Replace EVP_MAC_CTX_copy() by EVP_MAC_CTX_dup()

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> GH: #7651
2025-05-03 13:09:38 +00:00 · 2018-11-04 19:16:20 +01:00 · 2018-11-04 19:16:20 +01:00 · be5fc053ed
commit be5fc053ed
parent e6071f29c2
12 changed files with 120 additions and 75 deletions
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@ -809,7 +809,7 @@ EVP_F_EVP_KDF_CTX_NEW:240:EVP_KDF_CTX_new
 EVP_F_EVP_KDF_CTX_NEW_ID:226:EVP_KDF_CTX_new_id
 EVP_F_EVP_MAC_CTRL:209:EVP_MAC_ctrl
 EVP_F_EVP_MAC_CTRL_STR:210:EVP_MAC_ctrl_str
-EVP_F_EVP_MAC_CTX_COPY:211:EVP_MAC_CTX_copy
+EVP_F_EVP_MAC_CTX_DUP:211:EVP_MAC_CTX_dup
 EVP_F_EVP_MAC_CTX_NEW:213:EVP_MAC_CTX_new
 EVP_F_EVP_MAC_INIT:212:EVP_MAC_init
 EVP_F_EVP_MD_BLOCK_SIZE:232:EVP_MD_block_size
@ -880,6 +880,7 @@ EVP_F_PKCS5_V2_PBE_KEYIVGEN:118:PKCS5_v2_PBE_keyivgen
 EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN:164:PKCS5_v2_PBKDF2_keyivgen
 EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen
 EVP_F_PKEY_KDF_CTRL:227:pkey_kdf_ctrl
 EVP_F_PKEY_MAC_COPY:241:pkey_mac_copy
 EVP_F_PKEY_MAC_INIT:214:pkey_mac_init
 EVP_F_PKEY_SET_TYPE:158:pkey_set_type
 EVP_F_POLY1305_CTRL:216:poly1305_ctrl
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@ -78,7 +78,7 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTX_NEW_ID, 0), "EVP_KDF_CTX_new_id"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTRL, 0), "EVP_MAC_ctrl"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTRL_STR, 0), "EVP_MAC_ctrl_str"},
-    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTX_COPY, 0), "EVP_MAC_CTX_copy"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTX_DUP, 0), "EVP_MAC_CTX_dup"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTX_NEW, 0), "EVP_MAC_CTX_new"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_INIT, 0), "EVP_MAC_init"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MD_BLOCK_SIZE, 0), "EVP_MD_block_size"},
@ -179,6 +179,7 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, 0),
     "PKCS5_v2_scrypt_keyivgen"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_KDF_CTRL, 0), "pkey_kdf_ctrl"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_MAC_COPY, 0), "pkey_mac_copy"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_MAC_INIT, 0), "pkey_mac_init"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"},
    {ERR_PACK(ERR_LIB_EVP, EVP_F_POLY1305_CTRL, 0), "poly1305_ctrl"},
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@ -48,18 +48,28 @@ void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx)
    OPENSSL_free(ctx);
 }
-int EVP_MAC_CTX_copy(EVP_MAC_CTX *dst, const EVP_MAC_CTX *src)
+EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src)
 {
-    EVP_MAC_IMPL *macdata;
+    EVP_MAC_CTX *dst = EVP_MAC_CTX_new(src->meth);
-    if (src->data != NULL && !dst->meth->copy(dst->data, src->data))
+    if (dst == NULL)
-        return 0;
+        return NULL;
    dst = OPENSSL_malloc(sizeof(*dst));
    if (dst == NULL) {
        EVPerr(EVP_F_EVP_MAC_CTX_DUP, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    macdata = dst->data;
    *dst = *src;
    dst->data = macdata;
-    return 1;
+    dst->data = src->meth->dup(src->data);
    if (dst->data == NULL) {
        EVP_MAC_CTX_free(dst);
        return NULL;
    }
    return dst;
 }
 const EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx)
--- a/crypto/evp/pkey_mac.c
+++ b/crypto/evp/pkey_mac.c
@ -10,6 +10,7 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include "internal/evp_int.h"
 #include "evp_locl.h"
 /* MAC PKEY context structure */
@ -75,15 +76,25 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
 {
    MAC_PKEY_CTX *sctx, *dctx;
-    if (!pkey_mac_init(dst))
+    sctx = EVP_PKEY_CTX_get_data(src);
    if (sctx->ctx->data == NULL)
        return 0;
-    sctx = EVP_PKEY_CTX_get_data(src);
+    dctx = OPENSSL_zalloc(sizeof(*dctx));
-    dctx = EVP_PKEY_CTX_get_data(dst);
+    if (dctx == NULL) {
        EVPerr(EVP_F_PKEY_MAC_COPY, ERR_R_MALLOC_FAILURE);
        return 0;
    }
-    if (!EVP_MAC_CTX_copy(dctx->ctx, sctx->ctx))
+    EVP_PKEY_CTX_set_data(dst, dctx);
    dst->keygen_info_count = 0;
    dctx->ctx = EVP_MAC_CTX_dup(sctx->ctx);
    if (dctx->ctx == NULL)
        goto err;
    dctx->type = sctx->type;
    switch (dctx->type) {
    case MAC_TYPE_RAW:
        dctx->raw_data.md = sctx->raw_data.md;
@ -100,7 +111,7 @@ static int pkey_mac_copy(EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src)
    }
    return 1;
 err:
-    pkey_mac_cleanup (dst);
+    pkey_mac_cleanup(dst);
    return 0;
 }
@ -141,14 +152,10 @@ static int pkey_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
        break;
    case MAC_TYPE_MAC:
        {
-            EVP_MAC_CTX *cmkey = EVP_MAC_CTX_new_id(nid);
+            EVP_MAC_CTX *cmkey = EVP_MAC_CTX_dup(hctx->ctx);
            if (cmkey == NULL)
                return 0;
            if (!EVP_MAC_CTX_copy(cmkey, hctx->ctx)) {
                EVP_MAC_CTX_free(cmkey);
                return 0;
            }
            EVP_PKEY_assign(pkey, nid, cmkey);
        }
        break;
@ -249,13 +256,18 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
        case MAC_TYPE_RAW:
            hctx->raw_data.md = p2;
            break;
-        case MAC_TYPE_MAC:
+        case MAC_TYPE_MAC: {
-            if (ctx->pkey != NULL
+                EVP_MAC_CTX *new_mac_ctx;
-                && !EVP_MAC_CTX_copy(hctx->ctx,
+
-                                     (EVP_MAC_CTX *)ctx->pkey->pkey.ptr))
+                if (ctx->pkey == NULL)
-                return 0;
+                    return 0;
-            if (!EVP_MAC_init(hctx->ctx))
+                new_mac_ctx = EVP_MAC_CTX_dup((EVP_MAC_CTX *)ctx->pkey
-                return 0;
+                                              ->pkey.ptr);
                if (new_mac_ctx == NULL)
                    return 0;
                EVP_MAC_CTX_free(hctx->ctx);
                hctx->ctx = new_mac_ctx;
            }
            break;
        default:
            /* This should be dead code */
--- a/crypto/kdf/sskdf.c
+++ b/crypto/kdf/sskdf.c
@ -202,9 +202,8 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
            || derived_key_len == 0)
        return 0;
    ctx = EVP_MAC_CTX_new(kdf_mac);
    ctx_init = EVP_MAC_CTX_new(kdf_mac);
-    if (ctx == NULL || ctx_init == NULL)
+    if (ctx_init == NULL)
        goto end;
    if (hmac_md != NULL &&
            EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_MD, hmac_md) <= 0)
@ -233,7 +232,8 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
        c[2] = (unsigned char)((counter >> 8) & 0xff);
        c[3] = (unsigned char)(counter & 0xff);
-        if (!(EVP_MAC_CTX_copy(ctx, ctx_init)
+        ctx = EVP_MAC_CTX_dup(ctx_init);
        if (!(ctx != NULL
                && EVP_MAC_update(ctx, c, sizeof(c))
                && EVP_MAC_update(ctx, z, z_len)
                && EVP_MAC_update(ctx, info, info_len)))
@ -251,6 +251,8 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
            memcpy(out, mac, len);
            break;
        }
        EVP_MAC_CTX_free(ctx);
        ctx = NULL;
    }
    ret = 1;
 end:
--- a/crypto/kdf/tls1_prf.c
+++ b/crypto/kdf/tls1_prf.c
@ -237,10 +237,8 @@ static int tls1_prf_P_hash(const EVP_MD *md,
    size_t Ai_len;
    int ret = 0;
    ctx = EVP_MAC_CTX_new_id(EVP_MAC_HMAC);
    ctx_Ai = EVP_MAC_CTX_new_id(EVP_MAC_HMAC);
    ctx_init = EVP_MAC_CTX_new_id(EVP_MAC_HMAC);
-    if (ctx == NULL || ctx_Ai == NULL || ctx_init == NULL)
+    if (ctx_init == NULL)
        goto err;
    if (EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_FLAGS, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW) != 1)
        goto err;
@ -254,7 +252,8 @@ static int tls1_prf_P_hash(const EVP_MD *md,
    if (chunk == 0)
        goto err;
    /* A(0) = seed */
-    if (!EVP_MAC_CTX_copy(ctx_Ai, ctx_init))
+    ctx_Ai = EVP_MAC_CTX_dup(ctx_init);
    if (ctx_Ai == NULL)
        goto err;
    if (seed != NULL && !EVP_MAC_update(ctx_Ai, seed, seed_len))
        goto err;
@ -263,15 +262,21 @@ static int tls1_prf_P_hash(const EVP_MD *md,
        /* calc: A(i) = HMAC_<hash>(secret, A(i-1)) */
        if (!EVP_MAC_final(ctx_Ai, Ai, &Ai_len))
            goto err;
        EVP_MAC_CTX_free(ctx_Ai);
        ctx_Ai = NULL;
        /* calc next chunk: HMAC_<hash>(secret, A(i) + seed) */
-        if (!EVP_MAC_CTX_copy(ctx, ctx_init))
+        ctx = EVP_MAC_CTX_dup(ctx_init);
        if (ctx == NULL)
            goto err;
        if (!EVP_MAC_update(ctx, Ai, Ai_len))
            goto err;
        /* save state for calculating next A(i) value */
-        if (olen > chunk && !EVP_MAC_CTX_copy(ctx_Ai, ctx))
+        if (olen > chunk) {
-            goto err;
+            ctx_Ai = EVP_MAC_CTX_dup(ctx);
            if (ctx_Ai == NULL)
                goto err;
        }
        if (seed != NULL && !EVP_MAC_update(ctx, seed, seed_len))
            goto err;
        if (olen <= chunk) {
@ -283,6 +288,8 @@ static int tls1_prf_P_hash(const EVP_MD *md,
        }
        if (!EVP_MAC_final(ctx, out, NULL))
            goto err;
        EVP_MAC_CTX_free(ctx);
        ctx = NULL;
        out += chunk;
        olen -= chunk;
    }
--- a/crypto/modes/modes_lcl.h
+++ b/crypto/modes/modes_lcl.h
@ -213,7 +213,6 @@ struct siv128_context {
    SIV_BLOCK tag;
    EVP_CIPHER_CTX *cipher_ctx;
    EVP_MAC_CTX *mac_ctx_init;
    EVP_MAC_CTX *mac_ctx;
    int final_ret;
    int crypto_ok;
 };
--- a/crypto/modes/siv128.c
+++ b/crypto/modes/siv128.c
@ -92,30 +92,38 @@ __owur static ossl_inline int siv128_do_s2v_p(SIV128_CONTEXT *ctx, SIV_BLOCK *ou
 {
    SIV_BLOCK t;
    size_t out_len = sizeof(out->byte);
    EVP_MAC_CTX *mac_ctx;
    int ret = 0;
-    if (!EVP_MAC_CTX_copy(ctx->mac_ctx, ctx->mac_ctx_init))
+    mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init);
    if (mac_ctx == NULL)
        return 0;
    if (len >= SIV_LEN) {
-        if (!EVP_MAC_update(ctx->mac_ctx, in, len - SIV_LEN))
+        if (!EVP_MAC_update(mac_ctx, in, len - SIV_LEN))
-            return 0;
+            goto err;
        memcpy(&t, in + (len-SIV_LEN), SIV_LEN);
        siv128_xorblock(&t, &ctx->d);
-        if (!EVP_MAC_update(ctx->mac_ctx, t.byte, SIV_LEN))
+        if (!EVP_MAC_update(mac_ctx, t.byte, SIV_LEN))
-            return 0;
+            goto err;
    } else {
        memset(&t, 0, sizeof(t));
        memcpy(&t, in, len);
        t.byte[len] = 0x80;
        siv128_dbl(&ctx->d);
        siv128_xorblock(&t, &ctx->d);
-        if (!EVP_MAC_update(ctx->mac_ctx, t.byte, SIV_LEN))
+        if (!EVP_MAC_update(mac_ctx, t.byte, SIV_LEN))
-            return 0;
+            goto err;
    }
-    if (!EVP_MAC_final(ctx->mac_ctx, out->byte, &out_len)
+    if (!EVP_MAC_final(mac_ctx, out->byte, &out_len)
        || out_len != SIV_LEN)
-        return 0;
+        goto err;
-    return 1;
+
    ret = 1;
 err:
    EVP_MAC_CTX_free(mac_ctx);
    return ret;
 }
@ -156,27 +164,27 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
 {
    static const unsigned char zero[SIV_LEN] = { 0 };
    size_t out_len = SIV_LEN;
    EVP_MAC_CTX *mac_ctx = NULL;
    memset(&ctx->d, 0, sizeof(ctx->d));
    ctx->cipher_ctx = NULL;
    ctx->mac_ctx = NULL;
    ctx->mac_ctx_init = NULL;
    if (key == NULL || cbc == NULL || ctr == NULL
            || (ctx->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL
            || (ctx->mac_ctx_init = EVP_MAC_CTX_new_id(EVP_MAC_CMAC)) == NULL
            || (ctx->mac_ctx = EVP_MAC_CTX_new_id(EVP_MAC_CMAC)) == NULL
            || EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_CIPHER, cbc) <= 0
            || EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_KEY, key, klen) <= 0
            || !EVP_EncryptInit_ex(ctx->cipher_ctx, ctr, NULL, key + klen, NULL)
-            || !EVP_MAC_CTX_copy(ctx->mac_ctx, ctx->mac_ctx_init)
+            || (mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init)) == NULL
-            || !EVP_MAC_update(ctx->mac_ctx, zero, sizeof(zero))
+            || !EVP_MAC_update(mac_ctx, zero, sizeof(zero))
-            || !EVP_MAC_final(ctx->mac_ctx, ctx->d.byte, &out_len)) {
+            || !EVP_MAC_final(mac_ctx, ctx->d.byte, &out_len)) {
        EVP_CIPHER_CTX_free(ctx->cipher_ctx);
        EVP_MAC_CTX_free(ctx->mac_ctx_init);
-        EVP_MAC_CTX_free(ctx->mac_ctx);
+        EVP_MAC_CTX_free(mac_ctx);
        return 0;
    }
    EVP_MAC_CTX_free(mac_ctx);
    ctx->final_ret = -1;
    ctx->crypto_ok = 1;
@ -192,9 +200,10 @@ int CRYPTO_siv128_copy_ctx(SIV128_CONTEXT *dest, SIV128_CONTEXT *src)
    memcpy(&dest->d, &src->d, sizeof(src->d));
    if (!EVP_CIPHER_CTX_copy(dest->cipher_ctx, src->cipher_ctx))
        return 0;
-    if (!EVP_MAC_CTX_copy(dest->mac_ctx_init, src->mac_ctx_init))
+    EVP_MAC_CTX_free(dest->mac_ctx_init);
    dest->mac_ctx_init = EVP_MAC_CTX_dup(src->mac_ctx_init);
    if (dest->mac_ctx_init == NULL)
        return 0;
    /* no need to copy mac_ctx since it's temp storage */
    return 1;
 }
@ -208,19 +217,23 @@ int CRYPTO_siv128_aad(SIV128_CONTEXT *ctx, const unsigned char *aad,
 {
    SIV_BLOCK mac_out;
    size_t out_len = SIV_LEN;
    EVP_MAC_CTX *mac_ctx;
    siv128_dbl(&ctx->d);
-    if (!EVP_MAC_CTX_copy(ctx->mac_ctx, ctx->mac_ctx_init)
+    mac_ctx = EVP_MAC_CTX_dup(ctx->mac_ctx_init);
-        || !EVP_MAC_update(ctx->mac_ctx, aad, len)
+    if (mac_ctx == NULL
-        || !EVP_MAC_final(ctx->mac_ctx, mac_out.byte, &out_len)
+        || !EVP_MAC_update(mac_ctx, aad, len)
-        || out_len != SIV_LEN)
+        || !EVP_MAC_final(mac_ctx, mac_out.byte, &out_len)
        || out_len != SIV_LEN) {
        EVP_MAC_CTX_free(mac_ctx);
        return 0;
    }
    EVP_MAC_CTX_free(mac_ctx);
    siv128_xorblock(&ctx->d, &mac_out);
    return 1;
 }
 /*
@ -330,8 +343,6 @@ int CRYPTO_siv128_cleanup(SIV128_CONTEXT *ctx)
        ctx->cipher_ctx = NULL;
        EVP_MAC_CTX_free(ctx->mac_ctx_init);
        ctx->mac_ctx_init = NULL;
        EVP_MAC_CTX_free(ctx->mac_ctx);
        ctx->mac_ctx = NULL;
        OPENSSL_cleanse(&ctx->d, sizeof(ctx->d));
        OPENSSL_cleanse(&ctx->tag, sizeof(ctx->tag));
        ctx->final_ret = -1;
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@ -3,7 +3,7 @@
 =head1 NAME
 EVP_MAC, EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_new_id, EVP_MAC_CTX_free,
-EVP_MAC_CTX_copy, EVP_MAC_CTX_mac, EVP_MAC_size, EVP_MAC_init, EVP_MAC_update,
+EVP_MAC_CTX_dup, EVP_MAC_CTX_mac, EVP_MAC_size, EVP_MAC_init, EVP_MAC_update,
 EVP_MAC_final, EVP_MAC_ctrl, EVP_MAC_vctrl, EVP_MAC_ctrl_str,
 EVP_MAC_str2ctrl, EVP_MAC_hex2ctrl, EVP_MAC_nid, EVP_MAC_name,
 EVP_get_macbyname, EVP_get_macbynid, EVP_get_macbyobj - EVP MAC routines
@ -18,7 +18,7 @@ EVP_get_macbyname, EVP_get_macbynid, EVP_get_macbyobj - EVP MAC routines
 EVP_MAC_CTX *EVP_MAC_CTX_new(const EVP_MAC *mac);
 EVP_MAC_CTX *EVP_MAC_CTX_new_id(int nid);
 void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
- int EVP_MAC_CTX_copy(EVP_MAC_CTX *dest, EVP_MAC_CTX *src);
+ EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
 const EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx);
 size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
 int EVP_MAC_init(EVP_MAC_CTX *ctx);
@ -72,10 +72,8 @@ EVP_MAC_CTX_free() frees the contents of the context, including an
 underlying context if there is one, as well as the context itself.
 B<NULL> is a valid parameter, for which this function is a no-op.
-EVP_MAC_CTX_copy() makes a deep copy of the C<src> context to the
+EVP_MAC_CTX_dup() duplicates the C<src> context and returns a newly allocated
-C<dest> context.
+context.
 The C<dest> context I<must> have been created before calling this
 function.
 EVP_MAC_CTX_mac() returns the B<EVP_MAC> associated with the context
 C<ctx>.
@ -231,13 +229,12 @@ implemented as a macro.
 =head1 RETURN VALUES
-EVP_MAC_CTX_new() and EVP_MAC_CTX_new_id() return a pointer to a newly
+EVP_MAC_CTX_new(), EVP_MAC_CTX_new_id() and EVP_MAC_CTX_dup() return a pointer
-created EVP_MAC_CTX, or NULL if allocation failed.
+to a newly created EVP_MAC_CTX, or NULL if allocation failed.
 EVP_MAC_CTX_free() returns nothing at all.
-EVP_MAC_CTX_copy(), EVP_MAC_init(), EVP_MAC_update(),
+EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0 on error.
 and EVP_MAC_final() return 1 on success, 0 on error.
 EVP_MAC_ctrl(), EVP_MAC_ctrl_str(), EVP_MAC_str2ctrl() and
 EVP_MAC_hex2ctrl() return 1 on success and 0 or a negative value on
@ -359,6 +356,10 @@ L<EVP_MAC_KMAC(7)>,
 L<EVP_MAC_SIPHASH(7)>,
 L<EVP_MAC_POLY1305(7)>
 =head1 HISTORY
 These functions were added in OpenSSL 3.0.0.
 =head1 COPYRIGHT
 Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@ -1014,7 +1014,7 @@ void EVP_MD_do_all_sorted(void (*fn)
 EVP_MAC_CTX *EVP_MAC_CTX_new(const EVP_MAC *mac);
 EVP_MAC_CTX *EVP_MAC_CTX_new_id(int nid);
 void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx);
-int EVP_MAC_CTX_copy(EVP_MAC_CTX *dest, const EVP_MAC_CTX *src);
+EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src);
 const EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx);
 size_t EVP_MAC_size(EVP_MAC_CTX *ctx);
 int EVP_MAC_init(EVP_MAC_CTX *ctx);
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@ -74,7 +74,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_F_EVP_KDF_CTX_NEW_ID                         226
 # define EVP_F_EVP_MAC_CTRL                               209
 # define EVP_F_EVP_MAC_CTRL_STR                           210
-# define EVP_F_EVP_MAC_CTX_COPY                           211
+# define EVP_F_EVP_MAC_CTX_DUP                            211
 # define EVP_F_EVP_MAC_CTX_NEW                            213
 # define EVP_F_EVP_MAC_INIT                               212
 # define EVP_F_EVP_MD_BLOCK_SIZE                          232
@ -145,6 +145,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
 # define EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN                   180
 # define EVP_F_PKEY_KDF_CTRL                              227
 # define EVP_F_PKEY_MAC_COPY                              241
 # define EVP_F_PKEY_MAC_INIT                              214
 # define EVP_F_PKEY_SET_TYPE                              158
 # define EVP_F_POLY1305_CTRL                              216
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@ -4578,7 +4578,7 @@ EVP_PKEY_meth_get_digest_custom         4533	3_0_0	EXIST::FUNCTION:
 EVP_MAC_CTX_new                         4534	3_0_0	EXIST::FUNCTION:
 EVP_MAC_CTX_new_id                      4535	3_0_0	EXIST::FUNCTION:
 EVP_MAC_CTX_free                        4536	3_0_0	EXIST::FUNCTION:
-EVP_MAC_CTX_copy                        4537	3_0_0	EXIST::FUNCTION:
+EVP_MAC_CTX_dup                         4537	3_0_0	EXIST::FUNCTION:
 EVP_MAC_CTX_mac                         4538	3_0_0	EXIST::FUNCTION:
 EVP_MAC_size                            4539	3_0_0	EXIST::FUNCTION:
 EVP_MAC_init                            4540	3_0_0	EXIST::FUNCTION: