From 5cceedb5830216dfec503127d810ee1ccaaaec0a Mon Sep 17 00:00:00 2001 From: Pauli Date: Fri, 26 Feb 2021 10:06:52 +1000 Subject: [PATCH] tls: adjust for extra argument to KDF derive call Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/14310) --- ssl/t1_enc.c | 3 +-- ssl/tls13_enc.c | 6 ++---- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 531872bfb03..bb0ee0c5d44 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -69,8 +69,7 @@ static int tls1_PRF(SSL *s, *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED, (void *)seed5, (size_t)seed5_len); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) - && EVP_KDF_derive(kctx, out, olen)) { + if (EVP_KDF_derive(kctx, out, olen, params)) { EVP_KDF_CTX_free(kctx); return 1; } diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index b9757fd5f3c..d48f305b01c 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -105,8 +105,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret, hkdflabel, hkdflabellen); *p++ = OSSL_PARAM_construct_end(); - ret = EVP_KDF_CTX_set_params(kctx, params) <= 0 - || EVP_KDF_derive(kctx, out, outlen) <= 0; + ret = EVP_KDF_derive(kctx, out, outlen, params) <= 0; EVP_KDF_CTX_free(kctx); @@ -258,8 +257,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md, prevsecretlen); *p++ = OSSL_PARAM_construct_end(); - ret = EVP_KDF_CTX_set_params(kctx, params) <= 0 - || EVP_KDF_derive(kctx, outsecret, mdlen) <= 0; + ret = EVP_KDF_derive(kctx, outsecret, mdlen, params) <= 0; if (ret != 0) SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); -- 2.47.3