6868#define _CRYPT_HASH_C_
6969#include "Tpm.h"
7070#include "CryptSym.h"
71+ #if OPENSSL_VERSION_NUMBER >= 0x30000000L
72+ #include "Helpers_fp.h"
73+ #endif
7174#if ALG_CMAC
7275 /* 10.2.6.3 Functions */
7376 /* 10.2.6.3.1 CryptCmacStart() */
@@ -118,6 +121,7 @@ CryptCmacData(
118121 TPM_ALG_ID algorithm = cmacState -> symAlg ;
119122 BYTE * key = cmacState -> symKey .t .buffer ;
120123 UINT16 keySizeInBits = cmacState -> keySizeBits ;
124+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
121125 tpmCryptKeySchedule_t keySchedule ;
122126 TpmCryptSetSymKeyCall_t encrypt ;
123127 TpmCryptSymFinal_t final ; /* libtpms added */
@@ -130,11 +134,37 @@ CryptCmacData(
130134 default :
131135 FAIL (FATAL_ERROR_INTERNAL );
132136 }
137+ #else
138+ evpfunc evpfn ;
139+ const EVP_CIPHER * evp_cipher ;
140+ BYTE keyToUse [MAX_SYM_KEY_BYTES ];
141+ UINT16 keyToUseLen = (UINT16 )sizeof (keyToUse );
142+ EVP_CIPHER_CTX * ctx ;
143+ BYTE out [MAX_SYM_BLOCK_SIZE ];
144+ int inl ;
145+
146+ evpfn = GetEVPCipher (algorithm , keySizeInBits , TPM_ALG_ECB , key ,
147+ keyToUse , & keyToUseLen );
148+
149+ if (!evpfn ||
150+ (evp_cipher = evpfn ()) == NULL ||
151+ (ctx = EVP_CIPHER_CTX_new ()) == NULL ||
152+ (inl = EVP_CIPHER_get_block_size (evpfn ())) <= 0 )
153+ pAssert (false);
154+ #endif
155+
133156 while (size > 0 )
134157 {
135158 if (cmacState -> bcount == cmacState -> iv .t .size )
136159 {
160+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
137161 ENCRYPT (& keySchedule , cmacState -> iv .t .buffer , cmacState -> iv .t .buffer );
162+ #else
163+ if (DoEVPCryptOneBlock (ctx , evp_cipher , keyToUse , cmacState -> iv .t .buffer ,
164+ inl , out , TRUE))
165+ pAssert (false);
166+ memcpy (cmacState -> iv .t .buffer , out , inl );
167+ #endif
138168 cmacState -> bcount = 0 ;
139169 }
140170 for (;(size > 0 ) && (cmacState -> bcount < cmacState -> iv .t .size );
@@ -143,8 +173,12 @@ CryptCmacData(
143173 cmacState -> iv .t .buffer [cmacState -> bcount ] ^= * buffer ++ ;
144174 }
145175 }
176+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
146177 if (final ) // libtpms added begin
147178 FINAL (& keySchedule ); // libtpms added end
179+ #else
180+ EVP_CIPHER_CTX_free (ctx );
181+ #endif
148182}
149183
150184/* 10.2.6.3.3 CryptCmacEnd() */
@@ -163,24 +197,52 @@ CryptCmacEnd(
163197 TPM_ALG_ID algorithm = cState -> symAlg ;
164198 BYTE * key = cState -> symKey .t .buffer ;
165199 UINT16 keySizeInBits = cState -> keySizeBits ;
200+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
166201 tpmCryptKeySchedule_t keySchedule ;
167202 TpmCryptSetSymKeyCall_t encrypt ;
168203 TpmCryptSymFinal_t final ; // libtpms added
204+ #else
205+ evpfunc evpfn ;
206+ const EVP_CIPHER * evp_cipher ;
207+ BYTE keyToUse [MAX_SYM_KEY_BYTES ];
208+ UINT16 keyToUseLen = (UINT16 )sizeof (keyToUse );
209+ EVP_CIPHER_CTX * ctx ;
210+ BYTE out [MAX_SYM_BLOCK_SIZE ];
211+ int inl ;
212+ #endif
169213 TPM2B_IV subkey = {{0 , {0 }}};
170214 BOOL xorVal ;
171215 UINT16 i ;
216+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
172217 memset (& keySchedule , 0 , sizeof (keySchedule )); /* libtpms added: coverity */
218+ #endif
173219
174220 subkey .t .size = cState -> iv .t .size ;
175221 // Encrypt a block of zero
176222 // Set up the encryption values based on the algorithm
223+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
177224 switch (algorithm )
178225 {
179226 FOR_EACH_SYM (ENCRYPT_CASE )
180227 default :
181228 return 0 ;
182229 }
183230 ENCRYPT (& keySchedule , subkey .t .buffer , subkey .t .buffer );
231+ #else
232+ evpfn = GetEVPCipher (algorithm , keySizeInBits , TPM_ALG_ECB , key ,
233+ keyToUse , & keyToUseLen );
234+
235+ if (!evpfn ||
236+ (evp_cipher = evpfn ()) == NULL ||
237+ (ctx = EVP_CIPHER_CTX_new ()) == NULL ||
238+ (inl = EVP_CIPHER_get_block_size (evp_cipher )) <= 0 )
239+ pAssert (false);
240+
241+ if (DoEVPCryptOneBlock (ctx , evp_cipher , keyToUse , subkey .t .buffer , inl ,
242+ out , TRUE))
243+ pAssert (false);
244+ memcpy (subkey .t .buffer , out , inl );
245+ #endif
184246
185247 // shift left by 1 and XOR with 0x0...87 if the MSb was 0
186248 xorVal = ((subkey .t .buffer [0 ] & 0x80 ) == 0 ) ? 0 : 0x87 ;
@@ -204,12 +266,23 @@ CryptCmacEnd(
204266 // XOR the subkey into the IV
205267 for (i = 0 ; i < subkey .t .size ; i ++ )
206268 cState -> iv .t .buffer [i ] ^= subkey .t .buffer [i ];
269+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
207270 ENCRYPT (& keySchedule , cState -> iv .t .buffer , cState -> iv .t .buffer );
271+ #else
272+ if (DoEVPCryptOneBlock (ctx , evp_cipher , keyToUse , cState -> iv .t .buffer , inl ,
273+ out , TRUE))
274+ pAssert (false);
275+ memcpy (cState -> iv .t .buffer , out , inl );
276+ #endif
208277 i = (UINT16 )MIN (cState -> iv .t .size , outSize );
209278 MemoryCopy (outBuffer , cState -> iv .t .buffer , i );
210279
280+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
211281 if (final ) // libtpms added begin
212282 FINAL (& keySchedule ); // libtpms added end
283+ #else
284+ EVP_CIPHER_CTX_free (ctx );
285+ #endif
213286 return i ;
214287}
215288
0 commit comments