[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Wed Jan 29 09:50:42 UTC 2020
The branch master has been updated
via a76ce2862bc6ae2cf8a749c8747d371041fc42d1 (commit)
via dbde4726889a19af0a718fe9c5542f39c81acbd3 (commit)
via fd4d283e7527cb711a4ff42d5ddcbc40828077f5 (commit)
via a6d572e60120e0ffb42aece17a085f0fed1b8f6f (commit)
via 70a7685a3282d0501ab10b1556296ab7973a852e (commit)
from e56ba0e1229d3eacb443fa4935a4da7701dfb1f3 (commit)
- Log -----------------------------------------------------------------
commit a76ce2862bc6ae2cf8a749c8747d371041fc42d1
Author: Pauli <paul.dale at oracle.com>
Date: Fri Jan 24 10:41:38 2020 +1000
TLS: use EVP for HMAC throughout libssl.
Backwards compatibility with the old ticket key call back is maintained.
This will be removed when the low level HMAC APIs are finally removed.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
commit dbde4726889a19af0a718fe9c5542f39c81acbd3
Author: Pauli <paul.dale at oracle.com>
Date: Tue Jan 14 12:11:50 2020 +1000
Deprecate the low level HMAC functions
Use of the low level HMAC functions has been informally discouraged for a
long time. We now formally deprecate them.
Applications should instead use EVP_MAC_CTX_new(3), EVP_MAC_CTX_free(3),
EVP_MAC_init(3), EVP_MAC_update(3) and EVP_MAC_final(3).
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
commit fd4d283e7527cb711a4ff42d5ddcbc40828077f5
Author: Pauli <paul.dale at oracle.com>
Date: Tue Jan 14 10:49:28 2020 +1000
hmac: preprocessor indentation fixes
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
commit a6d572e60120e0ffb42aece17a085f0fed1b8f6f
Author: Pauli <paul.dale at oracle.com>
Date: Tue Jan 14 10:59:11 2020 +1000
Deprecate the low level CMAC functions
Use of the low level CMAC functions has been informally discouraged for a
long time. We now formally deprecate them.
Applications should instead use EVP_MAC_CTX_new(3), EVP_MAC_CTX_free(3),
EVP_MAC_init(3), EVP_MAC_update(3) and EVP_MAC_final(3).
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
commit 70a7685a3282d0501ab10b1556296ab7973a852e
Author: Pauli <paul.dale at oracle.com>
Date: Tue Jan 14 10:48:48 2020 +1000
cmac: preprocessor indentation fixes
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10836)
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 24 ++++
apps/lib/s_cb.c | 45 +++++++-
apps/speed.c | 30 ++++-
crypto/cmac/cm_ameth.c | 6 +
crypto/cmac/cmac.c | 6 +
crypto/hmac/hm_ameth.c | 6 +
crypto/hmac/hmac.c | 6 +
crypto/pkcs12/p12_mutl.c | 6 +
crypto/rand/drbg_hmac.c | 6 +
doc/man3/HMAC.pod | 10 ++
doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod | 67 +++++++++--
include/openssl/cmac.h | 39 ++++---
include/openssl/hmac.h | 49 ++++----
include/openssl/ssl.h | 4 +-
include/openssl/tls1.h | 7 +-
providers/implementations/kdfs/hkdf.c | 6 +
providers/implementations/kdfs/pbkdf2.c | 6 +
providers/implementations/macs/cmac_prov.c | 6 +
providers/implementations/macs/hmac_prov.c | 6 +
ssl/s3_lib.c | 10 ++
ssl/ssl_local.h | 32 ++++++
ssl/statem/statem_srvr.c | 47 +++++---
ssl/t1_lib.c | 160 ++++++++++++++++++++++++--
test/bad_dtls_test.c | 34 ++++--
test/build.info | 11 +-
test/handshake_helper.c | 14 ++-
test/hmactest.c | 6 +
test/sslapitest.c | 68 +++++++++--
util/libcrypto.num | 40 +++----
util/libssl.num | 1 +
30 files changed, 610 insertions(+), 148 deletions(-)
diff --git a/CHANGES b/CHANGES
index d64163d4e0..b002df633c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -21,6 +21,29 @@
as well as words of caution.
[Richard Levitte]
+ *) The SSL_CTX_set_tlsext_ticket_key_cb(3) function has been deprecated.
+ Instead used the new SSL_CTX_set_tlsext_ticket_key_evp_cb(3) function.
+ [Paul Dale]
+
+ *) All of the low level HMAC functions have been deprecated including:
+ HMAC, HMAC_size, HMAC_CTX_new, HMAC_CTX_reset, HMAC_CTX_free,
+ HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_copy, HMAC_CTX_set_flags
+ and HMAC_CTX_get_md.
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
+ L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
+ and L<EVP_MAC_final(3)>.
+ [Paul Dale]
+
+ *) All of the low level CMAC functions have been deprecated including:
+ CMAC_CTX_new, CMAC_CTX_cleanup, CMAC_CTX_free, CMAC_CTX_get0_cipher_ctx,
+ CMAC_CTX_copy, CMAC_Init, CMAC_Update, CMAC_Final and CMAC_resume.
+ Use of these low level functions has been informally discouraged for a long
+ time. Instead applications should use L<EVP_MAC_CTX_new(3)>,
+ L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>, L<EVP_MAC_update(3)>
+ and L<EVP_MAC_final(3)>.
+ [Paul Dale]
+
*) All of the low level MD2, MD4, MD5, MDC2, RIPEMD160, SHA1, SHA224, SHA256,
SHA384, SHA512 and Whirlpool digest functions have been deprecated.
These include:
@@ -35,6 +58,7 @@
SHA512, SHA512_Init, SHA512_Update, SHA512_Final, SHA512_Transform,
WHIRLPOOL, WHIRLPOOL_Init, WHIRLPOOL_Update, WHIRLPOOL_BitUpdate
and WHIRLPOOL_Final.
+
Use of these low level functions has been informally discouraged for a long
time. Instead applications should instead use the EVP_DigestInit_ex,
EVP_DigestUpdate(3) and EVP_DigestFinal_ex(3) functions.
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index 7b81d60fe7..42a82ca33c 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -12,6 +12,8 @@
#include <stdlib.h>
#include <string.h> /* for memcpy() and strcmp() */
#include "apps.h"
+#include <openssl/core_names.h>
+#include <openssl/params.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/x509.h>
@@ -729,10 +731,14 @@ void tlsext_cb(SSL *s, int client_server, int type,
int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
unsigned int *cookie_len)
{
- unsigned char *buffer;
+ unsigned char *buffer = NULL;
size_t length = 0;
unsigned short port;
BIO_ADDR *lpeer = NULL, *peer = NULL;
+ int res = 0;
+ EVP_MAC *hmac = NULL;
+ EVP_MAC_CTX *ctx = NULL;
+ OSSL_PARAM params[3], *p = params;
/* Initialize a random secret */
if (!cookie_initialized) {
@@ -770,13 +776,42 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
BIO_ADDR_rawaddress(peer, buffer + sizeof(port), NULL);
/* Calculate HMAC of buffer using the secret */
- HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
- buffer, length, cookie, cookie_len);
-
+ hmac = EVP_MAC_fetch(NULL, "HMAC", NULL);
+ if (hmac == NULL) {
+ BIO_printf(bio_err, "HMAC not found\n");
+ goto end;
+ }
+ ctx = EVP_MAC_CTX_new(hmac);
+ if (ctx == NULL) {
+ BIO_printf(bio_err, "HMAC context allocation failed\n");
+ goto end;
+ }
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "SHA1", 0);
+ *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, cookie_secret,
+ COOKIE_SECRET_LENGTH);
+ *p = OSSL_PARAM_construct_end();
+ if (!EVP_MAC_CTX_set_params(ctx, params)) {
+ BIO_printf(bio_err, "HMAC context parameter setting failed\n");
+ goto end;
+ }
+ if (!EVP_MAC_init(ctx)) {
+ BIO_printf(bio_err, "HMAC context initialisation failed\n");
+ goto end;
+ }
+ if (!EVP_MAC_update(ctx, buffer, length)) {
+ BIO_printf(bio_err, "HMAC context update failed\n");
+ goto end;
+ }
+ if (!EVP_MAC_final(ctx, cookie, NULL, (size_t)cookie_len)) {
+ BIO_printf(bio_err, "HMAC context final failed\n");
+ goto end;
+ }
+ res = 1;
+end:
OPENSSL_free(buffer);
BIO_ADDR_free(lpeer);
- return 1;
+ return res;
}
int verify_cookie_callback(SSL *ssl, const unsigned char *cookie,
diff --git a/apps/speed.c b/apps/speed.c
index 86cb9ff151..a978bdf17a 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -279,8 +279,10 @@ const OPTIONS speed_options[] = {
OPT_SECTION("Selection"),
{"evp", OPT_EVP, 's', "Use EVP-named cipher or digest"},
+#ifndef OPENSSL_NO_DEPRECATED_3_0
{"hmac", OPT_HMAC, 's', "HMAC using EVP-named digest"},
-#ifndef OPENSSL_NO_CMAC
+#endif
+#if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
{"cmac", OPT_CMAC, 's', "CMAC using EVP-named cipher"},
#endif
{"decrypt", OPT_DECRYPT, '-',
@@ -340,7 +342,9 @@ static const OPT_PAIR doit_choices[] = {
#endif
#if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_DEPRECATED_3_0)
{"md5", D_MD5},
+# ifndef OPENSSL_NO_DEPRECATED_3_0
{"hmac", D_HMAC},
+# endif
#endif
#ifndef OPENSSL_NO_DEPRECATED_3_0
{"sha1", D_SHA1},
@@ -558,8 +562,10 @@ typedef struct loopargs_st {
size_t outlen[EC_NUM];
#endif
EVP_CIPHER_CTX *ctx;
+#ifndef OPENSSL_NO_DEPRECATED_3_0
HMAC_CTX *hctx;
-#ifndef OPENSSL_NO_CMAC
+#endif
+#if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
CMAC_CTX *cmac_ctx;
#endif
GCM128_CONTEXT *gcm_ctx;
@@ -635,6 +641,7 @@ static int MD5_loop(void *args)
return count;
}
+# ifndef OPENSSL_NO_DEPRECATED_3_0
static int HMAC_loop(void *args)
{
loopargs_t *tempargs = *(loopargs_t **) args;
@@ -650,6 +657,7 @@ static int HMAC_loop(void *args)
}
return count;
}
+# endif
#endif
#ifndef OPENSSL_NO_DEPRECATED_3_0
@@ -970,6 +978,7 @@ static int EVP_Digest_loop(void *args)
return count;
}
+#ifndef OPENSSL_NO_DEPRECATED_3_0
static const EVP_MD *evp_hmac_md = NULL;
static char *evp_hmac_name = NULL;
static int EVP_HMAC_loop(void *args)
@@ -986,8 +995,9 @@ static int EVP_HMAC_loop(void *args)
}
return count;
}
+#endif
-#ifndef OPENSSL_NO_CMAC
+#if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
static const EVP_CIPHER *evp_cmac_cipher = NULL;
static char *evp_cmac_name = NULL;
@@ -1617,6 +1627,7 @@ int speed_main(int argc, char **argv)
doit[D_EVP] = 1;
break;
case OPT_HMAC:
+#ifndef OPENSSL_NO_DEPRECATED_3_0
evp_hmac_md = EVP_get_digestbyname(opt_arg());
if (evp_hmac_md == NULL) {
BIO_printf(bio_err, "%s: %s is an unknown digest\n",
@@ -1625,8 +1636,9 @@ int speed_main(int argc, char **argv)
}
doit[D_EVP_HMAC] = 1;
break;
+#endif
case OPT_CMAC:
-#ifndef OPENSSL_NO_CMAC
+#if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
evp_cmac_cipher = EVP_get_cipherbyname(opt_arg());
if (evp_cmac_cipher == NULL) {
BIO_printf(bio_err, "%s: %s is an unknown cipher\n",
@@ -2301,6 +2313,7 @@ int speed_main(int argc, char **argv)
}
}
+# ifndef OPENSSL_NO_DEPRECATED_3_0
if (doit[D_HMAC]) {
static const char hmac_key[] = "This is a key...";
int len = strlen(hmac_key);
@@ -2325,6 +2338,7 @@ int speed_main(int argc, char **argv)
for (i = 0; i < loopargs_len; i++)
HMAC_CTX_free(loopargs[i].hctx);
}
+# endif
#endif
#ifndef OPENSSL_NO_DEPRECATED_3_0
if (doit[D_SHA1]) {
@@ -2790,6 +2804,7 @@ int speed_main(int argc, char **argv)
}
}
+#ifndef OPENSSL_NO_DEPRECATED_3_0
if (doit[D_EVP_HMAC] && evp_hmac_md != NULL) {
const char *md_name = OBJ_nid2ln(EVP_MD_type(evp_hmac_md));
@@ -2807,8 +2822,9 @@ int speed_main(int argc, char **argv)
print_result(D_EVP_HMAC, testnum, count, d);
}
}
+#endif
-#ifndef OPENSSL_NO_CMAC
+#if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
if (doit[D_EVP_CMAC] && evp_cmac_cipher != NULL) {
const char *cipher_name = OBJ_nid2ln(EVP_CIPHER_type(evp_cmac_cipher));
@@ -3709,8 +3725,10 @@ int speed_main(int argc, char **argv)
OPENSSL_free(loopargs[i].secret_b);
#endif
}
+#ifndef OPENSSL_NO_DEPRECATED_3_0
OPENSSL_free(evp_hmac_name);
-#ifndef OPENSSL_NO_CMAC
+#endif
+#if !defined(OPENSSL_NO_CMAC) && !defined(OPENSSL_NO_DEPRECATED_3_0)
OPENSSL_free(evp_cmac_name);
#endif
diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c
index 9db2562157..d46cf07fac 100644
--- a/crypto/cmac/cm_ameth.c
+++ b/crypto/cmac/cm_ameth.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * CMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index ec12970cb2..b10c29c267 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * CMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c
index 9ecb786106..4893a10393 100644
--- a/crypto/hmac/hm_ameth.c
+++ b/crypto/hmac/hm_ameth.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index a94550a37a..37bd7e6726 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 10e1c5b0fa..43d572ca2e 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/crypto.h>
diff --git a/crypto/rand/drbg_hmac.c b/crypto/rand/drbg_hmac.c
index 3bda6c0d05..241619a295 100644
--- a/crypto/rand/drbg_hmac.c
+++ b/crypto/rand/drbg_hmac.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdlib.h>
#include <string.h>
#include <openssl/crypto.h>
diff --git a/doc/man3/HMAC.pod b/doc/man3/HMAC.pod
index 8b2e077bd6..54db3ad66d 100644
--- a/doc/man3/HMAC.pod
+++ b/doc/man3/HMAC.pod
@@ -20,6 +20,10 @@ HMAC_size
#include <openssl/hmac.h>
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
int key_len, const unsigned char *d, int n,
unsigned char *md, unsigned int *md_len);
@@ -49,6 +53,10 @@ L<openssl_user_macros(7)>:
=head1 DESCRIPTION
+All of the functions described on this page are deprecated. Applications should
+instead use L<EVP_MAC_CTX_new(3)>, L<EVP_MAC_CTX_free(3)>, L<EVP_MAC_init(3)>,
+L<EVP_MAC_update(3)> and L<EVP_MAC_final(3)>.
+
HMAC is a MAC (message authentication code), i.e. a keyed hash
function used for message authentication, which is based on a hash
function.
@@ -138,6 +146,8 @@ L<SHA1(3)>, L<evp(7)>
=head1 HISTORY
+All of these functions were deprecated in OpenSSL 3.0.
+
HMAC_CTX_init() was replaced with HMAC_CTX_reset() in OpenSSL 1.1.0.
HMAC_CTX_cleanup() existed in OpenSSL before version 1.1.0.
diff --git a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
index 88e70c5fa2..ae812097c5 100644
--- a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
+++ b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
@@ -2,20 +2,31 @@
=head1 NAME
-SSL_CTX_set_tlsext_ticket_key_cb - set a callback for session ticket processing
+SSL_CTX_set_tlsext_ticket_key_evp_cb,
+SSL_CTX_set_tlsext_ticket_key_cb
+- set a callback for session ticket processing
=head1 SYNOPSIS
#include <openssl/tls1.h>
- long SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx,
+ int SSL_CTX_set_tlsext_ticket_key_evp_cb(SSL_CTX sslctx,
+ int (*cb)(SSL *s, unsigned char key_name[16],
+ unsigned char iv[EVP_MAX_IV_LENGTH],
+ EVP_CIPHER_CTX *ctx, EVP_MAC_CTX *hctx, int enc));
+
+Deprecated since OpenSSL 3.0, can be hidden entirely by defining
+B<OPENSSL_API_COMPAT> with a suitable version value, see
+L<openssl_user_macros(7)>:
+
+ int SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx,
int (*cb)(SSL *s, unsigned char key_name[16],
unsigned char iv[EVP_MAX_IV_LENGTH],
EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc));
=head1 DESCRIPTION
-SSL_CTX_set_tlsext_ticket_key_cb() sets a callback function I<cb> for handling
+SSL_CTX_set_tlsext_ticket_key_evp_cb() sets a callback function I<cb> for handling
session tickets for the ssl context I<sslctx>. Session tickets, defined in
RFC5077 provide an enhanced session resumption capability where the server
implementation is not required to maintain per session state. It only applies
@@ -38,7 +49,8 @@ ticket information or it starts a full TLS handshake to create a new session
ticket.
Before the callback function is started I<ctx> and I<hctx> have been
-initialised with L<EVP_CIPHER_CTX_reset(3)> and L<HMAC_CTX_reset(3)> respectively.
+initialised with L<EVP_CIPHER_CTX_reset(3)> and L<EVP_MAC_CTX_new(3)>
+respectively.
For new sessions tickets, when the client doesn't present a session ticket, or
an attempted retrieval of the ticket failed, or a renew option was indicated,
@@ -53,8 +65,9 @@ maximum IV length is B<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>.
The initialization vector I<iv> should be a random value. The cipher context
I<ctx> should use the initialisation vector I<iv>. The cipher context can be
-set using L<EVP_EncryptInit_ex(3)>. The hmac context can be set using
-L<HMAC_Init_ex(3)>.
+set using L<EVP_EncryptInit_ex(3)>. The hmac context and digest can be set using
+L<EVP_MAC_CTX_set_params(3)> with the B<OSSL_MAC_PARAM_KEY> and
+B<OSSL_MAC_PARAM_DIGEST> parameters respectively.
When the client presents a session ticket, the callback function with be called
with I<enc> set to 0 indicating that the I<cb> function should retrieve a set
@@ -62,8 +75,9 @@ of parameters. In this case I<name> and I<iv> have already been parsed out of
the session ticket. The OpenSSL library expects that the I<name> will be used
to retrieve a cryptographic parameters and that the cryptographic context
I<ctx> will be set with the retrieved parameters and the initialization vector
-I<iv>. using a function like L<EVP_DecryptInit_ex(3)>. The I<hctx> needs to be
-set using L<HMAC_Init_ex(3)>.
+I<iv>. using a function like L<EVP_DecryptInit_ex(3)>. The key material and
+digest for I<hctx> need to be set using L<EVP_MAC_CTX_set_params(3)> with the
+B<OSSL_MAC_PARAM_KEY> and B<OSSL_MAC_PARAM_DIGEST> parameters respectively.
If the I<name> is still valid but a renewal of the ticket is required the
callback function should return 2. The library will call the callback again
@@ -102,6 +116,14 @@ This indicates an error.
=back
+The SSL_CTX_set_tlsext_ticket_key_cb() function is identical to
+SSL_CTX_set_tlsext_ticket_key_evp_cb() except that it takes a deprecated
+HMAC_CTX pointer instead of an EVP_MAC_CTX one.
+Before this callback function is started I<hctx> will have been
+initialised with L<EVP_MAC_CTX_new(3)> and the digest set with
+L<EVP_MAC_CTX_set_params(3)>.
+The I<hctx> key material can be set using L<HMAC_Init_ex(3)>.
+
=head1 NOTES
Session resumption shortcuts the TLS so that the client certificate
@@ -129,13 +151,15 @@ returns 0 to indicate the callback function was set.
Reference Implementation:
- SSL_CTX_set_tlsext_ticket_key_cb(SSL, ssl_tlsext_ticket_key_cb);
+ SSL_CTX_set_tlsext_ticket_key_evp_cb(SSL, ssl_tlsext_ticket_key_cb);
...
static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16],
unsigned char *iv, EVP_CIPHER_CTX *ctx,
- HMAC_CTX *hctx, int enc)
+ EVP_MAC_CTX *hctx, int enc)
{
+ OSSL_PARAM params[3];
+
if (enc) { /* create new session */
if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) <= 0)
return -1; /* insufficient random */
@@ -155,7 +179,13 @@ Reference Implementation:
memcpy(key_name, key->name, 16);
EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
- HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+
+ params[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+ key->hmac_key, 16);
+ params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+ "sha256", 0);
+ params[2] = OSSL_PARAM_construct_end();
+ EVP_MAC_CTX_set_params(hctx, params);
return 1;
@@ -165,7 +195,13 @@ Reference Implementation:
if (key == NULL || key->expire < now())
return 0;
- HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+ params[0] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
+ key->hmac_key, 16);
+ params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+ "sha256", 0);
+ params[2] = OSSL_PARAM_construct_end();
+ EVP_MAC_CTX_set_params(hctx, params);
+
EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
if (key->expire < now() - RENEW_TIME) {
@@ -188,6 +224,13 @@ L<SSL_CTX_sess_number(3)>,
L<SSL_CTX_sess_set_get_cb(3)>,
L<SSL_CTX_set_session_id_context(3)>,
+=head1 HISTORY
+
+The SSL_CTX_set_tlsext_ticket_key_cb() function was deprecated in OpenSSL 3.0.
+
+The SSL_CTX_set_tlsext_ticket_key_evp_cb() function was introduced in
+OpenSSL 3.0.
+
=head1 COPYRIGHT
Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/cmac.h b/include/openssl/cmac.h
index e2b49a0574..2f43eced3c 100644
--- a/include/openssl/cmac.h
+++ b/include/openssl/cmac.h
@@ -18,30 +18,33 @@
# ifndef OPENSSL_NO_CMAC
-#ifdef __cplusplus
+# ifdef __cplusplus
extern "C" {
-#endif
+# endif
-# include <openssl/evp.h>
+# include <openssl/evp.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/* Opaque */
typedef struct CMAC_CTX_st CMAC_CTX;
-
-CMAC_CTX *CMAC_CTX_new(void);
-void CMAC_CTX_cleanup(CMAC_CTX *ctx);
-void CMAC_CTX_free(CMAC_CTX *ctx);
-EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
-int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
-
-int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
- const EVP_CIPHER *cipher, ENGINE *impl);
-int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
-int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
-int CMAC_resume(CMAC_CTX *ctx);
-
-#ifdef __cplusplus
+# endif
+
+DEPRECATEDIN_3_0(CMAC_CTX *CMAC_CTX_new(void))
+DEPRECATEDIN_3_0(void CMAC_CTX_cleanup(CMAC_CTX *ctx))
+DEPRECATEDIN_3_0(void CMAC_CTX_free(CMAC_CTX *ctx))
+DEPRECATEDIN_3_0(EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx))
+DEPRECATEDIN_3_0(int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in))
+
+DEPRECATEDIN_3_0(int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
+ const EVP_CIPHER *cipher, ENGINE *impl))
+DEPRECATEDIN_3_0(int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen))
+DEPRECATEDIN_3_0(int CMAC_Final(CMAC_CTX *ctx, unsigned char *out,
+ size_t *poutlen))
+DEPRECATEDIN_3_0(int CMAC_resume(CMAC_CTX *ctx))
+
+# ifdef __cplusplus
}
-#endif
+# endif
# endif
#endif
diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 2f80038f78..d05cdde168 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h
@@ -24,34 +24,35 @@
# define HMAC_MAX_MD_CBLOCK 128 /* Deprecated */
# endif
-#ifdef __cplusplus
+# ifdef __cplusplus
extern "C" {
-#endif
+# endif
-size_t HMAC_size(const HMAC_CTX *e);
-HMAC_CTX *HMAC_CTX_new(void);
-int HMAC_CTX_reset(HMAC_CTX *ctx);
-void HMAC_CTX_free(HMAC_CTX *ctx);
+DEPRECATEDIN_3_0(size_t HMAC_size(const HMAC_CTX *e))
+DEPRECATEDIN_3_0(HMAC_CTX *HMAC_CTX_new(void))
+DEPRECATEDIN_3_0(int HMAC_CTX_reset(HMAC_CTX *ctx))
+DEPRECATEDIN_3_0(void HMAC_CTX_free(HMAC_CTX *ctx))
DEPRECATEDIN_1_1_0(__owur int HMAC_Init(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md))
-
-/*__owur*/ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
- const EVP_MD *md, ENGINE *impl);
-/*__owur*/ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
- size_t len);
-/*__owur*/ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md,
- unsigned int *len);
-unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
- const unsigned char *d, size_t n, unsigned char *md,
- unsigned int *md_len);
-__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
-
-void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
-const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx);
-
-#ifdef __cplusplus
+ const EVP_MD *md))
+
+DEPRECATEDIN_3_0(int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+ const EVP_MD *md, ENGINE *impl))
+DEPRECATEDIN_3_0(int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
+ size_t len))
+DEPRECATEDIN_3_0(int HMAC_Final(HMAC_CTX *ctx, unsigned char *md,
+ unsigned int *len))
+DEPRECATEDIN_3_0(unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+ int key_len, const unsigned char *d,
+ size_t n, unsigned char *md,
+ unsigned int *md_len))
+DEPRECATEDIN_3_0(__owur int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx))
+
+DEPRECATEDIN_3_0(void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags))
+DEPRECATEDIN_3_0(const EVP_MD *HMAC_CTX_get_md(const HMAC_CTX *ctx))
+
+# ifdef __cplusplus
}
-#endif
+# endif
#endif
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 3b52f86412..c1b6b8e5dc 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1269,7 +1269,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS 69
# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP 70
# define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP 71
-# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
+# endif
# define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB 75
# define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB 76
# define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB 77
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index 9a1683e0fd..9181e0d2c1 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -327,9 +327,14 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
# define SSL_CTX_get_tlsext_status_type(ssl) \
SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0,NULL)
-# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,\
(void (*)(void))cb)
+# endif
+int SSL_CTX_set_tlsext_ticket_key_evp_cb
+ (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
+ EVP_CIPHER_CTX *, EVP_MAC_CTX *, int));
/* PSK ciphersuites from 4279 */
# define TLS1_CK_PSK_WITH_RC4_128_SHA 0x0300008A
diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c
index d9f53a67e7..a8f4bf95be 100644
--- a/providers/implementations/kdfs/hkdf.c
+++ b/providers/implementations/kdfs/hkdf.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
index 077b93afb0..d6fe07e0f9 100644
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c
index f3dbe1f2e7..6caec1b666 100644
--- a/providers/implementations/macs/cmac_prov.c
+++ b/providers/implementations/macs/cmac_prov.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * CMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
index 3eccc0d2c8..2bddb64d69 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <openssl/core_numbers.h>
#include <openssl/core_names.h>
#include <openssl/params.h>
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 745bccc836..a1a61cf328 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -4008,12 +4008,14 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
ctx->ext.status_cb = (int (*)(SSL *, void *))fp;
break;
+# ifndef OPENSSL_NO_DEPRECATED_3_0
case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
ctx->ext.ticket_key_cb = (int (*)(SSL *, unsigned char *,
unsigned char *,
EVP_CIPHER_CTX *,
HMAC_CTX *, int))fp;
break;
+#endif
#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
@@ -4042,6 +4044,14 @@ long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
return 1;
}
+int SSL_CTX_set_tlsext_ticket_key_evp_cb
+ (SSL_CTX *ctx, int (*fp)(SSL *, unsigned char *, unsigned char *,
+ EVP_CIPHER_CTX *, EVP_MAC_CTX *, int))
+{
+ ctx->ext.ticket_key_evp_cb = fp;
+ return 1;
+}
+
const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id)
{
SSL_CIPHER c;
diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h
index 43b0623a0b..680afa070a 100644
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@@ -737,6 +737,32 @@ typedef struct ssl_ctx_ext_secure_st {
unsigned char tick_aes_key[TLSEXT_TICK_KEY_LENGTH];
} SSL_CTX_EXT_SECURE;
+/*
+ * Helper function for HMAC
+ * The structure should be considered opaque, it will change once the low
+ * level deprecated calls are removed. At that point it can be replaced
+ * by EVP_MAC_CTX and most of the functions converted to macros or inlined
+ * directly.
+ */
+typedef struct ssl_hmac_st {
+ EVP_MAC_CTX *ctx;
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+ HMAC_CTX *old_ctx;
+# endif
+} SSL_HMAC;
+
+SSL_HMAC *ssl_hmac_new(const SSL_CTX *ctx);
+void ssl_hmac_free(SSL_HMAC *ctx);
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+HMAC_CTX *ssl_hmac_get0_HMAC_CTX(SSL_HMAC *ctx);
+# endif
+EVP_MAC_CTX *ssl_hmac_get0_EVP_MAC_CTX(SSL_HMAC *ctx);
+int ssl_hmac_init(SSL_HMAC *ctx, void *key, size_t len, char *md);
+int ssl_hmac_update(SSL_HMAC *ctx, const unsigned char *data, size_t len);
+int ssl_hmac_final(SSL_HMAC *ctx, unsigned char *md, size_t *len,
+ size_t max_size);
+size_t ssl_hmac_size(const SSL_HMAC *ctx);
+
struct ssl_ctx_st {
OPENSSL_CTX *libctx;
@@ -936,10 +962,16 @@ struct ssl_ctx_st {
/* RFC 4507 session ticket keys */
unsigned char tick_key_name[TLSEXT_KEYNAME_LENGTH];
SSL_CTX_EXT_SECURE *secure;
+# ifndef OPENSSL_NO_DEPRECATED_3_0
/* Callback to support customisation of ticket key setting */
int (*ticket_key_cb) (SSL *ssl,
unsigned char *name, unsigned char *iv,
EVP_CIPHER_CTX *ectx, HMAC_CTX *hctx, int enc);
+#endif
+ int (*ticket_key_evp_cb) (SSL *ssl,
+ unsigned char *name, unsigned char *iv,
+ EVP_CIPHER_CTX *ectx, EVP_MAC_CTX *hctx,
+ int enc);
/* certificate status request info */
/* Callback for status request */
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 4a18ad416d..50eaf69da4 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -18,7 +18,6 @@
#include <openssl/rand.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
-#include <openssl/hmac.h>
#include <openssl/x509.h>
#include <openssl/dh.h>
#include <openssl/bn.h>
@@ -3779,12 +3778,12 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
{
unsigned char *senc = NULL;
EVP_CIPHER_CTX *ctx = NULL;
- HMAC_CTX *hctx = NULL;
+ SSL_HMAC *hctx = NULL;
unsigned char *p, *encdata1, *encdata2, *macdata1, *macdata2;
const unsigned char *const_p;
int len, slen_full, slen, lenfinal;
SSL_SESSION *sess;
- unsigned int hlen;
+ size_t hlen;
SSL_CTX *tctx = s->session_ctx;
unsigned char iv[EVP_MAX_IV_LENGTH];
unsigned char key_name[TLSEXT_KEYNAME_LENGTH];
@@ -3810,7 +3809,7 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
}
ctx = EVP_CIPHER_CTX_new();
- hctx = HMAC_CTX_new();
+ hctx = ssl_hmac_new(tctx);
if (ctx == NULL || hctx == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CONSTRUCT_STATELESS_TICKET,
ERR_R_MALLOC_FAILURE);
@@ -3856,10 +3855,24 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
* Initialize HMAC and cipher contexts. If callback present it does
* all the work otherwise use generated values from parent ctx.
*/
- if (tctx->ext.ticket_key_cb) {
- /* if 0 is returned, write an empty ticket */
- int ret = tctx->ext.ticket_key_cb(s, key_name, iv, ctx,
- hctx, 1);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (tctx->ext.ticket_key_evp_cb != NULL || tctx->ext.ticket_key_cb != NULL)
+#else
+ if (tctx->ext.ticket_key_evp_cb != NULL)
+#endif
+ {
+ int ret = 0;
+
+ if (tctx->ext.ticket_key_evp_cb != NULL)
+ ret = tctx->ext.ticket_key_evp_cb(s, key_name, iv, ctx,
+ ssl_hmac_get0_EVP_MAC_CTX(hctx),
+ 1);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ else if (tctx->ext.ticket_key_cb != NULL)
+ /* if 0 is returned, write an empty ticket */
+ ret = tctx->ext.ticket_key_cb(s, key_name, iv, ctx,
+ ssl_hmac_get0_HMAC_CTX(hctx), 1);
+#endif
if (ret == 0) {
@@ -3873,7 +3886,7 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
}
OPENSSL_free(senc);
EVP_CIPHER_CTX_free(ctx);
- HMAC_CTX_free(hctx);
+ ssl_hmac_free(hctx);
return 1;
}
if (ret < 0) {
@@ -3889,9 +3902,9 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
if (RAND_bytes_ex(s->ctx->libctx, iv, iv_len) <= 0
|| !EVP_EncryptInit_ex(ctx, cipher, NULL,
tctx->ext.secure->tick_aes_key, iv)
- || !HMAC_Init_ex(hctx, tctx->ext.secure->tick_hmac_key,
- sizeof(tctx->ext.secure->tick_hmac_key),
- EVP_sha256(), NULL)) {
+ || !ssl_hmac_init(hctx, tctx->ext.secure->tick_hmac_key,
+ sizeof(tctx->ext.secure->tick_hmac_key),
+ "SHA256")) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_CONSTRUCT_STATELESS_TICKET,
ERR_R_INTERNAL_ERROR);
goto err;
@@ -3921,11 +3934,11 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
|| encdata1 + len != encdata2
|| len + lenfinal > slen + EVP_MAX_BLOCK_LENGTH
|| !WPACKET_get_total_written(pkt, &macendoffset)
- || !HMAC_Update(hctx,
- (unsigned char *)s->init_buf->data + macoffset,
- macendoffset - macoffset)
+ || !ssl_hmac_update(hctx,
+ (unsigned char *)s->init_buf->data + macoffset,
+ macendoffset - macoffset)
|| !WPACKET_reserve_bytes(pkt, EVP_MAX_MD_SIZE, &macdata1)
- || !HMAC_Final(hctx, macdata1, &hlen)
+ || !ssl_hmac_final(hctx, macdata1, &hlen, EVP_MAX_MD_SIZE)
|| hlen > EVP_MAX_MD_SIZE
|| !WPACKET_allocate_bytes(pkt, hlen, &macdata2)
|| macdata1 != macdata2) {
@@ -3945,7 +3958,7 @@ static int construct_stateless_ticket(SSL *s, WPACKET *pkt, uint32_t age_add,
err:
OPENSSL_free(senc);
EVP_CIPHER_CTX_free(ctx);
- HMAC_CTX_free(hctx);
+ ssl_hmac_free(hctx);
return ok;
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 0504f6bba1..fa2d6e0154 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -7,11 +7,15 @@
* https://www.openssl.org/source/license.html
*/
+/* We need access to the deprecated low level HMAC APIs */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
#include <stdio.h>
#include <stdlib.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#include <openssl/core_names.h>
#include <openssl/ocsp.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
@@ -1417,7 +1421,7 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
SSL_TICKET_STATUS ret = SSL_TICKET_FATAL_ERR_OTHER;
size_t mlen;
unsigned char tick_hmac[EVP_MAX_MD_SIZE];
- HMAC_CTX *hctx = NULL;
+ SSL_HMAC *hctx = NULL;
EVP_CIPHER_CTX *ctx = NULL;
SSL_CTX *tctx = s->session_ctx;
@@ -1447,7 +1451,7 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
}
/* Initialize session ticket encryption and HMAC contexts */
- hctx = HMAC_CTX_new();
+ hctx = ssl_hmac_new(tctx);
if (hctx == NULL) {
ret = SSL_TICKET_FATAL_ERR_MALLOC;
goto end;
@@ -1457,11 +1461,28 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
ret = SSL_TICKET_FATAL_ERR_MALLOC;
goto end;
}
- if (tctx->ext.ticket_key_cb) {
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (tctx->ext.ticket_key_evp_cb != NULL || tctx->ext.ticket_key_cb != NULL)
+#else
+ if (tctx->ext.ticket_key_evp_cb != NULL)
+#endif
+ {
unsigned char *nctick = (unsigned char *)etick;
- int rv = tctx->ext.ticket_key_cb(s, nctick,
+ int rv = 0;
+
+ if (tctx->ext.ticket_key_evp_cb != NULL)
+ rv = tctx->ext.ticket_key_evp_cb(s, nctick,
+ nctick + TLSEXT_KEYNAME_LENGTH,
+ ctx,
+ ssl_hmac_get0_EVP_MAC_CTX(hctx),
+ 0);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ else if (tctx->ext.ticket_key_cb != NULL)
+ /* if 0 is returned, write an empty ticket */
+ rv = tctx->ext.ticket_key_cb(s, nctick,
nctick + TLSEXT_KEYNAME_LENGTH,
- ctx, hctx, 0);
+ ctx, ssl_hmac_get0_HMAC_CTX(hctx), 0);
+#endif
if (rv < 0) {
ret = SSL_TICKET_FATAL_ERR_OTHER;
goto end;
@@ -1479,9 +1500,9 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
ret = SSL_TICKET_NO_DECRYPT;
goto end;
}
- if (HMAC_Init_ex(hctx, tctx->ext.secure->tick_hmac_key,
- sizeof(tctx->ext.secure->tick_hmac_key),
- EVP_sha256(), NULL) <= 0
+ if (ssl_hmac_init(hctx, tctx->ext.secure->tick_hmac_key,
+ sizeof(tctx->ext.secure->tick_hmac_key),
+ "SHA256") <= 0
|| EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL,
tctx->ext.secure->tick_aes_key,
etick + TLSEXT_KEYNAME_LENGTH) <= 0) {
@@ -1495,7 +1516,7 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
* Attempt to process session ticket, first conduct sanity and integrity
* checks on ticket.
*/
- mlen = HMAC_size(hctx);
+ mlen = ssl_hmac_size(hctx);
if (mlen == 0) {
ret = SSL_TICKET_FATAL_ERR_OTHER;
goto end;
@@ -1509,8 +1530,8 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
}
eticklen -= mlen;
/* Check HMAC of encrypted ticket */
- if (HMAC_Update(hctx, etick, eticklen) <= 0
- || HMAC_Final(hctx, tick_hmac, NULL) <= 0) {
+ if (ssl_hmac_update(hctx, etick, eticklen) <= 0
+ || ssl_hmac_final(hctx, tick_hmac, NULL, sizeof(tick_hmac)) <= 0) {
ret = SSL_TICKET_FATAL_ERR_OTHER;
goto end;
}
@@ -1573,7 +1594,7 @@ SSL_TICKET_STATUS tls_decrypt_ticket(SSL *s, const unsigned char *etick,
end:
EVP_CIPHER_CTX_free(ctx);
- HMAC_CTX_free(hctx);
+ ssl_hmac_free(hctx);
/*
* If set, the decrypt_ticket_cb() is called unless a fatal error was
@@ -2979,3 +3000,118 @@ uint8_t SSL_SESSION_get_max_fragment_length(const SSL_SESSION *session)
{
return session->ext.max_fragment_len_mode;
}
+
+/*
+ * Helper functions for HMAC access with legacy support included.
+ */
+SSL_HMAC *ssl_hmac_new(const SSL_CTX *ctx)
+{
+ SSL_HMAC *ret = OPENSSL_zalloc(sizeof(*ret));
+ EVP_MAC *mac = NULL;
+
+ if (ret == NULL)
+ return NULL;
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (ctx->ext.ticket_key_evp_cb == NULL
+ && ctx->ext.ticket_key_cb != NULL) {
+ ret->old_ctx = HMAC_CTX_new();
+ if (ret->old_ctx == NULL)
+ goto err;
+ return ret;
+ }
+#endif
+ mac = EVP_MAC_fetch(ctx->libctx, "HMAC", NULL);
+ if (mac == NULL || (ret->ctx = EVP_MAC_CTX_new(mac)) == NULL)
+ goto err;
+ EVP_MAC_free(mac);
+ return ret;
+ err:
+ EVP_MAC_CTX_free(ret->ctx);
+ EVP_MAC_free(mac);
+ OPENSSL_free(ret);
+ return NULL;
+}
+
+void ssl_hmac_free(SSL_HMAC *ctx)
+{
+ if (ctx != NULL) {
+ EVP_MAC_CTX_free(ctx->ctx);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ HMAC_CTX_free(ctx->old_ctx);
+#endif
+ OPENSSL_free(ctx);
+ }
+}
+
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+HMAC_CTX *ssl_hmac_get0_HMAC_CTX(SSL_HMAC *ctx)
+{
+ return ctx->old_ctx;
+}
+#endif
+
+EVP_MAC_CTX *ssl_hmac_get0_EVP_MAC_CTX(SSL_HMAC *ctx)
+{
+ return ctx->ctx;
+}
+
+int ssl_hmac_init(SSL_HMAC *ctx, void *key, size_t len, char *md)
+{
+ OSSL_PARAM params[3], *p = params;
+
+ if (ctx->ctx != NULL) {
+ *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, md, 0);
+ *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key, len);
+ *p = OSSL_PARAM_construct_end();
+ if (EVP_MAC_CTX_set_params(ctx->ctx, params) && EVP_MAC_init(ctx->ctx))
+ return 1;
+ }
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (ctx->old_ctx != NULL)
+ return HMAC_Init_ex(ctx->old_ctx, key, len,
+ EVP_get_digestbyname(md), NULL);
+#endif
+ return 0;
+}
+
+int ssl_hmac_update(SSL_HMAC *ctx, const unsigned char *data, size_t len)
+{
+ if (ctx->ctx != NULL)
+ return EVP_MAC_update(ctx->ctx, data, len);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (ctx->old_ctx != NULL)
+ return HMAC_Update(ctx->old_ctx, data, len);
+#endif
+ return 0;
+}
+
+int ssl_hmac_final(SSL_HMAC *ctx, unsigned char *md, size_t *len,
+ size_t max_size)
+{
+ if (ctx->ctx != NULL)
+ return EVP_MAC_final(ctx->ctx, md, len, max_size);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (ctx->old_ctx != NULL) {
+ unsigned int l;
+
+ if (HMAC_Final(ctx->old_ctx, md, &l) > 0) {
+ if (len != NULL)
+ *len = l;
+ return 1;
+ }
+ }
+#endif
+ return 0;
+}
+
+size_t ssl_hmac_size(const SSL_HMAC *ctx)
+{
+ if (ctx->ctx != NULL)
+ return EVP_MAC_size(ctx->ctx);
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ if (ctx->old_ctx != NULL)
+ return HMAC_size(ctx->old_ctx);
+#endif
+ return 0;
+}
+
diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c
index 66b5e1d2ed..9716b52193 100644
--- a/test/bad_dtls_test.c
+++ b/test/bad_dtls_test.c
@@ -29,6 +29,8 @@
*/
#include <string.h>
+#include <openssl/core_names.h>
+#include <openssl/params.h>
#include <openssl/opensslconf.h>
#include <openssl/bio.h>
#include <openssl/crypto.h>
@@ -278,11 +280,13 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
static unsigned char seq[6] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
static unsigned char ver[2] = { 0x01, 0x00 }; /* DTLS1_BAD_VER */
unsigned char lenbytes[2];
- HMAC_CTX *ctx;
+ EVP_MAC *hmac;
+ EVP_MAC_CTX *ctx;
EVP_CIPHER_CTX *enc_ctx;
unsigned char iv[16];
unsigned char pad;
unsigned char *enc;
+ OSSL_PARAM params[3];
seq[0] = (seqnr >> 40) & 0xff;
seq[1] = (seqnr >> 32) & 0xff;
@@ -300,18 +304,26 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
memcpy(enc, msg, len);
/* Append HMAC to data */
- ctx = HMAC_CTX_new();
- HMAC_Init_ex(ctx, mac_key, 20, EVP_sha1(), NULL);
- HMAC_Update(ctx, epoch, 2);
- HMAC_Update(ctx, seq, 6);
- HMAC_Update(ctx, &type, 1);
- HMAC_Update(ctx, ver, 2); /* Version */
+ hmac = EVP_MAC_fetch(NULL, "HMAC", NULL);
+ ctx = EVP_MAC_CTX_new(hmac);
+ EVP_MAC_free(hmac);
+ params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+ "SHA1", 0);
+ params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
+ mac_key, 20);
+ params[2] = OSSL_PARAM_construct_end();
+ EVP_MAC_CTX_set_params(ctx, params);
+ EVP_MAC_init(ctx);
+ EVP_MAC_update(ctx, epoch, 2);
+ EVP_MAC_update(ctx, seq, 6);
+ EVP_MAC_update(ctx, &type, 1);
+ EVP_MAC_update(ctx, ver, 2); /* Version */
lenbytes[0] = (unsigned char)(len >> 8);
lenbytes[1] = (unsigned char)(len);
- HMAC_Update(ctx, lenbytes, 2); /* Length */
- HMAC_Update(ctx, enc, len); /* Finally the data itself */
- HMAC_Final(ctx, enc + len, NULL);
- HMAC_CTX_free(ctx);
+ EVP_MAC_update(ctx, lenbytes, 2); /* Length */
+ EVP_MAC_update(ctx, enc, len); /* Finally the data itself */
+ EVP_MAC_final(ctx, enc + len, NULL, SHA_DIGEST_LENGTH);
+ EVP_MAC_CTX_free(ctx);
/* Append padding bytes */
len += SHA_DIGEST_LENGTH;
diff --git a/test/build.info b/test/build.info
index 7803488d57..7ae7e8f6a7 100644
--- a/test/build.info
+++ b/test/build.info
@@ -33,7 +33,6 @@ IF[{- !$disabled{tests} -}]
aborttest test_test \
sanitytest rsa_complex exdatatest bntest \
ectest ecstresstest ecdsatest gmdifftest pbelutest \
- hmactest \
destest mdc2test \
dhtest enginetest \
ssltest_old dsatest dsa_no_digest_size_test exptest rsa_test \
@@ -110,10 +109,6 @@ IF[{- !$disabled{tests} -}]
INCLUDE[pbelutest]=../include ../apps/include
DEPEND[pbelutest]=../libcrypto libtestutil.a
- SOURCE[hmactest]=hmactest.c
- INCLUDE[hmactest]=../include ../apps/include
- DEPEND[hmactest]=../libcrypto libtestutil.a
-
SOURCE[mdc2test]=mdc2test.c
INCLUDE[mdc2test]=../include ../apps/include
DEPEND[mdc2test]=../libcrypto libtestutil.a
@@ -499,7 +494,7 @@ IF[{- !$disabled{tests} -}]
tls13encryptiontest wpackettest ctype_internal_test \
rdrand_sanitytest property_test ideatest \
rsa_sp800_56b_test bn_internal_test \
- rc2test rc4test rc5test \
+ rc2test rc4test rc5test hmactest \
asn1_dsa_internal_test
IF[{- !$disabled{poly1305} -}]
@@ -565,6 +560,10 @@ IF[{- !$disabled{tests} -}]
INCLUDE[sparse_array_test]=../crypto/include ../include ../apps/include
DEPEND[sparse_array_test]=../libcrypto.a libtestutil.a
+ SOURCE[hmactest]=hmactest.c
+ INCLUDE[hmactest]=../include ../apps/include
+ DEPEND[hmactest]=../libcrypto.a libtestutil.a
+
SOURCE[siphash_internal_test]=siphash_internal_test.c
INCLUDE[siphash_internal_test]=.. ../include ../apps/include ../crypto/include
DEPEND[siphash_internal_test]=../libcrypto.a libtestutil.a
diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index e8249a7ce2..86313c9e3c 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -317,8 +317,9 @@ static int verify_accept_cb(X509_STORE_CTX *ctx, void *arg) {
return 1;
}
-static int broken_session_ticket_cb(SSL *s, unsigned char *key_name, unsigned char *iv,
- EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
+static int broken_session_ticket_cb(SSL *s, unsigned char *key_name,
+ unsigned char *iv, EVP_CIPHER_CTX *ctx,
+ EVP_MAC_CTX *hctx, int enc)
{
return 0;
}
@@ -326,7 +327,7 @@ static int broken_session_ticket_cb(SSL *s, unsigned char *key_name, unsigned ch
static int do_not_call_session_ticket_cb(SSL *s, unsigned char *key_name,
unsigned char *iv,
EVP_CIPHER_CTX *ctx,
- HMAC_CTX *hctx, int enc)
+ EVP_MAC_CTX *hctx, int enc)
{
HANDSHAKE_EX_DATA *ex_data =
(HANDSHAKE_EX_DATA*)(SSL_get_ex_data(s, ex_data_idx));
@@ -585,11 +586,12 @@ static int configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx,
* session (assigned via SNI), and should never be invoked
*/
if (server2_ctx != NULL)
- SSL_CTX_set_tlsext_ticket_key_cb(server2_ctx,
- do_not_call_session_ticket_cb);
+ SSL_CTX_set_tlsext_ticket_key_evp_cb(server2_ctx,
+ do_not_call_session_ticket_cb);
if (extra->server.broken_session_ticket) {
- SSL_CTX_set_tlsext_ticket_key_cb(server_ctx, broken_session_ticket_cb);
+ SSL_CTX_set_tlsext_ticket_key_evp_cb(server_ctx,
+ broken_session_ticket_cb);
}
#ifndef OPENSSL_NO_NEXTPROTONEG
if (extra->server.npn_protocols != NULL) {
diff --git a/test/hmactest.c b/test/hmactest.c
index a4a9c849b9..ebc075433a 100644
--- a/test/hmactest.c
+++ b/test/hmactest.c
@@ -7,6 +7,12 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * HMAC low level APIs are deprecated for public use, but still ok for internal
+ * use.
+ */
+#include "internal/deprecated.h"
+
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
diff --git a/test/sslapitest.c b/test/sslapitest.c
index 4993f16f4c..cf0fd3f37d 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -7,6 +7,14 @@
* https://www.openssl.org/source/license.html
*/
+/*
+ * We need access to the deprecated low level HMAC APIs for legacy purposes
+ * when the deprecated calls are not hidden
+ */
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+# define OPENSSL_SUPPRESS_DEPRECATED
+#endif
+
#include <stdio.h>
#include <string.h>
@@ -19,6 +27,7 @@
#include <openssl/txt_db.h>
#include <openssl/aes.h>
#include <openssl/rand.h>
+#include <openssl/core_names.h>
#include "ssltestlib.h"
#include "testutil.h"
@@ -6077,6 +6086,7 @@ static SSL_TICKET_RETURN dec_tick_cb(SSL *s, SSL_SESSION *ss,
}
+#ifndef OPENSSL_NO_DEPRECATED_3_0
static int tick_key_cb(SSL *s, unsigned char key_name[16],
unsigned char iv[EVP_MAX_IV_LENGTH], EVP_CIPHER_CTX *ctx,
HMAC_CTX *hctx, int enc)
@@ -6094,6 +6104,32 @@ static int tick_key_cb(SSL *s, unsigned char key_name[16],
return tick_key_renew ? 2 : 1;
}
+#endif
+
+static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
+ unsigned char iv[EVP_MAX_IV_LENGTH],
+ EVP_CIPHER_CTX *ctx, EVP_MAC_CTX *hctx, int enc)
+{
+ const unsigned char tick_aes_key[16] = "0123456789abcdef";
+ unsigned char tick_hmac_key[16] = "0123456789abcdef";
+ OSSL_PARAM params[3];
+
+ tick_key_cb_called = 1;
+ memset(iv, 0, AES_BLOCK_SIZE);
+ memset(key_name, 0, 16);
+ params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
+ "SHA256", 0);
+ params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
+ tick_hmac_key,
+ sizeof(tick_hmac_key));
+ params[2] = OSSL_PARAM_construct_end();
+ if (!EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, tick_aes_key, iv, enc)
+ || !EVP_MAC_CTX_set_params(hctx, params)
+ || !EVP_MAC_init(hctx))
+ return -1;
+
+ return tick_key_renew ? 2 : 1;
+}
/*
* Test the various ticket callbacks
@@ -6105,10 +6141,14 @@ static int tick_key_cb(SSL *s, unsigned char key_name[16],
* Test 5: TLSv1.3, no ticket key callback, ticket, no renewal
* Test 6: TLSv1.2, no ticket key callback, ticket, renewal
* Test 7: TLSv1.3, no ticket key callback, ticket, renewal
- * Test 8: TLSv1.2, ticket key callback, ticket, no renewal
- * Test 9: TLSv1.3, ticket key callback, ticket, no renewal
- * Test 10: TLSv1.2, ticket key callback, ticket, renewal
- * Test 11: TLSv1.3, ticket key callback, ticket, renewal
+ * Test 8: TLSv1.2, old ticket key callback, ticket, no renewal
+ * Test 9: TLSv1.3, old ticket key callback, ticket, no renewal
+ * Test 10: TLSv1.2, old ticket key callback, ticket, renewal
+ * Test 11: TLSv1.3, old ticket key callback, ticket, renewal
+ * Test 12: TLSv1.2, ticket key callback, ticket, no renewal
+ * Test 13: TLSv1.3, ticket key callback, ticket, no renewal
+ * Test 14: TLSv1.2, ticket key callback, ticket, renewal
+ * Test 15: TLSv1.3, ticket key callback, ticket, renewal
*/
static int test_ticket_callbacks(int tst)
{
@@ -6125,11 +6165,15 @@ static int test_ticket_callbacks(int tst)
if (tst % 2 == 1)
return 1;
#endif
+#ifdef OPENSSL_NO_DEPRECATED_3_0
+ if (tst >= 8 && tst <= 11)
+ return 1;
+#endif
gen_tick_called = dec_tick_called = tick_key_cb_called = 0;
/* Which tests the ticket key callback should request renewal for */
- if (tst == 10 || tst == 11)
+ if (tst == 10 || tst == 11 || tst == 14 || tst == 15)
tick_key_renew = 1;
else
tick_key_renew = 0;
@@ -6179,9 +6223,15 @@ static int test_ticket_callbacks(int tst)
NULL)))
goto end;
- if (tst >= 8
- && !TEST_true(SSL_CTX_set_tlsext_ticket_key_cb(sctx, tick_key_cb)))
- goto end;
+ if (tst >= 12) {
+ if (!TEST_true(SSL_CTX_set_tlsext_ticket_key_evp_cb(sctx, tick_key_evp_cb)))
+ goto end;
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ } else if (tst >= 8) {
+ if (!TEST_true(SSL_CTX_set_tlsext_ticket_key_cb(sctx, tick_key_cb)))
+ goto end;
+#endif
+ }
if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
NULL, NULL))
@@ -7060,7 +7110,7 @@ int setup_tests(void)
ADD_ALL_TESTS(test_info_callback, 6);
ADD_ALL_TESTS(test_ssl_pending, 2);
ADD_ALL_TESTS(test_ssl_get_shared_ciphers, OSSL_NELEM(shared_ciphers_data));
- ADD_ALL_TESTS(test_ticket_callbacks, 12);
+ ADD_ALL_TESTS(test_ticket_callbacks, 16);
ADD_ALL_TESTS(test_shutdown, 7);
ADD_ALL_TESTS(test_cert_cb, 6);
ADD_ALL_TESTS(test_client_cert_cb, 2);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 64b2ed277c..d3b23f7b59 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -113,7 +113,7 @@ EC_POINT_mul 114 3_0_0 EXIST::FUNCTION:EC
WHIRLPOOL_Final 115 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,WHIRLPOOL
CMS_get1_ReceiptRequest 116 3_0_0 EXIST::FUNCTION:CMS
BIO_sock_non_fatal_error 117 3_0_0 EXIST::FUNCTION:SOCK
-HMAC_Update 118 3_0_0 EXIST::FUNCTION:
+HMAC_Update 118 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
i2d_PKCS12 119 3_0_0 EXIST::FUNCTION:
EVP_BytesToKey 120 3_0_0 EXIST::FUNCTION:
ENGINE_set_default_pkey_asn1_meths 121 3_0_0 EXIST::FUNCTION:ENGINE
@@ -137,7 +137,7 @@ OCSP_REQ_CTX_free 138 3_0_0 EXIST::FUNCTION:OCSP
X509_STORE_new 140 3_0_0 EXIST::FUNCTION:
ASN1_TYPE_free 141 3_0_0 EXIST::FUNCTION:
PKCS12_BAGS_new 142 3_0_0 EXIST::FUNCTION:
-CMAC_CTX_new 143 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_CTX_new 143 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
ASIdentifierChoice_new 144 3_0_0 EXIST::FUNCTION:RFC3779
EVP_PKEY_asn1_set_public 145 3_0_0 EXIST::FUNCTION:
IDEA_set_decrypt_key 146 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,IDEA
@@ -394,7 +394,7 @@ d2i_OCSP_REVOKEDINFO 401 3_0_0 EXIST::FUNCTION:OCSP
ASN1_STRING_print_ex_fp 402 3_0_0 EXIST::FUNCTION:STDIO
PKCS7_SIGNED_new 403 3_0_0 EXIST::FUNCTION:
CMS_get0_eContentType 404 3_0_0 EXIST::FUNCTION:CMS
-HMAC_Final 405 3_0_0 EXIST::FUNCTION:
+HMAC_Final 405 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
X509_CRL_delete_ext 406 3_0_0 EXIST::FUNCTION:
TS_TST_INFO_get_ordering 407 3_0_0 EXIST::FUNCTION:TS
X509_get_extended_key_usage 408 3_0_0 EXIST::FUNCTION:
@@ -561,7 +561,7 @@ EVP_PKEY_meth_get_cleanup 572 3_0_0 EXIST::FUNCTION:
d2i_X509 574 3_0_0 EXIST::FUNCTION:
a2i_ASN1_STRING 575 3_0_0 EXIST::FUNCTION:
EC_GROUP_get_mont_data 576 3_0_0 EXIST::FUNCTION:EC
-CMAC_CTX_copy 577 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_CTX_copy 577 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
EVP_camellia_128_cfb128 579 3_0_0 EXIST::FUNCTION:CAMELLIA
DH_compute_key_padded 580 3_0_0 EXIST::FUNCTION:DH
ERR_load_CONF_strings 581 3_0_0 EXIST::FUNCTION:
@@ -1234,7 +1234,7 @@ CMS_sign 1261 3_0_0 EXIST::FUNCTION:CMS
X509_STORE_add_cert 1262 3_0_0 EXIST::FUNCTION:
EC_GROUP_precompute_mult 1263 3_0_0 EXIST::FUNCTION:EC
d2i_DISPLAYTEXT 1265 3_0_0 EXIST::FUNCTION:
-HMAC_CTX_copy 1266 3_0_0 EXIST::FUNCTION:
+HMAC_CTX_copy 1266 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
CRYPTO_gcm128_init 1267 3_0_0 EXIST::FUNCTION:
i2d_X509_CINF 1268 3_0_0 EXIST::FUNCTION:
X509_REVOKED_delete_ext 1269 3_0_0 EXIST::FUNCTION:
@@ -1291,7 +1291,7 @@ i2d_PKCS12_fp 1319 3_0_0 EXIST::FUNCTION:STDIO
EVP_PKEY_meth_get_init 1320 3_0_0 EXIST::FUNCTION:
X509_check_trust 1321 3_0_0 EXIST::FUNCTION:
b2i_PrivateKey 1322 3_0_0 EXIST::FUNCTION:DSA
-HMAC_Init_ex 1323 3_0_0 EXIST::FUNCTION:
+HMAC_Init_ex 1323 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
SMIME_read_CMS 1324 3_0_0 EXIST::FUNCTION:CMS
X509_subject_name_cmp 1325 3_0_0 EXIST::FUNCTION:
CRYPTO_ocb128_finish 1326 3_0_0 EXIST::FUNCTION:OCB
@@ -1405,7 +1405,7 @@ ERR_lib_error_string 1437 3_0_0 EXIST::FUNCTION:
X509_ATTRIBUTE_set1_object 1438 3_0_0 EXIST::FUNCTION:
i2d_ECPrivateKey_bio 1439 3_0_0 EXIST::FUNCTION:EC
BN_GENCB_free 1440 3_0_0 EXIST::FUNCTION:
-HMAC_size 1441 3_0_0 EXIST::FUNCTION:
+HMAC_size 1441 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EVP_PKEY_get0_DH 1442 3_0_0 EXIST::FUNCTION:DH
d2i_OCSP_CRLID 1443 3_0_0 EXIST::FUNCTION:OCSP
EVP_CIPHER_CTX_set_padding 1444 3_0_0 EXIST::FUNCTION:
@@ -1707,7 +1707,7 @@ EC_POINT_cmp 1745 3_0_0 EXIST::FUNCTION:EC
ASN1_buf_print 1746 3_0_0 EXIST::FUNCTION:
EVP_PKEY_CTX_hex2ctrl 1747 3_0_0 EXIST::FUNCTION:
PEM_write_bio_PKCS8PrivateKey 1748 3_0_0 EXIST::FUNCTION:
-CMAC_Update 1749 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_Update 1749 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
d2i_ASN1_UTCTIME 1750 3_0_0 EXIST::FUNCTION:
OPENSSL_sk_insert 1751 3_0_0 EXIST::FUNCTION:
DSO_up_ref 1752 3_0_0 EXIST::FUNCTION:
@@ -2029,7 +2029,7 @@ MDC2_Init 2075 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_
i2o_SCT 2076 3_0_0 EXIST::FUNCTION:CT
d2i_TS_STATUS_INFO 2077 3_0_0 EXIST::FUNCTION:TS
ERR_error_string_n 2078 3_0_0 EXIST::FUNCTION:
-HMAC 2079 3_0_0 EXIST::FUNCTION:
+HMAC 2079 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
BN_mul 2080 3_0_0 EXIST::FUNCTION:
BN_get0_nist_prime_384 2081 3_0_0 EXIST::FUNCTION:
X509_VERIFY_PARAM_set1_ip_asc 2082 3_0_0 EXIST::FUNCTION:
@@ -2122,7 +2122,7 @@ AUTHORITY_INFO_ACCESS_it 2167 3_0_0 EXIST::FUNCTION:
X509_EXTENSION_create_by_NID 2168 3_0_0 EXIST::FUNCTION:
i2d_RSAPrivateKey 2169 3_0_0 EXIST::FUNCTION:RSA
d2i_CERTIFICATEPOLICIES 2170 3_0_0 EXIST::FUNCTION:
-CMAC_CTX_get0_cipher_ctx 2171 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_CTX_get0_cipher_ctx 2171 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
X509_STORE_load_locations 2172 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
OBJ_find_sigid_algs 2173 3_0_0 EXIST::FUNCTION:
TS_RESP_CTX_set_accuracy 2174 3_0_0 EXIST::FUNCTION:TS
@@ -2152,7 +2152,7 @@ X509_STORE_CTX_set_depth 2199 3_0_0 EXIST::FUNCTION:
X509v3_delete_ext 2200 3_0_0 EXIST::FUNCTION:
ASN1_STRING_set0 2201 3_0_0 EXIST::FUNCTION:
BN_GF2m_add 2202 3_0_0 EXIST::FUNCTION:EC2M
-CMAC_resume 2203 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_resume 2203 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
TS_ACCURACY_set_millis 2204 3_0_0 EXIST::FUNCTION:TS
X509V3_EXT_conf 2205 3_0_0 EXIST::FUNCTION:
i2d_DHxparams 2206 3_0_0 EXIST::FUNCTION:DH
@@ -2262,7 +2262,7 @@ PKCS12_SAFEBAG_get1_crl 2309 3_0_0 EXIST::FUNCTION:
ASN1_STRING_get_default_mask 2310 3_0_0 EXIST::FUNCTION:
X509_alias_set1 2311 3_0_0 EXIST::FUNCTION:
ASN1_item_unpack 2312 3_0_0 EXIST::FUNCTION:
-HMAC_CTX_free 2313 3_0_0 EXIST::FUNCTION:
+HMAC_CTX_free 2313 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EC_POINT_new 2314 3_0_0 EXIST::FUNCTION:EC
PKCS7_ISSUER_AND_SERIAL_digest 2315 3_0_0 EXIST::FUNCTION:
EVP_des_ofb 2316 3_0_0 EXIST::FUNCTION:DES
@@ -2914,7 +2914,7 @@ EVP_PKEY_set1_DH 2976 3_0_0 EXIST::FUNCTION:DH
DH_get_ex_data 2977 3_0_0 EXIST::FUNCTION:DH
CRYPTO_secure_malloc 2978 3_0_0 EXIST::FUNCTION:
TS_RESP_get_status_info 2979 3_0_0 EXIST::FUNCTION:TS
-HMAC_CTX_new 2980 3_0_0 EXIST::FUNCTION:
+HMAC_CTX_new 2980 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
ENGINE_get_default_DH 2981 3_0_0 EXIST::FUNCTION:ENGINE
ECDSA_do_verify 2982 3_0_0 EXIST::FUNCTION:EC
DSO_flags 2983 3_0_0 EXIST::FUNCTION:
@@ -3083,7 +3083,7 @@ BF_cfb64_encrypt 3147 3_0_0 EXIST::FUNCTION:BF,DEPRECATED
ASN1_GENERALIZEDTIME_adj 3148 3_0_0 EXIST::FUNCTION:
ECDSA_verify 3149 3_0_0 EXIST::FUNCTION:EC
EVP_camellia_256_cfb128 3150 3_0_0 EXIST::FUNCTION:CAMELLIA
-CMAC_Init 3151 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_Init 3151 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
OCSP_basic_add1_status 3152 3_0_0 EXIST::FUNCTION:OCSP
X509_CRL_get0_by_cert 3153 3_0_0 EXIST::FUNCTION:
TS_TST_INFO_set_tsa 3154 3_0_0 EXIST::FUNCTION:TS
@@ -3394,7 +3394,7 @@ TS_TST_INFO_set_msg_imprint 3464 3_0_0 EXIST::FUNCTION:TS
CRYPTO_get_ex_data 3465 3_0_0 EXIST::FUNCTION:
X509_PURPOSE_get0_sname 3466 3_0_0 EXIST::FUNCTION:
RSA_verify_PKCS1_PSS 3467 3_0_0 EXIST::FUNCTION:RSA
-HMAC_CTX_reset 3468 3_0_0 EXIST::FUNCTION:
+HMAC_CTX_reset 3468 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
EVP_PKEY_meth_set_init 3469 3_0_0 EXIST::FUNCTION:
X509_REQ_extension_nid 3470 3_0_0 EXIST::FUNCTION:
ENGINE_up_ref 3471 3_0_0 EXIST::FUNCTION:ENGINE
@@ -3404,14 +3404,14 @@ ASYNC_WAIT_CTX_get_changed_fds 3474 3_0_0 EXIST::FUNCTION:
EVP_PKEY_save_parameters 3475 3_0_0 EXIST::FUNCTION:
SCT_set_source 3476 3_0_0 EXIST::FUNCTION:CT
DES_set_odd_parity 3477 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,DES
-CMAC_CTX_free 3478 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_CTX_free 3478 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
d2i_ESS_ISSUER_SERIAL 3479 3_0_0 EXIST::FUNCTION:
-HMAC_CTX_set_flags 3480 3_0_0 EXIST::FUNCTION:
+HMAC_CTX_set_flags 3480 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
d2i_PKCS8_bio 3481 3_0_0 EXIST::FUNCTION:
OCSP_ONEREQ_get_ext_count 3482 3_0_0 EXIST::FUNCTION:OCSP
PEM_read_bio_PKCS8_PRIV_KEY_INFO 3483 3_0_0 EXIST::FUNCTION:
i2d_OCSP_BASICRESP 3484 3_0_0 EXIST::FUNCTION:OCSP
-CMAC_Final 3485 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_Final 3485 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
X509V3_EXT_add_alias 3486 3_0_0 EXIST::FUNCTION:
BN_get_params 3487 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_0_9_8
PKCS5_pbkdf2_set 3488 3_0_0 EXIST::FUNCTION:
@@ -3640,7 +3640,7 @@ TS_RESP_verify_response 3719 3_0_0 EXIST::FUNCTION:TS
X509_REVOKED_get0_serialNumber 3720 3_0_0 EXIST::FUNCTION:
X509_VERIFY_PARAM_free 3721 3_0_0 EXIST::FUNCTION:
ASN1_TYPE_new 3722 3_0_0 EXIST::FUNCTION:
-CMAC_CTX_cleanup 3723 3_0_0 EXIST::FUNCTION:CMAC
+CMAC_CTX_cleanup 3723 3_0_0 EXIST::FUNCTION:CMAC,DEPRECATEDIN_3_0
i2d_PKCS7_NDEF 3724 3_0_0 EXIST::FUNCTION:
OPENSSL_sk_pop_free 3725 3_0_0 EXIST::FUNCTION:
X509_STORE_CTX_get0_policy_tree 3726 3_0_0 EXIST::FUNCTION:
@@ -4004,7 +4004,7 @@ X509_get_pathlen 4092 3_0_0 EXIST::FUNCTION:
ECDSA_SIG_set0 4093 3_0_0 EXIST::FUNCTION:EC
DSA_SIG_set0 4094 3_0_0 EXIST::FUNCTION:DSA
EVP_PKEY_get0_hmac 4095 3_0_0 EXIST::FUNCTION:
-HMAC_CTX_get_md 4096 3_0_0 EXIST::FUNCTION:
+HMAC_CTX_get_md 4096 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0
NAME_CONSTRAINTS_check_CN 4097 3_0_0 EXIST::FUNCTION:
OCSP_resp_get0_id 4098 3_0_0 EXIST::FUNCTION:OCSP
OCSP_resp_get0_certs 4099 3_0_0 EXIST::FUNCTION:OCSP
diff --git a/util/libssl.num b/util/libssl.num
index 29d8af6258..c2b162f3bd 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -511,4 +511,5 @@ SSL_CTX_set_default_verify_store ? 3_0_0 EXIST::FUNCTION:
SSL_CTX_load_verify_file ? 3_0_0 EXIST::FUNCTION:
SSL_CTX_load_verify_dir ? 3_0_0 EXIST::FUNCTION:
SSL_CTX_load_verify_store ? 3_0_0 EXIST::FUNCTION:
+SSL_CTX_set_tlsext_ticket_key_evp_cb ? 3_0_0 EXIST::FUNCTION:
SSL_CTX_new_with_libctx ? 3_0_0 EXIST::FUNCTION:
More information about the openssl-commits
mailing list