diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-08-07 14:29:00 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-08-07 14:29:00 +1000 |
commit | 5ccada09aae0cf846d3381a161d3eb20d4d9abfd (patch) | |
tree | 39fc4e655a53c146bc6a8fcde3f0746c56a97a1c /providers/implementations/kdfs | |
parent | 64827f407b0b603f585d7fadfd7e61a60ed7a45b (diff) |
Add evp_test fixes.
Changed many tests so they also test fips (and removed 'availablein = default' from some tests).
Seperated the monolithic evppkey.txt file into smaller maintainable groups.
Changed the availablein option so it must be first - this then skips the entire test before any fetching happens.
Changed the code so that all the OPENSSL_NO_XXXX tests are done in code via methods such as is_cipher_disabled(alg),
before the fetch happens.
Added missing libctx's found by adding a libctx to test_evp.
Broke up large data files for cipher, kdf's and mac's into smaller pieces so they no longer need 'AvailableIn = default'
Added missing algorithm aliases for cipher/digests to the providers.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12236)
Diffstat (limited to 'providers/implementations/kdfs')
-rw-r--r-- | providers/implementations/kdfs/scrypt.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c index 60ae8f5563..5650d1cd5e 100644 --- a/providers/implementations/kdfs/scrypt.c +++ b/providers/implementations/kdfs/scrypt.c @@ -35,7 +35,8 @@ static OSSL_FUNC_kdf_get_ctx_params_fn kdf_scrypt_get_ctx_params; static int scrypt_alg(const char *pass, size_t passlen, const unsigned char *salt, size_t saltlen, uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, - unsigned char *key, size_t keylen, EVP_MD *sha256); + unsigned char *key, size_t keylen, EVP_MD *sha256, + OPENSSL_CTX *libctx, const char *propq); typedef struct { void *provctx; @@ -138,7 +139,8 @@ static int kdf_scrypt_derive(void *vctx, unsigned char *key, return scrypt_alg((char *)ctx->pass, ctx->pass_len, ctx->salt, ctx->salt_len, ctx->N, ctx->r, ctx->p, - ctx->maxmem_bytes, key, keylen, ctx->sha256); + ctx->maxmem_bytes, key, keylen, ctx->sha256, + PROV_LIBRARY_CONTEXT_OF(ctx->provctx), NULL); } static int is_power_of_two(uint64_t value) @@ -361,7 +363,8 @@ static void scryptROMix(unsigned char *B, uint64_t r, uint64_t N, static int scrypt_alg(const char *pass, size_t passlen, const unsigned char *salt, size_t saltlen, uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, - unsigned char *key, size_t keylen, EVP_MD *sha256) + unsigned char *key, size_t keylen, EVP_MD *sha256, + OPENSSL_CTX *libctx, const char *propq) { int rv = 0; unsigned char *B; @@ -445,15 +448,15 @@ static int scrypt_alg(const char *pass, size_t passlen, X = (uint32_t *)(B + Blen); T = X + 32 * r; V = T + 32 * r; - if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, sha256, - (int)Blen, B) == 0) + if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, 1, sha256, + (int)Blen, B, libctx, propq) == 0) goto err; for (i = 0; i < p; i++) scryptROMix(B + 128 * r * i, r, N, X, T, V); - if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, sha256, - keylen, key) == 0) + if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, B, (int)Blen, 1, sha256, + keylen, key, libctx, propq) == 0) goto err; rv = 1; err: |