[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-users
Subject:    Re: Cleaning up usage of CMAC_xxx
From:       Hal Murray <hmurray () megapathdsl ! net>
Date:       2020-06-12 20:41:53
Message-ID: 20200612204153.7159740605C () ip-64-139-1-69 ! sjc ! megapath ! net
[Download RAW message or body]

Thanks.

> and a CMAC key using the function EVP_PKEY_new_CMAC_key():

That's the step I was missing.  Right in front of my eyes.

I'm still missing something though.

Does this look reasonable: 
    cipher = EVP_aes_128_cbc();
    pkey = EVP_PKEY_new_CMAC_key(NULL, key, keylength, cipher);
    ctx = EVP_PKEY_CTX_new(pkey, NULL);
    EVP_PKEY_sign_init(ctx);
The last step dies with:
  error:0608D096:digital envelope routines:EVP_PKEY_sign_init:operation not 
supported for this keytype.

[It will probably be obvious after somebody points me in the right direction.]

That cipher work with CMAC.


-- 
These are my opinions.  I hate spam.



[prev in list] [next in list] [prev in thread] [next in thread]