From c983a0e5214db7f0a668f5e9ddda9362ca0d6ac9 Mon Sep 17 00:00:00 2001 From: Pauli Date: Wed, 10 Mar 2021 18:28:35 +1000 Subject: [PATCH] prov: add extra params argument to KDF implementations Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/14383) --- providers/implementations/kdfs/hkdf.c | 3 +++ providers/implementations/kdfs/kbkdf.c | 3 +++ providers/implementations/kdfs/krb5kdf.c | 3 +++ providers/implementations/kdfs/pbkdf2.c | 3 +++ providers/implementations/kdfs/pkcs12kdf.c | 3 +++ providers/implementations/kdfs/scrypt.c | 3 +++ providers/implementations/kdfs/sshkdf.c | 3 +++ providers/implementations/kdfs/sskdf.c | 3 +++ providers/implementations/kdfs/tls1_prf.c | 3 +++ providers/implementations/kdfs/x942kdf.c | 2 ++ 10 files changed, 29 insertions(+) diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c index 24052f4d636..52b284c662b 100644 --- a/providers/implementations/kdfs/hkdf.c +++ b/providers/implementations/kdfs/hkdf.c @@ -172,6 +172,9 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); int n; + if (params == NULL) + return 1; + if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) return 0; diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c index 2f6171baa76..e22d54171f1 100644 --- a/providers/implementations/kdfs/kbkdf.c +++ b/providers/implementations/kdfs/kbkdf.c @@ -282,6 +282,9 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); const OSSL_PARAM *p; + if (params == NULL) + return 1; + if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL, NULL, NULL, libctx)) return 0; diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c index 041c3e32b2f..4bf9ce7294c 100644 --- a/providers/implementations/kdfs/krb5kdf.c +++ b/providers/implementations/kdfs/krb5kdf.c @@ -136,6 +136,9 @@ static int krb5kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KRB5KDF_CTX *ctx = vctx; OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); + if (params == NULL) + return 1; + if (!ossl_prov_cipher_load_from_params(&ctx->cipher, params, provctx)) return 0; diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index ce27fe9b393..eb7b15de59e 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -172,6 +172,9 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) int pkcs5; uint64_t iter, min_iter; + if (params == NULL) + return 1; + if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) return 0; diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c index bea6dffeca8..d0036441a35 100644 --- a/providers/implementations/kdfs/pkcs12kdf.c +++ b/providers/implementations/kdfs/pkcs12kdf.c @@ -225,6 +225,9 @@ static int kdf_pkcs12_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KDF_PKCS12 *ctx = vctx; OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); + if (params == NULL) + return 1; + if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) return 0; diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c index 6c61d3bb3cb..12c57bb1a40 100644 --- a/providers/implementations/kdfs/scrypt.c +++ b/providers/implementations/kdfs/scrypt.c @@ -185,6 +185,9 @@ static int kdf_scrypt_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KDF_SCRYPT *ctx = vctx; uint64_t u64_value; + if (params == NULL) + return 1; + if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_PASSWORD)) != NULL) if (!scrypt_set_membuf(&ctx->pass, &ctx->pass_len, p)) return 0; diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index f99a6a74135..93a7a64fb5d 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -136,6 +136,9 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) KDF_SSHKDF *ctx = vctx; OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); + if (params == NULL) + return 1; + if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) return 0; diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index 118c44cfa75..c281997a257 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -449,6 +449,9 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); size_t sz; + if (params == NULL) + return 1; + if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx)) return 0; diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index 4204f03b3aa..74a0f7e1f3e 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -168,6 +168,9 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) TLS1_PRF *ctx = vctx; OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); + if (params == NULL) + return 1; + if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_DIGEST)) != NULL) { if (strcasecmp(p->data, SN_md5_sha1) == 0) { if (!ossl_prov_macctx_load_from_params(&ctx->P_hash, params, diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c index ca478bc8830..c469d48439f 100644 --- a/providers/implementations/kdfs/x942kdf.c +++ b/providers/implementations/kdfs/x942kdf.c @@ -472,6 +472,8 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) const char *propq = NULL; size_t id; + if (params == NULL) + return 1; if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) return 0; -- 2.47.3