Merge pull request #136 from thalesmg/fix-drop-crypto-hmac4

fix: drop direct `crypt:hmac/4` usage
potatosalad · Dec 15, 2022 · 4dd5bc9 · 4dd5bc9
2 parents 0571b87 + ad1dc73
commit 4dd5bc9
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 6 deletions.
diff --git a/src/jose_crypto_compat.erl b/src/jose_crypto_compat.erl
@@ -18,6 +18,7 @@
 -export([crypto_update_encrypt/2]).
 -export([mac/3]).
 -export([mac/4]).
+-export([mac/5]).
 
 %%====================================================================
 %% API functions
@@ -48,6 +49,9 @@ mac(Type, Key, Data) ->
 mac(Type, SubType, Key, Data) ->
     crypto:mac(Type, SubType, Key, Data).
 
+mac(Type, SubType, Key, Data, MacLength) ->
+    crypto:macN(Type, SubType, Key, Data, MacLength).
+
 -else. %% "Old API" for OTP 22 and earlier
 
 crypto_init(Cipher, Key, IV, _FlagOrOptions) ->
@@ -72,6 +76,9 @@ mac(poly1305, Key, Data) ->
 mac(hmac, SubType, Key, Data) ->
     crypto:hmac(SubType, Key, Data).
 
+mac(hmac, SubType, Key, Data, MacLength) ->
+    crypto:hmac(SubType, Key, Data, MacLength).
+
 -endif.
 
 %%%-------------------------------------------------------------------

diff --git a/src/jose_public_key.erl b/src/jose_public_key.erl
@@ -718,17 +718,21 @@ key_derivation_params(#'PBES2-params'{keyDerivationFunc = KeyDerivationFunc, enc
 %% This function currently matches a tuple that ougth to be the value
 %% ?'id-hmacWithSHA1, but we need some kind of ASN1-fix for this.
 pseudo_random_function(#'PBKDF2-params_prf'{algorithm = {_,_, _,'id-hmacWithSHA1'}}) ->
-	{fun crypto:hmac/4, sha, pseudo_output_length(?'id-hmacWithSHA1')};
+	{fun hmac/4, sha, pseudo_output_length(?'id-hmacWithSHA1')};
 pseudo_random_function(#'PBKDF2-params_prf'{algorithm = ?'id-hmacWithSHA1' = Algo}) ->
-	{fun crypto:hmac/4, sha, pseudo_output_length(Algo)};
+	{fun hmac/4, sha, pseudo_output_length(Algo)};
 pseudo_random_function(#'PBKDF2-params_prf'{algorithm = ?'id-hmacWithSHA224'= Algo}) ->
-	{fun crypto:hmac/4, sha224, pseudo_output_length(Algo)};
+	{fun hmac/4, sha224, pseudo_output_length(Algo)};
 pseudo_random_function(#'PBKDF2-params_prf'{algorithm = ?'id-hmacWithSHA256' = Algo}) ->
-	{fun crypto:hmac/4, sha256, pseudo_output_length(Algo)};
+	{fun hmac/4, sha256, pseudo_output_length(Algo)};
 pseudo_random_function(#'PBKDF2-params_prf'{algorithm = ?'id-hmacWithSHA384' = Algo}) ->
-	{fun crypto:hmac/4, sha384, pseudo_output_length(Algo)};
+	{fun hmac/4, sha384, pseudo_output_length(Algo)};
 pseudo_random_function(#'PBKDF2-params_prf'{algorithm = ?'id-hmacWithSHA512' = Algo}) ->
-	{fun crypto:hmac/4, sha512, pseudo_output_length(Algo)}.
+	{fun hmac/4, sha512, pseudo_output_length(Algo)}.
+
+%% @private
+hmac(SubType, Key, Data, MacLength) ->
+    jose_crypto_compat:mac(hmac, SubType, Key, Data, MacLength).
 
 %% @private
 pseudo_output_length(?'id-hmacWithSHA1') ->