/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
{
HKDF_PKEY_CTX *kctx;
- kctx = OPENSSL_zalloc(sizeof(*kctx));
- if (kctx == NULL)
+ if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) {
+ KDFerr(KDF_F_PKEY_HKDF_INIT, ERR_R_MALLOC_FAILURE);
return 0;
+ }
ctx->data = kctx;
return EVP_PKEY_CTX_hkdf_mode(ctx, mode);
}
- if (strcmp(type, "md") == 0) {
- const EVP_MD *md = EVP_get_digestbyname(value);
- if (!md) {
- KDFerr(KDF_F_PKEY_HKDF_CTRL_STR, KDF_R_INVALID_DIGEST);
- return 0;
- }
- return EVP_PKEY_CTX_set_hkdf_md(ctx, md);
- }
+ if (strcmp(type, "md") == 0)
+ return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_DERIVE,
+ EVP_PKEY_CTRL_HKDF_MD, value);
if (strcmp(type, "salt") == 0)
return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value);
{
HKDF_PKEY_CTX *kctx = ctx->data;
- if (kctx->md == NULL || kctx->key == NULL) {
- KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_PARAMETER);
+ if (kctx->md == NULL) {
+ KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST);
+ return 0;
+ }
+ if (kctx->key == NULL) {
+ KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_KEY);
return 0;
}
unsigned char *okm, size_t okm_len)
{
HMAC_CTX *hmac;
+ unsigned char *ret = NULL;
unsigned int i;
done_len += copy_len;
}
-
- HMAC_CTX_free(hmac);
- return okm;
+ ret = okm;
err:
+ OPENSSL_cleanse(prev, sizeof(prev));
HMAC_CTX_free(hmac);
- return NULL;
+ return ret;
}