diff options
| author | Neil Horman <nhorman@openssl.org> | 2023-12-14 12:15:21 -0500 |
|---|---|---|
| committer | Neil Horman <nhorman@openssl.org> | 2023-12-26 10:36:00 -0500 |
| commit | 62457fd9415d707baf76f219bbb9a29106ba092b (patch) | |
| tree | d135738617dbb74606389abd273db03f63c8714c /providers | |
| parent | d6e4056805f54bb1a0ef41fa3a6a35b70c94edba (diff) | |
Ignore OSSL_MAC_PARAM_DIGEST_NOINIT/OSSL_MAC_PARAM_DIGEST_ONESHOT
The hmac flags OSSL_MAC_PARAM_DIGEST_NOINIT and
OSSL_MAC_PARAM_DIGEST_ONESHOT dont add any real value to the provider,
and the former causes a segfault when the provider attempts to call
EVP_MAC_init on an EVP_MAC object that has been instructed not to be
initalized (as the update function will not have been set in the MAC
object, which is unilaterally called from EVP_MAC_init
Remove the tests for the above flags, and document them as being
deprecated and ignored.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/23054)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/implementations/macs/hmac_prov.c | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index a1f3c2db84..c72c1e6c0f 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -274,23 +274,6 @@ static const OSSL_PARAM *hmac_settable_ctx_params(ossl_unused void *ctx, return known_settable_ctx_params; } -static int set_flag(const OSSL_PARAM params[], const char *key, int mask, - int *flags) -{ - const OSSL_PARAM *p = OSSL_PARAM_locate_const(params, key); - int flag = 0; - - if (p != NULL) { - if (!OSSL_PARAM_get_int(p, &flag)) - return 0; - if (flag == 0) - *flags &= ~mask; - else - *flags |= mask; - } - return 1; -} - /* * ALL parameters should be set before init(). */ @@ -299,7 +282,6 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) struct hmac_data_st *macctx = vmacctx; OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(macctx->provctx); const OSSL_PARAM *p; - int flags = 0; if (params == NULL) return 1; @@ -307,15 +289,6 @@ static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) if (!ossl_prov_digest_load_from_params(&macctx->digest, params, ctx)) return 0; - if (!set_flag(params, OSSL_MAC_PARAM_DIGEST_NOINIT, EVP_MD_CTX_FLAG_NO_INIT, - &flags)) - return 0; - if (!set_flag(params, OSSL_MAC_PARAM_DIGEST_ONESHOT, EVP_MD_CTX_FLAG_ONESHOT, - &flags)) - return 0; - if (flags) - HMAC_CTX_set_flags(macctx->ctx, flags); - if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) { if (p->data_type != OSSL_PARAM_OCTET_STRING) return 0; |