Allow use of long name for KDFs

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4079)

diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 990375b6ae05c1b8208d6c41788ddd5047e7f051..07646c8639338a4fe8c218defac0fb21e2351d32 100644 (file)
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -389,8 +389,12 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize,
 
     if (kdfalg != NULL) {
         int kdfnid = OBJ_sn2nid(kdfalg);
 
     if (kdfalg != NULL) {
         int kdfnid = OBJ_sn2nid(kdfalg);

-        if (kdfnid == NID_undef)
-            goto end;
+
+        if (kdfnid == NID_undef) {
+            kdfnid = OBJ_ln2nid(kdfalg);
+            if (kdfnid == NID_undef)
+                goto end;
+        }

         ctx = EVP_PKEY_CTX_new_id(kdfnid, impl);
     } else {
         if (pkey == NULL)
         ctx = EVP_PKEY_CTX_new_id(kdfnid, impl);
     } else {
         if (pkey == NULL)

diff --git a/test/evp_test.c b/test/evp_test.c
index 6fcf3c6077e3bca76d96752f6be753470c245a26..8fd082f30c34761832a9c483ce812b2eb19ea47c 100644 (file)
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1623,10 +1623,14 @@ typedef struct kdf_data_st {
 static int kdf_test_init(EVP_TEST *t, const char *name)
 {
     KDF_DATA *kdata;
 static int kdf_test_init(EVP_TEST *t, const char *name)
 {
     KDF_DATA *kdata;

+    int kdf_nid = OBJ_sn2nid(name);
+
+    if (kdf_nid == NID_undef)
+        kdf_nid = OBJ_ln2nid(name);

 
     if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
         return 0;
 
     if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
         return 0;

-    kdata->ctx = EVP_PKEY_CTX_new_id(OBJ_sn2nid(name), NULL);
+    kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL);

     if (kdata->ctx == NULL) {
         OPENSSL_free(kdata);
         return 0;
     if (kdata->ctx == NULL) {
         OPENSSL_free(kdata);
         return 0;

diff --git a/test/recipes/30-test_evp_data/evpkdf.txt b/test/recipes/30-test_evp_data/evpkdf.txt
index fb8c270d8b59de6f0ce0791cf8e8256bcf3098a5..4df8f8fe0a616ce333a28f487a0899d1be1110b5 100644 (file)
--- a/test/recipes/30-test_evp_data/evpkdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf.txt
@@ -46,6 +46,15 @@ Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30
 Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
 Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
 
 Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
 Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
 

+# As above but use long name for KDF
+KDF=tls1-prf
+Ctrl.md = md:SHA256
+Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf
+Ctrl.label = seed:key expansion
+Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868
+Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616
+Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928
+

 # Missing digest.
 KDF=TLS1-PRF
 Ctrl.Secret = hexsecret:01
 # Missing digest.
 KDF=TLS1-PRF
 Ctrl.Secret = hexsecret:01