root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fix kbkdf bug if MAC is set to KMAC and then something else 

A context that is set to KMAC sets the is_kmac flag and this cannot be reset.
So a user that does kbkdf using KMAC and then wants to use HMAC or CMAC will
experience a failure.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24883)

(cherry picked from commit f35fc4f184)
This commit is contained in:
Pauli 2024-07-15 13:26:50 +10:00
parent c11b83eddf
commit 5a0b25e795
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
providers/implementations/kdfs/kbkdf.c
View File

@ -366,7 +366,8 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL,
NULL, NULL, libctx))
return 0;
else if (ctx->ctx_init != NULL) {
if (ctx->ctx_init != NULL) {
ctx->is_kmac = 0;
if (EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init),
OSSL_MAC_NAME_KMAC128)
|| EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init),