Cleaning up usage of CMAC_xxx

Richard Levitte levitte at openssl.org
Thu Jun 11 08:12:32 UTC 2020


On Thu, 11 Jun 2020 02:49:04 +0200,
Hal Murray wrote:
> CMAC_* have been DEPRECATED for 3.0.0
> 
> CHANGES.md suggests using EVP_MAC_xxx.  Mostly, that seems reasonable, but 
> there is one loose end.
> 
> CMAC_Init includes a key and cipher.  What's the equivalent in EVP_MAC_xxx?
> 
> -----------
> 
> I found the params stuff, but that's new in 3.0.0
> How do I do it in 1.1.1 or earlier?

In 1.1.1 and earlier, there is a different idea, using EVP_PKEY
routines to "sign" with a MAC.  We have a EVP_PKEY to EVP_MAC bridge
in 3.0.0 to bridge the gap.

Cheers,
Richard

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/


More information about the openssl-users mailing list