root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

kbkdf: conversion to use generated param parsers 

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27923)
This commit is contained in:
Pauli 2025-06-30 13:10:48 +10:00 committed by Tomas Mraz
parent a6fe57013a
commit 682f0e19d8
1 changed files with 76 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
providers/implementations/kdfs/kbkdf.c.in
View File

@ -7,6 +7,9 @@
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
{-
use OpenSSL::paramnames qw(produce_param_decoder);
-}
/*
* This implements https://csrc.nist.gov/publications/detail/sp/800-108/final
@ -49,6 +52,8 @@
#define ossl_min(a, b) ((a) < (b)) ? (a) : (b)
#define KBKDF_MAX_INFOS 5
typedef enum {
COUNTER = 0,
FEEDBACK
@ -363,22 +368,41 @@ done:
return ret;
}
{- produce_param_decoder('kbkdf_set_ctx_params',
(['KDF_PARAM_INFO', 'info', 'octet_string', KBKDF_MAX_INFOS],
['KDF_PARAM_SALT', 'salt', 'octet_string'],
['KDF_PARAM_KEY', 'key', 'octet_string'],
['KDF_PARAM_SEED', 'seed', 'octet_string'],
['KDF_PARAM_DIGEST', 'digest', 'utf8_string'],
['KDF_PARAM_CIPHER', 'cipher', 'utf8_string'],
['KDF_PARAM_MAC', 'mac', 'utf8_string'],
['KDF_PARAM_MODE', 'mode', 'utf8_string'],
['KDF_PARAM_PROPERTIES', 'propq', 'utf8_string'],
['ALG_PARAM_ENGINE', 'engine', 'utf8_string'],
['KDF_PARAM_KBKDF_USE_L', 'use_l', 'int'],
['KDF_PARAM_KBKDF_USE_SEPARATOR', 'sep', 'int'],
['KDF_PARAM_KBKDF_R', 'r', 'int'],
['KDF_PARAM_FIPS_KEY_CHECK', 'ind_k', 'int'],
)); -}
static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
{
KBKDF *ctx = (KBKDF *)vctx;
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
const OSSL_PARAM *p;
struct kbkdf_set_ctx_params_st p;
const char *s;
if (ossl_param_is_empty(params))
return 1;
if (!OSSL_FIPS_IND_SET_CTX_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, params,
OSSL_KDF_PARAM_FIPS_KEY_CHECK))
if (ctx == NULL || !kbkdf_set_ctx_params_decoder(params, &p))
return 0;
if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL,
NULL, NULL, libctx))
if (!OSSL_FIPS_IND_SET_CTX_FROM_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, p.ind_k))
return 0;
if (!ossl_prov_macctx_load(&ctx->ctx_init, p.mac, p.cipher,
p.digest, p.propq, p.engine,
NULL, NULL, NULL, libctx))
return 0;
if (ctx->ctx_init != NULL) {
ctx->is_kmac = 0;
if (EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init),
@ -395,59 +419,53 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
}
}
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_MODE);
if (p != NULL
&& OPENSSL_strncasecmp("counter", p->data, p->data_size) == 0) {
ctx->mode = COUNTER;
} else if (p != NULL
&& OPENSSL_strncasecmp("feedback", p->data, p->data_size) == 0) {
ctx->mode = FEEDBACK;
} else if (p != NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
return 0;
if (p.mode != NULL) {
if (!OSSL_PARAM_get_utf8_string_ptr(p.mode, &s))
return 0;
if (OPENSSL_strncasecmp("counter", s, p.mode->data_size) == 0) {
ctx->mode = COUNTER;
} else if (OPENSSL_strncasecmp("feedback", s, p.mode->data_size) == 0) {
ctx->mode = FEEDBACK;
} else {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_MODE);
return 0;
}
}
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY);
if (p != NULL) {
if (ossl_param_get1_octet_string(p, OSSL_KDF_PARAM_KEY,
&ctx->ki, &ctx->ki_len) == 0)
return 0;
if (ossl_param_get1_octet_string_from_param(p.key, &ctx->ki,
&ctx->ki_len) == 0)
return 0;
#ifdef FIPS_MODULE
if (!fips_kbkdf_key_check_passed(ctx))
return 0;
if (p.key != NULL && !fips_kbkdf_key_check_passed(ctx))
return 0;
#endif
}
if (ossl_param_get1_octet_string(params, OSSL_KDF_PARAM_SALT,
&ctx->label, &ctx->label_len) == 0)
return 0;
if (ossl_param_get1_concat_octet_string(params, OSSL_KDF_PARAM_INFO,
&ctx->context, &ctx->context_len,
0) == 0)
if (ossl_param_get1_octet_string_from_param(p.salt, &ctx->label,
&ctx->label_len) == 0)
return 0;
if (ossl_param_get1_octet_string(params, OSSL_KDF_PARAM_SEED,
&ctx->iv, &ctx->iv_len) == 0)
return 0;
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_USE_L);
if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->use_l))
if (ossl_param_get1_concat_octet_string(p.num_info, p.info, &ctx->context,
&ctx->context_len, 0) == 0)
return 0;
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_R);
if (p != NULL) {
if (ossl_param_get1_octet_string_from_param(p.seed, &ctx->iv,
&ctx->iv_len) == 0)
return 0;
if (p.use_l != NULL && !OSSL_PARAM_get_int(p.use_l, &ctx->use_l))
return 0;
if (p.r != NULL) {
int new_r = 0;
if (!OSSL_PARAM_get_int(p, &new_r))
if (!OSSL_PARAM_get_int(p.r, &new_r))
return 0;
if (new_r != 8 && new_r != 16 && new_r != 24 && new_r != 32)
return 0;
ctx->r = new_r;
}
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR);
if (p != NULL && !OSSL_PARAM_get_int(p, &ctx->use_separator))
if (p.sep != NULL && !OSSL_PARAM_get_int(p.sep, &ctx->use_separator))
return 0;
/* Set up digest context, if we can. */
@ -462,38 +480,27 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
static const OSSL_PARAM *kbkdf_settable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
static const OSSL_PARAM known_settable_ctx_params[] = {
OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0),
OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SALT, NULL, 0),
OSSL_PARAM_octet_string(OSSL_KDF_PARAM_KEY, NULL, 0),
OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SEED, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_DIGEST, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CIPHER, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MAC, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MODE, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_USE_L, NULL),
OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR, NULL),
OSSL_PARAM_int(OSSL_KDF_PARAM_KBKDF_R, NULL),
OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_KDF_PARAM_FIPS_KEY_CHECK)
OSSL_PARAM_END,
};
return known_settable_ctx_params;
return kbkdf_set_ctx_params_list;
}
{- produce_param_decoder('kbkdf_get_ctx_params',
(['KDF_PARAM_SIZE', 'size', 'size_t'],
['KDF_PARAM_FIPS_APPROVED_INDICATOR', 'ind', 'int'],
)); -}
static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
{
#ifdef FIPS_MODULE
struct kbkdf_get_ctx_params_st p;
KBKDF *ctx = (KBKDF *)vctx;
#endif
OSSL_PARAM *p;
/* KBKDF can produce results as large as you like. */
p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE);
if (p != NULL && !OSSL_PARAM_set_size_t(p, SIZE_MAX))
if (ctx == NULL || !kbkdf_get_ctx_params_decoder(params, &p))
return 0;
if (!OSSL_FIPS_IND_GET_CTX_PARAM(ctx, params))
/* KBKDF can produce results as large as you like. */
if (p.size != NULL && !OSSL_PARAM_set_size_t(p.size, SIZE_MAX))
return 0;
if (!OSSL_FIPS_IND_GET_CTX_FROM_PARAM(ctx, p.ind))
return 0;
return 1;
}
@ -501,12 +508,7 @@ static int kbkdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
static const OSSL_PARAM *kbkdf_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
OSSL_PARAM_END
};
return known_gettable_ctx_params;
return kbkdf_get_ctx_params_list;
}
const OSSL_DISPATCH ossl_kdf_kbkdf_functions[] = {