PKEY for CMAC: operation not supported for this keytype.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I can't get CMAC to work via PKEY.  I get the same error on 1.1.1g and 3.0.0

I'm using a cipher that works with the CMAC interface.

Can anybody see what I'm missing?

/* hack to demonstrate pkey troubles */

/* build with:
 * cc -Wall -I/usr/local/ssl/include \
 *     -L/usr/local/ssl/lib -lcrypto -o pkey pkey.c
 */

#include <stdio.h>

#include <openssl/opensslv.h>
#include <openssl/err.h>
#include <openssl/evp.h>

int main(int argc, char *argv[])
{

    const unsigned char key[16];
    const EVP_CIPHER *cipher;
    EVP_PKEY *pkey;
    EVP_PKEY_CTX *ctx;

    printf("Build: %lx, %s\n", \
        OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT);
    printf("Run:   %lx, %s\n", \
        OpenSSL_version_num(), OpenSSL_version(OPENSSL_VERSION));

    cipher = EVP_aes_128_cbc();

    pkey = EVP_PKEY_new_CMAC_key(NULL, key, sizeof(key), cipher);
    if (NULL == pkey) {
        unsigned long err = ERR_get_error();
        char * str = ERR_error_string(err, NULL);
        printf("## Oops, EVP_PKEY_new_CMAC_key() failed:\n    %s.\n", str);
        return 1;
    }

    ctx = EVP_PKEY_CTX_new(pkey, NULL);
    if (NULL == ctx) {
        unsigned long err = ERR_get_error();
        char * str = ERR_error_string(err, NULL);
        printf("## Oops, EVP_PKEY_CTX_new() failed:\n    %s.\n", str);
        return 1;
    }

    if (1 != EVP_PKEY_sign_init(ctx)) {
        unsigned long err = ERR_get_error();
        char * str = ERR_error_string(err, NULL);
        printf("## Oops, EVP_PKEY_sign_init() failed:\n    %s.\n", str);
        return 1;
    }

    /* More here when we get that far. */

    return 0;
}

-- 
These are my opinions.  I hate spam.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux