tls: adjust for extra argument to KDF derive call
authorPauli <ppzgs1@gmail.com>
Fri, 26 Feb 2021 00:06:52 +0000 (10:06 +1000)
committerPauli <ppzgs1@gmail.com>
Sun, 28 Feb 2021 07:25:49 +0000 (17:25 +1000)
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)

ssl/t1_enc.c
ssl/tls13_enc.c

index 531872b..bb0ee0c 100644 (file)
@@ -69,8 +69,7 @@ static int tls1_PRF(SSL *s,
     *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
                                              (void *)seed5, (size_t)seed5_len);
     *p = OSSL_PARAM_construct_end();
-    if (EVP_KDF_CTX_set_params(kctx, params)
-            && EVP_KDF_derive(kctx, out, olen)) {
+    if (EVP_KDF_derive(kctx, out, olen, params)) {
         EVP_KDF_CTX_free(kctx);
         return 1;
     }
index b9757fd..d48f305 100644 (file)
@@ -105,8 +105,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
                                              hkdflabel, hkdflabellen);
     *p++ = OSSL_PARAM_construct_end();
 
-    ret = EVP_KDF_CTX_set_params(kctx, params) <= 0
-        || EVP_KDF_derive(kctx, out, outlen) <= 0;
+    ret = EVP_KDF_derive(kctx, out, outlen, params) <= 0;
 
     EVP_KDF_CTX_free(kctx);
 
@@ -258,8 +257,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
                                              prevsecretlen);
     *p++ = OSSL_PARAM_construct_end();
 
-    ret = EVP_KDF_CTX_set_params(kctx, params) <= 0
-        || EVP_KDF_derive(kctx, outsecret, mdlen) <= 0;
+    ret = EVP_KDF_derive(kctx, outsecret, mdlen, params) <= 0;
 
     if (ret != 0)
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);