From: Pauli Date: Mon, 4 Aug 2025 01:20:21 +0000 (+1000) Subject: sshkdf: introduce conditionals on the FIPS only parameters X-Git-Tag: openssl-3.6.0-alpha1~240 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fd3a6a49ee9e37fdae69e43ad2b44d84115b773d;p=thirdparty%2Fopenssl.git sshkdf: introduce conditionals on the FIPS only parameters Reviewed-by: Matt Caswell Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/28163) --- diff --git a/providers/implementations/kdfs/sshkdf.c.in b/providers/implementations/kdfs/sshkdf.c.in index 1f0a9108ccc..00a9b3e5c1e 100644 --- a/providers/implementations/kdfs/sshkdf.c.in +++ b/providers/implementations/kdfs/sshkdf.c.in @@ -217,8 +217,8 @@ static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen, ['KDF_PARAM_SSHKDF_XCGHASH', 'xcg', 'octet_string'], ['KDF_PARAM_SSHKDF_SESSION_ID', 'sid', 'octet_string'], ['KDF_PARAM_SSHKDF_TYPE', 'type', 'utf8_string'], - ['KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int'], - ['KDF_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'], + ['KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], + ['KDF_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int', 'fips'], )); -} static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -297,7 +297,7 @@ static const OSSL_PARAM *kdf_sshkdf_settable_ctx_params(ossl_unused void *ctx, {- produce_param_decoder('sshkdf_get_ctx_params', (['KDF_PARAM_SIZE', 'size', 'size_t'], - ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'], + ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], )); -} static int kdf_sshkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])