* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
+{-
+use OpenSSL::paramnames qw(produce_param_decoder);
+-}
/*
* This implements https://csrc.nist.gov/publications/detail/sp/800-108/final
#define ossl_min(a, b) ((a) < (b)) ? (a) : (b)
+#define KBKDF_MAX_INFOS 5
+
typedef enum {
COUNTER = 0,
FEEDBACK
return ret;
}
+{- produce_param_decoder('kbkdf_set_ctx_params',
+ (['KDF_PARAM_INFO', 'info', 'octet_string', KBKDF_MAX_INFOS],
+ ['KDF_PARAM_SALT', 'salt', 'octet_string'],
+ ['KDF_PARAM_KEY', 'key', 'octet_string'],
+ ['KDF_PARAM_SEED', 'seed', 'octet_string'],
+ ['KDF_PARAM_DIGEST', 'digest', 'utf8_string'],
+ ['KDF_PARAM_CIPHER', 'cipher', 'utf8_string'],
+ ['KDF_PARAM_MAC', 'mac', 'utf8_string'],
+ ['KDF_PARAM_MODE', 'mode', 'utf8_string'],
+ ['KDF_PARAM_PROPERTIES', 'propq', 'utf8_string'],
+ ['ALG_PARAM_ENGINE', 'engine', 'utf8_string'],
+ ['KDF_PARAM_KBKDF_USE_L', 'use_l', 'int'],
+ ['KDF_PARAM_KBKDF_USE_SEPARATOR', 'sep', 'int'],
+ ['KDF_PARAM_KBKDF_R', 'r', 'int'],
+ ['KDF_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'],
+ )); -}
+
static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{
KBKDF *ctx = (KBKDF *)vctx;
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
- const OSSL_PARAM *p;
+ struct kbkdf_set_ctx_params_st p;
+ const char *s;
- if (ossl_param_is_empty(params))
- return 1;
+ if (ctx == NULL || !kbkdf_set_ctx_params_decoder(params, &p))
+ return 0;
- if (!OSSL_FIPS_IND_SET_CTX_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, params,
- OSSL_KDF_PARAM_FIPS_KEY_CHECK))
+ if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p.ind_k))
return 0;
- if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL,
- NULL, NULL, libctx))
+ if (!ossl_prov_macctx_load(&ctx->ctx_init, p.mac, p.cipher,
+ p.digest, p.propq, p.engine,
+ NULL, NULL, NULL, libctx))
return 0;
+
if (ctx->ctx_init != NULL) {
ctx->is_kmac = 0;
if (EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init),
}
}
- p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_MODE);
- if (p != NULL
- && OPENSSL_strncasecmp("counter", p->data, p->data_size) == 0) {
- ctx->mode = COUNTER;
- } else if (p != NULL
- && OPENSSL_strncasecmp("feedback", p->data, p->data_size) == 0) {
- ctx->mode = FEEDBACK;
- } else if (p != NULL) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
- return 0;
+ if (p.mode != NULL) {
+ if (!OSSL_PARAM_get_utf8_string_ptr(p.mode, &s))
+ return 0;
+ if (OPENSSL_strncasecmp("counter", s, p.mode->data_size) == 0) {
+ ctx->mode = COUNTER;
+ } else if (OPENSSL_strncasecmp("feedback", s, p.mode->data_size) == 0) {
+ ctx->mode = FEEDBACK;
+ } else {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
+ return 0;
+ }
}
- p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY);
- if (p != NULL) {
- if (ossl_param_get1_octet_string(p, OSSL_KDF_PARAM_KEY,
- &ctx->ki, &ctx->ki_len) == 0)
- return 0;
+ if (ossl_param_get1_octet_string_from_param(p.key, &ctx->ki,
+ &ctx->ki_len) == 0)
+ return 0;
#ifdef FIPS_MODULE
- if (!fips_kbkdf_key_check_passed(ctx))
- return 0;
+ if (p.key != NULL && !fips_kbkdf_key_check_passed(ctx))
+ return 0;
#endif
- }
- if (ossl_param_get1_octet_string(params, OSSL_KDF_PARAM_SALT,
- &ctx->label, &ctx->label_len) == 0)
- return 0;
+ if (ossl_param_get1_octet_string_from_param(p.salt, &ctx->label,
+ &ctx->label_len) == 0)
+ return 0;
- if (ossl_param_get1_concat_octet_string(params, OSSL_KDF_PARAM_INFO,
- &ctx->context, &ctx->context_len,
- 0) == 0)
+ if (ossl_param_get1_concat_octet_string(p.num_info, p.info, &ctx->context,
+ &ctx->context_len, 0) == 0)
return 0;
- if (ossl_param_get1_octet_string(params, OSSL_KDF_PARAM_SEED,
- &ctx->iv, &ctx->iv_len) == 0)
- return 0;
+ if (ossl_param_get1_octet_string_from_param(p.seed, &ctx->iv,
+ &ctx->iv_len) == 0)
+ return 0;
- p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_USE_L);
- if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->use_l))
+ if (p.use_l != NULL && !OSSL_PARAM_get_int(p.use_l, &ctx->use_l))
return 0;
- p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_R);
- if (p != NULL) {
+ if (p.r != NULL) {
int new_r = 0;
- if (!OSSL_PARAM_get_int(p, &new_r))
+ if (!OSSL_PARAM_get_int(p.r, &new_r))
return 0;
if (new_r != 8 && new_r != 16 && new_r != 24 && new_r != 32)
return 0;
ctx->r = new_r;
}
- p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR);
- if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->use_separator))
+ if (p.sep != NULL && !OSSL_PARAM_get_int(p.sep, &ctx->use_separator))
return 0;
/* Set up digest context, if we can. */
static const OSSL_PARAM *kbkdf_settable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
- static const OSSL_PARAM known_settable_ctx_params[] = {
- OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0),
- OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SALT, NULL, 0),
- OSSL_PARAM_octet_string(OSSL_KDF_PARAM_KEY, NULL, 0),
- OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SEED, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_DIGEST, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CIPHER, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MAC, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MODE, NULL, 0),
- OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
- OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_USE_L, NULL),
- OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR, NULL),
- OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_R, NULL),
- OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_KDF_PARAM_FIPS_KEY_CHECK)
- OSSL_PARAM_END,
- };
- return known_settable_ctx_params;
+ return kbkdf_set_ctx_params_list;
}
+{- produce_param_decoder('kbkdf_get_ctx_params',
+ (['KDF_PARAM_SIZE', 'size', 'size_t'],
+ ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'],
+ )); -}
+
static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
{
-#ifdef FIPS_MODULE
+ struct kbkdf_get_ctx_params_st p;
KBKDF *ctx = (KBKDF *)vctx;
-#endif
- OSSL_PARAM *p;
+
+ if (ctx == NULL || !kbkdf_get_ctx_params_decoder(params, &p))
+ return 0;
/* KBKDF can produce results as large as you like. */
- p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE);
- if (p != NULL && !OSSL_PARAM_set_size_t(p, SIZE_MAX))
+ if (p.size != NULL && !OSSL_PARAM_set_size_t(p.size, SIZE_MAX))
return 0;
- if (!OSSL_FIPS_IND_GET_CTX_PARAM(ctx, params))
+ if (!OSSL_FIPS_IND_GET_CTX_FROM_PARAM(ctx, p.ind))
return 0;
return 1;
}
static const OSSL_PARAM *kbkdf_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
- static const OSSL_PARAM known_gettable_ctx_params[] = {
- OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
- OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
- OSSL_PARAM_END
- };
- return known_gettable_ctx_params;
+ return kbkdf_get_ctx_params_list;
}
const OSSL_DISPATCH ossl_kdf_kbkdf_functions[] = {
projects / thirdparty / openssl.git / commitdiff
