My mistake, it's EVP_MAC_fetch not EVP_MAC_new.
The names are all case insensitive and are documented in the man7 pages:
https://www.openssl.org/docs/man3.0/man7/EVP_MAC-HMAC.html and
https://www.openssl.org/docs/man3.0/man7/EVP_MD-SHA2.html.
The HMAC parameter names and types are also there:
Where does one get the parameter values?
E.g., where would I see the value strings for the EVP_MAC_new algorithm
and the digest parameter values.
I can guess HMAC and SHA256, but are they documented?
Case sensitive? Which is preferred?
You use EVP_MAC_new, which is undocumented. The doc samp
Thanks for that example. It's very helpful! I didn't know about the new
EVP_MAC API (although I see it now in the migration guide). I wrote my
implementation based on
https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying :-)
Tom.III
On Tue, Jul 13, 2021 at 4:07 PM Dr Paul Dale wrote:
>
Please don't do it the PKEY way :)
Your code should look more like:
OSSL_PARAMS params[2];
EVP_MAC *mac = EVP_MAC_new(NULL, "HMAC", NULL);
EVP_MAC_CTX *mac_ctx = EVP_MAC_CTX_new(mac);
EVP_MAC_free(mac); /* Now or later is all good and depends on the
app reusing it or not */
pa
This seems to work for me in 3.0, passing the EVP_MD to
EVP_DigestSignInit():
pkey = EVP_PKEY_new_mac_key()
EVP_DigestSignInit()
EVP_DigestSignUpdate()
EVP_DigestSignUpdate()
.
.
.
EVP_DigestSignFinal()
Regards,
Tom.III
On Tue, Jul 13, 2021 at 11:02 AM Ken Goldman wrote:
> Porting to 3.0 ..
On 7/13/2021 2:50 PM, Matt Caswell wrote:
On 13/07/2021 19:02, Ken Goldman wrote:
Porting to 3.0 ... HMAC_Init_ex() had a place for
the hash algorithm. EVP_MAC_init() does not,
unless it's embedded in the 'params' parameter.
Any advice? Or a sample for doing an
HMAC with 3.0?
If its just
On 13/07/2021 19:02, Ken Goldman wrote:
Porting to 3.0 ... HMAC_Init_ex() had a place for
the hash algorithm. EVP_MAC_init() does not,
unless it's embedded in the 'params' parameter.
Any advice? Or a sample for doing an
HMAC with 3.0?
If its just a straight forward HMAC you want you can
Porting to 3.0 ... HMAC_Init_ex() had a place for
the hash algorithm. EVP_MAC_init() does not,
unless it's embedded in the 'params' parameter.
Any advice? Or a sample for doing an
HMAC with 3.0?
