const char *ciphername,
const char *mdname,
const char *engine,
- const char *properties);
+ const char *properties,
+ const OSSL_PARAM param[]);
/* MAC functions */
/*
const char *ciphername,
const char *mdname,
const char *engine,
- const char *properties)
+ const char *properties,
+ const OSSL_PARAM param[])
{
- OSSL_PARAM mac_params[5], *mp = mac_params;
+ OSSL_PARAM mac_params[5], *mp = mac_params, *mergep;
+ int free_merge = 0;
+ int ret;
if (mdname != NULL)
*mp++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
*mp = OSSL_PARAM_construct_end();
- return EVP_MAC_CTX_set_params(macctx, mac_params);
+ /*
+ * OSSL_PARAM_merge returns NULL and sets an error if either
+ * list passed to it is NULL, and we aren't guaranteed that the
+ * passed in value of param is not NULL here.
+ * Given that we just want the union of the two lists, even if one
+ * is empty, we have to check for that case, and if param is NULL,
+ * just use the mac_params list. In turn we only free the merge
+ * result if we actually did the merge
+ */
+ if (param == NULL) {
+ mergep = mac_params;
+ } else {
+ free_merge = 1;
+ mergep = OSSL_PARAM_merge(mac_params, param);
+ if (mergep == NULL)
+ return 0;
+ }
+
+ ret = EVP_MAC_CTX_set_params(macctx, mergep);
+ if (free_merge == 1)
+ OSSL_PARAM_free(mergep);
+ return ret;
}
int ossl_prov_macctx_load(EVP_MAC_CTX **macctx,
if (pengine != NULL && !OSSL_PARAM_get_utf8_string_ptr(pengine, &engine))
return 0;
- if (ossl_prov_set_macctx(*macctx, ciphername, mdname, engine, properties))
+ if (ossl_prov_set_macctx(*macctx, ciphername, mdname, engine, properties, NULL))
return 1;
EVP_MAC_CTX_free(*macctx);
(char *)ciphername,
(char *)mdname,
(char *)engine,
- pmacctx->key->properties))
+ pmacctx->key->properties, params))
return 0;
if (!EVP_MAC_init(pmacctx->macctx, pmacctx->key->priv_key,
- pmacctx->key->priv_key_len, params))
+ pmacctx->key->priv_key_len, NULL))
return 0;
return 1;
{
EVP_CIPHER_CTX *ciph_ctx;
EVP_PKEY *mac_key;
- OSSL_PARAM params[3], *p = params;
+ OSSL_PARAM params[2], *p = params;
int enc = (rl->direction == OSSL_RECORD_DIRECTION_WRITE) ? 1 : 0;
if (level != OSSL_RECORD_PROTECTION_LEVEL_APPLICATION)
(int)mackeylen);
}
- *p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
- (char *)EVP_MD_get0_name(md), 0);
-
/*
* We want the underlying mac to use our passed property query when allocating
* its internal digest as well
int ret = -1;
int usepskfored = 0;
SSL_CTX *sctx = SSL_CONNECTION_GET_CTX(s);
- OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
/* Ensure cast to size_t is safe */
if (!ossl_assert(hashsizei > 0)) {
if (!sign)
binderout = tmpbinder;
- if (sctx->propq != NULL) {
- params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
- (char *)EVP_MD_get0_name(md), 0);
- params[1] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
+ if (sctx->propq != NULL)
+ params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_PROPERTIES,
(char *)sctx->propq, 0);
- }
bindersize = hashsize;
if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_get0_name(md), sctx->libctx,
sctx->propq, mackey, params) <= 0
projects / thirdparty / openssl.git / commitdiff
