From da78ad6446eb1695f5c6f0d4bedea3c39c39e115 Mon Sep 17 00:00:00 2001
From: Andrew Shu <talklittle@gmail.com>
Date: Mon, 6 Jul 2020 17:57:03 -0700
Subject: [PATCH] Add crypto compat wrapper for OTP 23 deprecations
Signed-off-by: Randy Barlow <randy@electronsweatshop.com>
---
include/jose_compat.hrl | 15 +++-
src/jose_chacha20_poly1305_crypto.erl | 2 +-
src/jose_crypto_compat.erl | 92 +++++++++++++++++++++
src/jose_public_key.erl | 16 ++--
src/jose_server.erl | 24 ++++--
src/jose_xchacha20_poly1305_crypto.erl | 4 +-
src/jwa/jose_jwa.erl | 4 +-
src/jwa/jose_jwa_aes.erl | 12 +--
src/jwa/jose_jwa_concat_kdf.erl | 2 +-
src/jwa/jose_jwa_pkcs1.erl | 2 +-
src/jwa/jose_jwa_pkcs5.erl | 4 +-
src/jwe/jose_jwe_enc_aes.erl | 4 +-
src/jwk/jose_jwk_kty_oct.erl | 2 +-
test/property_test/jose_jwa_pkcs1_props.erl | 2 +-
14 files changed, 145 insertions(+), 40 deletions(-)
create mode 100644 src/jose_crypto_compat.erl
diff --git a/include/jose_compat.hrl b/include/jose_compat.hrl
index fd838b5..9f561c4 100644
--- a/include/jose_compat.hrl
+++ b/include/jose_compat.hrl
@@ -12,11 +12,18 @@
-ifndef(JOSE_COMPAT_HRL).
-ifdef(OTP_RELEASE). %% this implies OTP 21 or higher
--define(COMPAT_CATCH(Class, Reason, Stacktrace), Class:Reason:Stacktrace).
--define(COMPAT_GET_STACKTRACE(Stacktrace), Stacktrace).
+ -define(COMPAT_CATCH(Class, Reason, Stacktrace), Class:Reason:Stacktrace).
+ -define(COMPAT_GET_STACKTRACE(Stacktrace), Stacktrace).
+
+ -if(?OTP_RELEASE >= 23).
+ -define(JOSE_CRYPTO_OTP_23, true).
+ -elif(?OTP_RELEASE < 23).
+ -define(JOSE_CRYPTO_OTP_23, false).
+ -endif.
-else.
--define(COMPAT_CATCH(Class, Reason, _), Class:Reason).
--define(COMPAT_GET_STACKTRACE(_), erlang:get_stacktrace()).
+ -define(COMPAT_CATCH(Class, Reason, _), Class:Reason).
+ -define(COMPAT_GET_STACKTRACE(_), erlang:get_stacktrace()).
+ -define(JOSE_CRYPTO_OTP_23, false).
-endif.
-define(JOSE_COMPAT_HRL, 1).
diff --git a/src/jose_chacha20_poly1305_crypto.erl b/src/jose_chacha20_poly1305_crypto.erl
index 938bf2f..f0ee7d4 100644
--- a/src/jose_chacha20_poly1305_crypto.erl
+++ b/src/jose_chacha20_poly1305_crypto.erl
@@ -44,7 +44,7 @@ encrypt(PlainText, AAD, IV, CEK) ->
authenticate(Message, Key, Nonce) ->
OTK = jose_jwa_chacha20_poly1305:poly1305_key_gen(Key, Nonce),
- crypto:poly1305(OTK, Message).
+ jose_crypto_compat:mac(poly1305, OTK, Message).
verify(MAC, Message, Key, Nonce) ->
Challenge = jose_jwa_chacha20_poly1305:authenticate(Message, Key, Nonce),
diff --git a/src/jose_crypto_compat.erl b/src/jose_crypto_compat.erl
new file mode 100644
index 0000000..8868eb5
--- /dev/null
+++ b/src/jose_crypto_compat.erl
@@ -0,0 +1,92 @@
+%% -*- mode: erlang; tab-width: 4; indent-tabs-mode: 1; st-rulers: [70] -*-
+%% vim: ts=4 sw=4 ft=erlang noet
+%%%-------------------------------------------------------------------
+%%% @author Andrew Bennett <potatosaladx@gmail.com>
+%%% @copyright 2014-2020, Andrew Bennett
+%%% @doc
+%%%
+%%% @end
+%%%-------------------------------------------------------------------
+-module(jose_crypto_compat).
+
+-include("jose_compat.hrl").
+
+%% API
+-export([crypto_init/4]).
+-export([crypto_one_time/4]).
+-export([crypto_one_time/5]).
+-export([crypto_update_encrypt/2]).
+-export([mac/3]).
+-export([mac/4]).
+
+%%====================================================================
+%% API functions
+%%====================================================================
+
+-if(?JOSE_CRYPTO_OTP_23). %% "New API" for OTP 23 and higher
+
+crypto_init(Cipher, Key, IV, FlagOrOptions) ->
+ crypto:crypto_init(Cipher, Key, IV, FlagOrOptions).
+
+crypto_one_time(Cipher, Key, Data, FlagOrOptions) ->
+ crypto:crypto_one_time(Cipher, Key, Data, FlagOrOptions).
+
+crypto_one_time(Cipher, Key, IV, Data, FlagOrOptions) ->
+ crypto:crypto_one_time(Cipher, Key, IV, Data, FlagOrOptions).
+
+crypto_update_encrypt(State, Data) ->
+ Result = crypto:crypto_update(State, Data),
+ {State, Result}.
+
+mac(Type, Key, Data) ->
+ crypto:mac(Type, Key, Data).
+
+mac(Type, SubType, Key, Data) ->
+ crypto:mac(Type, SubType, Key, Data).
+
+-elif(true). %% "Old API" for OTP 22 and earlier
+
+crypto_init(Cipher, Key, IV, _FlagOrOptions) ->
+ crypto:stream_init(legacy_cipher_iv(Cipher), Key, IV).
+
+crypto_one_time(Cipher, Key, Data, true) ->
+ crypto:block_encrypt(legacy_cipher_no_iv(Cipher), Key, Data);
+crypto_one_time(Cipher, Key, Data, false) ->
+ crypto:block_decrypt(legacy_cipher_no_iv(Cipher), Key, Data).
+
+crypto_one_time(Cipher, Key, IV, Data, true) ->
+ crypto:block_encrypt(legacy_cipher_iv(Cipher), Key, IV, Data);
+crypto_one_time(Cipher, Key, IV, Data, false) ->
+ crypto:block_decrypt(legacy_cipher_iv(Cipher), Key, IV, Data).
+
+crypto_update_encrypt(State, Data) ->
+ crypto:stream_encrypt(State, Data).
+
+mac(poly1305, Key, Data) ->
+ crypto:poly1305(Key, Data).
+
+mac(hmac, SubType, Key, Data) ->
+ crypto:hmac(SubType, Key, Data).
+
+-endif.
+
+%%%-------------------------------------------------------------------
+%%% Internal functions
+%%%-------------------------------------------------------------------
+
+-if(not ?JOSE_CRYPTO_OTP_23).
+
+legacy_cipher_no_iv(aes_128_ecb) -> aes_ecb;
+legacy_cipher_no_iv(aes_192_ecb) -> aes_ecb;
+legacy_cipher_no_iv(aes_256_ecb) -> aes_ecb;
+legacy_cipher_no_iv(Cipher) -> Cipher.
+
+legacy_cipher_iv(aes_128_cbc) -> aes_cbc128;
+legacy_cipher_iv(aes_192_cbc) -> aes_cbc192;
+legacy_cipher_iv(aes_256_cbc) -> aes_cbc256;
+legacy_cipher_iv(aes_128_ctr) -> aes_ctr;
+legacy_cipher_iv(aes_192_ctr) -> aes_ctr;
+legacy_cipher_iv(aes_256_ctr) -> aes_ctr;
+legacy_cipher_iv(Cipher) -> Cipher.
+
+-endif.
\ No newline at end of file
diff --git a/src/jose_public_key.erl b/src/jose_public_key.erl
index e9ae6af..4000990 100644
--- a/src/jose_public_key.erl
+++ b/src/jose_public_key.erl
@@ -366,7 +366,7 @@ pem_dec_entry(Start, Lines) ->
%% @private
decode_encrypted_private_keyinfo(Der) ->
#'EncryptedPrivateKeyInfo'{encryptionAlgorithm = AlgorithmInfo, encryptedData = Data} = der_decode('EncryptedPrivateKeyInfo', Der),
- DecryptParams = decrypt_parameters(AlgorithmInfo),
+ DecryptParams = decrypt_parameters(AlgorithmInfo),
{true, {'PrivateKeyInfo', Data, DecryptParams}}.
%% @private
@@ -624,31 +624,31 @@ pem_entry_enc1(_, _, _) ->
%% @private
pem_cipher(Data, {Cipher = "AES-128-CBC", KeyDevParams}, Password) ->
{Key, IV} = password_to_key_and_iv(Password, Cipher, KeyDevParams),
- {true, crypto:block_encrypt(aes_cbc128, Key, IV, jose_jwa_pkcs7:pad(Data))};
+ {true, jose_crypto_compat:crypto_one_time(aes_128_cbc, Key, IV, jose_jwa_pkcs7:pad(Data), true)};
pem_cipher(Data, {Cipher = "AES-192-CBC", KeyDevParams}, Password) ->
{Key, IV} = password_to_key_and_iv(Password, Cipher, KeyDevParams),
- {true, crypto:block_encrypt(aes_cbc192, Key, IV, jose_jwa_pkcs7:pad(Data))};
+ {true, jose_crypto_compat:crypto_one_time(aes_192_cbc, Key, IV, jose_jwa_pkcs7:pad(Data), true)};
pem_cipher(Data, {Cipher = "AES-256-CBC", KeyDevParams}, Password) ->
{Key, IV} = password_to_key_and_iv(Password, Cipher, KeyDevParams),
- {true, crypto:block_encrypt(aes_cbc256, Key, IV, jose_jwa_pkcs7:pad(Data))};
+ {true, jose_crypto_compat:crypto_one_time(aes_256_cbc, Key, IV, jose_jwa_pkcs7:pad(Data), true)};
pem_cipher(_, _, _) ->
false.
%% @private
pem_decipher(Data, {Cipher = "AES-128-CBC", KeyDevParams}, Password) ->
{Key, IV} = password_to_key_and_iv(Password, Cipher, KeyDevParams),
- {true, crypto:block_decrypt(aes_cbc128, Key, IV, Data)};
+ {true, jose_crypto_compat:crypto_one_time(aes_128_cbc, Key, IV, Data, false)};
pem_decipher(Data, {Cipher = "AES-192-CBC", KeyDevParams}, Password) ->
{Key, IV} = password_to_key_and_iv(Password, Cipher, KeyDevParams),
- {true, crypto:block_decrypt(aes_cbc192, Key, IV, Data)};
+ {true, jose_crypto_compat:crypto_one_time(aes_192_cbc, Key, IV, Data, false)};
pem_decipher(Data, {Cipher = "AES-256-CBC", KeyDevParams}, Password) ->
{Key, IV} = password_to_key_and_iv(Password, Cipher, KeyDevParams),
- {true, crypto:block_decrypt(aes_cbc256, Key, IV, Data)};
+ {true, jose_crypto_compat:crypto_one_time(aes_256_cbc, Key, IV, Data, false)};
pem_decipher(_, _, _) ->
false.
%% @private
-ceiling(Float) ->
+ceiling(Float) ->
erlang:round(Float + 0.5).
%% @private
diff --git a/src/jose_server.erl b/src/jose_server.erl
index 413a8f0..dbc3b60 100644
--- a/src/jose_server.erl
+++ b/src/jose_server.erl
@@ -494,7 +494,7 @@ check_crypto(Fallback, Entries) ->
{{cipher, {Cipher, KeySize}}, {crypto, CryptoCipher}}
end
end || Cipher <- Ciphers, KeySize <- KeySizes],
- CipherEntries1 =
+ CipherEntries1 =
case lists:keyfind(chacha20_poly1305_module, 1, Entries) of
{chacha20_poly1305_module, jose_chacha20_poly1305_unsupported} ->
CipherEntries0 ++ [{{cipher, {chacha20_poly1305, 256}}, {Fallback, {chacha20_poly1305, 256}}}];
@@ -643,7 +643,7 @@ has_cipher(aes_cbc, KeySize) ->
PlainText = jose_jwa_pkcs7:pad(<<>>),
case has_block_cipher(aes_cbc, {Key, IV, PlainText}) of
false ->
- Cipher = list_to_atom("aes_cbc" ++ integer_to_list(KeySize)),
+ Cipher = list_to_atom("aes_" ++ integer_to_list(KeySize) ++ "_cbc"),
has_block_cipher(Cipher, {Key, IV, PlainText});
Other ->
Other
@@ -657,13 +657,19 @@ has_cipher(aes_gcm, KeySize) ->
IV = << 0:96 >>,
AAD = <<>>,
PlainText = jose_jwa_pkcs7:pad(<<>>),
- has_block_cipher(aes_gcm, {Key, IV, AAD, PlainText}).
+ case has_block_cipher(aes_gcm, {Key, IV, AAD, PlainText}) of
+ false ->
+ Cipher = list_to_atom("aes_" ++ integer_to_list(KeySize) ++ "_gcm"),
+ has_block_cipher(Cipher, {Key, IV, AAD, PlainText});
+ Other ->
+ Other
+ end.
%% @private
has_block_cipher(Cipher, {Key, PlainText}) ->
- case catch crypto:block_encrypt(Cipher, Key, PlainText) of
+ case catch jose_crypto_compat:crypto_one_time(Cipher, Key, PlainText, true) of
CipherText when is_binary(CipherText) ->
- case catch crypto:block_decrypt(Cipher, Key, CipherText) of
+ case catch jose_crypto_compat:crypto_one_time(Cipher, Key, CipherText, false) of
PlainText ->
{true, Cipher};
_ ->
@@ -673,9 +679,9 @@ has_block_cipher(Cipher, {Key, PlainText}) ->
false
end;
has_block_cipher(Cipher, {Key, IV, PlainText}) ->
- case catch crypto:block_encrypt(Cipher, Key, IV, PlainText) of
+ case catch jose_crypto_compat:crypto_one_time(Cipher, Key, IV, PlainText, true) of
CipherText when is_binary(CipherText) ->
- case catch crypto:block_decrypt(Cipher, Key, IV, CipherText) of
+ case catch jose_crypto_compat:crypto_one_time(Cipher, Key, IV, CipherText, false) of
PlainText ->
{true, Cipher};
_ ->
@@ -685,9 +691,9 @@ has_block_cipher(Cipher, {Key, IV, PlainText}) ->
false
end;
has_block_cipher(Cipher, {Key, IV, AAD, PlainText}) ->
- case catch crypto:block_encrypt(Cipher, Key, IV, {AAD, PlainText}) of
+ case catch jose_crypto_compat:crypto_one_time(Cipher, Key, IV, {AAD, PlainText}, true) of
{CipherText, CipherTag} when is_binary(CipherText) andalso is_binary(CipherTag) ->
- case catch crypto:block_decrypt(Cipher, Key, IV, {AAD, CipherText, CipherTag}) of
+ case catch jose_crypto_compat:crypto_one_time(Cipher, Key, IV, {AAD, CipherText, CipherTag}, false) of
PlainText ->
{true, Cipher};
_ ->
diff --git a/src/jose_xchacha20_poly1305_crypto.erl b/src/jose_xchacha20_poly1305_crypto.erl
index 238cc47..a0b4839 100644
--- a/src/jose_xchacha20_poly1305_crypto.erl
+++ b/src/jose_xchacha20_poly1305_crypto.erl
@@ -23,10 +23,10 @@
%%====================================================================
decrypt(CipherText, CipherTag, AAD, IV, CEK) ->
- crypto:block_decrypt(xchacha20_poly1305, CEK, IV, {AAD, CipherText, CipherTag}).
+ jose_crypto_compat:crypto_one_time(xchacha20_poly1305, CEK, IV, {AAD, CipherText, CipherTag}, false).
encrypt(PlainText, AAD, IV, CEK) ->
- crypto:block_encrypt(xchacha20_poly1305, CEK, IV, {AAD, PlainText}).
+ jose_crypto_compat:crypto_one_time(xchacha20_poly1305, CEK, IV, {AAD, PlainText}, true).
authenticate(Message, Key, Nonce) ->
jose_jwa_xchacha20_poly1305:authenticate(Message, Key, Nonce).
diff --git a/src/jwa/jose_jwa.erl b/src/jwa/jose_jwa.erl
index af7c4fd..71c1a17 100644
--- a/src/jwa/jose_jwa.erl
+++ b/src/jwa/jose_jwa.erl
@@ -57,7 +57,7 @@ block_decrypt(Cipher, Key, CipherText)
when is_binary(CipherText) ->
case block_cipher(Cipher) of
{crypto, aes_ecb} ->
- << << (crypto:block_decrypt(aes_ecb, Key, Block))/binary >> || << Block:128/bitstring >> <= CipherText >>;
+ << << (jose_crypto_compat:crypto_one_time(aes_128_ecb, Key, Block, false))/binary >> || << Block:128/bitstring >> <= CipherText >>;
{Module, BlockCipher} ->
Module:block_decrypt(BlockCipher, Key, CipherText)
end.
@@ -66,7 +66,7 @@ block_encrypt(Cipher, Key, PlainText)
when is_binary(PlainText) ->
case block_cipher(Cipher) of
{crypto, aes_ecb} ->
- << << (crypto:block_encrypt(aes_ecb, Key, Block))/binary >> || << Block:128/bitstring >> <= PlainText >>;
+ << << (jose_crypto_compat:crypto_one_time(aes_128_ecb, Key, Block, true))/binary >> || << Block:128/bitstring >> <= PlainText >>;
{Module, BlockCipher} ->
Module:block_encrypt(BlockCipher, Key, PlainText)
end.
diff --git a/src/jwa/jose_jwa_aes.erl b/src/jwa/jose_jwa_aes.erl
index 2f7dcaf..eefcf8b 100644
--- a/src/jwa/jose_jwa_aes.erl
+++ b/src/jwa/jose_jwa_aes.erl
@@ -372,8 +372,8 @@ gcm_block_decrypt(H, K, IV, A, C, T) ->
_ ->
gcm_ghash(H, <<>>, IV)
end,
- S0 = crypto:stream_init(aes_ctr, K, Y0),
- {S1, EKY0xor} = crypto:stream_encrypt(S0, Y0),
+ S0 = jose_crypto_compat:crypto_init(aes_ctr, K, Y0, true),
+ {S1, EKY0xor} = jose_crypto_compat:crypto_update_encrypt(S0, Y0),
EKY0 = crypto:exor(EKY0xor, Y0),
<< Y0int:128/unsigned-big-integer-unit:1 >> = Y0,
Y1 = << (Y0int + 1):128/unsigned-big-integer-unit:1 >>,
@@ -396,8 +396,8 @@ gcm_block_encrypt(H, K, IV, A, P) ->
_ ->
gcm_ghash(H, <<>>, IV)
end,
- S0 = crypto:stream_init(aes_ctr, K, Y0),
- {S1, EKY0xor} = crypto:stream_encrypt(S0, Y0),
+ S0 = jose_crypto_compat:crypto_init(aes_ctr, K, Y0, true),
+ {S1, EKY0xor} = jose_crypto_compat:crypto_update_encrypt(S0, Y0),
EKY0 = crypto:exor(EKY0xor, Y0),
<< Y0int:128/unsigned-big-integer-unit:1 >> = Y0,
Y1 = << (Y0int + 1):128/unsigned-big-integer-unit:1 >>,
@@ -410,7 +410,7 @@ gcm_block_encrypt(H, K, IV, A, P) ->
gcm_exor(_S, _Y, <<>>, C) ->
C;
gcm_exor(S0, Y0, << B:128/bitstring, P/bitstring >>, C0) ->
- {S1, EKY0xor} = crypto:stream_encrypt(S0, Y0),
+ {S1, EKY0xor} = jose_crypto_compat:crypto_update_encrypt(S0, Y0),
EKY0 = crypto:exor(EKY0xor, Y0),
<< Y0int:128/unsigned-big-integer-unit:1 >> = Y0,
Y1 = << (Y0int + 1):128/unsigned-big-integer-unit:1 >>,
@@ -418,7 +418,7 @@ gcm_exor(S0, Y0, << B:128/bitstring, P/bitstring >>, C0) ->
gcm_exor(S1, Y1, P, C1);
gcm_exor(S0, Y0, P, C0) ->
PBits = bit_size(P),
- {_S1, EKY0xor} = crypto:stream_encrypt(S0, Y0),
+ {_S1, EKY0xor} = jose_crypto_compat:crypto_update_encrypt(S0, Y0),
<< EKY0:PBits/bitstring, _/bitstring >> = crypto:exor(EKY0xor, Y0),
C1 = << C0/binary, (crypto:exor(P, EKY0))/binary >>,
C1.
diff --git a/src/jwa/jose_jwa_concat_kdf.erl b/src/jwa/jose_jwa_concat_kdf.erl
index f4b4cfa..25289e5 100644
--- a/src/jwa/jose_jwa_concat_kdf.erl
+++ b/src/jwa/jose_jwa_concat_kdf.erl
@@ -106,5 +106,5 @@ resolve_hash(DigestType) when is_atom(DigestType) ->
end;
resolve_hash({hmac, DigestType, Key}) when is_atom(DigestType) ->
fun(Data) ->
- crypto:hmac(DigestType, Key, Data)
+ jose_crypto_compat:mac(hmac, DigestType, Key, Data)
end.
diff --git a/src/jwa/jose_jwa_pkcs1.erl b/src/jwa/jose_jwa_pkcs1.erl
index ba88f03..6023881 100644
--- a/src/jwa/jose_jwa_pkcs1.erl
+++ b/src/jwa/jose_jwa_pkcs1.erl
@@ -954,7 +954,7 @@ resolve_hash(DigestType) when is_atom(DigestType) ->
end;
resolve_hash({hmac, DigestType, Key}) when is_atom(DigestType) ->
fun(Data) ->
- crypto:hmac(DigestType, Key, Data)
+ jose_crypto_compat:mac(hmac, DigestType, Key, Data)
end.
%% @private
diff --git a/src/jwa/jose_jwa_pkcs5.erl b/src/jwa/jose_jwa_pkcs5.erl
index ac5ecdb..70a9d27 100644
--- a/src/jwa/jose_jwa_pkcs5.erl
+++ b/src/jwa/jose_jwa_pkcs5.erl
@@ -127,7 +127,7 @@ resolve_hash(DigestType) when is_atom(DigestType) ->
end;
resolve_hash({hmac, DigestType, Key}) when is_atom(DigestType) ->
fun(Data) ->
- crypto:hmac(DigestType, Key, Data)
+ jose_crypto_compat:mac(hmac, DigestType, Key, Data)
end.
%% @private
@@ -137,5 +137,5 @@ resolve_mac(DigestType) when is_atom(DigestType) ->
resolve_mac({hmac, DigestType});
resolve_mac({hmac, DigestType}) when is_atom(DigestType) ->
fun(Key, Data) ->
- crypto:hmac(DigestType, Key, Data)
+ jose_crypto_compat:mac(hmac, DigestType, Key, Data)
end.
diff --git a/src/jwe/jose_jwe_enc_aes.erl b/src/jwe/jose_jwe_enc_aes.erl
index 6c815ac..5b23b43 100644
--- a/src/jwe/jose_jwe_enc_aes.erl
+++ b/src/jwe/jose_jwe_enc_aes.erl
@@ -162,7 +162,7 @@ block_decrypt({AAD, CipherText, CipherTag}, CEK, IV, #jose_jwe_enc_aes{
<< MacKey:MacLen/binary, EncKey:EncLen/binary >> = CEK,
AADLength = << (bit_size(AAD)):1/unsigned-big-integer-unit:64 >>,
MacData = << AAD/binary, IV/binary, CipherText/binary, AADLength/binary >>,
- case crypto:hmac(HMAC, MacKey, MacData) of
+ case jose_crypto_compat:mac(hmac, HMAC, MacKey, MacData) of
<< CipherTag:TagLen/binary, _/binary >> ->
PlainText = jose_jwa_pkcs7:unpad(jose_jwa:block_decrypt(Cipher, EncKey, IV, CipherText)),
PlainText;
@@ -191,7 +191,7 @@ block_encrypt({AAD, PlainText}, CEK, IV, #jose_jwe_enc_aes{
CipherText = jose_jwa:block_encrypt(Cipher, EncKey, IV, jose_jwa_pkcs7:pad(PlainText)),
AADLength = << (bit_size(AAD)):1/unsigned-big-integer-unit:64 >>,
MacData = << AAD/binary, IV/binary, CipherText/binary, AADLength/binary >>,
- << CipherTag:TagLen/binary, _/binary >> = crypto:hmac(HMAC, MacKey, MacData),
+ << CipherTag:TagLen/binary, _/binary >> = jose_crypto_compat:mac(hmac, HMAC, MacKey, MacData),
{CipherText, CipherTag}.
next_cek(#jose_jwe_enc_aes{cek_len=CEKLen}) ->
diff --git a/src/jwk/jose_jwk_kty_oct.erl b/src/jwk/jose_jwk_kty_oct.erl
index cb1ac17..0b45eb5 100644
--- a/src/jwk/jose_jwk_kty_oct.erl
+++ b/src/jwk/jose_jwk_kty_oct.erl
@@ -120,7 +120,7 @@ derive_key(Key) ->
sign(Message, JWSALG, Key) when is_atom(JWSALG) ->
DigestType = jws_alg_to_digest_type(JWSALG),
- crypto:hmac(DigestType, Key, Message);
+ jose_crypto_compat:mac(hmac, DigestType, Key, Message);
sign(Message, {'Poly1305', Nonce}, Key) ->
jose_chacha20_poly1305:authenticate(Message, Key, Nonce);
sign(_Message, JWSALG, _Key) ->
diff --git a/test/property_test/jose_jwa_pkcs1_props.erl b/test/property_test/jose_jwa_pkcs1_props.erl
index 1669042..778f35e 100644
--- a/test/property_test/jose_jwa_pkcs1_props.erl
+++ b/test/property_test/jose_jwa_pkcs1_props.erl
@@ -137,4 +137,4 @@ prop_rsassa_pss_sign_and_verify_with_salt() ->
do_hash(DigestType, PlainText) when is_atom(DigestType) ->
crypto:hash(DigestType, PlainText);
do_hash({hmac, DigestType, Key}, PlainText) ->
- crypto:hmac(DigestType, Key, PlainText).
+ jose_crypto_compat:mac(hmac, DigestType, Key, PlainText).
--
2.25.4