctx, *dctx;
- if (!pkey_mac_init(dst))
+ sctx = EVP_PKEY_CTX_get_data(src);
+ if (sctx->ctx->data == NULL)
return 0;
- sctx = EVP_PKEY_CTX_get_data(src);
- dctx = EVP_PKEY_CTX_get_data(dst);
+ dctx = OPENSSL_zalloc(sizeof(*dctx));
+ if (dctx == NULL) {
+ EVPerr(EVP_F_PKEY_MAC_COPY, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
- if (!EVP_MAC_CTX_copy(dctx->ctx, sctx->ctx))
+ EVP_PKEY_CTX_set_data(dst, dctx);
+ dst->keygen_info_count = 0;
+
+ dctx->ctx = EVP_MAC_CTX_dup(sctx->ctx);
+ if (dctx->ctx == NULL)
goto err;
+ dctx->type = sctx->type;
+
switch (dctx->type) {
case MAC_TYPE_RAW:
dctx->raw_data.md = sctx->raw_data.md;
@@ -100,7 +111,7 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
}
return 1;
err:
- pkey_mac_cleanup (dst);
+ pkey_mac_cleanup(dst);
return 0;
}
@@ -141,14 +152,10 @@ static int pkey_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
break;
case MAC_TYPE_MAC:
{
- EVP_MAC_CTX *cmkey = EVP_MAC_CTX_new_id(nid);
+ EVP_MAC_CTX *cmkey = EVP_MAC_CTX_dup(hctx->ctx);
if (cmkey == NULL)
return 0;
- if (!EVP_MAC_CTX_copy(cmkey, hctx->ctx)) {
- EVP_MAC_CTX_free(cmkey);
- return 0;
- }
EVP_PKEY_assign(pkey, nid, cmkey);
}
break;
@@ -249,13 +256,18 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case MAC_TYPE_RAW:
hctx->raw_data.md = p2;
break;
- case MAC_TYPE_MAC:
- if (ctx->pkey != NULL
- && !EVP_MAC_CTX_copy(hctx->ctx,
- (EVP_MAC_CTX *)ctx->pkey->pkey.ptr))
- return 0;
- if (!EVP_MAC_init(hctx->ctx))
- return 0;
+ case MAC_TYPE_MAC: {
+ EVP_MAC_CTX *new_mac_ctx;
+
+ if (ctx->pkey == NULL)
+ return 0;
+ new_mac_ctx = EVP_MAC_CTX_dup((EVP_MAC_CTX *)ctx->pkey
+ ->pkey.ptr);
+ if (new_mac_ctx == NULL)
+ return 0;
+ EVP_MAC_CTX_free(hctx->ctx);
+ hctx->ctx = new_mac_ctx;
+ }
break;
default:
/* This should be dead code */
diff --git a/crypto/gmac/gmac.c b/crypto/gmac/gmac.c
index 5e3891f..0e2eda3 100644
--- a/crypto/gmac/gmac.c
+++ b/crypto/gmac/gmac.c
@@ -39,11 +39,23 @@ static EVP_MAC_IMPL *gmac_new(void)
return gctx;
}
-static int gmac_copy(EVP_MAC_IMPL *gdst, EVP_MAC_IMPL *gsrc)
+static EVP_MAC_IMPL *gmac_dup(const EVP_MAC_IMPL *gsrc)
{
+ EVP_MAC_IMPL *gdst;
+
+ gdst = gmac_new();
+ if (gdst == NULL)
+ return NULL;
+
+ if (!EVP_CIPHER_CTX_copy(gdst->ctx, gsrc->ctx)) {
+ gmac_free(gdst);
+ return NULL;
+ }
+
gdst->cipher = gsrc->cipher;
gdst->engine = gsrc->engine;
- return EVP_CIPHER_CTX_copy(gdst->ctx, gsrc->ctx);
+
+ return gdst;
}
static size_t gmac_size(EVP_MAC_IMPL *gctx)
@@ -172,7 +184,7 @@ static int gmac_ctrl_str(EVP_MAC_IMPL *gctx, const char *type,
const EVP_MAC gmac_meth = {
EVP_MAC_GMAC,
gmac_new,
- gmac_copy,
+ gmac_dup,
gmac_free,
gmac_size,
gmac_init,
diff --git a/crypto/hmac/hm_meth.c b/crypto/hmac/hm_meth.c
index 705bf7f..db9af95 100644
--- a/crypto/hmac/hm_meth.c
+++ b/crypto/hmac/hm_meth.c
@@ -45,14 +45,23 @@ static void hmac_free(EVP_MAC_IMPL *hctx)
}
}
-static int hmac_copy(EVP_MAC_IMPL *hdst, EVP_MAC_IMPL *hsrc)
+static EVP_MAC_IMPL *hmac_dup(const EVP_MAC_IMPL *hsrc)
{
- if (!HMAC_CTX_copy(hdst->ctx, hsrc->ctx))
- return 0;
+ EVP_MAC_IMPL *hdst;
+
+ hdst = hmac_new();
+ if (hdst == NULL)
+ return NULL;
+
+ if (!HMAC_CTX_copy(hdst->ctx, hsrc->ctx)) {
+ hmac_free(hdst);
+ return NULL;
+ }
hdst->tmpengine = hsrc->tmpengine;
hdst->tmpmd = hsrc->tmpmd;
- return 1;
+
+ return hdst;
}
static size_t hmac_size(EVP_MAC_IMPL *hctx)
@@ -162,7 +171,7 @@ static int hmac_ctrl_str(EVP_MAC_IMPL *hctx, const char *type,
const EVP_MAC hmac_meth = {
EVP_MAC_HMAC,
hmac_new,
- hmac_copy,
+ hmac_dup,
hmac_free,
hmac_size,
hmac_init,
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
index 77684b2..183fc42 100644
--- a/crypto/include/internal/evp_int.h
+++ b/crypto/include/internal/evp_int.h
@@ -118,7 +118,7 @@ typedef struct evp_mac_impl_st EVP_MAC_IMPL;
struct evp_mac_st {
int type;
EVP_MAC_IMPL *(*new) (void);
- int (*copy) (EVP_MAC_IMPL *macdst, EVP_MAC_IMPL *macsrc);
+ EVP_MAC_IMPL *(*dup) (const EVP_MAC_IMPL *macsrc);
void (*free) (EVP_MAC_IMPL *macctx);
size_t (*size) (EVP_MAC_IMPL *macctx);
int (*init) (EVP_MAC_IMPL *macctx);
diff --git a/crypto/kdf/sskdf.c b/crypto/kdf/sskdf.c
index 92bf995..31a1c10 100644
--- a/crypto/kdf/sskdf.c
+++ b/crypto/kdf/sskdf.c
@@ -202,9 +202,8 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
|| derived_key_len == 0)
return 0;
- ctx = EVP_MAC_CTX_new(kdf_mac);
ctx_init = EVP_MAC_CTX_new(kdf_mac);
- if (ctx == NULL || ctx_init == NULL)
+ if (ctx_init == NULL)
goto end;
if (hmac_md != NULL &&
EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_MD, hmac_md) <= 0)
@@ -233,7 +232,8 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
c[2] = (unsigned char)((counter >> 8) & 0xff);
c[3] = (unsigned char)(counter & 0xff);
- if (!(EVP_MAC_CTX_copy(ctx, ctx_init)
+ ctx = EVP_MAC_CTX_dup(ctx_init);
+ if (!(ctx != NULL
&& EVP_MAC_update(ctx, c, sizeof(c))
&& EVP_MAC_update(ctx, z, z_len)
&& EVP_MAC_update(ctx, info, info_len)))
@@ -251,6 +251,8 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
memcpy(out, mac, len);
break;
}
+ EVP_MAC_CTX_free(ctx);
+ ctx = NULL;
}
ret = 1;
end:
diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c
index c39cf20..b14ae6f 100644
--- a/crypto/kdf/tls1_prf.c
+++ b/crypto/kdf/tls1_prf.c
@@ -237,10 +237,8 @@ static int tls1_prf_P_hash(const EVP_MD *md,
size_t Ai_len;
int ret = 0;
- ctx = EVP_MAC_CTX_new_id(EVP_MAC_HMAC);
- ctx_Ai = EVP_MAC_CTX_new_id(EVP_MAC_HMAC);
ctx_init = EVP_MAC_CTX_new_id(EVP_MAC_HMAC);
- if (ctx == NULL || ctx_Ai == NULL || ctx_init == NULL)
+ if (ctx_init == NULL)
goto err;
if (EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_FLAGS, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) != 1)
goto err;
@@ -254,7 +252,8 @@ static int tls1_prf_P_hash(const EVP_MD *md,
if (chunk == 0)
goto err;
/* A(0) = seed */
- if (!EVP_MAC_CTX_copy(ctx_Ai, ctx_init))
+ ctx_Ai = EVP_MAC_CTX_dup(ctx_init);
+ if (ctx_Ai == NULL)
goto err;
if (seed != NULL && !EVP_MAC_update(ctx_Ai, seed, seed_len))
goto err;
@@ -263,15 +262,21 @@ static int tls1_prf_P_hash(const EVP_MD *md,
/* calc: A(i) = HMAC_<hash>(secret, A(i-1)) */
if (!EVP_MAC_final(ctx_Ai, Ai, &Ai_len))
goto err;
+ EVP_MAC_CTX_free(ctx_Ai);
+ ctx_Ai = NULL;
/* calc next chunk: HMAC_<hash>(secret, A(i) + seed) */
- if (!EVP_MAC_CTX_copy(ctx, ctx_init))
+ ctx = EVP_MAC_CTX_dup(ctx_init);
+ if (ctx == NULL)
goto err;
if (!EVP_MAC_update(ctx, Ai, Ai_len))
goto err;
/* save state for calculating next A(i) value */
- if (olen > chunk && !EVP_MAC_CTX_copy(ctx_Ai, ctx))
- goto err;
+ if (olen > chunk) {
+ ctx_Ai = EVP_MAC_CTX_dup(ctx);
+ if (ctx_Ai == NULL)
+ goto err;
+ }
if (seed != NULL && !EVP_MAC_update(ctx, seed, seed_len))
goto err;
if (olen <= chunk) {
@@ -283,6 +288,8 @@ static int tls1_prf_P_hash(const EVP_MD *md,
}
if (!EVP_MAC_final(ctx, out, NULL))
goto err;
+ EVP_MAC_CTX_free(ctx);
+ ctx = NULL;
out += chunk;
olen -= chunk;
}
diff --git a/crypto/kmac/kmac.c b/crypto/kmac/kmac.c
index 76e75c1..69c334c 100644
--- a/crypto/kmac/kmac.c
+++ b/crypto/kmac/kmac.c
@@ -147,8 +147,19 @@ static EVP_MAC_IMPL *kmac256_new(void)
return kmac_new(evp_keccak_kmac256());
}
-static int kmac_copy(EVP_MAC_IMPL *gdst, EVP_MAC_IMPL *gsrc)
+static EVP_MAC_IMPL *kmac_dup(const EVP_MAC_IMPL *gsrc)
{
+ EVP_MAC_IMPL *gdst;
+
+ gdst = kmac_new(gsrc->md);
+ if (gdst == NULL)
+ return NULL;
+
+ if (!EVP_MD_CTX_copy(gdst->ctx, gsrc->ctx)) {
+ kmac_free(gdst);
+ return NULL;
+ }
+
gdst->md = gsrc->md;
gdst->out_len = gsrc->out_len;
gdst->key_len = gsrc->key_len;
@@ -157,7 +168,7 @@ static int kmac_copy(EVP_MAC_IMPL *gdst, EVP_MAC_IMPL *gsrc)
memcpy(gdst->key, gsrc->key, gsrc->key_len);
memcpy(gdst->custom, gsrc->custom, gdst->custom_len);
- return EVP_MD_CTX_copy(gdst->ctx, gsrc->ctx);
+ return gdst;
}
/*
@@ -444,7 +455,7 @@ static int kmac_bytepad_encode_key(unsigned char *out, int *out_len,
const EVP_MAC kmac128_meth = {
EVP_MAC_KMAC128,
kmac128_new,
- kmac_copy,
+ kmac_dup,
kmac_free,
kmac_size,
kmac_init,
@@ -457,7 +468,7 @@ const EVP_MAC kmac128_meth = {
const EVP_MAC kmac256_meth = {
EVP_MAC_KMAC256,
kmac256_new,
- kmac_copy,
+ kmac_dup,
kmac_free,
kmac_size,
kmac_init,
diff --git a/crypto/modes/modes_lcl.h b/crypto/modes/modes_lcl.h
index aed79ff..d4ce462 100644
--- a/crypto/modes/modes_lcl.h
+++ b/crypto/modes/modes_lcl.h
@@ -213,7 +213,6 @@ struct siv128_context {
SIV_BLOCK tag;
EVP_CIPHER_CTX *cipher_ctx;
EVP_MAC_CTX *mac_ctx_init;
- EVP_MAC_CTX *mac_ctx;
int final_ret;
int crypto_ok;
};
diff --git a/crypto/modes/siv128.c b/crypto/modes/siv128.c
index f812d0a..9bb5eea 100644
--- a/crypto/modes/siv128.c
+++ b/crypto/modes/siv128.c
@@ -92,30 +92,38 @@ __owur static ossl_inline int siv128_do_s2v_p(SIV128_CONTEXT *ctx, SIV_BLOCK *ou
{
SIV_BLOCK t;
size_t out_len = sizeof(out->byte);
+ EVP_MAC_CTX *mac_ctx;
+ int ret = 0;
- if (!EVP_MAC_CTX_copy(ctx->mac_ctx, ctx->mac_ctx_init))
+ mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init);
+ if (mac_ctx == NULL)
return 0;
if (len >= SIV_LEN) {
- if (!EVP_MAC_update(ctx->mac_ctx, in, len - SIV_LEN))
- return 0;
+ if (!EVP_MAC_update(mac_ctx, in, len - SIV_LEN))
+ goto err;
memcpy(&t, in + (len-SIV_LEN), SIV_LEN);
siv128_xorblock(&t, &ctx->d);
- if (!EVP_MAC_update(ctx->mac_ctx, t.byte, SIV_LEN))
- return 0;
+ if (!EVP_MAC_update(mac_ctx, t.byte, SIV_LEN))
+ goto err;
} else {
memset(&t, 0, sizeof(t));
memcpy(&t, in, len);
t.byte[len] = 0x80;
siv128_dbl(&ctx->d);
siv128_xorblock(&t, &ctx->d);
- if (!EVP_MAC_update(ctx->mac_ctx, t.byte, SIV_LEN))
- return 0;
+ if (!EVP_MAC_update(mac_ctx, t.byte, SIV_LEN))
+ goto err;
}
- if (!EVP_MAC_final(ctx->mac_ctx, out->byte, &out_len)
+ if (!EVP_MAC_final(mac_ctx, out->byte, &out_len)
|| out_len != SIV_LEN)
- return 0;
- return 1;
+ goto err;
+
+ ret = 1;
+
+err:
+ EVP_MAC_CTX_free(mac_ctx);
+ return ret;
}
@@ -156,27 +164,27 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
{
static const unsigned char zero[SIV_LEN] = { 0 };
size_t out_len = SIV_LEN;
+ EVP_MAC_CTX *mac_ctx = NULL;
memset(&ctx->d, 0, sizeof(ctx->d));
ctx->cipher_ctx = NULL;
- ctx->mac_ctx = NULL;
ctx->mac_ctx_init = NULL;
if (key == NULL || cbc == NULL || ctr == NULL
|| (ctx->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL
|| (ctx->mac_ctx_init = EVP_MAC_CTX_new_id(EVP_MAC_CMAC)) == NULL
- || (ctx->mac_ctx = EVP_MAC_CTX_new_id(EVP_MAC_CMAC)) == NULL
|| EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_CIPHER, cbc) <= 0
|| EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_KEY, key, klen) <= 0
|| !EVP_EncryptInit_ex(ctx->cipher_ctx, ctr, NULL, key + klen, NULL)
- || !EVP_MAC_CTX_copy(ctx->mac_ctx, ctx->mac_ctx_init)
- || !EVP_MAC_update(ctx->mac_ctx, zero, sizeof(zero))
- || !EVP_MAC_final(ctx->mac_ctx, ctx->d.byte, &out_len)) {
+ || (mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init)) == NULL
+ || !EVP_MAC_update(mac_ctx, zero, sizeof(zero))
+ || !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len)) {
EVP_CIPHER_CTX_free(ctx->cipher_ctx);
EVP_MAC_CTX_free(ctx->mac_ctx_init);
- EVP_MAC_CTX_free(ctx->mac_ctx);
+ EVP_MAC_CTX_free(mac_ctx);
return 0;
}
+ EVP_MAC_CTX_free(mac_ctx);
ctx->final_ret = -1;
ctx->crypto_ok = 1;
@@ -192,9 +200,10 @@ int CRYPTO_siv128_copy_ctx(SIV128_CONTEXT *dest, SIV128_CONTEXT *src)
memcpy(&dest->d, &src->d, sizeof(src->d));
if (!EVP_CIPHER_CTX_copy(dest->cipher_ctx, src->cipher_ctx))
return 0;
- if (!EVP_MAC_CTX_copy(dest->mac_ctx_init, src->mac_ctx_init))
+ EVP_MAC_CTX_free(dest->mac_ctx_init);
+ dest->mac_ctx_init = EVP_MAC_CTX_dup(src->mac_ctx_init);
+ if (dest->mac_ctx_init == NULL)
return 0;
- /* no need to copy mac_ctx since it's temp storage */
return 1;
}
@@ -208,19 +217,23 @@ int CRYPTO_siv128_aad(SIV128_CONTEXT *ctx, const unsigned char *aad,
{
SIV_BLOCK mac_out;
size_t out_len = SIV_LEN;
+ EVP_MAC_CTX *mac_ctx;
siv128_dbl(&ctx->d);
- if (!EVP_MAC_CTX_copy(ctx->mac_ctx, ctx->mac_ctx_init)
- || !EVP_MAC_update(ctx->mac_ctx, aad, len)
- || !EVP_MAC_final(ctx->mac_ctx, mac_out.byte, &out_len)
- || out_len != SIV_LEN)
+ mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init);
+ if (mac_ctx == NULL
+ || !EVP_MAC_update(mac_ctx, aad, len)
+ || !EVP_MAC_final(mac_ctx, mac_out.byte, &out_len)
+ || out_len != SIV_LEN) {
+ EVP_MAC_CTX_free(mac_ctx);
return 0;
+ }
+ EVP_MAC_CTX_free(mac_ctx);
siv128_xorblock(&ctx->d, &mac_out);
return 1;
-
}
/*
@@ -330,8 +343,6 @@ int CRYPTO_siv128_cleanup(SIV128_CONTEXT *ctx)
ctx->cipher_ctx = NULL;
EVP_MAC_CTX_free(ctx->mac_ctx_init);
ctx->mac_ctx_init = NULL;
- EVP_MAC_CTX_free(ctx->mac_ctx);
- ctx->mac_ctx = NULL;
OPENSSL_cleanse(&ctx->d, sizeof(ctx->d));
OPENSSL_cleanse(&ctx->tag, sizeof(ctx->tag));
ctx->final_ret = -1;
diff --git a/crypto/poly1305/poly1305_meth.c b/crypto/poly1305/poly1305_meth.c
index 9248d46..f1ade58 100644
--- a/crypto/poly1305/poly1305_meth.c
+++ b/crypto/poly1305/poly1305_meth.c
@@ -37,11 +37,17 @@ static void poly1305_free(EVP_MAC_IMPL *ctx)
}
}
-static int poly1305_copy(EVP_MAC_IMPL *dst, EVP_MAC_IMPL *src)
+static EVP_MAC_IMPL *poly1305_dup(const EVP_MAC_IMPL *src)
{
+ EVP_MAC_IMPL *dst;
+
+ dst = poly1305_new();
+ if (dst == NULL)
+ return NULL;
+
*dst->ctx = *src->ctx;
- return 1;
+ return dst;
}
static size_t poly1305_size(EVP_MAC_IMPL *ctx)
@@ -130,7 +136,7 @@ static int poly1305_ctrl_str(EVP_MAC_IMPL *ctx,
const EVP_MAC poly1305_meth = {
EVP_MAC_POLY1305,
poly1305_new,
- poly1305_copy,
+ poly1305_dup,
poly1305_free,
poly1305_size,
poly1305_init,
diff --git a/crypto/siphash/siphash_meth.c b/crypto/siphash/siphash_meth.c
index 37cb286..5fcff2d 100644
--- a/crypto/siphash/siphash_meth.c
+++ b/crypto/siphash/siphash_meth.c
@@ -31,10 +31,17 @@ static void siphash_free(EVP_MAC_IMPL *sctx)
OPENSSL_free(sctx);
}
-static int siphash_copy(EVP_MAC_IMPL *sdst, EVP_MAC_IMPL *ssrc)
+static EVP_MAC_IMPL *siphash_dup(const EVP_MAC_IMPL *ssrc)
{
+ EVP_MAC_IMPL *sdst;
+
+ sdst = siphash_new();
+ if (sdst == NULL)
+ return NULL;
+
*sdst = *ssrc;
- return 1;
+
+ return sdst;
}
static size_t siphash_size(EVP_MAC_IMPL *sctx)
@@ -128,7 +135,7 @@ static int siphash_ctrl_str(EVP_MAC_IMPL *ctx,
const EVP_MAC siphash_meth = {
EVP_MAC_SIPHASH,
siphash_new,
- siphash_copy,
+ siphash_dup,
siphash_free,
siphash_size,
siphash_init,
diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index a55d8db..01ad6ed 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -3,7 +3,7 @@
=head1 NAME
EVP_MAC, EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_new_id, EVP_MAC_CTX_free,
-EVP_MAC_CTX_copy, EVP_MAC_CTX_mac, EVP_MAC_size, EVP_MAC_init, EVP_MAC_update,
+EVP_MAC_CTX_dup, EVP_MAC_CTX_mac, EVP_MAC_size, EVP_MAC_init, EVP_MAC_update,
EVP_MAC_final, EVP_MAC_ctrl, EVP_MAC_vctrl, EVP_MAC_ctrl_str,
EVP_MAC_str2ctrl, EVP_MAC_hex2ctrl, EVP_MAC_nid, EVP_MAC_name,
EVP_get_macbyname, EVP_get_macbynid, EVP_get_macbyobj - EVP MAC routines
@@ -18,7 +18,7 @@ EVP_get_macbyname, EVP_get_macbynid, EVP_get_macbyobj - EVP MAC routines
EVP_MAC_CTX *EVP_MAC_CTX_new(const EVP_MAC *mac);
EVP_MAC_CTX *EVP_MAC_CTX_new_id(int nid);
void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
- int EVP_MAC_CTX_copy(EVP_MAC_CTX *dest, EVP_MAC_CTX *src);
+ EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
const EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx);
size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
int EVP_MAC_init(EVP_MAC_CTX *ctx);
@@ -72,10 +72,8 @@ EVP_MAC_CTX_free() frees the contents of the context, including an
underlying context if there is one, as well as the context itself.
B<NULL> is a valid parameter, for which this function is a no-op.
-EVP_MAC_CTX_copy() makes a deep copy of the C<src> context to the
-C<dest> context.
-The C<dest> context I<must> have been created before calling this
-function.
+EVP_MAC_CTX_dup() duplicates the C<src> context and returns a newly allocated
+context.
EVP_MAC_CTX_mac() returns the B<EVP_MAC> associated with the context
C<ctx>.
@@ -231,13 +229,12 @@ implemented as a macro.
=head1 RETURN VALUES
-EVP_MAC_CTX_new() and EVP_MAC_CTX_new_id() return a pointer to a newly
-created EVP_MAC_CTX, or NULL if allocation failed.
+EVP_MAC_CTX_new(), EVP_MAC_CTX_new_id() and EVP_MAC_CTX_dup() return a pointer
+to a newly created EVP_MAC_CTX, or NULL if allocation failed.
EVP_MAC_CTX_free() returns nothing at all.
-EVP_MAC_CTX_copy(), EVP_MAC_init(), EVP_MAC_update(),
-and EVP_MAC_final() return 1 on success, 0 on error.
+EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0 on error.
EVP_MAC_ctrl(), EVP_MAC_ctrl_str(), EVP_MAC_str2ctrl() and
EVP_MAC_hex2ctrl() return 1 on success and 0 or a negative value on
@@ -359,6 +356,10 @@ L<EVP_MAC_KMAC(7)>,
L<EVP_MAC_SIPHASH(7)>,
L<EVP_MAC_POLY1305(7)>
+=head1 HISTORY
+
+These functions were added in OpenSSL 3.0.0.
+
=head1 COPYRIGHT
Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index a2af3fc..afdd17c 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1014,7 +1014,7 @@ void EVP_MD_do_all_sorted(void (*fn)
EVP_MAC_CTX *EVP_MAC_CTX_new(const EVP_MAC *mac);
EVP_MAC_CTX *EVP_MAC_CTX_new_id(int nid);
void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
-int EVP_MAC_CTX_copy(EVP_MAC_CTX *dest, const EVP_MAC_CTX *src);
+EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
const EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx);
size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
int EVP_MAC_init(EVP_MAC_CTX *ctx);
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index 3aa9792..9810a1e 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -74,7 +74,7 @@ int ERR_load_EVP_strings(void);
# define EVP_F_EVP_KDF_CTX_NEW_ID 226
# define EVP_F_EVP_MAC_CTRL 209
# define EVP_F_EVP_MAC_CTRL_STR 210
-# define EVP_F_EVP_MAC_CTX_COPY 211
+# define EVP_F_EVP_MAC_CTX_DUP 211
# define EVP_F_EVP_MAC_CTX_NEW 213
# define EVP_F_EVP_MAC_INIT 212
# define EVP_F_EVP_MD_BLOCK_SIZE 232
@@ -145,6 +145,7 @@ int ERR_load_EVP_strings(void);
# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
# define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN 180
# define EVP_F_PKEY_KDF_CTRL 227
+# define EVP_F_PKEY_MAC_COPY 241
# define EVP_F_PKEY_MAC_INIT 214
# define EVP_F_PKEY_SET_TYPE 158
# define EVP_F_POLY1305_CTRL 216
diff --git a/util/libcrypto.num b/util/libcrypto.num
index da0af1c..28b6bb9 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4578,7 +4578,7 @@ EVP_PKEY_meth_get_digest_custom 4533 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_new 4534 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_new_id 4535 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_free 4536 3_0_0 EXIST::FUNCTION:
-EVP_MAC_CTX_copy 4537 3_0_0 EXIST::FUNCTION:
+EVP_MAC_CTX_dup 4537 3_0_0 EXIST::FUNCTION:
EVP_MAC_CTX_mac 4538 3_0_0 EXIST::FUNCTION:
EVP_MAC_size 4539 3_0_0 EXIST::FUNCTION:
EVP_MAC_init 4540 3_0_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list