|
 |
05e1a9 |
From 43ad483907069798920a949a3cc9615cb3156975 Mon Sep 17 00:00:00 2001
|
|
|
05e1a9 |
From: Petr Gotthard <petr.gotthard@centrum.cz>
|
|
|
05e1a9 |
Date: Sat, 7 Aug 2021 11:56:22 +0200
|
|
|
05e1a9 |
Subject: [PATCH 06/17] openssl: Remove unnecesary EVP_CIPHER_CTX and HMAC_CTX
|
|
|
05e1a9 |
wrappers
|
|
|
05e1a9 |
|
|
|
05e1a9 |
Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>
|
|
|
05e1a9 |
---
|
|
|
05e1a9 |
lib/tpm2_identity_util.c | 7 +++++--
|
|
|
05e1a9 |
lib/tpm2_kdfa.c | 4 ++--
|
|
|
05e1a9 |
lib/tpm2_openssl.c | 26 --------------------------
|
|
|
05e1a9 |
lib/tpm2_openssl.h | 31 -------------------------------
|
|
|
05e1a9 |
4 files changed, 7 insertions(+), 61 deletions(-)
|
|
|
05e1a9 |
|
|
|
05e1a9 |
diff --git a/lib/tpm2_identity_util.c b/lib/tpm2_identity_util.c
|
|
|
05e1a9 |
index e11137ab..a268295f 100644
|
|
|
05e1a9 |
--- a/lib/tpm2_identity_util.c
|
|
|
05e1a9 |
+++ b/lib/tpm2_identity_util.c
|
|
|
05e1a9 |
@@ -289,7 +289,10 @@ static bool aes_encrypt_buffers(TPMT_SYM_DEF_OBJECT *sym,
|
|
|
05e1a9 |
return false;
|
|
|
05e1a9 |
}
|
|
|
05e1a9 |
|
|
|
05e1a9 |
- EVP_CIPHER_CTX *ctx = tpm2_openssl_cipher_new();
|
|
|
05e1a9 |
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
|
|
|
05e1a9 |
+ if (!ctx) {
|
|
|
05e1a9 |
+ return false;
|
|
|
05e1a9 |
+ }
|
|
|
05e1a9 |
|
|
|
05e1a9 |
int rc = EVP_EncryptInit_ex(ctx, cipher, NULL, encryption_key, iv);
|
|
|
05e1a9 |
if (!rc) {
|
|
|
05e1a9 |
@@ -336,7 +339,7 @@ static bool aes_encrypt_buffers(TPMT_SYM_DEF_OBJECT *sym,
|
|
|
05e1a9 |
result = true;
|
|
|
05e1a9 |
|
|
|
05e1a9 |
out:
|
|
|
05e1a9 |
- tpm2_openssl_cipher_free(ctx);
|
|
|
05e1a9 |
+ EVP_CIPHER_CTX_free(ctx);
|
|
|
05e1a9 |
|
|
|
05e1a9 |
return result;
|
|
|
05e1a9 |
}
|
|
|
05e1a9 |
diff --git a/lib/tpm2_kdfa.c b/lib/tpm2_kdfa.c
|
|
|
05e1a9 |
index 354516e8..5747b3ca 100644
|
|
|
05e1a9 |
--- a/lib/tpm2_kdfa.c
|
|
|
05e1a9 |
+++ b/lib/tpm2_kdfa.c
|
|
|
05e1a9 |
@@ -40,7 +40,7 @@ TSS2_RC tpm2_kdfa(TPMI_ALG_HASH hash_alg, TPM2B *key, char *label,
|
|
|
05e1a9 |
return TPM2_RC_HASH;
|
|
|
05e1a9 |
}
|
|
|
05e1a9 |
|
|
|
05e1a9 |
- HMAC_CTX *ctx = tpm2_openssl_hmac_new();
|
|
|
05e1a9 |
+ HMAC_CTX *ctx = HMAC_CTX_new();
|
|
|
05e1a9 |
if (!ctx) {
|
|
|
05e1a9 |
LOG_ERR("HMAC context allocation failed");
|
|
|
05e1a9 |
return TPM2_RC_MEMORY;
|
|
|
05e1a9 |
@@ -100,7 +100,7 @@ TSS2_RC tpm2_kdfa(TPMI_ALG_HASH hash_alg, TPM2B *key, char *label,
|
|
|
05e1a9 |
result_key->size = bytes;
|
|
|
05e1a9 |
|
|
|
05e1a9 |
err:
|
|
|
05e1a9 |
- tpm2_openssl_hmac_free(ctx);
|
|
|
05e1a9 |
+ HMAC_CTX_free(ctx);
|
|
|
05e1a9 |
|
|
|
05e1a9 |
return rval;
|
|
|
05e1a9 |
}
|
|
|
05e1a9 |
diff --git a/lib/tpm2_openssl.c b/lib/tpm2_openssl.c
|
|
|
05e1a9 |
index 877d2764..1752525e 100644
|
|
|
05e1a9 |
--- a/lib/tpm2_openssl.c
|
|
|
05e1a9 |
+++ b/lib/tpm2_openssl.c
|
|
|
05e1a9 |
@@ -368,32 +368,6 @@ out:
|
|
|
05e1a9 |
return result;
|
|
|
05e1a9 |
}
|
|
|
05e1a9 |
|
|
|
05e1a9 |
-HMAC_CTX *tpm2_openssl_hmac_new() {
|
|
|
05e1a9 |
- HMAC_CTX *ctx;
|
|
|
05e1a9 |
- ctx = HMAC_CTX_new();
|
|
|
05e1a9 |
- if (!ctx)
|
|
|
05e1a9 |
- return NULL;
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
- return ctx;
|
|
|
05e1a9 |
-}
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
-void tpm2_openssl_hmac_free(HMAC_CTX *ctx) {
|
|
|
05e1a9 |
- HMAC_CTX_free(ctx);
|
|
|
05e1a9 |
-}
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
-EVP_CIPHER_CTX *tpm2_openssl_cipher_new(void) {
|
|
|
05e1a9 |
- EVP_CIPHER_CTX *ctx;
|
|
|
05e1a9 |
- ctx = EVP_CIPHER_CTX_new();
|
|
|
05e1a9 |
- if (!ctx)
|
|
|
05e1a9 |
- return NULL;
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
- return ctx;
|
|
|
05e1a9 |
-}
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
-void tpm2_openssl_cipher_free(EVP_CIPHER_CTX *ctx) {
|
|
|
05e1a9 |
- EVP_CIPHER_CTX_free(ctx);
|
|
|
05e1a9 |
-}
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
digester tpm2_openssl_halg_to_digester(TPMI_ALG_HASH halg) {
|
|
|
05e1a9 |
|
|
|
05e1a9 |
switch (halg) {
|
|
|
05e1a9 |
diff --git a/lib/tpm2_openssl.h b/lib/tpm2_openssl.h
|
|
|
05e1a9 |
index 8e3e0c17..642e4635 100644
|
|
|
05e1a9 |
--- a/lib/tpm2_openssl.h
|
|
|
05e1a9 |
+++ b/lib/tpm2_openssl.h
|
|
|
05e1a9 |
@@ -67,20 +67,6 @@ int tpm2_openssl_halgid_from_tpmhalg(TPMI_ALG_HASH algorithm);
|
|
|
05e1a9 |
*/
|
|
|
05e1a9 |
const EVP_MD *tpm2_openssl_halg_from_tpmhalg(TPMI_ALG_HASH algorithm);
|
|
|
05e1a9 |
|
|
|
05e1a9 |
-/**
|
|
|
05e1a9 |
- * Start an openssl hmac session.
|
|
|
05e1a9 |
- * @return
|
|
|
05e1a9 |
- * A valid session pointer or NULL on error.
|
|
|
05e1a9 |
- */
|
|
|
05e1a9 |
-HMAC_CTX *tpm2_openssl_hmac_new();
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
-/**
|
|
|
05e1a9 |
- * Free an hmac context created via tpm2_openssl_hmac_new().
|
|
|
05e1a9 |
- * @param ctx
|
|
|
05e1a9 |
- * The context to release resources of.
|
|
|
05e1a9 |
- */
|
|
|
05e1a9 |
-void tpm2_openssl_hmac_free(HMAC_CTX *ctx);
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
/**
|
|
|
05e1a9 |
* Hash a byte buffer.
|
|
|
05e1a9 |
* @param halg
|
|
|
05e1a9 |
@@ -161,23 +147,6 @@ bool tpm2_openssl_hash_pcr_banks_le(TPMI_ALG_HASH hashAlg,
|
|
|
05e1a9 |
bool tpm2_openssl_pcr_extend(TPMI_ALG_HASH halg, BYTE *pcr,
|
|
|
05e1a9 |
const BYTE *data, UINT16 length);
|
|
|
05e1a9 |
|
|
|
05e1a9 |
-/**
|
|
|
05e1a9 |
- * Obtains an OpenSSL EVP_CIPHER_CTX dealing with version
|
|
|
05e1a9 |
- * API changes in OSSL.
|
|
|
05e1a9 |
- *
|
|
|
05e1a9 |
- * @return
|
|
|
05e1a9 |
- * An Initialized OpenSSL EVP_CIPHER_CTX.
|
|
|
05e1a9 |
- */
|
|
|
05e1a9 |
-EVP_CIPHER_CTX *tpm2_openssl_cipher_new(void);
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
-/**
|
|
|
05e1a9 |
- * Free's an EVP_CIPHER_CTX obtained via tpm2_openssl_cipher_new()
|
|
|
05e1a9 |
- * dealing with OSSL API version changes.
|
|
|
05e1a9 |
- * @param ctx
|
|
|
05e1a9 |
- * The EVP_CIPHER_CTX to free.
|
|
|
05e1a9 |
- */
|
|
|
05e1a9 |
-void tpm2_openssl_cipher_free(EVP_CIPHER_CTX *ctx);
|
|
|
05e1a9 |
-
|
|
|
05e1a9 |
/**
|
|
|
05e1a9 |
* Returns a function pointer capable of performing the
|
|
|
05e1a9 |
* given digest from a TPMI_HASH_ALG.
|
|
|
05e1a9 |
--
|
|
|
05e1a9 |
2.31.1
|
|
|
05e1a9 |
|