From: Pauli <ppzgs1@gmail.com>
Date: Tue, 2 Mar 2021 12:00:53 +0000 (+1000)
Subject: prov: update exchange algorithms to support params on the init call
X-Git-Tag: openssl-3.0.0-alpha14~325
X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fopenssl.git;a=commitdiff_plain;h=2b2f4f9b1bba61e989adddc7affcdbe5d89c7c05

prov: update exchange algorithms to support params on the init call

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)
---

diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c
index b74adfbc34..87eb17dd60 100644
--- a/providers/implementations/exchange/dh_exch.c
+++ b/providers/implementations/exchange/dh_exch.c
@@ -93,7 +93,7 @@ static void *dh_newctx(void *provctx)
     return pdhctx;
 }
 
-static int dh_init(void *vpdhctx, void *vdh)
+static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[])
 {
     PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
 
@@ -105,7 +105,7 @@ static int dh_init(void *vpdhctx, void *vdh)
     DH_free(pdhctx->dh);
     pdhctx->dh = vdh;
     pdhctx->kdf_type = PROV_DH_KDF_NONE;
-    return ossl_dh_check_key(vdh);
+    return dh_set_ctx_params(pdhctx, params) && ossl_dh_check_key(vdh);
 }
 
 static int dh_set_peer(void *vpdhctx, void *vdh)
@@ -292,8 +292,10 @@ static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[])
     char name[80] = { '\0' }; /* should be big enough */
     char *str = NULL;
 
-    if (pdhctx == NULL || params == NULL)
+    if (pdhctx == NULL)
         return 0;
+    if (params == NULL)
+        return 1;
 
     p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_TYPE);
     if (p != NULL) {
@@ -416,7 +418,7 @@ static int dh_get_ctx_params(void *vpdhctx, OSSL_PARAM params[])
     PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
     OSSL_PARAM *p;
 
-    if (pdhctx == NULL || params == NULL)
+    if (pdhctx == NULL)
         return 0;
 
     p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_TYPE);
diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c
index d468d2a8a2..63bcf4e50c 100644
--- a/providers/implementations/exchange/ecdh_exch.c
+++ b/providers/implementations/exchange/ecdh_exch.c
@@ -99,7 +99,7 @@ void *ecdh_newctx(void *provctx)
 }
 
 static
-int ecdh_init(void *vpecdhctx, void *vecdh)
+int ecdh_init(void *vpecdhctx, void *vecdh, const OSSL_PARAM params[])
 {
     PROV_ECDH_CTX *pecdhctx = (PROV_ECDH_CTX *)vpecdhctx;
 
@@ -112,7 +112,8 @@ int ecdh_init(void *vpecdhctx, void *vecdh)
     pecdhctx->k = vecdh;
     pecdhctx->cofactor_mode = -1;
     pecdhctx->kdf_type = PROV_ECDH_KDF_NONE;
-    return ossl_ec_check_key(vecdh, 1);
+    return ecdh_set_ctx_params(pecdhctx, params)
+           && ossl_ec_check_key(vecdh, 1);
 }
 
 static
@@ -206,8 +207,10 @@ int ecdh_set_ctx_params(void *vpecdhctx, const OSSL_PARAM params[])
     PROV_ECDH_CTX *pectx = (PROV_ECDH_CTX *)vpecdhctx;
     const OSSL_PARAM *p;
 
-    if (pectx == NULL || params == NULL)
+    if (pectx == NULL)
         return 0;
+    if (params == NULL)
+        return 1;
 
     p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE);
     if (p != NULL) {
@@ -310,7 +313,7 @@ int ecdh_get_ctx_params(void *vpecdhctx, OSSL_PARAM params[])
     PROV_ECDH_CTX *pectx = (PROV_ECDH_CTX *)vpecdhctx;
     OSSL_PARAM *p;
 
-    if (pectx == NULL || params == NULL)
+    if (pectx == NULL)
         return 0;
 
     p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE);
diff --git a/providers/implementations/exchange/ecx_exch.c b/providers/implementations/exchange/ecx_exch.c
index 17861c0d75..caa1eece89 100644
--- a/providers/implementations/exchange/ecx_exch.c
+++ b/providers/implementations/exchange/ecx_exch.c
@@ -69,7 +69,8 @@ static void *x448_newctx(void *provctx)
     return ecx_newctx(provctx, X448_KEYLEN);
 }
 
-static int ecx_init(void *vecxctx, void *vkey)
+static int ecx_init(void *vecxctx, void *vkey,
+                    ossl_unused const OSSL_PARAM params[])
 {
     PROV_ECX_CTX *ecxctx = (PROV_ECX_CTX *)vecxctx;
     ECX_KEY *key = vkey;
diff --git a/providers/implementations/exchange/kdf_exch.c b/providers/implementations/exchange/kdf_exch.c
index 6979ce5c11..d61c04354c 100644
--- a/providers/implementations/exchange/kdf_exch.c
+++ b/providers/implementations/exchange/kdf_exch.c
@@ -74,7 +74,7 @@ KDF_NEWCTX(tls1_prf, "TLS1-PRF")
 KDF_NEWCTX(hkdf, "HKDF")
 KDF_NEWCTX(scrypt, "SCRYPT")
 
-static int kdf_init(void *vpkdfctx, void *vkdf)
+static int kdf_init(void *vpkdfctx, void *vkdf, const OSSL_PARAM params[])
 {
     PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;
 
@@ -85,7 +85,7 @@ static int kdf_init(void *vpkdfctx, void *vkdf)
         return 0;
     pkdfctx->kdfdata = vkdf;
 
-    return 1;
+    return kdf_set_ctx_params(pkdfctx, params);
 }
 
 static int kdf_derive(void *vpkdfctx, unsigned char *secret, size_t *secretlen,