/*
- * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
#include "prov/providercommon.h"
#include "prov/implementations.h"
#include "prov/provider_util.h"
+#include "internal/params.h"
typedef struct {
void *provctx;
unsigned char *salt;
size_t salt_len;
size_t out_len; /* optional KMAC parameter */
+ int is_kmac;
} KDF_SSKDF;
#define SSKDF_MAX_INLEN (1<<30)
|| !ossl_prov_digest_copy(&dest->digest, &src->digest))
goto err;
dest->out_len = src->out_len;
+ dest->is_kmac = src->is_kmac;
}
return dest;
return NULL;
}
-static int sskdf_set_buffer(unsigned char **out, size_t *out_len,
- const OSSL_PARAM *p)
-{
- if (p->data == NULL || p->data_size == 0)
- return 1;
- OPENSSL_free(*out);
- *out = NULL;
- return OSSL_PARAM_get_octet_string(p, (void **)out, 0, out_len);
-}
-
static size_t sskdf_size(KDF_SSKDF *ctx)
{
int len;
- const EVP_MD *md = ossl_prov_digest_md(&ctx->digest);
+ const EVP_MD *md = NULL;
+
+ if (ctx->is_kmac)
+ return SIZE_MAX;
+ md = ossl_prov_digest_md(&ctx->digest);
if (md == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
return 0;
default_salt_len = EVP_MD_get_size(md);
if (default_salt_len <= 0)
return 0;
- } else if (EVP_MAC_is_a(mac, OSSL_MAC_NAME_KMAC128)
- || EVP_MAC_is_a(mac, OSSL_MAC_NAME_KMAC256)) {
+ } else if (ctx->is_kmac) {
/* H(x) = KMACzzz(x, salt, custom) */
custom = kmac_custom_str;
custom_len = sizeof(kmac_custom_str);
KDF_SSKDF *ctx = vctx;
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
size_t sz;
+ int r;
if (params == NULL)
return 1;
- if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx))
- return 0;
-
if (!ossl_prov_macctx_load_from_params(&ctx->macctx, params,
NULL, NULL, NULL, libctx))
return 0;
+ if (ctx->macctx != NULL) {
+ if (EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->macctx),
+ OSSL_MAC_NAME_KMAC128)
+ || EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->macctx),
+ OSSL_MAC_NAME_KMAC256)) {
+ ctx->is_kmac = 1;
+ }
+ }
- if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET)) != NULL
- || (p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL)
- if (!sskdf_set_buffer(&ctx->secret, &ctx->secret_len, p))
- return 0;
+ if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx))
+ return 0;
- if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_INFO)) != NULL)
- if (!sskdf_set_buffer(&ctx->info, &ctx->info_len, p))
- return 0;
+ r = ossl_param_get1_octet_string(params, OSSL_KDF_PARAM_SECRET,
+ &ctx->secret, &ctx->secret_len);
+ if (r == -1)
+ r = ossl_param_get1_octet_string(params, OSSL_KDF_PARAM_KEY,
+ &ctx->secret, &ctx->secret_len);
+ if (r == 0)
+ return 0;
+
+ if (ossl_param_get1_concat_octet_string(params, OSSL_KDF_PARAM_INFO,
+ &ctx->info, &ctx->info_len, 0) == 0)
+ return 0;
- if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SALT)) != NULL)
- if (!sskdf_set_buffer(&ctx->salt, &ctx->salt_len, p))
+ if (ossl_param_get1_octet_string(params, OSSL_KDF_PARAM_SALT,
+ &ctx->salt, &ctx->salt_len) == 0)
return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_MAC_SIZE))
{ OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS,
(void(*)(void))sskdf_gettable_ctx_params },
{ OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))sskdf_get_ctx_params },
- { 0, NULL }
+ OSSL_DISPATCH_END
};
const OSSL_DISPATCH ossl_kdf_x963_kdf_functions[] = {
{ OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS,
(void(*)(void))sskdf_gettable_ctx_params },
{ OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))sskdf_get_ctx_params },
- { 0, NULL }
+ OSSL_DISPATCH_END
};
projects / openssl.git / blobdiff