diff options
| author | Richard Levitte <levitte@openssl.org> | 2021-02-01 08:58:58 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2021-02-24 19:50:10 +0100 |
| commit | a8eb71ad577bbbd41cea915315451f0ef9f11581 (patch) | |
| tree | 8d66d4332f9fc4099c4c8b8a343600996ad7fc3b /providers | |
| parent | da9988e0f5371cb7e2aeed9f3c9a6433a9acc595 (diff) | |
Allow the sshkdf type to be passed as a single character
This partially reverts commit 270a5ce1d9ea579a2f1d45887971582b1ef2b6a1.
This also slightly modifies the way diverse parameters in are
specified in providers/fips/self_test_data.inc for better consistency.
Fixes #14027
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/fips/self_test_data.inc | 12 | ||||
| -rw-r--r-- | providers/fips/self_test_kats.c | 3 | ||||
| -rw-r--r-- | providers/implementations/kdfs/sshkdf.c | 3 |
3 files changed, 11 insertions, 7 deletions
diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc index fc8bf2b54e..49ffb7aab6 100644 --- a/providers/fips/self_test_data.inc +++ b/providers/fips/self_test_data.inc @@ -8,8 +8,8 @@ */ /* Macros to build Self test data */ -#define ITM(x) x, sizeof(x) -#define ITM_STR(x) x, (sizeof(x) - 1) +#define ITM(x) ((void *)&x), sizeof(x) +#define ITM_STR(x) ((void *)&x), (sizeof(x) - 1) #define ST_KAT_PARAM_END() { "", 0, NULL, 0 } #define ST_KAT_PARAM_BIGNUM(name, data) \ @@ -18,8 +18,10 @@ { name, OSSL_PARAM_OCTET_STRING, ITM(data) } #define ST_KAT_PARAM_UTF8STRING(name, data) \ { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) } +#define ST_KAT_PARAM_UTF8CHAR(name, data) \ + { name, OSSL_PARAM_UTF8_STRING, ITM(data) } #define ST_KAT_PARAM_INT(name, i) \ - { name, OSSL_PARAM_INTEGER, &i, sizeof(i) } + { name, OSSL_PARAM_INTEGER, ITM(i) } /* used to store raw parameters for keys and algorithms */ typedef struct st_kat_param_st { @@ -351,7 +353,7 @@ static const ST_KAT_PARAM pbkdf2_params[] = { }; static const char sshkdf_digest[] = "SHA1"; -static const char sshkdf_type[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV; +static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV; static const unsigned char sshkdf_key[] = { 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31, 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1, @@ -386,7 +388,7 @@ static const unsigned char sshkdf_expected[] = { }; static const ST_KAT_PARAM sshkdf_params[] = { ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest), - ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type), + ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type), ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key), ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash), ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id), diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c index c408339298..79b78f0ba5 100644 --- a/providers/fips/self_test_kats.c +++ b/providers/fips/self_test_kats.c @@ -159,7 +159,8 @@ static int add_params(OSSL_PARAM_BLD *bld, const ST_KAT_PARAM *params, break; } case OSSL_PARAM_UTF8_STRING: { - if (!OSSL_PARAM_BLD_push_utf8_string(bld, p->name, p->data, 0)) + if (!OSSL_PARAM_BLD_push_utf8_string(bld, p->name, p->data, + p->data_len)) goto err; break; } diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index 1caef4b7b8..cc8f946390 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -159,7 +159,8 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (!OSSL_PARAM_get_utf8_string_ptr(p, &kdftype)) return 0; - if (kdftype == NULL || kdftype[0] == '\0' || kdftype[1] != '\0') + /* Expect one character (byte in this case) */ + if (kdftype == NULL || p->data_size != 1) return 0; if (kdftype[0] < 65 || kdftype[0] > 70) { ERR_raise(ERR_LIB_PROV, PROV_R_VALUE_ERROR); |