EVP_PKEY_new_raw_private_key() vs EVP_PKEY_new_mac_key() ?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

EVP_PKEY_new_raw_private_key() vs EVP_PKEY_new_mac_key() ?

Thomas Dwyer III
Are EVP_PKEY_new_raw_private_key() and EVP_PKEY_new_mac_key() functionally equivalent? They have very different implementations internally but appear to produce identical results when used with EVP_DigestSignInit() and key type EVP_PKEY_HMAC. The documentation says "works like" but it's not clear whether that really means "equivalent". I'm trying to write portable (openssl version agnostic) HMAC functions and I'm concerned about the note that says "New applications should use EVP_PKEY_new_raw_private_key() instead" when that doesn't exist prior to 1.1.1. Is this the recommended solution?

#if OPENSSL_VERSION_NUMBER < 0x10101000L
    EVP_PKEY *pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, ...);
#else
    EVP_PKEY *pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, ...);
#endif


Thanks,
Tom.III

Reply | Threaded
Open this post in threaded view
|

Re: EVP_PKEY_new_raw_private_key() vs EVP_PKEY_new_mac_key() ?

Matt Caswell-2


On 14/05/2020 22:21, Thomas Dwyer III wrote:

> Are EVP_PKEY_new_raw_private_key() and EVP_PKEY_new_mac_key()
> functionally equivalent? They have very different implementations
> internally but appear to produce identical results when used with
> EVP_DigestSignInit() and key type EVP_PKEY_HMAC. The documentation says
> "works like" but it's not clear whether that really means "equivalent".
> I'm trying to write portable (openssl version agnostic) HMAC functions
> and I'm concerned about the note that says "New applications should use
> EVP_PKEY_new_raw_private_key() instead" when that doesn't exist prior to
> 1.1.1. Is this the recommended solution?
>
> #if OPENSSL_VERSION_NUMBER < 0x10101000L
>     EVP_PKEY *pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, ...);
> #else
>     EVP_PKEY *pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, ...);
> #endif

As you note the implementations are very different.
EVP_PKEY_new_raw_private_key() is the preferred approach (its much
simpler internally) and also works for other things that are not MACs
(e.g. X25519, X448).

The two should however be functionally equivalent.

Your proposed solution is fine. My guess is that at some point in the
future EVP_PKEY_new_mac_key() will be deprecated - but it hasn't been in
1.1.1, and nor has it so far in 3.0. So you *could* choose to just use
EVP_PKEY_new_mac_key().

Matt