#include "internal/provider_algs.h"
#include "internal/provider_ctx.h"
+#include "internal/provider_util.h"
/*
* Forward declaration of everything implemented here. This is not strictly
struct hmac_data_st {
void *provctx;
HMAC_CTX *ctx; /* HMAC context */
-
- /*
- * References to the underlying digest implementation. tmpmd caches
- * the md, always. alloc_md only holds a reference to an explicitly
- * fetched digest.
- * tmpmd is cleared after a CMAC_Init call.
- */
- const EVP_MD *tmpmd; /* HMAC digest */
- EVP_MD *alloc_md; /* fetched digest */
-
- /*
- * Conditions for legacy EVP_MD uses.
- * tmpengine is cleared after a CMAC_Init call.
- */
- ENGINE *tmpengine; /* HMAC digest engine */
+ PROV_DIGEST digest;
};
static size_t hmac_size(void *vmacctx);
if (macctx != NULL) {
HMAC_CTX_free(macctx->ctx);
- EVP_MD_free(macctx->alloc_md);
+ ossl_prov_digest_reset(&macctx->digest);
OPENSSL_free(macctx);
}
}
if (dst == NULL)
return NULL;
- if (!HMAC_CTX_copy(dst->ctx, src->ctx)) {
- hmac_free(dst);
- return NULL;
- }
-
- if (src->alloc_md != NULL && !EVP_MD_up_ref(src->alloc_md)) {
+ if (!HMAC_CTX_copy(dst->ctx, src->ctx)
+ || !ossl_prov_digest_copy(&dst->digest, &src->digest)) {
hmac_free(dst);
return NULL;
}
-
- dst->tmpengine = src->tmpengine;
- dst->tmpmd = src->tmpmd;
- dst->alloc_md = src->alloc_md;
return dst;
}
static int hmac_init(void *vmacctx)
{
struct hmac_data_st *macctx = vmacctx;
+ const EVP_MD *digest = ossl_prov_digest_md(&macctx->digest);
int rv = 1;
/* HMAC_Init_ex doesn't tolerate all zero params, so we must be careful */
- if (macctx->tmpmd != NULL)
- rv = HMAC_Init_ex(macctx->ctx, NULL, 0, macctx->tmpmd,
- (ENGINE * )macctx->tmpengine);
- macctx->tmpengine = NULL;
- macctx->tmpmd = NULL;
+ if (digest != NULL)
+ rv = HMAC_Init_ex(macctx->ctx, NULL, 0, digest,
+ ossl_prov_digest_engine(&macctx->digest));
+ ossl_prov_digest_reset(&macctx->digest);
return rv;
}
static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
{
struct hmac_data_st *macctx = vmacctx;
+ OPENSSL_CTX *ctx = PROV_LIBRARY_CONTEXT_OF(macctx->provctx);
const OSSL_PARAM *p;
- if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_DIGEST)) != NULL) {
- if (p->data_type != OSSL_PARAM_UTF8_STRING)
- return 0;
+ if (!ossl_prov_digest_load_from_params(&macctx->digest, params, ctx))
+ return 0;
- {
- const char *algoname = p->data;
- const char *propquery = NULL;
-
-/* Inside the FIPS module, we don't support engines */
-#if !defined(FIPS_MODE) && !defined(OPENSSL_NO_ENGINE)
- ENGINE_finish(macctx->tmpengine);
- macctx->tmpengine = NULL;
-
- if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_ENGINE))
- != NULL) {
- if (p->data_type != OSSL_PARAM_UTF8_STRING)
- return 0;
-
- macctx->tmpengine = ENGINE_by_id(p->data);
- if (macctx->tmpengine == NULL)
- return 0;
- }
-#endif
- if ((p = OSSL_PARAM_locate_const(params,
- OSSL_MAC_PARAM_PROPERTIES))
- != NULL) {
- if (p->data_type != OSSL_PARAM_UTF8_STRING)
- return 0;
-
- propquery = p->data;
- }
-
- EVP_MD_free(macctx->alloc_md);
-
- macctx->tmpmd = macctx->alloc_md =
- EVP_MD_fetch(PROV_LIBRARY_CONTEXT_OF(macctx->provctx),
- algoname, propquery);
-
-#ifndef FIPS_MODE /* Inside the FIPS module, we don't support legacy digests */
- /* TODO(3.0) BEGIN legacy stuff, to be removed */
- if (macctx->tmpmd == NULL)
- macctx->tmpmd = EVP_get_digestbyname(algoname);
- /* TODO(3.0) END of legacy stuff */
-#endif
-
- if (macctx->tmpmd == NULL)
- return 0;
- }
- }
/* TODO(3.0) formalize the meaning of "flags", perhaps as other params */
if ((p = OSSL_PARAM_locate_const(params,
OSSL_MAC_PARAM_FLAGS)) != NULL) {
return 0;
if (!HMAC_Init_ex(macctx->ctx, p->data, p->data_size,
- macctx->tmpmd, NULL /* ENGINE */))
+ ossl_prov_digest_md(&macctx->digest),
+ NULL /* ENGINE */))
return 0;
- macctx->tmpmd = NULL;
- macctx->tmpengine = NULL;
+ ossl_prov_digest_reset(&macctx->digest);
}
return 1;
}