/*
- * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
#include <openssl/dh.h>
#include <openssl/err.h>
#include <openssl/core_names.h>
-#include "cms_local.h"
+#include "internal/sizes.h"
#include "crypto/evp.h"
+#include "cms_local.h"
static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
if ((public_key = d2i_ASN1_INTEGER(NULL, &p, plen)) == NULL)
goto err;
- plen = ASN1_STRING_length((ASN1_STRING *)public_key);
+ /*
+ * Pad to full p parameter size as that is checked by
+ * EVP_PKEY_set1_encoded_public_key()
+ */
+ plen = EVP_PKEY_get_size(pk);
if ((bnpub = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL)
goto err;
if ((buf = OPENSSL_malloc(plen)) == NULL)
int keylen, plen;
EVP_CIPHER *kekcipher = NULL;
EVP_CIPHER_CTX *kekctx;
- const char *name;
+ char name[OSSL_MAX_NAME_SIZE];
if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
goto err;
if (kekctx == NULL)
goto err;
- name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm));
- if (name == NULL)
+ if (OBJ_obj2txt(name, sizeof(name), kekalg->algorithm, 0) <= 0)
goto err;
kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery);
- if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
+ if (kekcipher == NULL
+ || EVP_CIPHER_get_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
goto err;
if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))
goto err;
if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0)
goto err;
- keylen = EVP_CIPHER_CTX_key_length(kekctx);
+ keylen = EVP_CIPHER_CTX_get_key_length(kekctx);
if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0)
goto err;
/* Use OBJ_nid2obj to ensure we use built in OID that isn't freed */
if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx,
- OBJ_nid2obj(EVP_CIPHER_type(kekcipher)))
+ OBJ_nid2obj(EVP_CIPHER_get_type(kekcipher)))
<= 0)
goto err;
kdf_md = EVP_sha1();
if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, kdf_md) <= 0)
goto err;
- } else if (EVP_MD_type(kdf_md) != NID_sha1)
+ } else if (EVP_MD_get_type(kdf_md) != NID_sha1)
/* Unsupported digest */
goto err;
/* Get wrap NID */
ctx = CMS_RecipientInfo_kari_get0_ctx(ri);
- wrap_nid = EVP_CIPHER_CTX_type(ctx);
+ wrap_nid = EVP_CIPHER_CTX_get_type(ctx);
if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx, OBJ_nid2obj(wrap_nid)) <= 0)
goto err;
- keylen = EVP_CIPHER_CTX_key_length(ctx);
+ keylen = EVP_CIPHER_CTX_get_key_length(ctx);
/* Package wrap algorithm in an AlgorithmIdentifier */
return rv;
}
-int cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt)
+int ossl_cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt)
{
assert(decrypt == 0 || decrypt == 1);