libressl/0073-evp-add-EVP_PKEY_new_CMAC_key-function.patch

From 87ce8af5f7de65351fd0c7914416539ad091d86b Mon Sep 17 00:00:00 2001
From: Dmitry Baryshkov <dbaryshkov@gmail.com>
Date: Tue, 31 Mar 2020 21:16:51 +0300
Subject: [PATCH 73/87] evp: add EVP_PKEY_new_CMAC_key function

Add a function to initialize EVP_PKEY for CMAC operations. CMAC already
exports necessary pmeths, but it is not possible to use it throught
EVP_PKEY_new_mac_type().

Sponsored by ROSA Linux

Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
---
 src/lib/libcrypto/Symbols.list |  1 +
 src/lib/libcrypto/evp/evp.h    |  3 +++
 src/lib/libcrypto/evp/p_lib.c  | 31 +++++++++++++++++++++++++++++++
 3 files changed, 35 insertions(+)

diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index ec3506131..a1c4a0961 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -1589,6 +1589,7 @@ EVP_PKEY_meth_set_verify_recover
 EVP_PKEY_meth_set_verifyctx
 EVP_PKEY_missing_parameters
 EVP_PKEY_new
+EVP_PKEY_new_CMAC_key
 EVP_PKEY_new_mac_key
 EVP_PKEY_paramgen
 EVP_PKEY_paramgen_init
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index d5b78d8bd..8ec5a5647 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1173,6 +1173,9 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
 EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
     int keylen);
 
+EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+    size_t len, const EVP_CIPHER *cipher);
+
 void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
 void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
 EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index 13a9d65f2..262515247 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -255,6 +255,37 @@ pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
 	return 1;
 }
 
+EVP_PKEY *
+EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
+    size_t len, const EVP_CIPHER *cipher)
+{
+#ifndef OPENSSL_NO_CMAC
+	EVP_PKEY_CTX *mac_ctx = NULL;
+	EVP_PKEY *mac_key = NULL;
+
+	mac_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, e);
+	if (!mac_ctx)
+		return NULL;
+	if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
+		goto merr;
+	if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
+	    EVP_PKEY_CTRL_CIPHER, 0, (void *)cipher) <= 0)
+		goto merr;
+	if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
+	    EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)priv) <= 0)
+		goto merr;
+	if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
+		goto merr;
+
+merr:
+	EVP_PKEY_CTX_free(mac_ctx);
+	return mac_key;
+#else
+	EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+	return NULL;
+#endif
+}
+
 int
 EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
 {
-- 
2.17.1
Add gost-new patches sponsored by ROSA Linux TODO: add tests 2020-08-05 12:55:25 +03:00			`From 87ce8af5f7de65351fd0c7914416539ad091d86b Mon Sep 17 00:00:00 2001`
			`From: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`Date: Tue, 31 Mar 2020 21:16:51 +0300`
			`Subject: [PATCH 73/87] evp: add EVP_PKEY_new_CMAC_key function`

			`Add a function to initialize EVP_PKEY for CMAC operations. CMAC already`
			`exports necessary pmeths, but it is not possible to use it throught`
			`EVP_PKEY_new_mac_type().`

			`Sponsored by ROSA Linux`

			`Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>`
			`---`
			`src/lib/libcrypto/Symbols.list \| 1 +`
			`src/lib/libcrypto/evp/evp.h \| 3 +++`
			`src/lib/libcrypto/evp/p_lib.c \| 31 +++++++++++++++++++++++++++++++`
			`3 files changed, 35 insertions(+)`

			`diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list`
			`index ec3506131..a1c4a0961 100644`
			`--- a/src/lib/libcrypto/Symbols.list`
			`+++ b/src/lib/libcrypto/Symbols.list`
			`@@ -1589,6 +1589,7 @@ EVP_PKEY_meth_set_verify_recover`
			`EVP_PKEY_meth_set_verifyctx`
			`EVP_PKEY_missing_parameters`
			`EVP_PKEY_new`
			`+EVP_PKEY_new_CMAC_key`
			`EVP_PKEY_new_mac_key`
			`EVP_PKEY_paramgen`
			`EVP_PKEY_paramgen_init`
			`diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h`
			`index d5b78d8bd..8ec5a5647 100644`
			`--- a/src/lib/libcrypto/evp/evp.h`
			`+++ b/src/lib/libcrypto/evp/evp.h`
			`@@ -1173,6 +1173,9 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX ctx, int dat, int datlen);`
			`EVP_PKEY EVP_PKEY_new_mac_key(int type, ENGINE e, const unsigned char *key,`
			`int keylen);`

			`+EVP_PKEY EVP_PKEY_new_CMAC_key(ENGINE e, const unsigned char *priv,`
			`+ size_t len, const EVP_CIPHER *cipher);`
			`+`
			`void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX ctx, void data);`
			`void EVP_PKEY_CTX_get_data(EVP_PKEY_CTX ctx);`
			`EVP_PKEY EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX ctx);`
			`diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c`
			`index 13a9d65f2..262515247 100644`
			`--- a/src/lib/libcrypto/evp/p_lib.c`
			`+++ b/src/lib/libcrypto/evp/p_lib.c`
			`@@ -255,6 +255,37 @@ pkey_set_type(EVP_PKEY pkey, int type, const char str, int len)`
			`return 1;`
			`}`

			`+EVP_PKEY *`
			`+EVP_PKEY_new_CMAC_key(ENGINE e, const unsigned char priv,`
			`+ size_t len, const EVP_CIPHER *cipher)`
			`+{`
			`+#ifndef OPENSSL_NO_CMAC`
			`+ EVP_PKEY_CTX *mac_ctx = NULL;`
			`+ EVP_PKEY *mac_key = NULL;`
			`+`
			`+ mac_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, e);`
			`+ if (!mac_ctx)`
			`+ return NULL;`
			`+ if (EVP_PKEY_keygen_init(mac_ctx) <= 0)`
			`+ goto merr;`
			`+ if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,`
			`+ EVP_PKEY_CTRL_CIPHER, 0, (void *)cipher) <= 0)`
			`+ goto merr;`
			`+ if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,`
			`+ EVP_PKEY_CTRL_SET_MAC_KEY, len, (void *)priv) <= 0)`
			`+ goto merr;`
			`+ if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)`
			`+ goto merr;`
			`+`
			`+merr:`
			`+ EVP_PKEY_CTX_free(mac_ctx);`
			`+ return mac_key;`
			`+#else`
			`+ EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);`
			`+ return NULL;`
			`+#endif`
			`+}`
			`+`
			`int`
			`EVP_PKEY_set_type(EVP_PKEY *pkey, int type)`
			`{`
			`--`
			`2.17.1`