crypto: Use new mac_nif for hmac, cmac and poly1305

9 files changed, 21 insertions, 324 deletions

diff --git a/lib/crypto/c_src/Makefile.in b/lib/crypto/c_src/Makefile.in
index 35ded001d6..6e173f8619 100644
--- a/lib/crypto/c_src/Makefile.in
+++ b/lib/crypto/c_src/Makefile.in
@@ -79,7 +79,6 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \
 	$(OBJDIR)/atoms$(TYPEMARKER).o \
 	$(OBJDIR)/bn$(TYPEMARKER).o \
 	$(OBJDIR)/cipher$(TYPEMARKER).o \
-	$(OBJDIR)/cmac$(TYPEMARKER).o \
 	$(OBJDIR)/dh$(TYPEMARKER).o \
 	$(OBJDIR)/digest$(TYPEMARKER).o \
 	$(OBJDIR)/dss$(TYPEMARKER).o \
@@ -95,7 +94,6 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \
 	$(OBJDIR)/mac$(TYPEMARKER).o \
 	$(OBJDIR)/math$(TYPEMARKER).o \
 	$(OBJDIR)/pkey$(TYPEMARKER).o \
-	$(OBJDIR)/poly1305$(TYPEMARKER).o \
 	$(OBJDIR)/rand$(TYPEMARKER).o \
 	$(OBJDIR)/rsa$(TYPEMARKER).o \
 	$(OBJDIR)/srp$(TYPEMARKER).o
diff --git a/lib/crypto/c_src/cmac.c b/lib/crypto/c_src/cmac.c
deleted file mode 100644
index 49e67ccf29..0000000000
--- a/lib/crypto/c_src/cmac.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#include "cmac.h"
-#include "cipher.h"
-
-ERL_NIF_TERM cmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Type, Key, Data) */
-#if defined(HAVE_CMAC)
-    const struct cipher_type_t *cipherp;
-    const EVP_CIPHER     *cipher;
-    CMAC_CTX             *ctx = NULL;
-    ErlNifBinary         key;
-    ErlNifBinary         data;
-    ERL_NIF_TERM         ret;
-    size_t               ret_size;
-    unsigned char       *outp;
-    int                  cipher_len;
-
-    ASSERT(argc == 3);
-
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &key))
-        goto bad_arg;
-    if ((cipherp = get_cipher_type(argv[0], key.size)) == NULL)
-        goto bad_arg;
-    if (cipherp->flags & (NON_EVP_CIPHER | AEAD_CIPHER))
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[2], &data))
-        goto bad_arg;
-
-    if (FORBIDDEN_IN_FIPS(cipherp))
-        return enif_raise_exception(env, atom_notsup);
-    if ((cipher = cipherp->cipher.p) == NULL)
-        return enif_raise_exception(env, atom_notsup);
-
-    if ((ctx = CMAC_CTX_new()) == NULL)
-        goto err;
-    if (!CMAC_Init(ctx, key.data, key.size, cipher, NULL))
-        goto err;
-    if (!CMAC_Update(ctx, data.data, data.size))
-        goto err;
-    if ((cipher_len = EVP_CIPHER_block_size(cipher)) < 0)
-        goto err;
-    if ((outp = enif_make_new_binary(env, (size_t)cipher_len, &ret)) == NULL)
-        goto err;
-    if (!CMAC_Final(ctx, outp, &ret_size))
-        goto err;
-
-    ASSERT(ret_size == (unsigned)EVP_CIPHER_block_size(cipher));
-    CONSUME_REDS(env, data);
-    goto done;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    ret = atom_notsup;
-
- done:
-    if (ctx)
-        CMAC_CTX_free(ctx);
-    return ret;
-
-#else
-    /* The CMAC functionality was introduced in OpenSSL 1.0.1
-     * Although OTP requires at least version 0.9.8, the versions 0.9.8 and 1.0.0 are
-     * no longer maintained. */
-    return atom_notsup;
-#endif
-}
-
diff --git a/lib/crypto/c_src/cmac.h b/lib/crypto/c_src/cmac.h
deleted file mode 100644
index 14488def58..0000000000
--- a/lib/crypto/c_src/cmac.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#ifndef E_CMAC_H__
-#define E_CMAC_H__ 1
-
-#include "common.h"
-
-ERL_NIF_TERM cmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-
-#endif /* E_CMAC_H__ */
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 7cdc95a841..ab6907f828 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -31,7 +31,6 @@
 #include "api_ng.h"
 #include "bn.h"
 #include "cipher.h"
-#include "cmac.h"
 #include "mac.h"
 #include "dh.h"
 #include "digest.h"
@@ -47,7 +46,6 @@
 #include "info.h"
 #include "math.h"
 #include "pkey.h"
-#include "poly1305.h"
 #include "rand.h"
 #include "rsa.h"
 #include "srp.h"
@@ -75,13 +73,10 @@ static ErlNifFunc nif_funcs[] = {
     {"hash_init_nif", 1, hash_init_nif, 0},
     {"hash_update_nif", 2, hash_update_nif, 0},
     {"hash_final_nif", 1, hash_final_nif, 0},
-    {"hmac_nif", 3, hmac_nif, 0},
-    {"hmac_nif", 4, hmac_nif, 0},
     {"hmac_init_nif", 2, hmac_init_nif, 0},
     {"hmac_update_nif", 2, hmac_update_nif, 0},
     {"hmac_final_nif", 1, hmac_final_nif, 0},
     {"hmac_final_nif", 2, hmac_final_nif, 0},
-    {"cmac_nif", 3, cmac_nif, 0},
     {"mac_nif", 4, mac_nif, 0},
     {"cipher_info_nif", 1, cipher_info_nif, 0},
     {"aes_ige_crypt_nif", 4, aes_ige_crypt_nif, 0},
@@ -114,8 +109,6 @@ static ErlNifFunc nif_funcs[] = {
 
     {"aead_cipher", 7, aead_cipher, 0},
 
-    {"poly1305_nif", 2, poly1305_nif, 0},
-
     {"engine_by_id_nif", 1, engine_by_id_nif, 0},
     {"engine_init_nif", 1, engine_init_nif, 0},
     {"engine_finish_nif", 1, engine_finish_nif, 0},
diff --git a/lib/crypto/c_src/hmac.c b/lib/crypto/c_src/hmac.c
index ff7005d75e..060ad6230f 100644
--- a/lib/crypto/c_src/hmac.c
+++ b/lib/crypto/c_src/hmac.c
@@ -47,61 +47,6 @@ int init_hmac_ctx(ErlNifEnv *env) {
     return 0;
 }
 
-ERL_NIF_TERM hmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Type, Key, Data) or (Type, Key, Data, MacSize) */
-    struct digest_type_t *digp = NULL;
-    ErlNifBinary         key, data;
-    unsigned char        buff[EVP_MAX_MD_SIZE];
-    unsigned             size = 0, req_size = 0;
-    ERL_NIF_TERM         ret;
-    unsigned char        *outp;
-
-    ASSERT(argc == 3 || argc == 4);
-
-    if ((digp = get_digest_type(argv[0])) == NULL)
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &key))
-        goto bad_arg;
-    if (key.size > INT_MAX)
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[2], &data))
-        goto bad_arg;
-    if (argc == 4) {
-        if (!enif_get_uint(env, argv[3], &req_size))
-            goto bad_arg;
-    }
-
-    if (digp->md.p == NULL)
-        goto err;
-    if (HMAC(digp->md.p,
-             key.data, (int)key.size,
-             data.data, data.size,
-             buff, &size) == NULL)
-        goto err;
-
-    ASSERT(0 < size && size <= EVP_MAX_MD_SIZE);
-    CONSUME_REDS(env, data);
-
-    if (argc == 4) {
-        if (req_size > size)
-            goto bad_arg;
-
-        size = req_size;
-    }
-
-    if ((outp = enif_make_new_binary(env, size, &ret)) == NULL)
-        goto err;
-
-    memcpy(outp, buff, size);
-    return ret;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    return atom_notsup;
-}
-
 static void hmac_context_dtor(ErlNifEnv* env, struct hmac_context *obj)
 {
     if (obj == NULL)
diff --git a/lib/crypto/c_src/hmac.h b/lib/crypto/c_src/hmac.h
index 1f0e0ca632..01c6d3d226 100644
--- a/lib/crypto/c_src/hmac.h
+++ b/lib/crypto/c_src/hmac.h
@@ -25,7 +25,6 @@
 
 int init_hmac_ctx(ErlNifEnv *env);
 
-ERL_NIF_TERM hmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM hmac_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM hmac_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM hmac_final_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
diff --git a/lib/crypto/c_src/poly1305.c b/lib/crypto/c_src/poly1305.c
deleted file mode 100644
index 76579c0a29..0000000000
--- a/lib/crypto/c_src/poly1305.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#include "poly1305.h"
-
-/* For OpenSSL >= 1.1.1 the hmac_nif and cmac_nif could be integrated into poly1305 (with 'type' as parameter) */
-ERL_NIF_TERM poly1305_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Key, Text) */
-#ifdef HAVE_POLY1305
-    ErlNifBinary key_bin, text, ret_bin;
-    ERL_NIF_TERM ret;
-    EVP_PKEY *key = NULL;
-    EVP_MD_CTX *mctx = NULL;
-    EVP_PKEY_CTX *pctx = NULL;
-    const EVP_MD *md = NULL;
-    size_t size;
-    int ret_bin_alloc = 0;
-
-    ASSERT(argc == 2);
-
-    if (!enif_inspect_binary(env, argv[0], &key_bin))
-        goto bad_arg;
-    if (key_bin.size != 32)
-        goto bad_arg;
-    if (!enif_inspect_binary(env, argv[1], &text))
-        goto bad_arg;
-
-    if ((key = EVP_PKEY_new_raw_private_key(EVP_PKEY_POLY1305, /*engine*/ NULL, key_bin.data,  key_bin.size)) == NULL)
-        goto err;
-
-    if ((mctx = EVP_MD_CTX_new()) == NULL)
-        goto err;
-    if (EVP_DigestSignInit(mctx, &pctx, md, /*engine*/ NULL, key) != 1)
-        goto err;
-    if (EVP_DigestSignUpdate(mctx, text.data, text.size) != 1)
-        goto err;
-
-    if (EVP_DigestSignFinal(mctx, NULL, &size) != 1)
-        goto err;
-    if (!enif_alloc_binary(size, &ret_bin))
-        goto err;
-    ret_bin_alloc = 1;
-    if (EVP_DigestSignFinal(mctx, ret_bin.data, &size) != 1)
-        goto err;
-
-    if (size != ret_bin.size) {
-        if (!enif_realloc_binary(&ret_bin, size))
-            goto err;
-    }
-
-    ret = enif_make_binary(env, &ret_bin);
-    ret_bin_alloc = 0;
-    goto done;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    if (ret_bin_alloc)
-        enif_release_binary(&ret_bin);
-    ret = atom_error;
-
- done:
-    if (mctx)
-        EVP_MD_CTX_free(mctx);
-    if (key)
-        EVP_PKEY_free(key);
-    return ret;
-
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}
diff --git a/lib/crypto/c_src/poly1305.h b/lib/crypto/c_src/poly1305.h
deleted file mode 100644
index 4bf45e6218..0000000000
--- a/lib/crypto/c_src/poly1305.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#ifndef E_POLY1305_H__
-#define E_POLY1305_H__ 1
-
-#include "common.h"
-
-ERL_NIF_TERM poly1305_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-
-#endif /* E_POLY1305_H__ */
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index fd4b9df5e0..d2a5786be8 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -458,6 +458,19 @@
 
 
 %%--------------------------------------------------------------------
+%%
+%% Make the new descriptive_error() look like the old run_time_error()
+%%
+-define(COMPAT(CALL),
+        try begin CALL end
+        catch
+            error:{error, {_File,_Line}, _Reason} ->
+                error(badarg);
+            error:{E, {_File,_Line}, _Reason} when E==notsup ; E==badarg ->
+                error(E)
+        end).
+
+%%--------------------------------------------------------------------
 -compile(no_native).
 -on_load(on_load/0).
 -define(CRYPTO_NIF_VSN,302).
@@ -685,7 +698,7 @@ hmac_final_n(Context, HashLen) ->
                            Data :: iodata(),
                            Mac :: binary().
 cmac(Type, Key, Data) ->
-    notsup_to_error(cmac_nif(alias(Type), Key, Data)).
+    ?COMPAT(mac(cmac, alias(Type), Key, Data)).
 
 -spec cmac(Type, Key, Data, MacLength) ->
                   Mac when Type :: ?CMAC_CIPHER_ALGORITHM,
@@ -702,7 +715,7 @@ cmac(Type, Key, Data, MacLength) ->
 -spec poly1305(iodata(), iodata()) -> Mac when Mac ::  binary().
 
 poly1305(Key, Data) ->
-    poly1305_nif(Key, Data).
+    ?COMPAT( mac(poly1305, Key, Data) ).
 
 %%%================================================================
 %%%
@@ -710,15 +723,6 @@ poly1305(Key, Data) ->
 %%%
 %%%================================================================
 
--define(COMPAT(CALL),
-        try begin CALL end
-        catch
-            error:{error, {_File,_Line}, _Reason} ->
-                error(badarg);
-            error:{E, {_File,_Line}, _Reason} when E==notsup ; E==badarg ->
-                error(E)
-        end).
-
 %%%---- Cipher info
 %%%----------------------------------------------------------------
 -spec cipher_info(Type) -> Result | run_time_error()
@@ -2259,11 +2263,12 @@ hash_final_nif(_State) -> ?nif_stub.
 %% HMAC --------------------------------------------------------------------
 
 hmac(Type, Key, Data, MacSize, Size, MaxBytes) when Size =< MaxBytes ->
-    notsup_to_error(
-    case MacSize of
-          undefined -> hmac_nif(Type, Key, Data);
-          _         -> hmac_nif(Type, Key, Data, MacSize)
-      end);
+    ?COMPAT(
+       case MacSize of
+           undefined -> mac(hmac, Type, Key, Data);
+           _         -> mac(hmac, Type, Key, Data, MacSize)
+       end
+      );
 hmac(Type, Key, Data, MacSize, Size, MaxBytes) ->
     State0 = hmac_init(Type, Key),
     State1 = hmac_update(State0, Data, Size, MaxBytes),
@@ -2279,20 +2284,11 @@ hmac_update(State0, Data, _, MaxBytes) ->
     State = notsup_to_error(hmac_update_nif(State0, Increment)),
     hmac_update(State, Rest, erlang:byte_size(Rest), MaxBytes).
 
-hmac_nif(_Type, _Key, _Data) -> ?nif_stub.
-hmac_nif(_Type, _Key, _Data, _MacSize) -> ?nif_stub.
 hmac_init_nif(_Type, _Key) -> ?nif_stub.
 hmac_update_nif(_Context, _Data) -> ?nif_stub.
 hmac_final_nif(_Context) -> ?nif_stub.
 hmac_final_nif(_Context, _MacSize) -> ?nif_stub.
 
-%% CMAC
-cmac_nif(_Type, _Key, _Data) -> ?nif_stub.
-
-%% POLY1305
-poly1305_nif(_Key, _Data) -> ?nif_stub.
-
-
 %% CIPHERS --------------------------------------------------------------------
 
 cipher_info_nif(_Type) -> ?nif_stub.