diff options
author | Pauli <paul.dale@oracle.com> | 2019-08-21 08:06:29 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2019-09-06 19:27:57 +1000 |
commit | 7707526b8dfa8063c4537c11199c15ad7a3cab1c (patch) | |
tree | fe758eb91599a3c41a72b279429210deb08393e4 /crypto/dh/dh_kdf.c | |
parent | b50ca330cb02cad70bfb11401c47074e8e7d8a48 (diff) |
Fix users of KDFs to use params not ctls
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)
Diffstat (limited to 'crypto/dh/dh_kdf.c')
-rw-r--r-- | crypto/dh/dh_kdf.c | 32 |
1 files changed, 21 insertions, 11 deletions
diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c index 03b1e4edd5..781d34a94f 100644 --- a/crypto/dh/dh_kdf.c +++ b/crypto/dh/dh_kdf.c @@ -11,10 +11,12 @@ #ifndef OPENSSL_NO_CMS # include <string.h> +# include <openssl/core_names.h> # include <openssl/dh.h> # include <openssl/evp.h> # include <openssl/asn1.h> # include <openssl/kdf.h> +# include <internal/provider.h> int DH_KDF_X9_42(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, @@ -23,8 +25,12 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, { int ret = 0, nid; EVP_KDF_CTX *kctx = NULL; - const EVP_KDF *kdf = NULL; + EVP_KDF *kdf = NULL; const char *oid_sn; + OSSL_PARAM params[5], *p = params; + const char *mdname = EVP_MD_name(md); + const OSSL_PROVIDER *prov = EVP_MD_provider(md); + OPENSSL_CTX *provctx = ossl_provider_library_context(prov); nid = OBJ_obj2nid(key_oid); if (nid == NID_undef) @@ -33,20 +39,24 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, if (oid_sn == NULL) return 0; - kdf = EVP_get_kdfbyname(SN_x942kdf); - if (kdf == NULL) + kdf = EVP_KDF_fetch(provctx, SN_x942kdf, NULL); + if ((kctx = EVP_KDF_CTX_new(kdf)) == NULL) goto err; - kctx = EVP_KDF_CTX_new(kdf); - ret = - kctx != NULL - && EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, md) > 0 - && EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, Z, Zlen) > 0 - && (ukm == NULL - || EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_UKM, ukm, ukmlen) > 0) - && EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_CEK_ALG, oid_sn) > 0 + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, + (char *)mdname, strlen(mdname) + 1); + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, + (unsigned char *)Z, Zlen); + if (ukm != NULL) + *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_UKM, + (unsigned char *)ukm, ukmlen); + *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, + (char *)oid_sn, strlen(oid_sn) + 1); + *p = OSSL_PARAM_construct_end(); + ret = EVP_KDF_CTX_set_params(kctx, params) > 0 && EVP_KDF_derive(kctx, out, outlen) > 0; err: EVP_KDF_CTX_free(kctx); + EVP_KDF_free(kdf); return ret; } #endif /* OPENSSL_NO_CMS */ |