diff options
Diffstat (limited to 'providers/implementations/kdfs')
| -rw-r--r-- | providers/implementations/kdfs/hkdf.c | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c index 2d3c72f501..ce0c81c1d2 100644 --- a/providers/implementations/kdfs/hkdf.c +++ b/providers/implementations/kdfs/hkdf.c @@ -41,12 +41,12 @@ static OSSL_FUNC_kdf_set_ctx_params_fn kdf_hkdf_set_ctx_params; static OSSL_FUNC_kdf_gettable_ctx_params_fn kdf_hkdf_gettable_ctx_params; static OSSL_FUNC_kdf_get_ctx_params_fn kdf_hkdf_get_ctx_params; -static int HKDF(const EVP_MD *evp_md, +static int HKDF(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *key, size_t key_len, const unsigned char *info, size_t info_len, unsigned char *okm, size_t okm_len); -static int HKDF_Extract(const EVP_MD *evp_md, +static int HKDF_Extract(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk, size_t prk_len); @@ -127,6 +127,7 @@ static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen, const OSSL_PARAM params[]) { KDF_HKDF *ctx = (KDF_HKDF *)vctx; + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); const EVP_MD *md; if (!ossl_prov_is_running() || !kdf_hkdf_set_ctx_params(ctx, params)) @@ -148,13 +149,12 @@ static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen, switch (ctx->mode) { case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: - return HKDF(md, ctx->salt, ctx->salt_len, ctx->key, - ctx->key_len, ctx->info, ctx->info_len, key, - keylen); + return HKDF(libctx, md, ctx->salt, ctx->salt_len, + ctx->key, ctx->key_len, ctx->info, ctx->info_len, key, keylen); case EVP_KDF_HKDF_MODE_EXTRACT_ONLY: - return HKDF_Extract(md, ctx->salt, ctx->salt_len, ctx->key, - ctx->key_len, key, keylen); + return HKDF_Extract(libctx, md, ctx->salt, ctx->salt_len, + ctx->key, ctx->key_len, key, keylen); case EVP_KDF_HKDF_MODE_EXPAND_ONLY: return HKDF_Expand(md, ctx->key, ctx->key_len, ctx->info, @@ -169,13 +169,13 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; KDF_HKDF *ctx = vctx; - OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); int n; if (params == NULL) return 1; - if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) + if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx)) return 0; if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_MODE)) != NULL) { @@ -316,7 +316,7 @@ const OSSL_DISPATCH ossl_kdf_hkdf_functions[] = { * 2.3. Step 2: Expand * HKDF-Expand(PRK, info, L) -> OKM */ -static int HKDF(const EVP_MD *evp_md, +static int HKDF(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, const unsigned char *info, size_t info_len, @@ -332,7 +332,8 @@ static int HKDF(const EVP_MD *evp_md, prk_len = (size_t)sz; /* Step 1: HKDF-Extract(salt, IKM) -> PRK */ - if (!HKDF_Extract(evp_md, salt, salt_len, ikm, ikm_len, prk, prk_len)) + if (!HKDF_Extract(libctx, evp_md, + salt, salt_len, ikm, ikm_len, prk, prk_len)) return 0; /* Step 2: HKDF-Expand(PRK, info, L) -> OKM */ @@ -366,7 +367,7 @@ static int HKDF(const EVP_MD *evp_md, * * PRK = HMAC-Hash(salt, IKM) */ -static int HKDF_Extract(const EVP_MD *evp_md, +static int HKDF_Extract(OSSL_LIB_CTX *libctx, const EVP_MD *evp_md, const unsigned char *salt, size_t salt_len, const unsigned char *ikm, size_t ikm_len, unsigned char *prk, size_t prk_len) @@ -380,7 +381,10 @@ static int HKDF_Extract(const EVP_MD *evp_md, return 0; } /* calc: PRK = HMAC-Hash(salt, IKM) */ - return HMAC(evp_md, salt, salt_len, ikm, ikm_len, prk, NULL) != NULL; + return + EVP_Q_mac(libctx, "HMAC", NULL, EVP_MD_name(evp_md), NULL, salt, + salt_len, ikm, ikm_len, prk, EVP_MD_size(evp_md), NULL) + != NULL; } /* |