Skip to content

Commit d7d6d82

Browse files
simo5simo5
committed
Move HMAC code to OpenSSL EVP API
This effectively drops support for OpenSSL 1.0 Signed-off-by: Simo Sorce <simo@samba.org>
1 parent ea20b62 commit d7d6d82

File tree

1 file changed

+20
-39
lines changed

1 file changed

+20
-39
lines changed

src/crypto.c

Lines changed: 20 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,11 @@
1-
/* Copyright 2013 Simo Sorce <simo@samba.org>, see COPYING for license */
1+
/* Copyright 2013-2022 Simo Sorce <simo@samba.org>, see COPYING for license */
22

33
#include <errno.h>
44
#include <string.h>
55

66
#include <openssl/des.h>
77
#include <openssl/rc4.h>
88
#include <openssl/evp.h>
9-
#include <openssl/hmac.h>
109
#include <openssl/rand.h>
1110
#include <zlib.h>
1211

@@ -18,32 +17,6 @@
1817
# include <openssl/crypto.h>
1918
#endif
2019

21-
#if OPENSSL_VERSION_NUMBER < 0x10100000L
22-
HMAC_CTX *HMAC_CTX_new(void)
23-
{
24-
HMAC_CTX *ctx;
25-
26-
ctx = OPENSSL_malloc(sizeof(HMAC_CTX));
27-
if (!ctx) return NULL;
28-
29-
HMAC_CTX_init(ctx);
30-
31-
return ctx;
32-
}
33-
34-
void HMAC_CTX_free(HMAC_CTX *ctx)
35-
{
36-
if (ctx == NULL) return;
37-
38-
HMAC_CTX_cleanup(ctx);
39-
OPENSSL_free(ctx);
40-
}
41-
42-
#define EVP_MD_CTX_new EVP_MD_CTX_create
43-
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
44-
45-
#endif
46-
4720
int RAND_BUFFER(struct ntlm_buffer *random)
4821
{
4922
int ret;
@@ -59,43 +32,51 @@ int HMAC_MD5_IOV(struct ntlm_buffer *key,
5932
struct ntlm_iov *iov,
6033
struct ntlm_buffer *result)
6134
{
62-
HMAC_CTX *hmac_ctx;
63-
unsigned int len;
35+
EVP_MD_CTX* ctx = NULL;
36+
EVP_PKEY* pkey = NULL;
6437
size_t i;
6538
int ret = 0;
6639

6740
if (result->length != 16) return EINVAL;
6841

69-
hmac_ctx = HMAC_CTX_new();
70-
if (!hmac_ctx) {
42+
pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, key->data, key->length);
43+
if (!pkey) {
7144
ret = ERR_CRYPTO;
7245
goto done;
7346
}
7447

75-
ret = HMAC_Init_ex(hmac_ctx, key->data, key->length, EVP_md5(), NULL);
76-
if (ret == 0) {
48+
ctx = EVP_MD_CTX_new();
49+
if (!ctx) {
50+
ret = ERR_CRYPTO;
51+
goto done;
52+
}
53+
54+
ret = EVP_DigestSignInit(ctx, NULL, EVP_md5(), NULL, pkey);
55+
if (ret != 1) {
7756
ret = ERR_CRYPTO;
7857
goto done;
7958
}
8059

8160
for (i = 0; i < iov->num; i++) {
82-
ret = HMAC_Update(hmac_ctx, iov->data[i]->data, iov->data[i]->length);
83-
if (ret == 0) {
61+
ret = EVP_DigestSignUpdate(ctx, iov->data[i]->data,
62+
iov->data[i]->length);
63+
if (ret != 1) {
8464
ret = ERR_CRYPTO;
8565
goto done;
8666
}
8767
}
8868

89-
ret = HMAC_Final(hmac_ctx, result->data, &len);
90-
if (ret == 0) {
69+
ret = EVP_DigestSignFinal(ctx, result->data, &result->length);
70+
if (ret != 1) {
9171
ret = ERR_CRYPTO;
9272
goto done;
9373
}
9474

9575
ret = 0;
9676

9777
done:
98-
HMAC_CTX_free(hmac_ctx);
78+
EVP_MD_CTX_free(ctx);
79+
EVP_PKEY_free(pkey);
9980
return ret;
10081
}
10182

0 commit comments

Comments
 (0)