From: Pauli <ppzgs1@gmail.com>
Date: Thu, 10 Jul 2025 00:41:51 +0000 (+1000)
Subject: kdf: use generated param name alias handling
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d847a4722254d25e23c6a8dc5b3aa8173cefcab3;p=thirdparty%2Fopenssl.git

kdf: use generated param name alias handling

secret or key is the common one but ukm and partyu-info are also aliases for
the X9.42 KDF.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27923)
---

diff --git a/providers/implementations/kdfs/sskdf.c.in b/providers/implementations/kdfs/sskdf.c.in
index 8371ff1fcf0..4b3ce3bd251 100644
--- a/providers/implementations/kdfs/sskdf.c.in
+++ b/providers/implementations/kdfs/sskdf.c.in
@@ -539,7 +539,6 @@ static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen,
 
 struct sskdf_all_set_ctx_params_st {
     OSSL_PARAM *secret;
-    OSSL_PARAM *key;
     OSSL_PARAM *propq;
     OSSL_PARAM *engine;
     OSSL_PARAM *digest;
@@ -588,9 +587,6 @@ static int sskdf_common_set_ctx_params
 
     r = ossl_param_get1_octet_string_from_param(p->secret, &ctx->secret,
                                                 &ctx->secret_len);
-    if (r == -1)
-        r = ossl_param_get1_octet_string_from_param(p->key, &ctx->secret,
-                                                    &ctx->secret_len);
     if (r == 0)
         return 0;
 
@@ -614,7 +610,7 @@ static int sskdf_common_set_ctx_params
 
 {- produce_param_decoder('sskdf_set_ctx_params',
                          (['KDF_PARAM_SECRET',         'secret', 'octet_string'],
-                          ['KDF_PARAM_KEY',            'key',    'octet_string'],
+                          ['KDF_PARAM_KEY',            'secret', 'octet_string'],
                           ['KDF_PARAM_INFO',           'info',   'octet_string', SSKDF_MAX_INFOS],
                           ['KDF_PARAM_PROPERTIES',     'propq',  'utf8_string'],
                           ['ALG_PARAM_ENGINE',         'engine', 'utf8_string', 'hidden'],
@@ -640,7 +636,7 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         return 0;
 
 #ifdef FIPS_MODULE
-    if (p.key != NULL || p.secret != NULL)
+    if (p.secret != NULL)
         if (!fips_sskdf_key_check_passed(ctx))
             return 0;
 #endif
@@ -688,7 +684,7 @@ static const OSSL_PARAM *sskdf_common_gettable_ctx_params
 
 {- produce_param_decoder('x963kdf_set_ctx_params',
                          (['KDF_PARAM_SECRET',            'secret', 'octet_string'],
-                          ['KDF_PARAM_KEY',               'key',    'octet_string'],
+                          ['KDF_PARAM_KEY',               'secret', 'octet_string'],
                           ['KDF_PARAM_INFO',              'info',   'octet_string', SSKDF_MAX_INFOS],
                           ['KDF_PARAM_PROPERTIES',        'propq',  'utf8_string'],
                           ['ALG_PARAM_ENGINE',            'engine', 'utf8_string', 'hidden'],
@@ -724,7 +720,7 @@ static int x963kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
             return 0;
     }
 
-    if (p.key != NULL || p.secret != NULL)
+    if (p.secret != NULL)
         if (!fips_x963kdf_key_check_passed(ctx))
             return 0;
 #endif
diff --git a/providers/implementations/kdfs/x942kdf.c.in b/providers/implementations/kdfs/x942kdf.c.in
index 72178568827..a90ce38094f 100644
--- a/providers/implementations/kdfs/x942kdf.c.in
+++ b/providers/implementations/kdfs/x942kdf.c.in
@@ -534,8 +534,8 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen,
                           ['ALG_PARAM_ENGINE',              'engine',   'utf8_string', 'hidden'],
                           ['KDF_PARAM_DIGEST',              'digest',   'utf8_string'],
                           ['KDF_PARAM_SECRET',              'secret',   'octet_string'],
-                          ['KDF_PARAM_KEY',                 'key',      'octet_string'],
-                          ['KDF_PARAM_UKM',                 'ukm',      'octet_string'],
+                          ['KDF_PARAM_KEY',                 'secret',   'octet_string'],
+                          ['KDF_PARAM_UKM',                 'uinfo',    'octet_string'],
                           ['KDF_PARAM_X942_ACVPINFO',       'acvp',     'octet_string'],
                           ['KDF_PARAM_X942_PARTYUINFO',     'uinfo',    'octet_string'],
                           ['KDF_PARAM_X942_PARTYVINFO',     'vinfo',    'octet_string'],
@@ -549,7 +549,6 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen,
 static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
 {
     struct sshkdf_set_ctx_params_st p;
-    const OSSL_PARAM *pq;
     KDF_X942 *ctx = vctx;
     OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx);
     const char *cekalg, *propq = NULL;
@@ -573,9 +572,8 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         }
     }
 
-    pq = p.secret == NULL ? p.key : p.secret;
-    if (pq != NULL) {
-        if (!x942kdf_set_buffer(&ctx->secret, &ctx->secret_len, pq))
+    if (p.secret != NULL) {
+        if (!x942kdf_set_buffer(&ctx->secret, &ctx->secret_len, p.secret))
             return 0;
 #ifdef FIPS_MODULE
         if (!fips_x942kdf_key_check_passed(ctx))
@@ -587,9 +585,8 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         && !x942kdf_set_buffer(&ctx->acvpinfo, &ctx->acvpinfo_len, p.acvp))
         return 0;
 
-    pq = p.uinfo == NULL ? p.ukm : p.uinfo;
-    if (pq != NULL
-        && !x942kdf_set_buffer(&ctx->partyuinfo, &ctx->partyuinfo_len, pq))
+    if (p.uinfo != NULL
+        && !x942kdf_set_buffer(&ctx->partyuinfo, &ctx->partyuinfo_len, p.uinfo))
         return 0;
 
     if (p.vinfo != NULL