From a8eb71ad577bbbd41cea915315451f0ef9f11581 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Mon, 1 Feb 2021 08:58:58 +0100 Subject: Allow the sshkdf type to be passed as a single character This partially reverts commit 270a5ce1d9ea579a2f1d45887971582b1ef2b6a1. This also slightly modifies the way diverse parameters in are specified in providers/fips/self_test_data.inc for better consistency. Fixes #14027 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/14035) --- providers/fips/self_test_data.inc | 12 +++++++----- providers/fips/self_test_kats.c | 3 ++- providers/implementations/kdfs/sshkdf.c | 3 ++- 3 files changed, 11 insertions(+), 7 deletions(-) (limited to 'providers') diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc index fc8bf2b54e..49ffb7aab6 100644 --- a/providers/fips/self_test_data.inc +++ b/providers/fips/self_test_data.inc @@ -8,8 +8,8 @@ */ /* Macros to build Self test data */ -#define ITM(x) x, sizeof(x) -#define ITM_STR(x) x, (sizeof(x) - 1) +#define ITM(x) ((void *)&x), sizeof(x) +#define ITM_STR(x) ((void *)&x), (sizeof(x) - 1) #define ST_KAT_PARAM_END() { "", 0, NULL, 0 } #define ST_KAT_PARAM_BIGNUM(name, data) \ @@ -18,8 +18,10 @@ { name, OSSL_PARAM_OCTET_STRING, ITM(data) } #define ST_KAT_PARAM_UTF8STRING(name, data) \ { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) } +#define ST_KAT_PARAM_UTF8CHAR(name, data) \ + { name, OSSL_PARAM_UTF8_STRING, ITM(data) } #define ST_KAT_PARAM_INT(name, i) \ - { name, OSSL_PARAM_INTEGER, &i, sizeof(i) } + { name, OSSL_PARAM_INTEGER, ITM(i) } /* used to store raw parameters for keys and algorithms */ typedef struct st_kat_param_st { @@ -351,7 +353,7 @@ static const ST_KAT_PARAM pbkdf2_params[] = { }; static const char sshkdf_digest[] = "SHA1"; -static const char sshkdf_type[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV; +static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV; static const unsigned char sshkdf_key[] = { 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31, 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1, @@ -386,7 +388,7 @@ static const unsigned char sshkdf_expected[] = { }; static const ST_KAT_PARAM sshkdf_params[] = { ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest), - ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type), + ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type), ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key), ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash), ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id), diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c index c408339298..79b78f0ba5 100644 --- a/providers/fips/self_test_kats.c +++ b/providers/fips/self_test_kats.c @@ -159,7 +159,8 @@ static int add_params(OSSL_PARAM_BLD *bld, const ST_KAT_PARAM *params, break; } case OSSL_PARAM_UTF8_STRING: { - if (!OSSL_PARAM_BLD_push_utf8_string(bld, p->name, p->data, 0)) + if (!OSSL_PARAM_BLD_push_utf8_string(bld, p->name, p->data, + p->data_len)) goto err; break; } diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index 1caef4b7b8..cc8f946390 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -159,7 +159,8 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (!OSSL_PARAM_get_utf8_string_ptr(p, &kdftype)) return 0; - if (kdftype == NULL || kdftype[0] == '\0' || kdftype[1] != '\0') + /* Expect one character (byte in this case) */ + if (kdftype == NULL || p->data_size != 1) return 0; if (kdftype[0] < 65 || kdftype[0] > 70) { ERR_raise(ERR_LIB_PROV, PROV_R_VALUE_ERROR); -- cgit v1.2.3