From: Pauli Date: Mon, 4 Aug 2025 01:20:21 +0000 (+1000) Subject: tls1_prf: introduce conditionals on the FIPS only parameters X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=88d544c83066783527b59878682c006e6d464ed8;p=thirdparty%2Fopenssl.git tls1_prf: introduce conditionals on the FIPS only parameters Reviewed-by: Matt Caswell Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/28163) --- diff --git a/providers/implementations/kdfs/tls1_prf.c.in b/providers/implementations/kdfs/tls1_prf.c.in index 7b407b2169..1705b4b6f1 100644 --- a/providers/implementations/kdfs/tls1_prf.c.in +++ b/providers/implementations/kdfs/tls1_prf.c.in @@ -292,9 +292,9 @@ static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen, ['KDF_PARAM_DIGEST', 'digest', 'utf8_string'], ['KDF_PARAM_SECRET', 'secret', 'octet_string'], ['KDF_PARAM_SEED', 'seed', 'octet_string', TLSPRF_MAX_SEEDS], - ['KDF_PARAM_FIPS_EMS_CHECK', 'ind_e', 'int'], - ['KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int'], - ['KDF_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'], + ['KDF_PARAM_FIPS_EMS_CHECK', 'ind_e', 'int', 'fips'], + ['KDF_PARAM_FIPS_DIGEST_CHECK', 'ind_d', 'int', 'fips'], + ['KDF_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int', 'fips'], )); -} static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) @@ -428,7 +428,7 @@ static const OSSL_PARAM *kdf_tls1_prf_settable_ctx_params( {- produce_param_decoder('tls1prf_get_ctx_params', (['KDF_PARAM_SIZE', 'size', 'size_t'], - ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'], + ['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int', 'fips'], )); -} static int kdf_tls1_prf_get_ctx_params(void *vctx, OSSL_PARAM params[])