From: Pauli <ppzgs1@gmail.com>
Date: Tue, 1 Jul 2025 00:49:50 +0000 (+1000)
Subject: kdf: remove max argument to the param concatenation helper
X-Git-Tag: openssl-3.6.0-alpha1~330
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f04db6af459567348963759640988c5348061bc0;p=thirdparty%2Fopenssl.git

kdf: remove max argument to the param concatenation helper

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27923)
---

diff --git a/crypto/params.c b/crypto/params.c
index 127fae205aa..ae40488765f 100644
--- a/crypto/params.c
+++ b/crypto/params.c
@@ -1624,8 +1624,7 @@ err:
 }
 
 int ossl_param_get1_concat_octet_string(size_t n, OSSL_PARAM *params[],
-                                        unsigned char **out,
-                                        size_t *out_len, size_t maxsize)
+                                        unsigned char **out, size_t *out_len)
 {
     unsigned char *res;
     size_t sz = 0;
@@ -1637,10 +1636,6 @@ int ossl_param_get1_concat_octet_string(size_t n, OSSL_PARAM *params[],
     if (!setbuf_fromparams(n, params, NULL, &sz))
         return 0;
 
-    /* Check that it's not oversized */
-    if (maxsize > 0 && sz > maxsize)
-        return 0;
-
     /* Special case zero length */
     if (sz == 0) {
         if ((res = OPENSSL_zalloc(1)) == NULL)
diff --git a/include/internal/params.h b/include/internal/params.h
index c2a272ee9e0..7f98a096133 100644
--- a/include/internal/params.h
+++ b/include/internal/params.h
@@ -38,5 +38,4 @@ int ossl_param_get1_octet_string(const OSSL_PARAM *params, const char *name,
  * doesn't return success.
  */
 int ossl_param_get1_concat_octet_string(size_t n, OSSL_PARAM *params[],
-                                        unsigned char **out,
-                                        size_t *out_len, size_t maxsize);
+                                        unsigned char **out, size_t *out_len);
diff --git a/providers/implementations/kdfs/hkdf.c.in b/providers/implementations/kdfs/hkdf.c.in
index 93b4344c804..e392f3d5c2d 100644
--- a/providers/implementations/kdfs/hkdf.c.in
+++ b/providers/implementations/kdfs/hkdf.c.in
@@ -380,7 +380,7 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         return 0;
 
     if (ossl_param_get1_concat_octet_string(p.num_info, p.info,
-                                            &ctx->info, &ctx->info_len, 0) == 0)
+                                            &ctx->info, &ctx->info_len) == 0)
         return 0;
 
 #ifdef FIPS_MODULE
diff --git a/providers/implementations/kdfs/kbkdf.c.in b/providers/implementations/kdfs/kbkdf.c.in
index d3580612715..e3f08acbcfd 100644
--- a/providers/implementations/kdfs/kbkdf.c.in
+++ b/providers/implementations/kdfs/kbkdf.c.in
@@ -445,7 +445,7 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
         return 0;
 
     if (ossl_param_get1_concat_octet_string(p.num_info, p.info, &ctx->context,
-                                            &ctx->context_len, 0) == 0)
+                                            &ctx->context_len) == 0)
         return 0;
 
     if (ossl_param_get1_octet_string_from_param(p.seed, &ctx->iv,
diff --git a/providers/implementations/kdfs/sskdf.c.in b/providers/implementations/kdfs/sskdf.c.in
index c968f9e06f0..b9545e2837d 100644
--- a/providers/implementations/kdfs/sskdf.c.in
+++ b/providers/implementations/kdfs/sskdf.c.in
@@ -595,7 +595,7 @@ static int sskdf_common_set_ctx_params
         return 0;
 
     if (ossl_param_get1_concat_octet_string(p->num_info, p->info, &ctx->info,
-                                            &ctx->info_len, 0) == 0)
+                                            &ctx->info_len) == 0)
         return 0;
 
     if (ossl_param_get1_octet_string_from_param(p->salt, &ctx->salt,