prov kdf: update to use the extra MAC init arguments

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)

diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c
index 26235e400b7596cc151162a7fe6a36a6b0e29d00..ab6e5c87a963a3e6bf47df2f78be54348861cd42 100644 (file)
--- a/providers/implementations/kdfs/kbkdf.c
+++ b/providers/implementations/kdfs/kbkdf.c
@@ -280,7 +280,6 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
     KBKDF *ctx = (KBKDF *)vctx;
     OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
     const OSSL_PARAM *p;
-    OSSL_PARAM mparams[2];
 
     if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL,
                                            NULL, NULL, libctx))
@@ -330,16 +329,9 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         return 0;
 
     /* Set up digest context, if we can. */
-    if (ctx->ctx_init != NULL && ctx->ki_len != 0) {
-        mparams[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                                       ctx->ki, ctx->ki_len);
-        mparams[1] = OSSL_PARAM_construct_end();
-
-        if (!EVP_MAC_CTX_set_params(ctx->ctx_init, mparams)
-            || !EVP_MAC_init(ctx->ctx_init))
+    if (ctx->ctx_init != NULL && ctx->ki_len != 0
+            && !EVP_MAC_init(ctx->ctx_init, ctx->ki, ctx->ki_len, NULL))
             return 0;
-    }
-
     return 1;
 }
 

diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
index bc0b49c5616c31d2a536eba782872e3fe7ae9416..d040e49c2acd96e5c5a72bfff3c7e67f3b5cd2e5 100644 (file)
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@@ -223,27 +223,19 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init,
     unsigned char *out = derived_key;
     EVP_MAC_CTX *ctx = NULL;
     unsigned char *mac = mac_buf, *kmac_buffer = NULL;
-    OSSL_PARAM params[2], *p = params;
 
     if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN
             || derived_key_len > SSKDF_MAX_INLEN
             || derived_key_len == 0)
         return 0;
 
-    *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                             (void *)salt, salt_len);
-    *p = OSSL_PARAM_construct_end();
-
-    if (!EVP_MAC_CTX_set_params(ctx_init, params))
-        goto end;
-
     if (!kmac_init(ctx_init, kmac_custom, kmac_custom_len, kmac_out_len,
                    derived_key_len, &kmac_buffer))
         goto end;
     if (kmac_buffer != NULL)
         mac = kmac_buffer;
 
-    if (!EVP_MAC_init(ctx_init))
+    if (!EVP_MAC_init(ctx_init, salt, salt_len, NULL))
         goto end;
 
     out_len = EVP_MAC_CTX_get_mac_size(ctx_init); /* output size */

diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
index a3bdc8504003c4f0543dcd3a11b121046c2ff3ae..af9adc30961586d6916ec2a3f98ae9c5e4c5e724 100644 (file)
--- a/providers/implementations/kdfs/tls1_prf.c
+++ b/providers/implementations/kdfs/tls1_prf.c
@@ -289,14 +289,8 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init,
     unsigned char Ai[EVP_MAX_MD_SIZE];
     size_t Ai_len;
     int ret = 0;
-    OSSL_PARAM params[2], *p = params;
 
-    *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
-                                             (void *)sec, sec_len);
-    *p = OSSL_PARAM_construct_end();
-    if (!EVP_MAC_CTX_set_params(ctx_init, params))
-        goto err;
-    if (!EVP_MAC_init(ctx_init))
+    if (!EVP_MAC_init(ctx_init, sec, sec_len, NULL))
         goto err;
     chunk = EVP_MAC_CTX_get_mac_size(ctx_init);
     if (chunk == 0)