[openssl/openssl] 66c4f1: demos/mac/cmac-aes256: Clarify the cipher algorith...

Tomáš Mráz noreply at github.com
Fri Nov 11 15:58:09 UTC 2022 

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 66c4f141369f29b61159a9f77e33e15b9d1c6638
      https://github.com/openssl/openssl/commit/66c4f141369f29b61159a9f77e33e15b9d1c6638
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2022-11-11 (Fri, 11 Nov 2022)

  Changed paths:
    M demos/mac/cmac-aes256.c

  Log Message:
  -----------
  demos/mac/cmac-aes256: Clarify the cipher algorithm used

The currently used cipher is aes256 which is an alias to AES-256-CBC,
so the demo is correct.
However it might be misleading so make it clear the CBC mode
cipher is used.

Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19401)

(cherry picked from commit 9270f67059e0291a2ef73acfba5a4ac54f732ef9)


  Commit: d90a4c7d5a18300153340a6d54e7aba03eebe268
      https://github.com/openssl/openssl/commit/d90a4c7d5a18300153340a6d54e7aba03eebe268
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2022-11-11 (Fri, 11 Nov 2022)

  Changed paths:
    M doc/man7/EVP_MAC-CMAC.pod
    M providers/implementations/macs/cmac_prov.c
    M test/recipes/30-test_evp_data/evpmac_common.txt

  Log Message:
  -----------
  cmac_set_ctx_params(): Fail if cipher mode is not CBC

Also add negative test cases for CMAC and GMAC using
a cipher with wrong mode.

Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19401)

(cherry picked from commit 94976a1e8d9b127999df14c2e0c38e918c2badda)


  Commit: 66ecce223cedb46e7b56fcce0a1e9b3b09ee8ae5
      https://github.com/openssl/openssl/commit/66ecce223cedb46e7b56fcce0a1e9b3b09ee8ae5
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2022-11-11 (Fri, 11 Nov 2022)

  Changed paths:
    M test/evp_extra_test.c

  Log Message:
  -----------
  test_CMAC_keygen(): Avoid using ECB cipher with CMAC

Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19401)

(cherry picked from commit a0783b83a3bd05a07ea64567995c7642621b4aa6)


Compare: https://github.com/openssl/openssl/compare/985eb23fbf83...66ecce223ced

More information about the openssl-commits mailing list