summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIngo Schwarze <schwarze@cvs.openbsd.org>2024-11-12 00:42:29 +0000
committerIngo Schwarze <schwarze@cvs.openbsd.org>2024-11-12 00:42:29 +0000
commit3cd505be8c0a0700c9a6e6122081ba798a35ebe2 (patch)
tree856987a524f063a77b4d6eaf91251a23b5d70cae
parentd3574c97695d538df514c64348c762cdc9698dcc (diff)
Fix a brainfart that happened to me in 2020:
It is impossible to use EVP_DigestInit_ex(3) for CMAC. Besides, EVP_PKEY_CTX_new_id(3) does not produce an EVP_MD_CTX object. Instead, mention the easiest way to actually get the job done using EVP_PKEY_new_CMAC_key(3) and EVP_DigestSignInit(3). OK tb@
-rw-r--r--lib/libcrypto/man/CMAC_Init.316
1 files changed, 7 insertions, 9 deletions
diff --git a/lib/libcrypto/man/CMAC_Init.3 b/lib/libcrypto/man/CMAC_Init.3
index 29818be354d..fd32ca085af 100644
--- a/lib/libcrypto/man/CMAC_Init.3
+++ b/lib/libcrypto/man/CMAC_Init.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: CMAC_Init.3,v 1.8 2024/11/08 16:05:09 schwarze Exp $
+.\" $OpenBSD: CMAC_Init.3,v 1.9 2024/11/12 00:42:28 schwarze Exp $
.\"
.\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org>
.\"
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: November 8 2024 $
+.Dd $Mdocdate: November 12 2024 $
.Dt CMAC_INIT 3
.Os
.Sh NAME
@@ -69,13 +69,11 @@ arbitrary block cipher using a symmetric key.
The present manual page describes low-level functions implementing CMAC.
Instead of using these functions directly,
application programs normally call
-.Xr EVP_PKEY_CTX_new_id 3
-with an argument of
-.Dv EVP_PKEY_CMAC
+.Xr EVP_PKEY_new_CMAC_key 3
and then pass the resulting
-.Vt EVP_MD_CTX
+.Vt EVP_PKEY
object to
-.Xr EVP_DigestInit_ex 3 .
+.Xr EVP_DigestSignInit 3 .
.Pp
The CMAC API is object-oriented.
Calculating a message authentication code requires a
@@ -254,9 +252,9 @@ functions are used internally, entries may still get pushed onto
the error stack in some cases of failure.
.Sh SEE ALSO
.Xr EVP_aes_128_cbc 3 ,
-.Xr EVP_DigestInit 3 ,
+.Xr EVP_DigestSignInit 3 ,
.Xr EVP_EncryptInit 3 ,
-.Xr EVP_PKEY_CTX_new_id 3 ,
+.Xr EVP_PKEY_new_CMAC_key 3 ,
.Xr HMAC 3
.Sh STANDARDS
.Rs