diff options
author | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2024-11-12 00:42:29 +0000 |
---|---|---|
committer | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2024-11-12 00:42:29 +0000 |
commit | 3cd505be8c0a0700c9a6e6122081ba798a35ebe2 (patch) | |
tree | 856987a524f063a77b4d6eaf91251a23b5d70cae | |
parent | d3574c97695d538df514c64348c762cdc9698dcc (diff) |
Fix a brainfart that happened to me in 2020:
It is impossible to use EVP_DigestInit_ex(3) for CMAC.
Besides, EVP_PKEY_CTX_new_id(3) does not produce an EVP_MD_CTX object.
Instead, mention the easiest way to actually get the job done
using EVP_PKEY_new_CMAC_key(3) and EVP_DigestSignInit(3).
OK tb@
-rw-r--r-- | lib/libcrypto/man/CMAC_Init.3 | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/lib/libcrypto/man/CMAC_Init.3 b/lib/libcrypto/man/CMAC_Init.3 index 29818be354d..fd32ca085af 100644 --- a/lib/libcrypto/man/CMAC_Init.3 +++ b/lib/libcrypto/man/CMAC_Init.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: CMAC_Init.3,v 1.8 2024/11/08 16:05:09 schwarze Exp $ +.\" $OpenBSD: CMAC_Init.3,v 1.9 2024/11/12 00:42:28 schwarze Exp $ .\" .\" Copyright (c) 2020 Ingo Schwarze <schwarze@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: November 8 2024 $ +.Dd $Mdocdate: November 12 2024 $ .Dt CMAC_INIT 3 .Os .Sh NAME @@ -69,13 +69,11 @@ arbitrary block cipher using a symmetric key. The present manual page describes low-level functions implementing CMAC. Instead of using these functions directly, application programs normally call -.Xr EVP_PKEY_CTX_new_id 3 -with an argument of -.Dv EVP_PKEY_CMAC +.Xr EVP_PKEY_new_CMAC_key 3 and then pass the resulting -.Vt EVP_MD_CTX +.Vt EVP_PKEY object to -.Xr EVP_DigestInit_ex 3 . +.Xr EVP_DigestSignInit 3 . .Pp The CMAC API is object-oriented. Calculating a message authentication code requires a @@ -254,9 +252,9 @@ functions are used internally, entries may still get pushed onto the error stack in some cases of failure. .Sh SEE ALSO .Xr EVP_aes_128_cbc 3 , -.Xr EVP_DigestInit 3 , +.Xr EVP_DigestSignInit 3 , .Xr EVP_EncryptInit 3 , -.Xr EVP_PKEY_CTX_new_id 3 , +.Xr EVP_PKEY_new_CMAC_key 3 , .Xr HMAC 3 .Sh STANDARDS .Rs |