/*
- * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
static const unsigned char kmac_custom_str[] = { 0x4B, 0x44, 0x46 };
static OSSL_FUNC_kdf_newctx_fn sskdf_new;
+static OSSL_FUNC_kdf_dupctx_fn sskdf_dup;
static OSSL_FUNC_kdf_freectx_fn sskdf_free;
static OSSL_FUNC_kdf_reset_fn sskdf_reset;
static OSSL_FUNC_kdf_derive_fn sskdf_derive;
|| derived_key_len == 0)
return 0;
- hlen = EVP_MD_size(kdf_md);
+ hlen = EVP_MD_get_size(kdf_md);
if (hlen <= 0)
return 0;
out_len = (size_t)hlen;
goto end;
out_len = EVP_MAC_CTX_get_mac_size(ctx_init); /* output size */
- if (out_len <= 0)
+ if (out_len <= 0 || (mac == mac_buf && out_len > sizeof(mac_buf)))
goto end;
len = derived_key_len;
if (len == 0)
break;
} else {
- if (!EVP_MAC_final(ctx, mac, NULL, len))
+ if (!EVP_MAC_final(ctx, mac, NULL, out_len))
goto end;
memcpy(out, mac, len);
break;
if (!ossl_prov_is_running())
return NULL;
- if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL)
- ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
- ctx->provctx = provctx;
+ if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL)
+ ctx->provctx = provctx;
return ctx;
}
}
}
+static void *sskdf_dup(void *vctx)
+{
+ const KDF_SSKDF *src = (const KDF_SSKDF *)vctx;
+ KDF_SSKDF *dest;
+
+ dest = sskdf_new(src->provctx);
+ if (dest != NULL) {
+ if (src->macctx != NULL) {
+ dest->macctx = EVP_MAC_CTX_dup(src->macctx);
+ if (dest->macctx == NULL)
+ goto err;
+ }
+ if (!ossl_prov_memdup(src->info, src->info_len,
+ &dest->info, &dest->info_len)
+ || !ossl_prov_memdup(src->salt, src->salt_len,
+ &dest->salt , &dest->salt_len)
+ || !ossl_prov_memdup(src->secret, src->secret_len,
+ &dest->secret, &dest->secret_len)
+ || !ossl_prov_digest_copy(&dest->digest, &src->digest))
+ goto err;
+ dest->out_len = src->out_len;
+ }
+ return dest;
+
+ err:
+ sskdf_free(dest);
+ return NULL;
+}
+
static int sskdf_set_buffer(unsigned char **out, size_t *out_len,
const OSSL_PARAM *p)
{
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
return 0;
}
- len = EVP_MD_size(md);
+ len = EVP_MD_get_size(md);
return (len <= 0) ? 0 : (size_t)len;
}
-static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !sskdf_set_ctx_params(ctx, params))
return 0;
if (ctx->secret == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_SECRET);
const unsigned char *custom = NULL;
size_t custom_len = 0;
int default_salt_len;
- EVP_MAC *mac = EVP_MAC_CTX_mac(ctx->macctx);
+ EVP_MAC *mac = EVP_MAC_CTX_get0_mac(ctx->macctx);
if (EVP_MAC_is_a(mac, OSSL_MAC_NAME_HMAC)) {
/* H(x) = HMAC(x, salt, hash) */
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
return 0;
}
- default_salt_len = EVP_MD_size(md);
+ default_salt_len = EVP_MD_get_size(md);
if (default_salt_len <= 0)
return 0;
} else if (EVP_MAC_is_a(mac, OSSL_MAC_NAME_KMAC128)
/* If no salt is set then use a default_salt of zeros */
if (ctx->salt == NULL || ctx->salt_len <= 0) {
ctx->salt = OPENSSL_zalloc(default_salt_len);
- if (ctx->salt == NULL) {
- ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
+ if (ctx->salt == NULL)
return 0;
- }
ctx->salt_len = default_salt_len;
}
ret = SSKDF_mac_kdm(ctx->macctx,
}
}
-static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !sskdf_set_ctx_params(ctx, params))
return 0;
if (ctx->secret == NULL) {
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
size_t sz;
+ if (params == NULL)
+ return 1;
+
if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx))
return 0;
const OSSL_DISPATCH ossl_kdf_sskdf_functions[] = {
{ OSSL_FUNC_KDF_NEWCTX, (void(*)(void))sskdf_new },
+ { OSSL_FUNC_KDF_DUPCTX, (void(*)(void))sskdf_dup },
{ OSSL_FUNC_KDF_FREECTX, (void(*)(void))sskdf_free },
{ OSSL_FUNC_KDF_RESET, (void(*)(void))sskdf_reset },
{ OSSL_FUNC_KDF_DERIVE, (void(*)(void))sskdf_derive },
const OSSL_DISPATCH ossl_kdf_x963_kdf_functions[] = {
{ OSSL_FUNC_KDF_NEWCTX, (void(*)(void))sskdf_new },
+ { OSSL_FUNC_KDF_DUPCTX, (void(*)(void))sskdf_dup },
{ OSSL_FUNC_KDF_FREECTX, (void(*)(void))sskdf_free },
{ OSSL_FUNC_KDF_RESET, (void(*)(void))sskdf_reset },
{ OSSL_FUNC_KDF_DERIVE, (void(*)(void))x963kdf_derive },