From b8d77c9bd675b4128aeeafb4a738938460477a2e Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Wed, 24 Oct 2018 21:40:00 +0200
Subject: [PATCH] Adapt other EVP code to use EVP_MAC instead of direct
 implementation calls

The EVP_PKEY methods for CMAC and HMAC needed a rework, although it
wasn't much change apart from name changes.

This also meant that EVP_PKEY_new_CMAC_key() needed an adjustment.
(the possibility to rewrite this function to work with any MAC is yet
to be explored)

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7484)
---
 crypto/cmac/cm_ameth.c | 7 +++----
 crypto/evp/p_lib.c     | 8 +++++---
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/crypto/cmac/cm_ameth.c b/crypto/cmac/cm_ameth.c
index a58454a089..71265846e6 100644
--- a/crypto/cmac/cm_ameth.c
+++ b/crypto/cmac/cm_ameth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2010-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -10,7 +10,6 @@
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/evp.h>
-#include <openssl/cmac.h>
 #include "internal/asn1_int.h"
 
 /*
@@ -25,8 +24,8 @@ static int cmac_size(const EVP_PKEY *pkey)
 
 static void cmac_key_free(EVP_PKEY *pkey)
 {
-    CMAC_CTX *cmctx = EVP_PKEY_get0(pkey);
-    CMAC_CTX_free(cmctx);
+    EVP_MAC_CTX *cmctx = EVP_PKEY_get0(pkey);
+    EVP_MAC_CTX_free(cmctx);
 }
 
 const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 9429be97e3..154ef788e8 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -319,7 +319,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
 {
 #ifndef OPENSSL_NO_CMAC
     EVP_PKEY *ret = EVP_PKEY_new();
-    CMAC_CTX *cmctx = CMAC_CTX_new();
+    EVP_MAC_CTX *cmctx = EVP_MAC_CTX_new_id(EVP_MAC_CMAC);
 
     if (ret == NULL
             || cmctx == NULL
@@ -328,7 +328,9 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
         goto err;
     }
 
-    if (!CMAC_Init(cmctx, priv, len, cipher, e)) {
+    if (EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_ENGINE, e) <= 0
+        || EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_CIPHER, cipher) <= 0
+        || EVP_MAC_ctrl(cmctx, EVP_MAC_CTRL_SET_KEY, priv, len) <= 0) {
         EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY, EVP_R_KEY_SETUP_FAILED);
         goto err;
     }
@@ -338,7 +340,7 @@ EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
 
  err:
     EVP_PKEY_free(ret);
-    CMAC_CTX_free(cmctx);
+    EVP_MAC_CTX_free(cmctx);
     return NULL;
 #else
     EVPerr(EVP_F_EVP_PKEY_NEW_CMAC_KEY,
-- 
2.25.1