From 43ad483907069798920a949a3cc9615cb3156975 Mon Sep 17 00:00:00 2001

From: Petr Gotthard <petr.gotthard@centrum.cz>

Date: Sat, 7 Aug 2021 11:56:22 +0200

Subject: [PATCH 06/17] openssl: Remove unnecesary EVP_CIPHER_CTX and HMAC_CTX

 wrappers

Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>

---

 lib/tpm2_identity_util.c |  7 +++++--

 lib/tpm2_kdfa.c          |  4 ++--

 lib/tpm2_openssl.c       | 26 --------------------------

 lib/tpm2_openssl.h       | 31 -------------------------------

 4 files changed, 7 insertions(+), 61 deletions(-)

diff --git a/lib/tpm2_identity_util.c b/lib/tpm2_identity_util.c

index e11137ab..a268295f 100644

--- a/lib/tpm2_identity_util.c

+++ b/lib/tpm2_identity_util.c

@@ -289,7 +289,10 @@ static bool aes_encrypt_buffers(TPMT_SYM_DEF_OBJECT *sym,

         return false;

     }

-    EVP_CIPHER_CTX *ctx = tpm2_openssl_cipher_new();

+    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();

+    if (!ctx) {

+        return false;

+    }

     int rc = EVP_EncryptInit_ex(ctx, cipher, NULL, encryption_key, iv);

     if (!rc) {

@@ -336,7 +339,7 @@ static bool aes_encrypt_buffers(TPMT_SYM_DEF_OBJECT *sym,

     result = true;

 out:

-    tpm2_openssl_cipher_free(ctx);

+    EVP_CIPHER_CTX_free(ctx);

     return result;

 }

diff --git a/lib/tpm2_kdfa.c b/lib/tpm2_kdfa.c

index 354516e8..5747b3ca 100644

--- a/lib/tpm2_kdfa.c

+++ b/lib/tpm2_kdfa.c

@@ -40,7 +40,7 @@ TSS2_RC tpm2_kdfa(TPMI_ALG_HASH hash_alg, TPM2B *key, char *label,

         return TPM2_RC_HASH;

     }

-    HMAC_CTX *ctx = tpm2_openssl_hmac_new();

+    HMAC_CTX *ctx = HMAC_CTX_new();

     if (!ctx) {

         LOG_ERR("HMAC context allocation failed");

         return TPM2_RC_MEMORY;

@@ -100,7 +100,7 @@ TSS2_RC tpm2_kdfa(TPMI_ALG_HASH hash_alg, TPM2B *key, char *label,

     result_key->size = bytes;

 err:

-    tpm2_openssl_hmac_free(ctx);

+    HMAC_CTX_free(ctx);

     return rval;

 }

diff --git a/lib/tpm2_openssl.c b/lib/tpm2_openssl.c

index 877d2764..1752525e 100644

--- a/lib/tpm2_openssl.c

+++ b/lib/tpm2_openssl.c

@@ -368,32 +368,6 @@ out:

     return result;

 }

-HMAC_CTX *tpm2_openssl_hmac_new() {

-    HMAC_CTX *ctx;

-    ctx = HMAC_CTX_new();

-    if (!ctx)

-        return NULL;

-

-    return ctx;

-}

-

-void tpm2_openssl_hmac_free(HMAC_CTX *ctx) {

-    HMAC_CTX_free(ctx);

-}

-

-EVP_CIPHER_CTX *tpm2_openssl_cipher_new(void) {

-    EVP_CIPHER_CTX *ctx;

-    ctx = EVP_CIPHER_CTX_new();

-    if (!ctx)

-        return NULL;

-

-    return ctx;

-}

-

-void tpm2_openssl_cipher_free(EVP_CIPHER_CTX *ctx) {

-    EVP_CIPHER_CTX_free(ctx);

-}

-

 digester tpm2_openssl_halg_to_digester(TPMI_ALG_HASH halg) {

     switch (halg) {

diff --git a/lib/tpm2_openssl.h b/lib/tpm2_openssl.h

index 8e3e0c17..642e4635 100644

--- a/lib/tpm2_openssl.h

+++ b/lib/tpm2_openssl.h

@@ -67,20 +67,6 @@ int tpm2_openssl_halgid_from_tpmhalg(TPMI_ALG_HASH algorithm);

  */

 const EVP_MD *tpm2_openssl_halg_from_tpmhalg(TPMI_ALG_HASH algorithm);

-/**

- * Start an openssl hmac session.

- * @return

- *  A valid session pointer or NULL on error.

- */

-HMAC_CTX *tpm2_openssl_hmac_new();

-

-/**

- * Free an hmac context created via tpm2_openssl_hmac_new().

- * @param ctx

- *  The context to release resources of.

- */

-void tpm2_openssl_hmac_free(HMAC_CTX *ctx);

-

 /**

  * Hash a byte buffer.

  * @param halg

@@ -161,23 +147,6 @@ bool tpm2_openssl_hash_pcr_banks_le(TPMI_ALG_HASH hashAlg,

 bool tpm2_openssl_pcr_extend(TPMI_ALG_HASH halg, BYTE *pcr,

         const BYTE *data, UINT16 length);

-/**

- * Obtains an OpenSSL EVP_CIPHER_CTX dealing with version

- * API changes in OSSL.

- *

- * @return

- *  An Initialized OpenSSL EVP_CIPHER_CTX.

- */

-EVP_CIPHER_CTX *tpm2_openssl_cipher_new(void);

-

-/**

- * Free's an EVP_CIPHER_CTX obtained via tpm2_openssl_cipher_new()

- * dealing with OSSL API version changes.

- * @param ctx

- *  The EVP_CIPHER_CTX to free.

- */

-void tpm2_openssl_cipher_free(EVP_CIPHER_CTX *ctx);

-

 /**

  * Returns a function pointer capable of performing the

  * given digest from a TPMI_HASH_ALG.

-- 

2.31.1