drbg: convert DRBGs to use generated ctx get param decoders

Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28143)

diff --git a/providers/implementations/include/prov/drbg.h b/providers/implementations/include/prov/drbg.h
index a4ae58e1f4aec1776b6562ae670478bb90b942bc..917b21c48b2a79b92c62f7fa40a551782823567b 100644 (file)
--- a/providers/implementations/include/prov/drbg.h
+++ b/providers/implementations/include/prov/drbg.h
@@ -213,8 +213,32 @@ OSSL_FUNC_rand_lock_fn ossl_drbg_lock;
 OSSL_FUNC_rand_unlock_fn ossl_drbg_unlock;
 
 /* Common parameters for all of our DRBGs */
-int ossl_drbg_get_ctx_params(PROV_DRBG *drbg, OSSL_PARAM params[]);
-int ossl_drbg_get_ctx_params_no_lock(PROV_DRBG *drbg, OSSL_PARAM params[],
+struct drbg_get_ctx_params_st {
+    OSSL_PARAM *state;
+    OSSL_PARAM *str;
+    OSSL_PARAM *maxreq;
+    OSSL_PARAM *minentlen;
+    OSSL_PARAM *maxentlen;
+    OSSL_PARAM *minnonlen;
+    OSSL_PARAM *maxnonlen;
+    OSSL_PARAM *maxperlen;
+    OSSL_PARAM *maxadlen;
+    OSSL_PARAM *reseed_cnt;
+    OSSL_PARAM *reseed_time;
+    OSSL_PARAM *reseed_req;
+    OSSL_PARAM *reseed_int;
+    OSSL_PARAM *ind;
+    OSSL_PARAM *cipher;         /* CTR DRBG */
+    OSSL_PARAM *df;             /* CTR DRBG */
+    OSSL_PARAM *digest;         /* HASH & HMAC DRBG */
+    OSSL_PARAM *mac;            /* HMAC DRBG */
+};
+
+int ossl_drbg_get_ctx_params(PROV_DRBG *drbg,
+                                     const struct drbg_get_ctx_params_st *p);
+int ossl_drbg_get_ctx_params_no_lock(PROV_DRBG *drbg,
+                                     const struct drbg_get_ctx_params_st *p,
+                                     const OSSL_PARAM params[],
                                      int *complete);
 
 struct drbg_set_ctx_params_st {

diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index d1666059560d75f848c9b237ddbd19ec2fcbc224..f4771794566004b73e8ac23a575fff6300e64ecd 100644 (file)
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -883,55 +883,54 @@ void ossl_rand_drbg_free(PROV_DRBG *drbg)
  * Helper function called by internal DRBG implementations. Assumes that at
  * least a read lock has been taken on drbg->lock
  */
-int ossl_drbg_get_ctx_params(PROV_DRBG *drbg, OSSL_PARAM params[])
+int ossl_drbg_get_ctx_params(PROV_DRBG *drbg,
+                             const struct drbg_get_ctx_params_st *p)
 {
-    OSSL_PARAM *p;
-
-    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STATE);
-    if (p != NULL && !OSSL_PARAM_set_int(p, drbg->state))
+    if (p->state != NULL && !OSSL_PARAM_set_int(p->state, drbg->state))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_STRENGTH);
-    if (p != NULL && !OSSL_PARAM_set_int(p, drbg->strength))
+    if (p->str != NULL && !OSSL_PARAM_set_int(p->str, drbg->strength))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_MIN_ENTROPYLEN);
-    if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->min_entropylen))
+    if (p->minentlen != NULL
+            && !OSSL_PARAM_set_size_t(p->minentlen, drbg->min_entropylen))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_MAX_ENTROPYLEN);
-    if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_entropylen))
+    if (p->maxentlen != NULL
+            && !OSSL_PARAM_set_size_t(p->maxentlen, drbg->max_entropylen))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_MIN_NONCELEN);
-    if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->min_noncelen))
+    if (p->minnonlen != NULL
+            && !OSSL_PARAM_set_size_t(p->minnonlen, drbg->min_noncelen))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_MAX_NONCELEN);
-    if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_noncelen))
+    if (p->maxnonlen != NULL
+            && !OSSL_PARAM_set_size_t(p->maxnonlen, drbg->max_noncelen))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_MAX_PERSLEN);
-    if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_perslen))
+    if (p->maxperlen != NULL
+            && !OSSL_PARAM_set_size_t(p->maxperlen, drbg->max_perslen))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_MAX_ADINLEN);
-    if (p != NULL && !OSSL_PARAM_set_size_t(p, drbg->max_adinlen))
+    if (p->maxadlen != NULL
+            && !OSSL_PARAM_set_size_t(p->maxadlen, drbg->max_adinlen))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_RESEED_REQUESTS);
-    if (p != NULL && !OSSL_PARAM_set_uint(p, drbg->reseed_interval))
+    if (p->reseed_req != NULL
+            && !OSSL_PARAM_set_uint(p->reseed_req, drbg->reseed_interval))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_RESEED_TIME);
-    if (p != NULL && !OSSL_PARAM_set_time_t(p, drbg->reseed_time))
+    if (p->reseed_time != NULL
+            && !OSSL_PARAM_set_time_t(p->reseed_time, drbg->reseed_time))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL);
-    if (p != NULL && !OSSL_PARAM_set_time_t(p, drbg->reseed_time_interval))
+    if (p->reseed_int != NULL
+            && !OSSL_PARAM_set_time_t(p->reseed_int, drbg->reseed_time_interval))
         return 0;
-    if (!OSSL_FIPS_IND_GET_CTX_PARAM(drbg, params))
+
+    if (!OSSL_FIPS_IND_GET_CTX_FROM_PARAM(drbg, p->ind))
         return 0;
+
     return 1;
 }
 
@@ -939,16 +938,15 @@ int ossl_drbg_get_ctx_params(PROV_DRBG *drbg, OSSL_PARAM params[])
  * Helper function to get certain params that require no lock to obtain. Sets
  * *complete to 1 if all the params were processed, or 0 otherwise
  */
-int ossl_drbg_get_ctx_params_no_lock(PROV_DRBG *drbg, OSSL_PARAM params[],
-                                     int *complete)
+int ossl_drbg_get_ctx_params_no_lock(PROV_DRBG *drbg,
+                                     const struct drbg_get_ctx_params_st *p,
+                                     const OSSL_PARAM params[], int *complete)
 {
     size_t cnt = 0;
-    OSSL_PARAM *p;
 
     /* This value never changes once set */
-    p = OSSL_PARAM_locate(params, OSSL_RAND_PARAM_MAX_REQUEST);
-    if (p != NULL) {
-        if (!OSSL_PARAM_set_size_t(p, drbg->max_request))
+    if (p->maxreq != NULL) {
+        if (!OSSL_PARAM_set_size_t(p->maxreq, drbg->max_request))
             return 0;
         cnt++;
     }
@@ -957,9 +955,8 @@ int ossl_drbg_get_ctx_params_no_lock(PROV_DRBG *drbg, OSSL_PARAM params[],
      * Can be changed by multiple threads, but we tolerate inaccuracies in this
      * value.
      */
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_RESEED_COUNTER);
-    if (p != NULL) {
-        if (!OSSL_PARAM_set_uint(p, tsan_load(&drbg->reseed_counter)))
+    if (p->reseed_cnt != NULL) {
+        if (!OSSL_PARAM_set_uint(p->reseed_cnt, tsan_load(&drbg->reseed_counter)))
             return 0;
         cnt++;
     }

diff --git a/providers/implementations/rands/drbg_ctr.c.in b/providers/implementations/rands/drbg_ctr.c.in
index 675713139a37a2be4970326df40ac3868ffea1fe..2a19f71a96820b410be7e73fe07ca733f5b055e9 100644 (file)
--- a/providers/implementations/rands/drbg_ctr.c.in
+++ b/providers/implementations/rands/drbg_ctr.c.in
@@ -350,7 +350,6 @@ static int drbg_ctr_instantiate_wrapper(void *vdrbg, unsigned int strength,
     if (drbg == NULL || !drbg_ctr_set_ctx_params_decoder(params, &p))
         return 0;
 
-
     if (drbg->lock != NULL && !CRYPTO_THREAD_write_lock(drbg->lock))
         return 0;
 
@@ -672,35 +671,59 @@ static void drbg_ctr_free(void *vdrbg)
     ossl_rand_drbg_free(drbg);
 }
 
+#define drbg_ctr_get_ctx_params_st  drbg_get_ctx_params_st
+
+{- produce_param_decoder('drbg_ctr_get_ctx_params',
+                         (['DRBG_PARAM_CIPHER',                 'cipher',      'utf8_string'],
+                          ['DRBG_PARAM_USE_DF',                 'df',          'int'],
+                          ['RAND_PARAM_STATE',                  'state',       'int'],
+                          ['RAND_PARAM_STRENGTH',               'str',         'uint'],
+                          ['RAND_PARAM_MAX_REQUEST',            'maxreq',      'size_t'],
+                          ['DRBG_PARAM_MIN_ENTROPYLEN',         'minentlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_ENTROPYLEN',         'maxentlen',   'size_t'],
+                          ['DRBG_PARAM_MIN_NONCELEN',           'minnonlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_NONCELEN',           'maxnonlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_PERSLEN',            'maxperlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_ADINLEN',            'maxadlen',    'size_t'],
+                          ['DRBG_PARAM_RESEED_COUNTER',         'reseed_cnt',  'uint'],
+                          ['DRBG_PARAM_RESEED_TIME',            'reseed_time', 'time_t'],
+                          ['DRBG_PARAM_RESEED_REQUESTS',        'reseed_req',  'uint'],
+                          ['DRBG_PARAM_RESEED_TIME_INTERVAL',   'reseed_int',  'uint64'],
+                          ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind',         'int'],
+                         )); -}
+
 static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 {
     PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
-    PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)drbg->data;
-    OSSL_PARAM *p;
+    PROV_DRBG_CTR *ctr;
+    struct drbg_ctr_get_ctx_params_st p;
     int ret = 0, complete = 0;
 
-    if (!ossl_drbg_get_ctx_params_no_lock(drbg, params, &complete))
+    if (drbg == NULL || !drbg_ctr_get_ctx_params_decoder(params, &p))
+        return 0;
+
+    if (!ossl_drbg_get_ctx_params_no_lock(drbg, &p, params, &complete))
         return 0;
 
     if (complete)
         return 1;
 
+    ctr = (PROV_DRBG_CTR *)drbg->data;
+
     if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_USE_DF);
-    if (p != NULL && !OSSL_PARAM_set_int(p, ctr->use_df))
+    if (p.df != NULL && !OSSL_PARAM_set_int(p.df, ctr->use_df))
         goto err;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_CIPHER);
-    if (p != NULL) {
+    if (p.cipher != NULL) {
         if (ctr->cipher_ctr == NULL
-            || !OSSL_PARAM_set_utf8_string(p,
+            || !OSSL_PARAM_set_utf8_string(p.cipher,
                                            EVP_CIPHER_get0_name(ctr->cipher_ctr)))
             goto err;
     }
 
-    ret = ossl_drbg_get_ctx_params(drbg, params);
+    ret = ossl_drbg_get_ctx_params(drbg, &p);
  err:
     if (drbg->lock != NULL)
         CRYPTO_THREAD_unlock(drbg->lock);
@@ -711,14 +734,7 @@ static int drbg_ctr_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 static const OSSL_PARAM *drbg_ctr_gettable_ctx_params(ossl_unused void *vctx,
                                                       ossl_unused void *provctx)
 {
-    static const OSSL_PARAM known_gettable_ctx_params[] = {
-        OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_CIPHER, NULL, 0),
-        OSSL_PARAM_int(OSSL_DRBG_PARAM_USE_DF, NULL),
-        OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
-        OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
-        OSSL_PARAM_END
-    };
-    return known_gettable_ctx_params;
+    return drbg_ctr_get_ctx_params_list;
 }
 
 static int drbg_ctr_set_ctx_params_locked(PROV_DRBG *ctx,

diff --git a/providers/implementations/rands/drbg_hash.c.in b/providers/implementations/rands/drbg_hash.c.in
index af1e578603e9d319314b47632ea1fbbdbcc512b2..e059d1d8c84e0d9a0d1f35f53118d1db15209627 100644 (file)
--- a/providers/implementations/rands/drbg_hash.c.in
+++ b/providers/implementations/rands/drbg_hash.c.in
@@ -474,31 +474,56 @@ static void drbg_hash_free(void *vdrbg)
     ossl_rand_drbg_free(drbg);
 }
 
+#define drbg_hash_get_ctx_params_st  drbg_get_ctx_params_st
+
+{- produce_param_decoder('drbg_hash_get_ctx_params',
+                         (['DRBG_PARAM_DIGEST',                 'digest',      'utf8_string'],
+                          ['RAND_PARAM_STATE',                  'state',       'int'],
+                          ['RAND_PARAM_STRENGTH',               'str',         'uint'],
+                          ['RAND_PARAM_MAX_REQUEST',            'maxreq',      'size_t'],
+                          ['DRBG_PARAM_MIN_ENTROPYLEN',         'minentlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_ENTROPYLEN',         'maxentlen',   'size_t'],
+                          ['DRBG_PARAM_MIN_NONCELEN',           'minnonlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_NONCELEN',           'maxnonlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_PERSLEN',            'maxperlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_ADINLEN',            'maxadlen',    'size_t'],
+                          ['DRBG_PARAM_RESEED_COUNTER',         'reseed_cnt',  'uint'],
+                          ['DRBG_PARAM_RESEED_TIME',            'reseed_time', 'time_t'],
+                          ['DRBG_PARAM_RESEED_REQUESTS',        'reseed_req',  'uint'],
+                          ['DRBG_PARAM_RESEED_TIME_INTERVAL',   'reseed_int',  'uint64'],
+                          ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind',         'int'],
+                         )); -}
+
 static int drbg_hash_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 {
     PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
-    PROV_DRBG_HASH *hash = (PROV_DRBG_HASH *)drbg->data;
+    PROV_DRBG_HASH *hash;
     const EVP_MD *md;
-    OSSL_PARAM *p;
+    struct drbg_get_ctx_params_st p;
     int ret = 0, complete = 0;
 
-    if (!ossl_drbg_get_ctx_params_no_lock(drbg, params, &complete))
+    if (drbg == NULL || !drbg_hash_get_ctx_params_decoder(params, &p))
+        return 0;
+
+    if (!ossl_drbg_get_ctx_params_no_lock(drbg, &p, params, &complete))
         return 0;
 
     if (complete)
         return 1;
 
+    hash = (PROV_DRBG_HASH *)drbg->data;
+
     if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_DIGEST);
-    if (p != NULL) {
+    if (p.digest != NULL) {
         md = ossl_prov_digest_md(&hash->digest);
-        if (md == NULL || !OSSL_PARAM_set_utf8_string(p, EVP_MD_get0_name(md)))
+        if (md == NULL
+                || !OSSL_PARAM_set_utf8_string(p.digest, EVP_MD_get0_name(md)))
             goto err;
     }
 
-    ret = ossl_drbg_get_ctx_params(drbg, params);
+    ret = ossl_drbg_get_ctx_params(drbg, &p);
  err:
     if (drbg->lock != NULL)
         CRYPTO_THREAD_unlock(drbg->lock);
@@ -509,13 +534,7 @@ static int drbg_hash_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 static const OSSL_PARAM *drbg_hash_gettable_ctx_params(ossl_unused void *vctx,
                                                        ossl_unused void *p_ctx)
 {
-    static const OSSL_PARAM known_gettable_ctx_params[] = {
-        OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
-        OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
-        OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
-        OSSL_PARAM_END
-    };
-    return known_gettable_ctx_params;
+    return drbg_hash_get_ctx_params_list;
 }
 
 static int drbg_fetch_digest_from_prov(const struct drbg_set_ctx_params_st *p,

diff --git a/providers/implementations/rands/drbg_hmac.c.in b/providers/implementations/rands/drbg_hmac.c.in
index 4b819dadbce04a93e2395ca0078dd1ffb3f775aa..6b7a15c894e4263e9b0ab4674f9c23ffa2aae8cb 100644 (file)
--- a/providers/implementations/rands/drbg_hmac.c.in
+++ b/providers/implementations/rands/drbg_hmac.c.in
@@ -366,41 +366,66 @@ static void drbg_hmac_free(void *vdrbg)
     ossl_rand_drbg_free(drbg);
 }
 
+#define drbg_hmac_get_ctx_params_st  drbg_get_ctx_params_st
+
+{- produce_param_decoder('drbg_hmac_get_ctx_params',
+                         (['DRBG_PARAM_MAC',                    'mac',         'utf8_string'],
+                          ['DRBG_PARAM_DIGEST',                 'digest',      'utf8_string'],
+                          ['RAND_PARAM_STATE',                  'state',       'int'],
+                          ['RAND_PARAM_STRENGTH',               'str',         'uint'],
+                          ['RAND_PARAM_MAX_REQUEST',            'maxreq',      'size_t'],
+                          ['DRBG_PARAM_MIN_ENTROPYLEN',         'minentlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_ENTROPYLEN',         'maxentlen',   'size_t'],
+                          ['DRBG_PARAM_MIN_NONCELEN',           'minnonlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_NONCELEN',           'maxnonlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_PERSLEN',            'maxperlen',   'size_t'],
+                          ['DRBG_PARAM_MAX_ADINLEN',            'maxadlen',    'size_t'],
+                          ['DRBG_PARAM_RESEED_COUNTER',         'reseed_cnt',  'uint'],
+                          ['DRBG_PARAM_RESEED_TIME',            'reseed_time', 'time_t'],
+                          ['DRBG_PARAM_RESEED_REQUESTS',        'reseed_req',  'uint'],
+                          ['DRBG_PARAM_RESEED_TIME_INTERVAL',   'reseed_int',  'uint64'],
+                          ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind',         'int'],
+                         )); -}
+
 static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 {
     PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
-    PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
+    PROV_DRBG_HMAC *hmac;
     const char *name;
     const EVP_MD *md;
-    OSSL_PARAM *p;
+    struct drbg_get_ctx_params_st p;
     int ret = 0, complete = 0;
 
-    if (!ossl_drbg_get_ctx_params_no_lock(drbg, params, &complete))
+    if (drbg == NULL || !drbg_hmac_get_ctx_params_decoder(params, &p))
+        return 0;
+
+    if (!ossl_drbg_get_ctx_params_no_lock(drbg, &p, params, &complete))
         return 0;
 
     if (complete)
         return 1;
 
+    hmac = (PROV_DRBG_HMAC *)drbg->data;
+
     if (drbg->lock != NULL && !CRYPTO_THREAD_read_lock(drbg->lock))
         return 0;
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_MAC);
-    if (p != NULL) {
+    if (p.mac != NULL) {
         if (hmac->ctx == NULL)
             goto err;
         name = EVP_MAC_get0_name(EVP_MAC_CTX_get0_mac(hmac->ctx));
-        if (!OSSL_PARAM_set_utf8_string(p, name))
+        if (!OSSL_PARAM_set_utf8_string(p.mac, name))
             goto err;
     }
 
-    p = OSSL_PARAM_locate(params, OSSL_DRBG_PARAM_DIGEST);
-    if (p != NULL) {
+    if (p.digest != NULL) {
         md = ossl_prov_digest_md(&hmac->digest);
-        if (md == NULL || !OSSL_PARAM_set_utf8_string(p, EVP_MD_get0_name(md)))
+        if (md == NULL
+                || !OSSL_PARAM_set_utf8_string(p.digest, EVP_MD_get0_name(md)))
             goto err;
     }
 
-    ret = ossl_drbg_get_ctx_params(drbg, params);
+    ret = ossl_drbg_get_ctx_params(drbg, &p);
  err:
     if (drbg->lock != NULL)
         CRYPTO_THREAD_unlock(drbg->lock);
@@ -411,14 +436,7 @@ static int drbg_hmac_get_ctx_params(void *vdrbg, OSSL_PARAM params[])
 static const OSSL_PARAM *drbg_hmac_gettable_ctx_params(ossl_unused void *vctx,
                                                        ossl_unused void *p_ctx)
 {
-    static const OSSL_PARAM known_gettable_ctx_params[] = {
-        OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_MAC, NULL, 0),
-        OSSL_PARAM_utf8_string(OSSL_DRBG_PARAM_DIGEST, NULL, 0),
-        OSSL_PARAM_DRBG_GETTABLE_CTX_COMMON,
-        OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
-        OSSL_PARAM_END
-    };
-    return known_gettable_ctx_params;
+    return drbg_hmac_get_ctx_params_list;
 }
 
 static int drbg_fetch_algs_from_prov(const struct drbg_set_ctx_params_st *p,
@@ -439,7 +457,7 @@ static int drbg_fetch_algs_from_prov(const struct drbg_set_ctx_params_st *p,
     if ((prov = ossl_provider_find(libctx, (const char *)p->prov->data, 1)) == NULL)
         return 0;
 
-    if (p->digest) {
+    if (p->digest != NULL) {
         if (p->digest->data_type != OSSL_PARAM_UTF8_STRING)
             goto done;