prov: add extra params argument to KDF implementations

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)

diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c
index b24b7452167cb42cfec1baa2f1d0970a1725bea7..24052f4d636f1e385e9ad2152d0bf069c665c274 100644 (file)
--- a/providers/implementations/kdfs/hkdf.c
+++ b/providers/implementations/kdfs/hkdf.c
@@ -123,12 +123,13 @@ static size_t kdf_hkdf_size(KDF_HKDF *ctx)
     return sz;
 }
 
-static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen,
+                           const OSSL_PARAM params[])
 {
     KDF_HKDF *ctx = (KDF_HKDF *)vctx;
     const EVP_MD *md;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !kdf_hkdf_set_ctx_params(ctx, params))
         return 0;
 
     md = ossl_prov_digest_md(&ctx->digest);

diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c
index ab6e5c87a963a3e6bf47df2f78be54348861cd42..2f6171baa7683c8236ad687c7f727293fec872c1 100644 (file)
--- a/providers/implementations/kdfs/kbkdf.c
+++ b/providers/implementations/kdfs/kbkdf.c
@@ -209,7 +209,8 @@ done:
     return ret;
 }
 
-static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen,
+                        const OSSL_PARAM params[])
 {
     KBKDF *ctx = (KBKDF *)vctx;
     int ret = 0;
@@ -217,7 +218,7 @@ static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen)
     uint32_t l = 0;
     size_t h = 0;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !kbkdf_set_ctx_params(ctx, params))
         return 0;
 
     /* label, context, and iv are permitted to be empty.  Check everything

diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c
index 35d6ccb680a9fa855fa12d19729c141de09cebcb..041c3e32b2f1f1ced0a648fbbd977fada1b57d0e 100644 (file)
--- a/providers/implementations/kdfs/krb5kdf.c
+++ b/providers/implementations/kdfs/krb5kdf.c
@@ -101,14 +101,14 @@ static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len,
     return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
 }
 
-static int krb5kdf_derive(void *vctx, unsigned char *key,
-                              size_t keylen)
+static int krb5kdf_derive(void *vctx, unsigned char *key, size_t keylen,
+                          const OSSL_PARAM params[])
 {
     KRB5KDF_CTX *ctx = (KRB5KDF_CTX *)vctx;
     const EVP_CIPHER *cipher;
     ENGINE *engine;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !krb5kdf_set_ctx_params(ctx, params))
         return 0;
 
     cipher = ossl_prov_cipher_cipher(&ctx->cipher);

diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
index 9d993dc545094363e4c58d7e3b2e7c44b9db232c..ce27fe9b393e15fe6f8f5ec6fca8b838102479db 100644 (file)
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -139,13 +139,13 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen,
     return 1;
 }
 
-static int kdf_pbkdf2_derive(void *vctx, unsigned char *key,
-                             size_t keylen)
+static int kdf_pbkdf2_derive(void *vctx, unsigned char *key, size_t keylen,
+                             const OSSL_PARAM params[])
 {
     KDF_PBKDF2 *ctx = (KDF_PBKDF2 *)vctx;
     const EVP_MD *md;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !kdf_pbkdf2_set_ctx_params(ctx, params))
         return 0;
 
     if (ctx->pass == NULL) {

diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c
index ce49c2844c5a68f052598fe15a7dabd4ec36fa3c..bea6dffeca8e1f0f22e04604196e5bcdc6f6f335 100644 (file)
--- a/providers/implementations/kdfs/pkcs12kdf.c
+++ b/providers/implementations/kdfs/pkcs12kdf.c
@@ -195,13 +195,13 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen,
     return 1;
 }
 
-static int kdf_pkcs12_derive(void *vctx, unsigned char *key,
-                             size_t keylen)
+static int kdf_pkcs12_derive(void *vctx, unsigned char *key, size_t keylen,
+                             const OSSL_PARAM params[])
 {
     KDF_PKCS12 *ctx = (KDF_PKCS12 *)vctx;
     const EVP_MD *md;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !kdf_pkcs12_set_ctx_params(ctx, params))
         return 0;
 
     if (ctx->pass == NULL) {

diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c
index de53d3e129ace6b72f161f42a43654bc05a099a4..6c61d3bb3cba00b18e73820854cf6c4cda09862c 100644 (file)
--- a/providers/implementations/kdfs/scrypt.c
+++ b/providers/implementations/kdfs/scrypt.c
@@ -147,12 +147,12 @@ static int set_property_query(KDF_SCRYPT *ctx, const char *propq)
     return 1;
 }
 
-static int kdf_scrypt_derive(void *vctx, unsigned char *key,
-                             size_t keylen)
+static int kdf_scrypt_derive(void *vctx, unsigned char *key, size_t keylen,
+                             const OSSL_PARAM params[])
 {
     KDF_SCRYPT *ctx = (KDF_SCRYPT *)vctx;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !kdf_scrypt_set_ctx_params(ctx, params))
         return 0;
 
     if (ctx->pass == NULL) {

diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c
index 90b7666450e5fba3a1e56d0c0dec44895b65c1e9..f99a6a74135dea1352f47754e530abe314aa6722 100644 (file)
--- a/providers/implementations/kdfs/sshkdf.c
+++ b/providers/implementations/kdfs/sshkdf.c
@@ -94,13 +94,13 @@ static int sshkdf_set_membuf(unsigned char **dst, size_t *dst_len,
     return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
 }
 
-static int kdf_sshkdf_derive(void *vctx, unsigned char *key,
-                             size_t keylen)
+static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen,
+                             const OSSL_PARAM params[])
 {
     KDF_SSHKDF *ctx = (KDF_SSHKDF *)vctx;
     const EVP_MD *md;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !kdf_sshkdf_set_ctx_params(ctx, params))
         return 0;
 
     md = ossl_prov_digest_md(&ctx->digest);

diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
index d040e49c2acd96e5c5a72bfff3c7e67f3b5cd2e5..118c44cfa752bfe6e87af3ca9efa66006d83aa5c 100644 (file)
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@@ -342,12 +342,13 @@ static size_t sskdf_size(KDF_SSKDF *ctx)
     return (len <= 0) ? 0 : (size_t)len;
 }
 
-static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen,
+                        const OSSL_PARAM params[])
 {
     KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
     const EVP_MD *md;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !sskdf_set_ctx_params(ctx, params))
         return 0;
     if (ctx->secret == NULL) {
         ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_SECRET);
@@ -411,12 +412,13 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
     }
 }
 
-static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen,
+                          const OSSL_PARAM params[])
 {
     KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
     const EVP_MD *md;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !sskdf_set_ctx_params(ctx, params))
         return 0;
 
     if (ctx->secret == NULL) {

diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
index af9adc30961586d6916ec2a3f98ae9c5e4c5e724..4204f03b3aa3e0a3aa2d491f75586b779383770e 100644 (file)
--- a/providers/implementations/kdfs/tls1_prf.c
+++ b/providers/implementations/kdfs/tls1_prf.c
@@ -131,12 +131,12 @@ static void kdf_tls1_prf_reset(void *vctx)
     ctx->provctx = provctx;
 }
 
-static int kdf_tls1_prf_derive(void *vctx, unsigned char *key,
-                               size_t keylen)
+static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen,
+                               const OSSL_PARAM params[])
 {
     TLS1_PRF *ctx = (TLS1_PRF *)vctx;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !kdf_tls1_prf_set_ctx_params(ctx, params))
         return 0;
 
     if (ctx->P_hash == NULL) {

diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
index a220eca80fa0ae67aed458a5f97266e2e650a707..ca478bc8830b2045eb2bf44224ef7ab711742af0 100644 (file)
--- a/providers/implementations/kdfs/x942kdf.c
+++ b/providers/implementations/kdfs/x942kdf.c
@@ -392,7 +392,8 @@ static size_t x942kdf_size(KDF_X942 *ctx)
     return (len <= 0) ? 0 : (size_t)len;
 }
 
-static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen,
+                          const OSSL_PARAM params[])
 {
     KDF_X942 *ctx = (KDF_X942 *)vctx;
     const EVP_MD *md;
@@ -401,7 +402,7 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen)
     unsigned char *der = NULL;
     size_t der_len = 0;
 
-    if (!ossl_prov_is_running())
+    if (!ossl_prov_is_running() || !x942kdf_set_ctx_params(ctx, params))
         return 0;
 
     /*