From: Pauli Date: Mon, 14 Jul 2025 00:48:04 +0000 (+1000) Subject: kmac: convert KMAC to use param decoder X-Git-Tag: openssl-3.6.0-alpha1~174 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=483a18ae9ed90691d022b42d4ea20821934f8465;p=thirdparty%2Fopenssl.git kmac: convert KMAC to use param decoder Reviewed-by: Paul Yang Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/28142) --- diff --git a/providers/implementations/macs/kmac_prov.c.in b/providers/implementations/macs/kmac_prov.c.in index 2a0a96c6260..78332fd5e48 100644 --- a/providers/implementations/macs/kmac_prov.c.in +++ b/providers/implementations/macs/kmac_prov.c.in @@ -6,6 +6,9 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::paramnames qw(produce_param_decoder); +-} /* * See SP800-185 "Appendix A - KMAC, .... in Terms of Keccak[c]" @@ -389,53 +392,55 @@ static int kmac_final(void *vmacctx, unsigned char *out, size_t *outl, return ok; } -static const OSSL_PARAM known_gettable_ctx_params[] = { - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_BLOCK_SIZE, NULL), - OSSL_FIPS_IND_GETTABLE_CTX_PARAM() - OSSL_PARAM_END -}; +{- produce_param_decoder('kmac_get_ctx_params', + (['MAC_PARAM_SIZE', 'size', 'size_t'], + ['MAC_PARAM_BLOCK_SIZE', 'bsize', 'size_t'], + ['ALG_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'], + )); -} + static const OSSL_PARAM *kmac_gettable_ctx_params(ossl_unused void *ctx, ossl_unused void *provctx) { - return known_gettable_ctx_params; + return kmac_get_ctx_params_list; } static int kmac_get_ctx_params(void *vmacctx, OSSL_PARAM params[]) { struct kmac_data_st *kctx = vmacctx; - OSSL_PARAM *p; + struct kmac_get_ctx_params_st p; int sz; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL - && !OSSL_PARAM_set_size_t(p, kctx->out_len)) + if (kctx == NULL || !kmac_get_ctx_params_decoder(params, &p)) + return 0; + + if (p.size != NULL && !OSSL_PARAM_set_size_t(p.size, kctx->out_len)) return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_BLOCK_SIZE)) != NULL) { + if (p.bsize != NULL) { sz = EVP_MD_block_size(ossl_prov_digest_md(&kctx->digest)); - if (!OSSL_PARAM_set_int(p, sz)) + if (!OSSL_PARAM_set_int(p.bsize, sz)) return 0; } - if (!OSSL_FIPS_IND_GET_CTX_PARAM(kctx, params)) + if (!OSSL_FIPS_IND_GET_CTX_FROM_PARAM(kctx, p.ind)) return 0; return 1; } -static const OSSL_PARAM known_settable_ctx_params[] = { - OSSL_PARAM_int(OSSL_MAC_PARAM_XOF, NULL), - OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL), - OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0), - OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, NULL, 0), - OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC) - OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_MAC_PARAM_FIPS_KEY_CHECK) - OSSL_PARAM_END -}; +{- produce_param_decoder('kmac_set_ctx_params', + (['MAC_PARAM_XOF', 'xof', 'int'], + ['MAC_PARAM_SIZE', 'size', 'size_t'], + ['MAC_PARAM_KEY', 'key', 'octet_string'], + ['MAC_PARAM_CUSTOM', 'custom', 'octet_string'], + ['MAC_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'], + ['MAC_PARAM_FIPS_NO_SHORT_MAC', 'ind_sht', 'int'], + )); -} + static const OSSL_PARAM *kmac_settable_ctx_params(ossl_unused void *ctx, ossl_unused void *provctx) { - return known_settable_ctx_params; + return kmac_set_ctx_params_list; } /* @@ -450,25 +455,24 @@ static const OSSL_PARAM *kmac_settable_ctx_params(ossl_unused void *ctx, static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params) { struct kmac_data_st *kctx = vmacctx; - const OSSL_PARAM *p; + struct kmac_set_ctx_params_st p; - if (ossl_param_is_empty(params)) - return 1; + if (kctx == NULL || !kmac_set_ctx_params_decoder(params, &p)) + return 0; - if (!OSSL_FIPS_IND_SET_CTX_PARAM(kctx, OSSL_FIPS_IND_SETTABLE0, params, - OSSL_MAC_PARAM_FIPS_NO_SHORT_MAC)) + if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(kctx, OSSL_FIPS_IND_SETTABLE0, + p.ind_sht)) return 0; - if (!OSSL_FIPS_IND_SET_CTX_PARAM(kctx, OSSL_FIPS_IND_SETTABLE1, params, - OSSL_MAC_PARAM_FIPS_KEY_CHECK)) + if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(kctx, OSSL_FIPS_IND_SETTABLE1, p.ind_k)) return 0; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_XOF)) != NULL - && !OSSL_PARAM_get_int(p, &kctx->xof_mode)) + if (p.xof != NULL && !OSSL_PARAM_get_int(p.xof, &kctx->xof_mode)) return 0; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) { + + if (p.size != NULL) { size_t sz = 0; - if (!OSSL_PARAM_get_size_t(p, &sz)) + if (!OSSL_PARAM_get_size_t(p.size, &sz)) return 0; if (sz > KMAC_MAX_OUTPUT_LEN) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_OUTPUT_LENGTH); @@ -488,19 +492,24 @@ static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params) #endif kctx->out_len = sz; } - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL - && !kmac_setkey(kctx, p->data, p->data_size)) - return 0; - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CUSTOM)) - != NULL) { - if (p->data_size > KMAC_MAX_CUSTOM) { + + if (p.key != NULL) + if (p.key->data_type != OSSL_PARAM_OCTET_STRING + || !kmac_setkey(kctx, p.key->data, p.key->data_size)) + return 0; + + if (p.custom != NULL) { + if (p.custom->data_type != OSSL_PARAM_OCTET_STRING) + return 0; + if (p.custom->data_size > KMAC_MAX_CUSTOM) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_CUSTOM_LENGTH); return 0; } if (!encode_string(kctx->custom, sizeof(kctx->custom), &kctx->custom_len, - p->data, p->data_size)) + p.custom->data, p.custom->data_size)) return 0; } + return 1; }