chantra / rpms / tpm2-tss

Forked from rpms/tpm2-tss 2 years ago
Clone

Blame SOURCES/0010-Test-Use-EVP_MAC_xxx-with-OpenSSL-3.0.patch

a23473
From 89b2bd01f6fa1e267f57b2ceeb2ffaafb9cdb7c0 Mon Sep 17 00:00:00 2001
a23473
From: Petr Gotthard <petr.gotthard@centrum.cz>
a23473
Date: Sun, 18 Jul 2021 14:56:18 +0200
a23473
Subject: Test: Use EVP_MAC_xxx with OpenSSL 3.0
a23473
MIME-Version: 1.0
a23473
Content-Type: text/plain; charset=UTF-8
a23473
Content-Transfer-Encoding: 8bit
a23473
a23473
Drop support for OpenSSL < 1.1.0 and add support for OpenSSL >= 3.0.0.
a23473
a23473
The HMAC_Update is deprecated in OpenSSL 3.0, but the replacement
a23473
EVP_MAC_update was added in OpenSSL 3.0, so version specific code is
a23473
needed.
a23473
a23473
Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>
a23473
---
a23473
 test/integration/sys-util.c | 50 +++++++++++++++++++++++--------------
a23473
 1 file changed, 31 insertions(+), 19 deletions(-)
a23473
a23473
diff --git a/test/integration/sys-util.c b/test/integration/sys-util.c
a23473
index af83cf55..5865f002 100644
a23473
--- a/test/integration/sys-util.c
a23473
+++ b/test/integration/sys-util.c
a23473
@@ -13,10 +13,13 @@
a23473
 #include <string.h>
a23473
 #include <assert.h>
a23473
 
a23473
+#include <openssl/evp.h>
a23473
 #include <openssl/sha.h>
a23473
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
a23473
 #include <openssl/hmac.h>
a23473
-#include <openssl/evp.h>
a23473
-#include <openssl/opensslv.h>
a23473
+#else
a23473
+#include <openssl/core_names.h>
a23473
+#endif
a23473
 
a23473
 #define LOGMODULE testintegration
a23473
 #include "util/log.h"
a23473
@@ -489,22 +492,18 @@ hmac(
a23473
     TPM2B_DIGEST **buffer_list,
a23473
     TPM2B_DIGEST *out)
a23473
 {
a23473
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
a23473
-    HMAC_CTX *ctx;
a23473
-#else
a23473
-    HMAC_CTX _ctx;
a23473
-    HMAC_CTX *ctx = &_ctx;
a23473
-#endif
a23473
-    EVP_MD *evp;
a23473
     int rc = 1, i;
a23473
-    unsigned int *buf = NULL, size;
a23473
+    unsigned int *buf = NULL;
a23473
     uint8_t *buf_ptr;
a23473
+    EVP_MD *evp;
a23473
 
a23473
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
a23473
-    /* HMAC_CTX_new and HMAC_CTX_free are new in openSSL 1.1.0 */
a23473
-    ctx = HMAC_CTX_new();
a23473
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
a23473
+    unsigned int size;
a23473
+    HMAC_CTX *ctx = HMAC_CTX_new();
a23473
 #else
a23473
-    HMAC_CTX_init(ctx);
a23473
+    size_t size;
a23473
+    EVP_MAC *hmac = EVP_MAC_fetch(NULL, "HMAC", NULL);
a23473
+    EVP_MAC_CTX *ctx = EVP_MAC_CTX_new(hmac);
a23473
 #endif
a23473
 
a23473
     if (!ctx)
a23473
@@ -538,21 +537,33 @@ hmac(
a23473
 
a23473
     buf_ptr = (uint8_t *)buf;
a23473
 
a23473
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
a23473
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
a23473
     rc = HMAC_Init_ex(ctx, key, key_len, evp, NULL);
a23473
 #else
a23473
-    rc = HMAC_Init(ctx, key, key_len, evp);
a23473
-#endif
a23473
+    OSSL_PARAM params[2];
a23473
 
a23473
+    params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_DIGEST,
a23473
+                                                 (char *)EVP_MD_get0_name(evp), 0);
a23473
+    params[1] = OSSL_PARAM_construct_end();
a23473
+    rc = EVP_MAC_init(ctx, key, key_len, params);
a23473
+#endif
a23473
     if (rc != 1)
a23473
         goto out;
a23473
     for (i = 0; buffer_list[i] != 0; i++) {
a23473
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
a23473
         rc = HMAC_Update(ctx, buffer_list[i]->buffer, buffer_list[i]->size);
a23473
+#else
a23473
+        rc = EVP_MAC_update(ctx, buffer_list[i]->buffer, buffer_list[i]->size);
a23473
+#endif
a23473
         if (rc != 1)
a23473
             goto out;
a23473
     }
a23473
     /* buf_ptr has to be 4 bytes alligned for whatever reason */
a23473
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
a23473
     rc = HMAC_Final(ctx, buf_ptr, &size);
a23473
+#else
a23473
+    rc = EVP_MAC_final(ctx, buf_ptr, &size, out->size);
a23473
+#endif
a23473
     if (rc != 1)
a23473
         goto out;
a23473
 
a23473
@@ -561,10 +572,11 @@ hmac(
a23473
     memcpy(out->buffer, buf, out->size);
a23473
 
a23473
 out:
a23473
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
a23473
+#if OPENSSL_VERSION_NUMBER < 0x30000000L
a23473
     HMAC_CTX_free(ctx);
a23473
 #else
a23473
-    HMAC_CTX_cleanup(ctx);
a23473
+    EVP_MAC_CTX_free(ctx);
a23473
+    EVP_MAC_free(hmac);
a23473
 #endif
a23473
 
a23473
     if (buf)
a23473
-- 
a23473
2.26.3
a23473