[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Sun Feb 28 07:33:48 UTC 2021
The branch master has been updated
via d5a936c5b1c2f0c6f882c0cfd2ff34f8845260f7 (commit)
via dbf299f73df80c7b5695f1311837686d84f1be18 (commit)
via f8a5822cff0b05df8fa937b5aca72ef5b4c1b47a (commit)
via 7198bd1a8f44be994106d3dba4bbb3362147b144 (commit)
via b98d550d807eccde3bd3f88f9831e002d3835cc3 (commit)
via 8d5b197b289988f8bc55e01e7ae27b82b16964b6 (commit)
via 671ff5c74ec135b7c419895983d67c63013ffa9e (commit)
via 6980e36a2aab7a916e8bdcdb70ee03ebaa1bc1cf (commit)
via f5081be376dfecb193db647b97d0fb2033760a4c (commit)
via 6bcd32a43fffc944c1f06f018dd52eeefd286e7c (commit)
via 36fae6e85a12c46b48d82762911c74e53ec0cc13 (commit)
via bb0ab821f38427576e4f25bb66818bc297ee8b22 (commit)
via 3469b388164775546022635d6695cae17104faa6 (commit)
via 5cceedb5830216dfec503127d810ee1ccaaaec0a (commit)
via 05cdec396be03851e5a4eb9cca6205bdb970fd47 (commit)
via 7c75f2daf8b50c92bfb5c17fa62136e61f6eb515 (commit)
via a9603292fb77349ba144f38612d88af07107396a (commit)
via dc567dc746bcd6fd8656daf59c88362b9cb0456d (commit)
via 9258f7efa7aacfef08dccb4e0f11e7cc17f078f8 (commit)
via 7f7640c45534fb07562c751c935f93bf30275081 (commit)
via afa44486c5314c5670870e8920d237deb6f7746c (commit)
via 1dfe97530f3ec50541810e1aca99343c68fd40fb (commit)
via 80ba2526fa8605d0a3848a6d90f9ae5a0125505a (commit)
via ac238428cec494ec33d1558856e0b5f4a6a4c792 (commit)
via c23f96f3f6f385a3d7ce3b3a4c48f9b531cec41f (commit)
via 0a56b3c2e58930e6c6e958bf59a80ef026f6f1b2 (commit)
via 005b190297e1ed7a930a1085b49c95c6f4ad57f7 (commit)
via cf5784aa03bf4e9214dc92bd9f92fcc09e664d40 (commit)
via 91593b37840067c588ce38bc628922d4b3400917 (commit)
via 19ea8a8a215c2fc637b3e3664c75fc0636189459 (commit)
via fbff75caaab25f028718990b716341a4de672954 (commit)
via b58e1f74905fe0a51f00cd0c2d8e9a9b0469326b (commit)
via 77e4ae58ea05d08851d8919543f9993fd06e113e (commit)
via 41df96efc150d3ccee01ab692d882ddba3d2d3d8 (commit)
via 0edb81944133a5f2f9e4c6fd7282e40a2d1aa582 (commit)
via cc2314a9f630c47860afbddd29ef5b4223371a8a (commit)
via 1dc28e742d0a7e37f76353680afac547e88375ef (commit)
via 4a5d8c0cb7a57cc8019f16ec3218cc1044652dcc (commit)
via 2211bf6bb795c59f43aa93d746c46de63843d7cd (commit)
via ebf8274c552bd7543119a138cfa86728711a1431 (commit)
via 2524ec1ac24ef3a887a53c728d67e6a128653186 (commit)
via 8f5d64b102b7aa0e5a8102da45af5452fff692ae (commit)
via ae7d90a1594dabf72123f395f9f2436452ab5d9a (commit)
from 1d73e2adae9c80d359d6d85c9f65d97a86add542 (commit)
- Log -----------------------------------------------------------------
commit d5a936c5b1c2f0c6f882c0cfd2ff34f8845260f7
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:57:21 2021 +1000
rand: use params argument on instantiate call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit dbf299f73df80c7b5695f1311837686d84f1be18
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:57:05 2021 +1000
core: add params argument to DRBG instantiate call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit f8a5822cff0b05df8fa937b5aca72ef5b4c1b47a
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:56:46 2021 +1000
doc: update documenation with params argument on DRBG instantiate calls
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 7198bd1a8f44be994106d3dba4bbb3362147b144
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:56:17 2021 +1000
test: update tests to allow for params argument for the instantiate call on EVP_RAND_CTXs
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit b98d550d807eccde3bd3f88f9831e002d3835cc3
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:55:40 2021 +1000
prov: update rand implementations to have a params argument for the instantiate call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 8d5b197b289988f8bc55e01e7ae27b82b16964b6
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:55:02 2021 +1000
fips: update DRBG KATs for the extra instantiate argument
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 671ff5c74ec135b7c419895983d67c63013ffa9e
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:52:13 2021 +1000
evp: add params argument to EVP_RAND_instantiate()
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 6980e36a2aab7a916e8bdcdb70ee03ebaa1bc1cf
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:09:49 2021 +1000
doc: document additional argument to KDF derive calls
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit f5081be376dfecb193db647b97d0fb2033760a4c
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:09:27 2021 +1000
prov: add additional argument to KDF derive call in key exchange
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 6bcd32a43fffc944c1f06f018dd52eeefd286e7c
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:09:07 2021 +1000
fips: add additional argument to KDF derive call in self test
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 36fae6e85a12c46b48d82762911c74e53ec0cc13
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:08:45 2021 +1000
crypto: add additional argument to KDF derive calls
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit bb0ab821f38427576e4f25bb66818bc297ee8b22
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:08:23 2021 +1000
apps: add addition argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 3469b388164775546022635d6695cae17104faa6
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:07:23 2021 +1000
prov: add extra params argument to KDF implementations
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 5cceedb5830216dfec503127d810ee1ccaaaec0a
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:06:52 2021 +1000
tls: adjust for extra argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 05cdec396be03851e5a4eb9cca6205bdb970fd47
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:06:31 2021 +1000
test: adjust tests to include extra argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 7c75f2daf8b50c92bfb5c17fa62136e61f6eb515
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:06:11 2021 +1000
evp: add param argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit a9603292fb77349ba144f38612d88af07107396a
Author: Pauli <ppzgs1 at gmail.com>
Date: Fri Feb 26 10:05:46 2021 +1000
core: add param argument to KDF derive call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit dc567dc746bcd6fd8656daf59c88362b9cb0456d
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 14:30:57 2021 +1000
doc: update provider-mac documentation to account for the additional init() arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 9258f7efa7aacfef08dccb4e0f11e7cc17f078f8
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 14:27:29 2021 +1000
doc: update KMAC doc to not say that the `KEY\' parameter needs to be set before the init call
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 7f7640c45534fb07562c751c935f93bf30275081
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 14:12:56 2021 +1000
apps: update speed to use the additional arguments to MAC_init
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit afa44486c5314c5670870e8920d237deb6f7746c
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 14:03:09 2021 +1000
doc: note the additional parameters to EVP_MAC_init()
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 1dfe97530f3ec50541810e1aca99343c68fd40fb
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:54:55 2021 +1000
update poly1305 to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 80ba2526fa8605d0a3848a6d90f9ae5a0125505a
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:54:35 2021 +1000
update BLAKE2 to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit ac238428cec494ec33d1558856e0b5f4a6a4c792
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:54:13 2021 +1000
prov: update kmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit c23f96f3f6f385a3d7ce3b3a4c48f9b531cec41f
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:54:13 2021 +1000
prov: update hmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 0a56b3c2e58930e6c6e958bf59a80ef026f6f1b2
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:54:13 2021 +1000
prov: update gmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 005b190297e1ed7a930a1085b49c95c6f4ad57f7
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:54:12 2021 +1000
prov: update cmac to have additional init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit cf5784aa03bf4e9214dc92bd9f92fcc09e664d40
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:52:25 2021 +1000
prov: use new MAC_init arguments in HMAC-DRBG
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 91593b37840067c588ce38bc628922d4b3400917
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:52:06 2021 +1000
prov: use new MAC_init arguments in signature legacy code
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 19ea8a8a215c2fc637b3e3664c75fc0636189459
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:51:28 2021 +1000
prov: update provider util to be less agressive about changing things unnecessarily
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit fbff75caaab25f028718990b716341a4de672954
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:51:03 2021 +1000
fips: update to use the extra MAC init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit b58e1f74905fe0a51f00cd0c2d8e9a9b0469326b
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:50:45 2021 +1000
core: update to use the extra MAC init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 77e4ae58ea05d08851d8919543f9993fd06e113e
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:50:01 2021 +1000
test: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 41df96efc150d3ccee01ab692d882ddba3d2d3d8
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:49:37 2021 +1000
evp_test: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 0edb81944133a5f2f9e4c6fd7282e40a2d1aa582
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:49:10 2021 +1000
tls: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit cc2314a9f630c47860afbddd29ef5b4223371a8a
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:48:48 2021 +1000
evp: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 1dc28e742d0a7e37f76353680afac547e88375ef
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:48:27 2021 +1000
crmf: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 4a5d8c0cb7a57cc8019f16ec3218cc1044652dcc
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:48:00 2021 +1000
apps: updates for the new additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 2211bf6bb795c59f43aa93d746c46de63843d7cd
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:47:36 2021 +1000
apps: update mac to work with additional MAC_init arguments. This doesn't include the creation of new 'key' arguments.
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit ebf8274c552bd7543119a138cfa86728711a1431
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 13:47:01 2021 +1000
apps: update fipsinstall to work with additional MAC_init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 2524ec1ac24ef3a887a53c728d67e6a128653186
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 10:27:22 2021 +1000
prov kdf: update to use the extra MAC init arguments
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit 8f5d64b102b7aa0e5a8102da45af5452fff692ae
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 10:22:01 2021 +1000
prov: update SipHash to new init function
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
commit ae7d90a1594dabf72123f395f9f2436452ab5d9a
Author: Pauli <ppzgs1 at gmail.com>
Date: Thu Feb 25 09:52:26 2021 +1000
siphash: Add the C and D round parameters for SipHash.
This represents a gap in functionality from the low level APIs.
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)
-----------------------------------------------------------------------
Summary of changes:
apps/fipsinstall.c | 2 +-
apps/kdf.c | 2 +-
apps/lib/s_cb.c | 10 +--
apps/mac.c | 7 +-
apps/speed.c | 14 ++--
crypto/crmf/crmf_pbm.c | 6 +-
crypto/dh/dh_kdf.c | 3 +-
crypto/ec/ecdh_kdf.c | 3 +-
crypto/evp/evp_rand.c | 9 ++-
crypto/evp/kdf_lib.c | 5 +-
crypto/evp/mac_lib.c | 5 +-
crypto/evp/p5_crpt2.c | 3 +-
crypto/evp/pbe_scrypt.c | 3 +-
crypto/pkcs12/p12_key.c | 2 +-
crypto/rand/rand_lib.c | 9 +--
crypto/siphash/siphash.c | 8 +-
crypto/siphash/siphash_local.h | 11 ++-
doc/man3/EVP_KDF.pod | 17 +++--
doc/man3/EVP_MAC.pod | 21 +++---
doc/man3/EVP_RAND.pod | 16 ++--
doc/man7/EVP_KDF-HKDF.pod | 5 +-
doc/man7/EVP_KDF-KB.pod | 4 +-
doc/man7/EVP_KDF-KRB5KDF.pod | 5 +-
doc/man7/EVP_KDF-SCRYPT.pod | 5 +-
doc/man7/EVP_KDF-SS.pod | 15 +---
doc/man7/EVP_KDF-SSHKDF.pod | 5 +-
doc/man7/EVP_KDF-TLS1_PRF.pod | 5 +-
doc/man7/EVP_KDF-X942-ASN1.pod | 5 +-
doc/man7/EVP_KDF-X963.pod | 5 +-
doc/man7/EVP_MAC-KMAC.pod | 4 +-
doc/man7/EVP_MAC-Siphash.pod | 8 ++
doc/man7/EVP_RAND-CTR-DRBG.pod | 2 +-
doc/man7/EVP_RAND-HASH-DRBG.pod | 2 +-
doc/man7/EVP_RAND-HMAC-DRBG.pod | 2 +-
doc/man7/EVP_RAND-SEED-SRC.pod | 2 +-
doc/man7/EVP_RAND-TEST-RAND.pod | 2 +-
doc/man7/provider-kdf.pod | 6 +-
doc/man7/provider-mac.pod | 11 ++-
doc/man7/provider-rand.pod | 6 +-
fuzz/fuzz_rand.c | 3 +-
include/openssl/core_dispatch.h | 8 +-
include/openssl/core_names.h | 2 +
include/openssl/evp.h | 6 +-
include/openssl/kdf.h | 3 +-
providers/common/provider_util.c | 7 +-
providers/fips/self_test.c | 7 +-
providers/fips/self_test_kats.c | 10 +--
providers/implementations/exchange/kdf_exch.c | 2 +-
providers/implementations/kdfs/hkdf.c | 5 +-
providers/implementations/kdfs/kbkdf.c | 17 ++---
providers/implementations/kdfs/krb5kdf.c | 6 +-
providers/implementations/kdfs/pbkdf2.c | 6 +-
providers/implementations/kdfs/pkcs12kdf.c | 6 +-
providers/implementations/kdfs/scrypt.c | 6 +-
providers/implementations/kdfs/sshkdf.c | 6 +-
providers/implementations/kdfs/sskdf.c | 20 ++---
providers/implementations/kdfs/tls1_prf.c | 14 +---
providers/implementations/kdfs/x942kdf.c | 5 +-
providers/implementations/macs/blake2_mac_impl.c | 45 ++++++-----
providers/implementations/macs/cmac_prov.c | 34 ++++-----
providers/implementations/macs/gmac_prov.c | 41 +++++++---
providers/implementations/macs/hmac_prov.c | 33 ++++++--
providers/implementations/macs/kmac_prov.c | 46 +++++++-----
providers/implementations/macs/poly1305_prov.c | 37 ++++++---
providers/implementations/macs/siphash_prov.c | 84 ++++++++++++++++-----
providers/implementations/rands/drbg.c | 3 -
providers/implementations/rands/drbg_ctr.c | 6 +-
providers/implementations/rands/drbg_hash.c | 5 +-
providers/implementations/rands/drbg_hmac.c | 22 ++----
providers/implementations/rands/seed_src.c | 3 +-
providers/implementations/rands/test_rng.c | 5 +-
providers/implementations/signature/mac_legacy.c | 6 +-
ssl/t1_enc.c | 3 +-
ssl/t1_lib.c | 5 +-
ssl/tls13_enc.c | 26 +++----
test/acvp_test.c | 2 +-
test/bad_dtls_test.c | 9 +--
test/drbgtest.c | 6 +-
test/evp_kdf_test.c | 96 ++++++++++--------------
test/evp_test.c | 20 ++---
test/ossl_shim/ossl_shim.cc | 8 +-
test/recipes/30-test_evp_data/evpmac_blake.txt | 4 +-
test/recipes/30-test_evp_data/evpmac_common.txt | 2 +-
test/recipes/30-test_evp_data/evpmac_siphash.txt | 23 +++++-
test/sslapitest.c | 11 +--
test/testutil/fake_random.c | 3 +-
86 files changed, 512 insertions(+), 470 deletions(-)
diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c
index 4a1b89d92c..ade983169b 100644
--- a/apps/fipsinstall.c
+++ b/apps/fipsinstall.c
@@ -78,7 +78,7 @@ static int do_mac(EVP_MAC_CTX *ctx, unsigned char *tmp, BIO *in,
int i;
size_t outsz = *out_len;
- if (!EVP_MAC_init(ctx))
+ if (!EVP_MAC_init(ctx, NULL, 0, NULL))
goto err;
if (EVP_MAC_CTX_get_mac_size(ctx) > outsz)
goto end;
diff --git a/apps/kdf.c b/apps/kdf.c
index 4bbb88a5ae..5c33234b57 100644
--- a/apps/kdf.c
+++ b/apps/kdf.c
@@ -135,7 +135,7 @@ opthelp:
if (dkm_bytes == NULL)
goto err;
- if (!EVP_KDF_derive(ctx, dkm_bytes, dkm_len)) {
+ if (!EVP_KDF_derive(ctx, dkm_bytes, dkm_len, NULL)) {
BIO_printf(bio_err, "EVP_KDF_derive failed\n");
goto err;
}
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index 3761d91395..6737eca13e 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -741,7 +741,7 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
int res = 0;
EVP_MAC *hmac = NULL;
EVP_MAC_CTX *ctx = NULL;
- OSSL_PARAM params[3], *p = params;
+ OSSL_PARAM params[2], *p = params;
size_t mac_len;
/* Initialize a random secret */
@@ -792,14 +792,8 @@ int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
goto end;
}
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "SHA1", 0);
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, cookie_secret,
- COOKIE_SECRET_LENGTH);
*p = OSSL_PARAM_construct_end();
- if (!EVP_MAC_CTX_set_params(ctx, params)) {
- BIO_printf(bio_err, "HMAC context parameter setting failed\n");
- goto end;
- }
- if (!EVP_MAC_init(ctx)) {
+ if (!EVP_MAC_init(ctx, cookie_secret, COOKIE_SECRET_LENGTH, params)) {
BIO_printf(bio_err, "HMAC context initialisation failed\n");
goto end;
}
diff --git a/apps/mac.c b/apps/mac.c
index 6280fdcd3b..8f8dcde318 100644
--- a/apps/mac.c
+++ b/apps/mac.c
@@ -64,6 +64,7 @@ int mac_main(int argc, char **argv)
const char *infile = NULL;
int out_bin = 0;
int inform = FORMAT_BINARY;
+ OSSL_PARAM *params = NULL;
prog = opt_init(argc, argv, mac_options);
buf = app_malloc(BUFSIZE, "I/O buffer");
@@ -117,9 +118,9 @@ opthelp:
if (opts != NULL) {
int ok = 1;
- OSSL_PARAM *params =
- app_params_new_from_opts(opts, EVP_MAC_settable_ctx_params(mac));
+ params = app_params_new_from_opts(opts,
+ EVP_MAC_settable_ctx_params(mac));
if (params == NULL)
goto err;
@@ -144,7 +145,7 @@ opthelp:
if (out == NULL)
goto err;
- if (!EVP_MAC_init(ctx)) {
+ if (!EVP_MAC_init(ctx, NULL, 0, NULL)) {
BIO_printf(bio_err, "EVP_MAC_Init failed\n");
goto err;
}
diff --git a/apps/speed.c b/apps/speed.c
index 92eb0585fc..0d7a9168c1 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -631,7 +631,7 @@ static int EVP_MAC_loop(int algindex, void *args)
for (count = 0; COND(c[algindex][testnum]); count++) {
size_t outl;
- if (!EVP_MAC_init(mctx)
+ if (!EVP_MAC_init(mctx, NULL, 0, NULL)
|| !EVP_MAC_update(mctx, buf, lengths[testnum])
|| !EVP_MAC_final(mctx, mac, &outl, sizeof(mac)))
return -1;
@@ -2158,28 +2158,24 @@ int speed_main(int argc, char **argv)
if (doit[D_GHASH]) {
static const char gmac_iv[] = "0123456789ab";
EVP_MAC *mac = EVP_MAC_fetch(NULL, "GMAC", NULL);
- OSSL_PARAM params[4];
+ OSSL_PARAM params[3];
if (mac == NULL)
goto end;
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_CIPHER,
"aes-128-gcm", 0);
- params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- (char *)key32, 16);
- params[2] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_IV,
+ params[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_IV,
(char *)gmac_iv,
sizeof(gmac_iv) - 1);
- params[3] = OSSL_PARAM_construct_end();
+ params[2] = OSSL_PARAM_construct_end();
for (i = 0; i < loopargs_len; i++) {
loopargs[i].mctx = EVP_MAC_CTX_new(mac);
if (loopargs[i].mctx == NULL)
goto end;
- if (!EVP_MAC_CTX_set_params(loopargs[i].mctx, params))
- goto end;
- if (!EVP_MAC_init(loopargs[i].mctx))
+ if (!EVP_MAC_init(loopargs[i].mctx, key32, 16, params))
goto end;
}
for (testnum = 0; testnum < size_num; testnum++) {
diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c
index ffa94667ee..03730c1505 100644
--- a/crypto/crmf/crmf_pbm.c
+++ b/crypto/crmf/crmf_pbm.c
@@ -140,7 +140,7 @@ int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq,
int ok = 0;
EVP_MAC *mac = NULL;
EVP_MAC_CTX *mctx = NULL;
- OSSL_PARAM macparams[3] = {OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END};
+ OSSL_PARAM macparams[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
if (out == NULL || pbmp == NULL || pbmp->mac == NULL
|| pbmp->mac->algorithm == NULL || msg == NULL || sec == NULL) {
@@ -207,12 +207,10 @@ int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq,
macparams[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
(char *)mdname, 0);
- macparams[1] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- basekey, bklen);
if ((mac = EVP_MAC_fetch(libctx, "HMAC", propq)) == NULL
|| (mctx = EVP_MAC_CTX_new(mac)) == NULL
|| !EVP_MAC_CTX_set_params(mctx, macparams)
- || !EVP_MAC_init(mctx)
+ || !EVP_MAC_init(mctx, basekey, bklen, macparams)
|| !EVP_MAC_update(mctx, msg, msglen)
|| !EVP_MAC_final(mctx, mac_res, outlen, EVP_MAX_MD_SIZE))
goto err;
diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c
index e1753b0b69..03e45aead9 100644
--- a/crypto/dh/dh_kdf.c
+++ b/crypto/dh/dh_kdf.c
@@ -53,8 +53,7 @@ int ossl_dh_kdf_X9_42_asn1(unsigned char *out, size_t outlen,
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG,
(char *)cek_alg, 0);
*p = OSSL_PARAM_construct_end();
- ret = EVP_KDF_CTX_set_params(kctx, params) > 0
- && EVP_KDF_derive(kctx, out, outlen) > 0;
+ ret = EVP_KDF_derive(kctx, out, outlen, params) > 0;
err:
EVP_KDF_CTX_free(kctx);
EVP_KDF_free(kdf);
diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c
index 60e976a95f..450e2a872b 100644
--- a/crypto/ec/ecdh_kdf.c
+++ b/crypto/ec/ecdh_kdf.c
@@ -42,8 +42,7 @@ int ossl_ecdh_kdf_X9_63(unsigned char *out, size_t outlen,
(void *)sinfo, sinfolen);
*p = OSSL_PARAM_construct_end();
- ret = EVP_KDF_CTX_set_params(kctx, params) > 0
- && EVP_KDF_derive(kctx, out, outlen) > 0;
+ ret = EVP_KDF_derive(kctx, out, outlen, params) > 0;
EVP_KDF_CTX_free(kctx);
}
EVP_KDF_free(kdf);
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index bc8c24b3b5..aea9d72ab7 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -487,22 +487,23 @@ int EVP_RAND_names_do_all(const EVP_RAND *rand,
static int evp_rand_instantiate_locked
(EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len)
+ const unsigned char *pstr, size_t pstr_len, const OSSL_PARAM params[])
{
return ctx->meth->instantiate(ctx->data, strength, prediction_resistance,
- pstr, pstr_len);
+ pstr, pstr_len, params);
}
int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len)
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[])
{
int res;
if (!evp_rand_lock(ctx))
return 0;
res = evp_rand_instantiate_locked(ctx, strength, prediction_resistance,
- pstr, pstr_len);
+ pstr, pstr_len, params);
evp_rand_unlock(ctx);
return res;
}
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index 36f8eb2ea8..5fe022a142 100644
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -137,12 +137,13 @@ size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx)
return 0;
}
-int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen)
+int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
if (ctx == NULL)
return 0;
- return ctx->meth->derive(ctx->data, key, keylen);
+ return ctx->meth->derive(ctx->data, key, keylen, params);
}
/*
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index de4d3623ff..91edb93afd 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -105,9 +105,10 @@ size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
return 0;
}
-int EVP_MAC_init(EVP_MAC_CTX *ctx)
+int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
- return ctx->meth->init(ctx->data);
+ return ctx->meth->init(ctx->data, key, keylen, params);
}
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index c097210bd4..dff3310ded 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -55,8 +55,7 @@ int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
(char *)mdname, 0);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) != 1
- || EVP_KDF_derive(kctx, out, keylen) != 1)
+ if (EVP_KDF_derive(kctx, out, keylen, params) != 1)
rv = 0;
EVP_KDF_CTX_free(kctx);
diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index f7656324f6..be881b32fb 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -79,8 +79,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
*z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_P, &p);
*z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem);
*z = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) != 1
- || EVP_KDF_derive(kctx, key, keylen) != 1)
+ if (EVP_KDF_derive(kctx, key, keylen, params) != 1)
rv = 0;
EVP_KDF_CTX_free(kctx);
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 7c4056a8f8..8c7be88cd2 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -105,7 +105,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
BIO_printf(trc_out, "\n");
} OSSL_TRACE_END(PKCS12_KEYGEN);
- if (EVP_KDF_derive(ctx, out, (size_t)n)) {
+ if (EVP_KDF_derive(ctx, out, (size_t)n, NULL)) {
res = 1;
OSSL_TRACE_BEGIN(PKCS12_KEYGEN) {
BIO_printf(trc_out, "Output KEY (length %d)\n", n);
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 2a4055f617..0ee57dc460 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -523,7 +523,7 @@ static EVP_RAND_CTX *rand_new_seed(OSSL_LIB_CTX *libctx)
ERR_raise(ERR_LIB_RAND, RAND_R_UNABLE_TO_CREATE_DRBG);
return NULL;
}
- if (!EVP_RAND_instantiate(ctx, 0, 0, NULL, 0)) {
+ if (!EVP_RAND_instantiate(ctx, 0, 0, NULL, 0, NULL)) {
ERR_raise(ERR_LIB_RAND, RAND_R_ERROR_INSTANTIATING_DRBG);
EVP_RAND_CTX_free(ctx);
return NULL;
@@ -574,12 +574,7 @@ static EVP_RAND_CTX *rand_new_drbg(OSSL_LIB_CTX *libctx, EVP_RAND_CTX *parent,
*p++ = OSSL_PARAM_construct_time_t(OSSL_DRBG_PARAM_RESEED_TIME_INTERVAL,
&reseed_time_interval);
*p = OSSL_PARAM_construct_end();
- if (!EVP_RAND_set_ctx_params(ctx, params)) {
- ERR_raise(ERR_LIB_RAND, RAND_R_ERROR_INITIALISING_DRBG);
- EVP_RAND_CTX_free(ctx);
- return NULL;
- }
- if (!EVP_RAND_instantiate(ctx, 0, 0, NULL, 0)) {
+ if (!EVP_RAND_instantiate(ctx, 0, 0, NULL, 0, params)) {
ERR_raise(ERR_LIB_RAND, RAND_R_ERROR_INSTANTIATING_DRBG);
EVP_RAND_CTX_free(ctx);
return NULL;
diff --git a/crypto/siphash/siphash.c b/crypto/siphash/siphash.c
index 03f9b4982d..eaad0a8e4a 100644
--- a/crypto/siphash/siphash.c
+++ b/crypto/siphash/siphash.c
@@ -30,10 +30,6 @@
#include "crypto/siphash.h"
#include "siphash_local.h"
-/* default: SipHash-2-4 */
-#define SIPHASH_C_ROUNDS 2
-#define SIPHASH_D_ROUNDS 4
-
#define ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b))))
#define U32TO8_LE(p, v) \
@@ -146,7 +142,7 @@ void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen)
uint64_t m;
const uint8_t *end;
int left;
- int i;
+ unsigned int i;
uint64_t v0 = ctx->v0;
uint64_t v1 = ctx->v1;
uint64_t v2 = ctx->v2;
@@ -202,7 +198,7 @@ void SipHash_Update(SIPHASH *ctx, const unsigned char *in, size_t inlen)
int SipHash_Final(SIPHASH *ctx, unsigned char *out, size_t outlen)
{
/* finalize hash */
- int i;
+ unsigned int i;
uint64_t b = ctx->total_inlen << 56;
uint64_t v0 = ctx->v0;
uint64_t v1 = ctx->v1;
diff --git a/crypto/siphash/siphash_local.h b/crypto/siphash/siphash_local.h
index 4841284c04..8cd7c208cc 100644
--- a/crypto/siphash/siphash_local.h
+++ b/crypto/siphash/siphash_local.h
@@ -16,8 +16,13 @@ struct siphash_st {
uint64_t v2;
uint64_t v3;
unsigned int len;
- int hash_size;
- int crounds;
- int drounds;
+ unsigned int hash_size;
+ unsigned int crounds;
+ unsigned int drounds;
unsigned char leavings[SIPHASH_BLOCK_SIZE];
};
+
+/* default: SipHash-2-4 */
+#define SIPHASH_C_ROUNDS 2
+#define SIPHASH_D_ROUNDS 4
+
diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod
index 90e8f5adcf..7a012026c5 100644
--- a/doc/man3/EVP_KDF.pod
+++ b/doc/man3/EVP_KDF.pod
@@ -25,7 +25,8 @@ EVP_KDF_CTX_gettable_params, EVP_KDF_CTX_settable_params - EVP KDF routines
EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src);
void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx);
size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx);
- int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen);
+ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
int EVP_KDF_up_ref(EVP_KDF *kdf);
void EVP_KDF_free(EVP_KDF *kdf);
EVP_KDF *EVP_KDF_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
@@ -56,9 +57,10 @@ The EVP KDF routines are a high-level interface to Key Derivation Function
algorithms and should be used instead of algorithm-specific functions.
After creating a B<EVP_KDF_CTX> for the required algorithm using
-EVP_KDF_CTX_new(), inputs to the algorithm are supplied
-using calls to EVP_KDF_CTX_set_params() before
-calling EVP_KDF_derive() to derive the key.
+EVP_KDF_CTX_new(), inputs to the algorithm are supplied either by
+passing them as part of the EVP_KDF_derive() call or using calls
+to EVP_KDF_CTX_set_params() before calling EVP_KDF_derive() to derive
+the key.
=head2 Types
@@ -99,9 +101,10 @@ I<ctx>.
EVP_KDF_CTX_reset() resets the context to the default state as if the context
had just been created.
-EVP_KDF_derive() derives I<keylen> bytes of key material and places it in the
-I<key> buffer. If the algorithm produces a fixed amount of output then an
-error will occur unless the I<keylen> parameter is equal to that output size,
+EVP_KDF_derive() processes any parameters in I<Params> and then derives
+I<keylen> bytes of key material and places it in the I<key> buffer.
+If the algorithm produces a fixed amount of output then an error will
+occur unless the I<keylen> parameter is equal to that output size,
as returned by EVP_KDF_CTX_get_kdf_size().
EVP_KDF_get_params() retrieves details about the implementation
diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index b32415aac5..928ef52407 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -40,7 +40,8 @@ EVP_MAC_do_all_provided - EVP MAC routines
int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx);
- int EVP_MAC_init(EVP_MAC_CTX *ctx);
+ int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
@@ -117,9 +118,11 @@ I<ctx>.
=head2 Computing functions
EVP_MAC_init() sets up the underlying context with information given
-through diverse controls.
-This should be called before calling EVP_MAC_update() and
-EVP_MAC_final().
+via the I<key> and I<params> arguments. The MAC I<key> has a length of
+I<keylen> and the parameters in I<params> are processed before setting
+the key. If I<key> is NULL, the key must be set via params either
+as part of this call or separately using EVP_MAC_CTX_set_params().
+This should be called before calling EVP_MAC_update() and EVP_MAC_final().
EVP_MAC_update() adds I<datalen> bytes from I<data> to the MAC input.
@@ -362,7 +365,7 @@ EVP_MAC_do_all_provided() returns nothing at all.
size_t i;
- OSSL_PARAM params[4];
+ OSSL_PARAM params[3];
size_t params_n = 0;
if (cipher != NULL)
@@ -371,17 +374,13 @@ EVP_MAC_do_all_provided() returns nothing at all.
if (digest != NULL)
params[params_n++] =
OSSL_PARAM_construct_utf8_string("digest", (char*)digest, 0);
- params[params_n++] =
- OSSL_PARAM_construct_octet_string("key", (void*)key, strlen(key));
params[params_n] = OSSL_PARAM_construct_end();
if (mac == NULL
|| key == NULL
|| (ctx = EVP_MAC_CTX_new(mac)) == NULL
- || EVP_MAC_CTX_set_params(ctx, params) <= 0)
- goto err;
-
- if (!EVP_MAC_init(ctx))
+ || !EVP_MAC_init(ctx, (const unsigned char *)key, strlen(key),
+ params))
goto err;
while ( (read_l = read(STDIN_FILENO, buf, sizeof(buf))) > 0) {
diff --git a/doc/man3/EVP_RAND.pod b/doc/man3/EVP_RAND.pod
index 88ee739d94..52cf5118d8 100644
--- a/doc/man3/EVP_RAND.pod
+++ b/doc/man3/EVP_RAND.pod
@@ -50,7 +50,8 @@ EVP_RAND_STATE_ERROR - EVP RAND routines
int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len);
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[]);
int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx);
int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
unsigned int strength, int prediction_resistance,
@@ -78,10 +79,10 @@ If you want to do more, these calls should be used instead of the older
RAND and RAND_DRBG functions.
After creating a B<EVP_RAND_CTX> for the required algorithm using
-EVP_RAND_CTX_new(), inputs to the algorithm are supplied
-using calls to EVP_RAND_set_ctx_params() before
-calling EVP_RAND_instantiate() and then EVP_RAND_generate() to produce
-cryptographically secure random bytes.
+EVP_RAND_CTX_new(), inputs to the algorithm are supplied either by
+passing them as part of the EVP_RAND_instantiate() call or using calls to
+EVP_RAND_set_ctx_params() before calling EVP_RAND_instantiate(). Finally,
+call EVP_RAND_generate() to produce cryptographically secure random bytes.
=head2 Types
@@ -123,8 +124,9 @@ I<ctx>.
=head2 Random Number Generator Functions
-EVP_RAND_instantiate() instantiates the RAND I<ctx> with a minimum security
-strength of <strength> and personalisation string I<pstr> of length <pstr_len>.
+EVP_RAND_instantiate() processes any parameters in I<params> and
+then instantiates the RAND I<ctx> with a minimum security strength
+of <strength> and personalisation string I<pstr> of length <pstr_len>.
If I<prediction_resistance> is specified, fresh entropy from a live source
will be sought. This call operates as per NIST SP 800-90A and SP 800-90C.
diff --git a/doc/man7/EVP_KDF-HKDF.pod b/doc/man7/EVP_KDF-HKDF.pod
index 830bf90e92..4fc663d1b6 100644
--- a/doc/man7/EVP_KDF-HKDF.pod
+++ b/doc/man7/EVP_KDF-HKDF.pod
@@ -119,10 +119,7 @@ salt value "salt" and info value "label":
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
"salt", (size_t)4);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0) {
- error("EVP_KDF_CTX_set_params");
- }
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
error("EVP_KDF_derive");
}
diff --git a/doc/man7/EVP_KDF-KB.pod b/doc/man7/EVP_KDF-KB.pod
index c69a717a3c..b8d7b15902 100644
--- a/doc/man7/EVP_KDF-KB.pod
+++ b/doc/man7/EVP_KDF-KB.pod
@@ -108,9 +108,7 @@ Label "label", and Context "context".
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
"context", strlen("context"));
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0)
- error("EVP_KDF_CTX_set_params");
- else if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0)
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0)
error("EVP_KDF_derive");
EVP_KDF_CTX_free(kctx);
diff --git a/doc/man7/EVP_KDF-KRB5KDF.pod b/doc/man7/EVP_KDF-KRB5KDF.pod
index 8d730d40b8..874b4d9753 100644
--- a/doc/man7/EVP_KDF-KRB5KDF.pod
+++ b/doc/man7/EVP_KDF-KRB5KDF.pod
@@ -81,10 +81,7 @@ This example derives a key using the AES-128-CBC cipher:
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_CONSTANT,
constant, strlen(constant));
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_set_params(kctx, params) <= 0)
- /* Error */
-
- if (EVP_KDF_derive(kctx, out, outlen) <= 0)
+ if (EVP_KDF_derive(kctx, out, outlen, params) <= 0)
/* Error */
EVP_KDF_CTX_free(kctx);
diff --git a/doc/man7/EVP_KDF-SCRYPT.pod b/doc/man7/EVP_KDF-SCRYPT.pod
index ec4eab8f1c..70edde375c 100644
--- a/doc/man7/EVP_KDF-SCRYPT.pod
+++ b/doc/man7/EVP_KDF-SCRYPT.pod
@@ -100,10 +100,7 @@ This example derives a 64-byte long test vector using scrypt with the password
*p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_R, (uint32_t)8);
*p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_P, (uint32_t)16);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0) {
- error("EVP_KDF_CTX_set_params");
- }
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
error("EVP_KDF_derive");
}
diff --git a/doc/man7/EVP_KDF-SS.pod b/doc/man7/EVP_KDF-SS.pod
index 088ffe0ea7..958fd06676 100644
--- a/doc/man7/EVP_KDF-SS.pod
+++ b/doc/man7/EVP_KDF-SS.pod
@@ -92,10 +92,7 @@ and fixedinfo value "label":
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
"label", (size_t)5);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0) {
- error("EVP_KDF_CTX_set_params");
- }
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
error("EVP_KDF_derive");
}
@@ -124,10 +121,7 @@ fixedinfo value "label" and salt "salt":
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
"salt", (size_t)4);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0) {
- error("EVP_KDF_CTX_set_params");
- }
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
error("EVP_KDF_derive");
}
@@ -157,10 +151,7 @@ fixedinfo value "label", salt of "salt" and KMAC outlen of 20:
"salt", (size_t)4);
*p++ = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_MAC_SIZE, (size_t)20);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0) {
- error("EVP_KDF_CTX_set_params");
- }
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
error("EVP_KDF_derive");
}
diff --git a/doc/man7/EVP_KDF-SSHKDF.pod b/doc/man7/EVP_KDF-SSHKDF.pod
index b782b6fa7c..74d1b71aca 100644
--- a/doc/man7/EVP_KDF-SSHKDF.pod
+++ b/doc/man7/EVP_KDF-SSHKDF.pod
@@ -126,10 +126,7 @@ This example derives an 8 byte IV using SHA-256 with a 1K "key" and appropriate
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
&type, sizeof(type));
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0)
- /* Error */
-
- if (EVP_KDF_derive(kctx, out, &outlen) <= 0)
+ if (EVP_KDF_derive(kctx, out, &outlen, params) <= 0)
/* Error */
diff --git a/doc/man7/EVP_KDF-TLS1_PRF.pod b/doc/man7/EVP_KDF-TLS1_PRF.pod
index 74ddb657f7..b7f8da5912 100644
--- a/doc/man7/EVP_KDF-TLS1_PRF.pod
+++ b/doc/man7/EVP_KDF-TLS1_PRF.pod
@@ -80,10 +80,7 @@ and seed value "seed":
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
"seed", (size_t)4);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0) {
- error("EVP_KDF_CTX_set_params");
- }
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
error("EVP_KDF_derive");
}
EVP_KDF_CTX_free(kctx);
diff --git a/doc/man7/EVP_KDF-X942-ASN1.pod b/doc/man7/EVP_KDF-X942-ASN1.pod
index b0e36133b4..c01ec466fa 100644
--- a/doc/man7/EVP_KDF-X942-ASN1.pod
+++ b/doc/man7/EVP_KDF-X942-ASN1.pod
@@ -115,10 +115,7 @@ keying material:
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_UKM, ukm, sizeof(ukm));
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, "AES-256-WRAP, 0);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0)
- error("EVP_KDF_CTX_set_params");
-
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0)
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0)
error("EVP_KDF_derive");
EVP_KDF_CTX_free(kctx);
diff --git a/doc/man7/EVP_KDF-X963.pod b/doc/man7/EVP_KDF-X963.pod
index b814fe5b47..3272e1e755 100644
--- a/doc/man7/EVP_KDF-X963.pod
+++ b/doc/man7/EVP_KDF-X963.pod
@@ -72,10 +72,7 @@ value "label":
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,
"label", (size_t)5);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params) <= 0) {
- error("EVP_KDF_CTX_set_params");
- }
- if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) {
+ if (EVP_KDF_derive(kctx, out, sizeof(out), params) <= 0) {
error("EVP_KDF_derive");
}
diff --git a/doc/man7/EVP_MAC-KMAC.pod b/doc/man7/EVP_MAC-KMAC.pod
index 9d40288044..46fce76274 100644
--- a/doc/man7/EVP_MAC-KMAC.pod
+++ b/doc/man7/EVP_MAC-KMAC.pod
@@ -47,8 +47,10 @@ The default value is 0.
=back
-The "custom" and "key" parameters must be set before EVP_MAC_init().
+The "custom" parameter must be set as part of or before the EVP_MAC_init() call.
The "xof" and "size" parameters can be set at any time before EVP_MAC_final().
+The "key" parameter is set as part of the EVP_MAC_init() call, but can be
+set before it instead.
=head1 EXAMPLES
diff --git a/doc/man7/EVP_MAC-Siphash.pod b/doc/man7/EVP_MAC-Siphash.pod
index d0a4226ae5..2b6f2ae4e4 100644
--- a/doc/man7/EVP_MAC-Siphash.pod
+++ b/doc/man7/EVP_MAC-Siphash.pod
@@ -36,6 +36,14 @@ The length of the "size" parameter should not exceed that of a B<size_t>.
=item "size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer>
+=item "c-rounds" (B<OSSL_MAC_PARAM_C_ROUNDS>) <unsigned integer>
+
+Specifies the number of rounds per message block. By default this is I<2>.
+
+=item "d-rounds" (B<OSSL_MAC_PARAM_D_ROUNDS>) <unsigned integer>
+
+Specifies the number of finalisation rounds. By default this is I<4>.
+
=back
=head1 SEE ALSO
diff --git a/doc/man7/EVP_RAND-CTR-DRBG.pod b/doc/man7/EVP_RAND-CTR-DRBG.pod
index a31b22390a..61dfa2672e 100644
--- a/doc/man7/EVP_RAND-CTR-DRBG.pod
+++ b/doc/man7/EVP_RAND-CTR-DRBG.pod
@@ -81,7 +81,7 @@ A context for CTR DRBG can be obtained by calling:
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
SN_aes_256_ctr, 0);
*p = OSSL_PARAM_construct_end();
- EVP_RAND_set_ctx_params(rctx, params);
+ EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
diff --git a/doc/man7/EVP_RAND-HASH-DRBG.pod b/doc/man7/EVP_RAND-HASH-DRBG.pod
index 631383c74a..a212add6d2 100644
--- a/doc/man7/EVP_RAND-HASH-DRBG.pod
+++ b/doc/man7/EVP_RAND-HASH-DRBG.pod
@@ -73,7 +73,7 @@ A context for HASH DRBG can be obtained by calling:
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, SN_sha512, 0);
*p = OSSL_PARAM_construct_end();
- EVP_RAND_set_ctx_params(rctx, params);
+ EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
diff --git a/doc/man7/EVP_RAND-HMAC-DRBG.pod b/doc/man7/EVP_RAND-HMAC-DRBG.pod
index f04ae336fc..f345255efc 100644
--- a/doc/man7/EVP_RAND-HMAC-DRBG.pod
+++ b/doc/man7/EVP_RAND-HMAC-DRBG.pod
@@ -76,7 +76,7 @@ A context for HMAC DRBG can be obtained by calling:
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_MAC, SN_hmac, 0);
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_DIGEST, SN_sha256, 0);
*p = OSSL_PARAM_construct_end();
- EVP_RAND_set_ctx_params(rctx, params);
+ EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
diff --git a/doc/man7/EVP_RAND-SEED-SRC.pod b/doc/man7/EVP_RAND-SEED-SRC.pod
index f301ed25f9..4d21e4cd6e 100644
--- a/doc/man7/EVP_RAND-SEED-SRC.pod
+++ b/doc/man7/EVP_RAND-SEED-SRC.pod
@@ -63,7 +63,7 @@ A context for the seed source can be obtained by calling:
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
SN_aes_256_ctr, 0);
*p = OSSL_PARAM_construct_end();
- EVP_RAND_set_ctx_params(rctx, params);
+ EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
diff --git a/doc/man7/EVP_RAND-TEST-RAND.pod b/doc/man7/EVP_RAND-TEST-RAND.pod
index 9eb7001d64..c5f1a4d526 100644
--- a/doc/man7/EVP_RAND-TEST-RAND.pod
+++ b/doc/man7/EVP_RAND-TEST-RAND.pod
@@ -90,7 +90,7 @@ A context for a test generator can be obtained by calling:
*p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
nonce, sizeof(nonce));
*p = OSSL_PARAM_construct_end();
- EVP_RAND_set_ctx_params(rctx, params);
+ EVP_RAND_instantiate(rctx, strength, 0, NULL, 0, params);
EVP_RAND_generate(rctx, bytes, sizeof(bytes), strength, 0, NULL, 0);
diff --git a/doc/man7/provider-kdf.pod b/doc/man7/provider-kdf.pod
index 4d3d91a4e7..0b13537e8d 100644
--- a/doc/man7/provider-kdf.pod
+++ b/doc/man7/provider-kdf.pod
@@ -24,7 +24,8 @@ provider-kdf - The KDF library E<lt>-E<gt> provider functions
/* Encryption/decryption */
int OSSL_FUNC_kdf_reset(void *kctx);
- int OSSL_FUNC_kdf_derive(void *kctx, unsigned char *key, size_t keylen);
+ int OSSL_FUNC_kdf_derive(void *kctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
/* KDF parameter descriptors */
const OSSL_PARAM *OSSL_FUNC_kdf_gettable_params(void *provctx);
@@ -108,7 +109,8 @@ I<kctx> parameter and return the duplicate copy.
OSSL_FUNC_kdf_reset() initialises a KDF operation given a provider
side KDF context in the I<kctx> parameter.
-OSSL_FUNC_kdf_derive() performs the KDF operation.
+OSSL_FUNC_kdf_derive() performs the KDF operation after processing the
+I<params> as per OSSL_FUNC_kdf_set_ctx_params().
The I<kctx> parameter contains a pointer to the provider side context.
The resulting key of the desired I<keylen> should be written to I<key>.
If the algorithm does not support the requested I<keylen> the function must
diff --git a/doc/man7/provider-mac.pod b/doc/man7/provider-mac.pod
index fdeda79ab5..47f26ca89b 100644
--- a/doc/man7/provider-mac.pod
+++ b/doc/man7/provider-mac.pod
@@ -23,7 +23,8 @@ provider-mac - The mac library E<lt>-E<gt> provider functions
void *OSSL_FUNC_mac_dupctx(void *src);
/* Encryption/decryption */
- int OSSL_FUNC_mac_init(void *mctx);
+ int OSSL_FUNC_mac_init(void *mctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_mac_update(void *mctx, const unsigned char *in, size_t inl);
int OSSL_FUNC_mac_final(void *mctx, unsigned char *out, size_t *outl, size_t outsize);
@@ -108,7 +109,8 @@ I<mctx> parameter and return the duplicate copy.
=head2 Encryption/Decryption Functions
OSSL_FUNC_mac_init() initialises a mac operation given a newly created provider
-side mac context in the I<mctx> parameter.
+side mac context in the I<mctx> parameter. The I<params> are set before setting
+the MAC I<key> of I<keylen> bytes.
OSSL_FUNC_mac_update() is called to supply data for MAC computation of a previously
initialised mac operation.
@@ -158,7 +160,8 @@ parameters are relevant to, or are understood by all macs:
=item "key" (B<OSSL_MAC_PARAM_KEY>) <octet string>
-Sets the key in the associated MAC ctx.
+Sets the key in the associated MAC ctx. This is identical to passing a I<key>
+argument to the OSSL_FUNC_mac_init() function.
=item "iv" (B<OSSL_MAC_PARAM_IV>) <octet string>
@@ -228,7 +231,7 @@ array, or NULL if none is offered.
=head1 SEE ALSO
-L<provider(7)>
+L<provider(7)>, L<EVP_MAC_init(3)>
=head1 HISTORY
diff --git a/doc/man7/provider-rand.pod b/doc/man7/provider-rand.pod
index 5de3a15f38..157f6227e9 100644
--- a/doc/man7/provider-rand.pod
+++ b/doc/man7/provider-rand.pod
@@ -26,7 +26,8 @@ functions
/* Random number generator functions: NIST */
int OSSL_FUNC_rand_instantiate(void *ctx, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len);
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_rand_uninstantiate(void *ctx);
int OSSL_FUNC_rand_generate(void *ctx, unsigned char *out, size_t outlen,
unsigned int strength, int prediction_resistance,
@@ -97,7 +98,8 @@ These functions correspond to those defined in NIST SP 800-90A and SP 800-90C.
OSSL_FUNC_rand_instantiate() is used to instantiate the DRBG I<ctx> at a requested
security I<strength>. In addition, I<prediction_resistance> can be requested.
Additional input I<addin> of length I<addin_len> bytes can optionally
-be provided.
+be provided. The parameters specified in I<params> configure the DRBG and these
+should be processed before instantiation.
OSSL_FUNC_rand_uninstantiate() is used to uninstantiate the DRBG I<ctx>. After being
uninstantiated, a DRBG is unable to produce output until it is instantiated
diff --git a/fuzz/fuzz_rand.c b/fuzz/fuzz_rand.c
index cd5371efbd..5bd343d8ae 100644
--- a/fuzz/fuzz_rand.c
+++ b/fuzz/fuzz_rand.c
@@ -41,7 +41,8 @@ static int fuzz_rand_instantiate(ossl_unused void *vrng,
ossl_unused unsigned int strength,
ossl_unused int prediction_resistance,
ossl_unused const unsigned char *pstr,
- ossl_unused size_t pstr_len)
+ ossl_unused size_t pstr_len,
+ ossl_unused const OSSL_PARAM params[])
{
*(int *)vrng = EVP_RAND_STATE_READY;
return 1;
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
index 634159524d..f88645f0f6 100644
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@@ -337,7 +337,8 @@ OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, cipher_gettable_ctx_params,
OSSL_CORE_MAKE_FUNC(void *, mac_newctx, (void *provctx))
OSSL_CORE_MAKE_FUNC(void *, mac_dupctx, (void *src))
OSSL_CORE_MAKE_FUNC(void, mac_freectx, (void *mctx))
-OSSL_CORE_MAKE_FUNC(int, mac_init, (void *mctx))
+OSSL_CORE_MAKE_FUNC(int, mac_init, (void *mctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int, mac_update,
(void *mctx, const unsigned char *in, size_t inl))
OSSL_CORE_MAKE_FUNC(int, mac_final,
@@ -373,7 +374,7 @@ OSSL_CORE_MAKE_FUNC(void *, kdf_dupctx, (void *src))
OSSL_CORE_MAKE_FUNC(void, kdf_freectx, (void *kctx))
OSSL_CORE_MAKE_FUNC(void, kdf_reset, (void *kctx))
OSSL_CORE_MAKE_FUNC(int, kdf_derive, (void *kctx, unsigned char *key,
- size_t keylen))
+ size_t keylen, const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_params, (void *provctx))
OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, kdf_gettable_ctx_params,
(void *kctx, void *provctx))
@@ -414,7 +415,8 @@ OSSL_CORE_MAKE_FUNC(void,rand_freectx, (void *vctx))
OSSL_CORE_MAKE_FUNC(int,rand_instantiate,
(void *vdrbg, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len))
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[]))
OSSL_CORE_MAKE_FUNC(int,rand_uninstantiate, (void *vdrbg))
OSSL_CORE_MAKE_FUNC(int,rand_generate,
(void *vctx, unsigned char *out, size_t outlen,
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index cb8d83ba88..0f242e3605 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -158,6 +158,8 @@ extern "C" {
#define OSSL_MAC_PARAM_XOF "xof" /* int, 0 or 1 */
#define OSSL_MAC_PARAM_DIGEST_NOINIT "digest-noinit" /* int, 0 or 1 */
#define OSSL_MAC_PARAM_DIGEST_ONESHOT "digest-oneshot" /* int, 0 or 1 */
+#define OSSL_MAC_PARAM_C_ROUNDS "c-rounds" /* unsigned int */
+#define OSSL_MAC_PARAM_D_ROUNDS "d-rounds" /* unsigned int */
/*
* If "engine" or "properties" are specified, they should always be paired
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 6a2202d954..96a82827fc 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1144,7 +1144,8 @@ int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]);
int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]);
size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx);
-int EVP_MAC_init(EVP_MAC_CTX *ctx);
+int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen);
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize);
@@ -1192,7 +1193,8 @@ int EVP_RAND_names_do_all(const EVP_RAND *rand,
__owur int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len);
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[]);
int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx);
__owur int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out,
size_t outlen, unsigned int strength,
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
index f1bc9a7709..4c1397f909 100644
--- a/include/openssl/kdf.h
+++ b/include/openssl/kdf.h
@@ -41,7 +41,8 @@ const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx);
void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx);
size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx);
-int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen);
+int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[]);
int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]);
int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]);
int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]);
diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c
index 0df2addccb..6ed4378a2f 100644
--- a/providers/common/provider_util.c
+++ b/providers/common/provider_util.c
@@ -72,6 +72,9 @@ int ossl_prov_cipher_load_from_params(PROV_CIPHER *pc,
const OSSL_PARAM *p;
const char *propquery;
+ if (params == NULL)
+ return 1;
+
if (!load_common(params, &propquery, &pc->engine))
return 0;
@@ -140,10 +143,12 @@ int ossl_prov_digest_load_from_params(PROV_DIGEST *pd,
const OSSL_PARAM *p;
const char *propquery;
+ if (params == NULL)
+ return 1;
+
if (!load_common(params, &propquery, &pd->engine))
return 0;
-
p = OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_DIGEST);
if (p == NULL)
return 1;
diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c
index 1848686ae3..b20af1bd6c 100644
--- a/providers/fips/self_test.c
+++ b/providers/fips/self_test.c
@@ -171,7 +171,7 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex
size_t bytes_read = 0, out_len = 0;
EVP_MAC *mac = NULL;
EVP_MAC_CTX *ctx = NULL;
- OSSL_PARAM params[3], *p = params;
+ OSSL_PARAM params[2], *p = params;
OSSL_SELF_TEST_onbegin(ev, event_type, OSSL_SELF_TEST_DESC_INTEGRITY_HMAC);
@@ -183,12 +183,9 @@ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex
goto err;
*p++ = OSSL_PARAM_construct_utf8_string("digest", DIGEST_NAME, 0);
- *p++ = OSSL_PARAM_construct_octet_string("key", fixed_key,
- sizeof(fixed_key));
*p = OSSL_PARAM_construct_end();
- if (EVP_MAC_CTX_set_params(ctx, params) <= 0
- || !EVP_MAC_init(ctx))
+ if (!EVP_MAC_init(ctx, fixed_key, sizeof(fixed_key), params))
goto err;
while (1) {
diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
index 79b78f0ba5..dbec87a0f3 100644
--- a/providers/fips/self_test_kats.c
+++ b/providers/fips/self_test_kats.c
@@ -217,12 +217,10 @@ static int self_test_kdf(const ST_KAT_KDF *t, OSSL_SELF_TEST *st,
params = OSSL_PARAM_BLD_to_param(bld);
if (params == NULL)
goto err;
- if (!EVP_KDF_CTX_set_params(ctx, params))
- goto err;
if (t->expected_len > sizeof(out))
goto err;
- if (EVP_KDF_derive(ctx, out, t->expected_len) <= 0)
+ if (EVP_KDF_derive(ctx, out, t->expected_len, params) <= 0)
goto err;
OSSL_SELF_TEST_oncorrupt_byte(st, out);
@@ -296,10 +294,10 @@ static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_SELF_TEST *st,
drbg_params[1] =
OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
(void *)t->nonce, t->noncelen);
- if (!EVP_RAND_set_ctx_params(test, drbg_params)
- || !EVP_RAND_instantiate(test, strength, 0, NULL, 0))
+ if (!EVP_RAND_instantiate(test, strength, 0, NULL, 0, drbg_params))
goto err;
- if (!EVP_RAND_instantiate(drbg, strength, 0, t->persstr, t->persstrlen))
+ if (!EVP_RAND_instantiate(drbg, strength, 0, t->persstr, t->persstrlen,
+ NULL))
goto err;
drbg_params[0] =
diff --git a/providers/implementations/exchange/kdf_exch.c b/providers/implementations/exchange/kdf_exch.c
index 2a299fbda8..7b6b12af69 100644
--- a/providers/implementations/exchange/kdf_exch.c
+++ b/providers/implementations/exchange/kdf_exch.c
@@ -101,7 +101,7 @@ static int kdf_derive(void *vpkdfctx, unsigned char *secret, size_t *secretlen,
return 1;
}
- return EVP_KDF_derive(pkdfctx->kdfctx, secret, outlen);
+ return EVP_KDF_derive(pkdfctx->kdfctx, secret, outlen, NULL);
}
static void kdf_freectx(void *vpkdfctx)
diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c
index b24b745216..24052f4d63 100644
--- a/providers/implementations/kdfs/hkdf.c
+++ b/providers/implementations/kdfs/hkdf.c
@@ -123,12 +123,13 @@ static size_t kdf_hkdf_size(KDF_HKDF *ctx)
return sz;
}
-static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_HKDF *ctx = (KDF_HKDF *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kdf_hkdf_set_ctx_params(ctx, params))
return 0;
md = ossl_prov_digest_md(&ctx->digest);
diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c
index 26235e400b..2f6171baa7 100644
--- a/providers/implementations/kdfs/kbkdf.c
+++ b/providers/implementations/kdfs/kbkdf.c
@@ -209,7 +209,8 @@ done:
return ret;
}
-static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KBKDF *ctx = (KBKDF *)vctx;
int ret = 0;
@@ -217,7 +218,7 @@ static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen)
uint32_t l = 0;
size_t h = 0;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kbkdf_set_ctx_params(ctx, params))
return 0;
/* label, context, and iv are permitted to be empty. Check everything
@@ -280,7 +281,6 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
KBKDF *ctx = (KBKDF *)vctx;
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
const OSSL_PARAM *p;
- OSSL_PARAM mparams[2];
if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL,
NULL, NULL, libctx))
@@ -330,16 +330,9 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
return 0;
/* Set up digest context, if we can. */
- if (ctx->ctx_init != NULL && ctx->ki_len != 0) {
- mparams[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- ctx->ki, ctx->ki_len);
- mparams[1] = OSSL_PARAM_construct_end();
-
- if (!EVP_MAC_CTX_set_params(ctx->ctx_init, mparams)
- || !EVP_MAC_init(ctx->ctx_init))
+ if (ctx->ctx_init != NULL && ctx->ki_len != 0
+ && !EVP_MAC_init(ctx->ctx_init, ctx->ki, ctx->ki_len, NULL))
return 0;
- }
-
return 1;
}
diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c
index 35d6ccb680..041c3e32b2 100644
--- a/providers/implementations/kdfs/krb5kdf.c
+++ b/providers/implementations/kdfs/krb5kdf.c
@@ -101,14 +101,14 @@ static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len,
return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
}
-static int krb5kdf_derive(void *vctx, unsigned char *key,
- size_t keylen)
+static int krb5kdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KRB5KDF_CTX *ctx = (KRB5KDF_CTX *)vctx;
const EVP_CIPHER *cipher;
ENGINE *engine;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !krb5kdf_set_ctx_params(ctx, params))
return 0;
cipher = ossl_prov_cipher_cipher(&ctx->cipher);
diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c
index 9d993dc545..ce27fe9b39 100644
--- a/providers/implementations/kdfs/pbkdf2.c
+++ b/providers/implementations/kdfs/pbkdf2.c
@@ -139,13 +139,13 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen,
return 1;
}
-static int kdf_pbkdf2_derive(void *vctx, unsigned char *key,
- size_t keylen)
+static int kdf_pbkdf2_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_PBKDF2 *ctx = (KDF_PBKDF2 *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kdf_pbkdf2_set_ctx_params(ctx, params))
return 0;
if (ctx->pass == NULL) {
diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c
index ce49c2844c..bea6dffeca 100644
--- a/providers/implementations/kdfs/pkcs12kdf.c
+++ b/providers/implementations/kdfs/pkcs12kdf.c
@@ -195,13 +195,13 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen,
return 1;
}
-static int kdf_pkcs12_derive(void *vctx, unsigned char *key,
- size_t keylen)
+static int kdf_pkcs12_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_PKCS12 *ctx = (KDF_PKCS12 *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kdf_pkcs12_set_ctx_params(ctx, params))
return 0;
if (ctx->pass == NULL) {
diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c
index de53d3e129..6c61d3bb3c 100644
--- a/providers/implementations/kdfs/scrypt.c
+++ b/providers/implementations/kdfs/scrypt.c
@@ -147,12 +147,12 @@ static int set_property_query(KDF_SCRYPT *ctx, const char *propq)
return 1;
}
-static int kdf_scrypt_derive(void *vctx, unsigned char *key,
- size_t keylen)
+static int kdf_scrypt_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_SCRYPT *ctx = (KDF_SCRYPT *)vctx;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kdf_scrypt_set_ctx_params(ctx, params))
return 0;
if (ctx->pass == NULL) {
diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c
index 90b7666450..f99a6a7413 100644
--- a/providers/implementations/kdfs/sshkdf.c
+++ b/providers/implementations/kdfs/sshkdf.c
@@ -94,13 +94,13 @@ static int sshkdf_set_membuf(unsigned char **dst, size_t *dst_len,
return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
}
-static int kdf_sshkdf_derive(void *vctx, unsigned char *key,
- size_t keylen)
+static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_SSHKDF *ctx = (KDF_SSHKDF *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kdf_sshkdf_set_ctx_params(ctx, params))
return 0;
md = ossl_prov_digest_md(&ctx->digest);
diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
index bc0b49c561..118c44cfa7 100644
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@@ -223,27 +223,19 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init,
unsigned char *out = derived_key;
EVP_MAC_CTX *ctx = NULL;
unsigned char *mac = mac_buf, *kmac_buffer = NULL;
- OSSL_PARAM params[2], *p = params;
if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN
|| derived_key_len > SSKDF_MAX_INLEN
|| derived_key_len == 0)
return 0;
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- (void *)salt, salt_len);
- *p = OSSL_PARAM_construct_end();
-
- if (!EVP_MAC_CTX_set_params(ctx_init, params))
- goto end;
-
if (!kmac_init(ctx_init, kmac_custom, kmac_custom_len, kmac_out_len,
derived_key_len, &kmac_buffer))
goto end;
if (kmac_buffer != NULL)
mac = kmac_buffer;
- if (!EVP_MAC_init(ctx_init))
+ if (!EVP_MAC_init(ctx_init, salt, salt_len, NULL))
goto end;
out_len = EVP_MAC_CTX_get_mac_size(ctx_init); /* output size */
@@ -350,12 +342,13 @@ static size_t sskdf_size(KDF_SSKDF *ctx)
return (len <= 0) ? 0 : (size_t)len;
}
-static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !sskdf_set_ctx_params(ctx, params))
return 0;
if (ctx->secret == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_SECRET);
@@ -419,12 +412,13 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
}
}
-static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
const EVP_MD *md;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !sskdf_set_ctx_params(ctx, params))
return 0;
if (ctx->secret == NULL) {
diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c
index a3bdc85040..4204f03b3a 100644
--- a/providers/implementations/kdfs/tls1_prf.c
+++ b/providers/implementations/kdfs/tls1_prf.c
@@ -131,12 +131,12 @@ static void kdf_tls1_prf_reset(void *vctx)
ctx->provctx = provctx;
}
-static int kdf_tls1_prf_derive(void *vctx, unsigned char *key,
- size_t keylen)
+static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
TLS1_PRF *ctx = (TLS1_PRF *)vctx;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kdf_tls1_prf_set_ctx_params(ctx, params))
return 0;
if (ctx->P_hash == NULL) {
@@ -289,14 +289,8 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init,
unsigned char Ai[EVP_MAX_MD_SIZE];
size_t Ai_len;
int ret = 0;
- OSSL_PARAM params[2], *p = params;
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- (void *)sec, sec_len);
- *p = OSSL_PARAM_construct_end();
- if (!EVP_MAC_CTX_set_params(ctx_init, params))
- goto err;
- if (!EVP_MAC_init(ctx_init))
+ if (!EVP_MAC_init(ctx_init, sec, sec_len, NULL))
goto err;
chunk = EVP_MAC_CTX_get_mac_size(ctx_init);
if (chunk == 0)
diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c
index a220eca80f..ca478bc883 100644
--- a/providers/implementations/kdfs/x942kdf.c
+++ b/providers/implementations/kdfs/x942kdf.c
@@ -392,7 +392,8 @@ static size_t x942kdf_size(KDF_X942 *ctx)
return (len <= 0) ? 0 : (size_t)len;
}
-static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen)
+static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
KDF_X942 *ctx = (KDF_X942 *)vctx;
const EVP_MD *md;
@@ -401,7 +402,7 @@ static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen)
unsigned char *der = NULL;
size_t der_len = 0;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !x942kdf_set_ctx_params(ctx, params))
return 0;
/*
diff --git a/providers/implementations/macs/blake2_mac_impl.c b/providers/implementations/macs/blake2_mac_impl.c
index 4f36991d41..35a162246e 100644
--- a/providers/implementations/macs/blake2_mac_impl.c
+++ b/providers/implementations/macs/blake2_mac_impl.c
@@ -87,19 +87,36 @@ static size_t blake2_mac_size(void *vmacctx)
return macctx->params.digest_length;
}
-static int blake2_mac_init(void *vmacctx)
+static int blake2_setkey(struct blake2_mac_data_st *macctx,
+ const unsigned char *key, size_t keylen)
+{
+ if (keylen > BLAKE2_KEYBYTES || keylen == 0) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ memcpy(macctx->key, key, keylen);
+ /* Pad with zeroes at the end if required */
+ if (keylen < BLAKE2_KEYBYTES)
+ memset(macctx->key + keylen, 0, BLAKE2_KEYBYTES - keylen);
+ BLAKE2_PARAM_SET_KEY_LENGTH(&macctx->params, (uint8_t)keylen);
+ return 1;
+}
+
+static int blake2_mac_init(void *vmacctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[])
{
struct blake2_mac_data_st *macctx = vmacctx;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !blake2_mac_set_ctx_params(macctx, params))
return 0;
-
- /* Check key has been set */
- if (macctx->params.key_length == 0) {
+ if (key != NULL) {
+ if (!blake2_setkey(macctx, key, keylen))
+ return 0;
+ } else if (macctx->params.key_length == 0) {
+ /* Check key has been set */
ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
return 0;
}
-
return BLAKE2_INIT_KEY(&macctx->ctx, &macctx->params, macctx->key);
}
@@ -180,19 +197,9 @@ static int blake2_mac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
BLAKE2_PARAM_SET_DIGEST_LENGTH(&macctx->params, (uint8_t)size);
}
- if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
- size_t len;
- void *key_p = macctx->key;
-
- if (!OSSL_PARAM_get_octet_string(p, &key_p, BLAKE2_KEYBYTES, &len)) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
- return 0;
- }
- /* Pad with zeroes at the end */
- memset(macctx->key + len, 0, BLAKE2_KEYBYTES - len);
-
- BLAKE2_PARAM_SET_KEY_LENGTH(&macctx->params, (uint8_t)len);
- }
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL
+ && !blake2_setkey(macctx, p->data, p->data_size))
+ return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CUSTOM))
!= NULL) {
diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c
index 08c4eebbf3..9aefc2cbec 100644
--- a/providers/implementations/macs/cmac_prov.c
+++ b/providers/implementations/macs/cmac_prov.c
@@ -102,20 +102,26 @@ static size_t cmac_size(void *vmacctx)
return EVP_CIPHER_CTX_block_size(CMAC_CTX_get0_cipher_ctx(macctx->ctx));
}
-static int cmac_init(void *vmacctx)
+static int cmac_setkey(struct cmac_data_st *macctx,
+ const unsigned char *key, size_t keylen)
+{
+ int rv = CMAC_Init(macctx->ctx, key, keylen,
+ ossl_prov_cipher_cipher(&macctx->cipher),
+ ossl_prov_cipher_engine(&macctx->cipher));
+ ossl_prov_cipher_reset(&macctx->cipher);
+ return rv;
+}
+
+static int cmac_init(void *vmacctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[])
{
struct cmac_data_st *macctx = vmacctx;
- int rv;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !cmac_set_ctx_params(macctx, params))
return 0;
-
- rv = CMAC_Init(macctx->ctx, NULL, 0,
- ossl_prov_cipher_cipher(&macctx->cipher),
- ossl_prov_cipher_engine(&macctx->cipher));
-
- ossl_prov_cipher_reset(&macctx->cipher);
- return rv;
+ if (key != NULL)
+ return cmac_setkey(macctx, key, keylen);
+ return 1;
}
static int cmac_update(void *vmacctx, const unsigned char *data,
@@ -184,13 +190,7 @@ static int cmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING)
return 0;
-
- if (!CMAC_Init(macctx->ctx, p->data, p->data_size,
- ossl_prov_cipher_cipher(&macctx->cipher),
- ossl_prov_cipher_engine(&macctx->cipher)))
- return 0;
-
- ossl_prov_cipher_reset(&macctx->cipher);
+ return cmac_setkey(macctx, p->data, p->data_size);
}
return 1;
}
diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c
index 3a4600b66a..14ca948077 100644
--- a/providers/implementations/macs/gmac_prov.c
+++ b/providers/implementations/macs/gmac_prov.c
@@ -98,9 +98,30 @@ static size_t gmac_size(void)
return EVP_GCM_TLS_TAG_LEN;
}
-static int gmac_init(void *vmacctx)
+static int gmac_setkey(struct gmac_data_st *macctx,
+ const unsigned char *key, size_t keylen)
{
- return ossl_prov_is_running();
+ EVP_CIPHER_CTX *ctx = macctx->ctx;
+
+ if (keylen != (size_t)EVP_CIPHER_CTX_key_length(ctx)) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL))
+ return 0;
+ return 1;
+}
+
+static int gmac_init(void *vmacctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[])
+{
+ struct gmac_data_st *macctx = vmacctx;
+
+ if (!ossl_prov_is_running() || !gmac_set_ctx_params(macctx, params))
+ return 0;
+ if (key != NULL)
+ return gmac_setkey(macctx, key, keylen);
+ return 1;
}
static int gmac_update(void *vmacctx, const unsigned char *data,
@@ -186,7 +207,9 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(macctx->provctx);
const OSSL_PARAM *p;
- if (ctx == NULL
+ if (params == NULL)
+ return 1;
+ if (ctx == NULL
|| !ossl_prov_cipher_load_from_params(&macctx->cipher, params, provctx))
return 0;
@@ -200,17 +223,11 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[])
NULL))
return 0;
- if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
- if (p->data_type != OSSL_PARAM_OCTET_STRING)
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL)
+ if (p->data_type != OSSL_PARAM_OCTET_STRING
+ || !gmac_setkey(macctx, p->data, p->data_size))
return 0;
- if (p->data_size != (size_t)EVP_CIPHER_CTX_key_length(ctx)) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
- return 0;
- }
- if (!EVP_EncryptInit_ex(ctx, NULL, NULL, p->data, NULL))
- return 0;
- }
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_IV)) != NULL) {
if (p->data_type != OSSL_PARAM_OCTET_STRING)
return 0;
diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c
index 6d7d3d5118..7188232d7d 100644
--- a/providers/implementations/macs/hmac_prov.c
+++ b/providers/implementations/macs/hmac_prov.c
@@ -141,22 +141,39 @@ static size_t hmac_size(void *vmacctx)
return HMAC_size(macctx->ctx);
}
-static int hmac_init(void *vmacctx)
+static int hmac_setkey(struct hmac_data_st *macctx,
+ const unsigned char *key, size_t keylen)
{
- struct hmac_data_st *macctx = vmacctx;
const EVP_MD *digest;
- int rv = 1;
- if (!ossl_prov_is_running())
+ if (macctx->keylen > 0)
+ OPENSSL_secure_clear_free(macctx->key, macctx->keylen);
+ /* Keep a copy of the key in case we need it for TLS HMAC */
+ macctx->key = OPENSSL_secure_malloc(keylen > 0 ? keylen : 1);
+ if (macctx->key == NULL)
return 0;
+ memcpy(macctx->key, key, keylen);
+ macctx->keylen = keylen;
digest = ossl_prov_digest_md(&macctx->digest);
/* HMAC_Init_ex doesn't tolerate all zero params, so we must be careful */
- if (macctx->tls_data_size == 0 && digest != NULL)
- rv = HMAC_Init_ex(macctx->ctx, NULL, 0, digest,
- ossl_prov_digest_engine(&macctx->digest));
+ if (key != NULL || (macctx->tls_data_size == 0 && digest != NULL))
+ return HMAC_Init_ex(macctx->ctx, key, keylen, digest,
+ ossl_prov_digest_engine(&macctx->digest));
+ return 1;
+}
+
+static int hmac_init(void *vmacctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[])
+{
+ struct hmac_data_st *macctx = vmacctx;
+
+ if (!ossl_prov_is_running() || !hmac_set_ctx_params(macctx, params))
+ return 0;
- return rv;
+ if (key != NULL && !hmac_setkey(macctx, key, keylen))
+ return 0;
+ return 1;
}
static int hmac_update(void *vmacctx, const unsigned char *data,
diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c
index 76f581ee77..361ff8e716 100644
--- a/providers/implementations/macs/kmac_prov.c
+++ b/providers/implementations/macs/kmac_prov.c
@@ -241,23 +241,41 @@ static size_t kmac_size(void *vmacctx)
return kctx->out_len;
}
+static int kmac_setkey(struct kmac_data_st *kctx, const unsigned char *key,
+ size_t keylen)
+{
+ const EVP_MD *digest = ossl_prov_digest_md(&kctx->digest);
+
+ if (keylen < 4 || keylen > KMAC_MAX_KEY) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ if (!kmac_bytepad_encode_key(kctx->key, &kctx->key_len,
+ key, keylen, EVP_MD_block_size(digest)))
+ return 0;
+ return 1;
+}
+
/*
* The init() assumes that any ctrl methods are set beforehand for
* md, key and custom. Setting the fields afterwards will have no
* effect on the output mac.
*/
-static int kmac_init(void *vmacctx)
+static int kmac_init(void *vmacctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[])
{
struct kmac_data_st *kctx = vmacctx;
EVP_MD_CTX *ctx = kctx->ctx;
unsigned char out[KMAC_MAX_BLOCKSIZE];
int out_len, block_len;
- if (!ossl_prov_is_running())
+ if (!ossl_prov_is_running() || !kmac_set_ctx_params(kctx, params))
return 0;
-
- /* Check key has been set */
- if (kctx->key_len == 0) {
+ if (key != NULL) {
+ if (!kmac_setkey(kctx, key, keylen))
+ return 0;
+ } else if (kctx->key_len == 0) {
+ /* Check key has been set */
ERR_raise(ERR_LIB_PROV, PROV_R_NO_KEY_SET);
return 0;
}
@@ -271,11 +289,11 @@ static int kmac_init(void *vmacctx)
/* Set default custom string if it is not already set */
if (kctx->custom_len == 0) {
- const OSSL_PARAM params[] = {
+ const OSSL_PARAM cparams[] = {
OSSL_PARAM_octet_string(OSSL_MAC_PARAM_CUSTOM, "", 0),
OSSL_PARAM_END
};
- (void)kmac_set_ctx_params(kctx, params);
+ (void)kmac_set_ctx_params(kctx, cparams);
}
return bytepad(out, &out_len, kmac_string, sizeof(kmac_string),
@@ -360,7 +378,6 @@ static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params)
{
struct kmac_data_st *kctx = vmacctx;
const OSSL_PARAM *p;
- const EVP_MD *digest = ossl_prov_digest_md(&kctx->digest);
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_XOF)) != NULL
&& !OSSL_PARAM_get_int(p, &kctx->xof_mode))
@@ -368,16 +385,9 @@ static int kmac_set_ctx_params(void *vmacctx, const OSSL_PARAM *params)
if (((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL)
&& !OSSL_PARAM_get_size_t(p, &kctx->out_len))
return 0;
- if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
- if (p->data_size < 4 || p->data_size > KMAC_MAX_KEY) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
- return 0;
- }
- if (!kmac_bytepad_encode_key(kctx->key, &kctx->key_len,
- p->data, p->data_size,
- EVP_MD_block_size(digest)))
- return 0;
- }
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL
+ && !kmac_setkey(kctx, p->data, p->data_size))
+ return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_CUSTOM))
!= NULL) {
if (p->data_size > KMAC_MAX_CUSTOM) {
diff --git a/providers/implementations/macs/poly1305_prov.c b/providers/implementations/macs/poly1305_prov.c
index 3f784e9c28..5a09926551 100644
--- a/providers/implementations/macs/poly1305_prov.c
+++ b/providers/implementations/macs/poly1305_prov.c
@@ -77,10 +77,28 @@ static size_t poly1305_size(void)
return POLY1305_DIGEST_SIZE;
}
-static int poly1305_init(void *vmacctx)
+static int poly1305_setkey(struct poly1305_data_st *ctx,
+ const unsigned char *key, size_t keylen)
{
+ if (keylen != POLY1305_KEY_SIZE) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ return 0;
+ }
+ Poly1305_Init(&ctx->poly1305, key);
+ return 1;
+}
+
+static int poly1305_init(void *vmacctx, const unsigned char *key,
+ size_t keylen, const OSSL_PARAM params[])
+{
+ struct poly1305_data_st *ctx = vmacctx;
+
/* initialize the context in MAC_ctrl function */
- return ossl_prov_is_running();
+ if (!ossl_prov_is_running() || !poly1305_set_ctx_params(ctx, params))
+ return 0;
+ if (key != NULL)
+ return poly1305_setkey(ctx, key, keylen);
+ return 1;
}
static int poly1305_update(void *vmacctx, const unsigned char *data,
@@ -140,16 +158,11 @@ static const OSSL_PARAM *poly1305_settable_ctx_params(ossl_unused void *ctx,
static int poly1305_set_ctx_params(void *vmacctx, const OSSL_PARAM *params)
{
struct poly1305_data_st *ctx = vmacctx;
- const OSSL_PARAM *p = NULL;
-
- if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL) {
- if (p->data_type != OSSL_PARAM_OCTET_STRING
- || p->data_size != POLY1305_KEY_SIZE) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
- return 0;
- }
- Poly1305_Init(&ctx->poly1305, p->data);
- }
+ const OSSL_PARAM *p;
+
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL
+ && !poly1305_setkey(ctx, p->data, p->data_size))
+ return 0;
return 1;
}
diff --git a/providers/implementations/macs/siphash_prov.c b/providers/implementations/macs/siphash_prov.c
index 95a345495e..3f2e3267e0 100644
--- a/providers/implementations/macs/siphash_prov.c
+++ b/providers/implementations/macs/siphash_prov.c
@@ -45,8 +45,19 @@ static OSSL_FUNC_mac_final_fn siphash_final;
struct siphash_data_st {
void *provctx;
SIPHASH siphash; /* Siphash data */
+ unsigned int crounds, drounds;
};
+static unsigned int crounds(struct siphash_data_st *ctx)
+{
+ return ctx->crounds != 0 ? ctx->crounds : SIPHASH_C_ROUNDS;
+}
+
+static unsigned int drounds(struct siphash_data_st *ctx)
+{
+ return ctx->drounds != 0 ? ctx->drounds : SIPHASH_D_ROUNDS;
+}
+
static void *siphash_new(void *provctx)
{
struct siphash_data_st *ctx;
@@ -86,10 +97,27 @@ static size_t siphash_size(void *vmacctx)
return SipHash_hash_size(&ctx->siphash);
}
-static int siphash_init(void *vmacctx)
+static int siphash_setkey(struct siphash_data_st *ctx,
+ const unsigned char *key, size_t keylen)
+{
+ if (keylen != SIPHASH_KEY_SIZE)
+ return 0;
+ return SipHash_Init(&ctx->siphash, key, crounds(ctx), drounds(ctx));
+}
+
+static int siphash_init(void *vmacctx, const unsigned char *key, size_t keylen,
+ const OSSL_PARAM params[])
{
- /* Not much to do here, actual initialization happens through controls */
- return ossl_prov_is_running();
+ struct siphash_data_st *ctx = vmacctx;
+
+ if (!ossl_prov_is_running() || !siphash_set_params(ctx, params))
+ return 0;
+ /* Without a key, there is not much to do here,
+ * The actual initialization happens through controls.
+ */
+ if (key == NULL)
+ return 1;
+ return siphash_setkey(ctx, key, keylen);
}
static int siphash_update(void *vmacctx, const unsigned char *data,
@@ -117,35 +145,47 @@ static int siphash_final(void *vmacctx, unsigned char *out, size_t *outl,
return SipHash_Final(&ctx->siphash, out, hlen);
}
-static const OSSL_PARAM known_gettable_ctx_params[] = {
- OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
- OSSL_PARAM_END
-};
static const OSSL_PARAM *siphash_gettable_ctx_params(ossl_unused void *ctx,
ossl_unused void *provctx)
{
+ static const OSSL_PARAM known_gettable_ctx_params[] = {
+ OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
+ OSSL_PARAM_uint(OSSL_MAC_PARAM_C_ROUNDS, NULL),
+ OSSL_PARAM_uint(OSSL_MAC_PARAM_D_ROUNDS, NULL),
+ OSSL_PARAM_END
+ };
+
return known_gettable_ctx_params;
}
static int siphash_get_ctx_params(void *vmacctx, OSSL_PARAM params[])
{
+ struct siphash_data_st *ctx = vmacctx;
OSSL_PARAM *p;
- if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL)
- return OSSL_PARAM_set_size_t(p, siphash_size(vmacctx));
-
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_SIZE)) != NULL
+ && !OSSL_PARAM_set_size_t(p, siphash_size(vmacctx)))
+ return 0;
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_C_ROUNDS)) != NULL
+ && !OSSL_PARAM_set_uint(p, crounds(ctx)))
+ return 0;
+ if ((p = OSSL_PARAM_locate(params, OSSL_MAC_PARAM_D_ROUNDS)) != NULL
+ && !OSSL_PARAM_set_uint(p, drounds(ctx)))
+ return 0;
return 1;
}
-static const OSSL_PARAM known_settable_ctx_params[] = {
- OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
- OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
- OSSL_PARAM_END
-};
-
static const OSSL_PARAM *siphash_settable_ctx_params(ossl_unused void *ctx,
void *provctx)
{
+ static const OSSL_PARAM known_settable_ctx_params[] = {
+ OSSL_PARAM_size_t(OSSL_MAC_PARAM_SIZE, NULL),
+ OSSL_PARAM_octet_string(OSSL_MAC_PARAM_KEY, NULL, 0),
+ OSSL_PARAM_uint(OSSL_MAC_PARAM_C_ROUNDS, NULL),
+ OSSL_PARAM_uint(OSSL_MAC_PARAM_D_ROUNDS, NULL),
+ OSSL_PARAM_END
+ };
+
return known_settable_ctx_params;
}
@@ -153,18 +193,22 @@ static int siphash_set_params(void *vmacctx, const OSSL_PARAM *params)
{
struct siphash_data_st *ctx = vmacctx;
const OSSL_PARAM *p = NULL;
+ size_t size;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_SIZE)) != NULL) {
- size_t size;
-
if (!OSSL_PARAM_get_size_t(p, &size)
|| !SipHash_set_hash_size(&ctx->siphash, size))
return 0;
}
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_C_ROUNDS)) != NULL
+ && !OSSL_PARAM_get_uint(p, &ctx->crounds))
+ return 0;
+ if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_D_ROUNDS)) != NULL
+ && !OSSL_PARAM_get_uint(p, &ctx->drounds))
+ return 0;
if ((p = OSSL_PARAM_locate_const(params, OSSL_MAC_PARAM_KEY)) != NULL)
if (p->data_type != OSSL_PARAM_OCTET_STRING
- || p->data_size != SIPHASH_KEY_SIZE
- || !SipHash_Init(&ctx->siphash, p->data, 0, 0))
+ || !siphash_setkey(ctx, p->data, p->data_size))
return 0;
return 1;
}
diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c
index fc8ac52ac2..a05c9397c8 100644
--- a/providers/implementations/rands/drbg.c
+++ b/providers/implementations/rands/drbg.c
@@ -365,9 +365,6 @@ int ossl_prov_drbg_instantiate(PROV_DRBG *drbg, unsigned int strength,
size_t noncelen = 0, entropylen = 0;
size_t min_entropy, min_entropylen, max_entropylen;
- if (!ossl_prov_is_running())
- return 0;
-
if (strength > drbg->strength) {
ERR_raise(ERR_LIB_PROV, PROV_R_INSUFFICIENT_DRBG_STRENGTH);
goto end;
diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c
index 066775aa52..48e8677ec8 100644
--- a/providers/implementations/rands/drbg_ctr.c
+++ b/providers/implementations/rands/drbg_ctr.c
@@ -18,6 +18,7 @@
#include "crypto/modes.h"
#include "internal/thread_once.h"
#include "prov/implementations.h"
+#include "prov/providercommon.h"
#include "prov/provider_ctx.h"
#include "drbg_local.h"
@@ -326,10 +327,13 @@ static int drbg_ctr_instantiate(PROV_DRBG *drbg,
static int drbg_ctr_instantiate_wrapper(void *vdrbg, unsigned int strength,
int prediction_resistance,
const unsigned char *pstr,
- size_t pstr_len)
+ size_t pstr_len,
+ const OSSL_PARAM params[])
{
PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
+ if (!ossl_prov_is_running() || !drbg_ctr_set_ctx_params(drbg, params))
+ return 0;
return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance,
pstr, pstr_len);
}
diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c
index c89b0cd5c3..4db104c773 100644
--- a/providers/implementations/rands/drbg_hash.c
+++ b/providers/implementations/rands/drbg_hash.c
@@ -266,10 +266,13 @@ static int drbg_hash_instantiate(PROV_DRBG *drbg,
static int drbg_hash_instantiate_wrapper(void *vdrbg, unsigned int strength,
int prediction_resistance,
const unsigned char *pstr,
- size_t pstr_len)
+ size_t pstr_len,
+ const OSSL_PARAM params[])
{
PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
+ if (!ossl_prov_is_running() || !drbg_hash_set_ctx_params(drbg, params))
+ return 0;
return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance,
pstr, pstr_len);
}
diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c
index 5f193fa57c..67c0339801 100644
--- a/providers/implementations/rands/drbg_hmac.c
+++ b/providers/implementations/rands/drbg_hmac.c
@@ -60,12 +60,8 @@ static int do_hmac(PROV_DRBG_HMAC *hmac, unsigned char inbyte,
const unsigned char *in3, size_t in3len)
{
EVP_MAC_CTX *ctx = hmac->ctx;
- OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
- *params = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, hmac->K,
- hmac->blocklen);
- if (!EVP_MAC_CTX_set_params(ctx, params)
- || !EVP_MAC_init(ctx)
+ if (!EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
/* K = HMAC(K, V || inbyte || [in1] || [in2] || [in3]) */
|| !EVP_MAC_update(ctx, hmac->V, hmac->blocklen)
|| !EVP_MAC_update(ctx, &inbyte, 1)
@@ -76,10 +72,7 @@ static int do_hmac(PROV_DRBG_HMAC *hmac, unsigned char inbyte,
return 0;
/* V = HMAC(K, V) */
- *params = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, hmac->K,
- hmac->blocklen);
- return EVP_MAC_CTX_set_params(ctx, params)
- && EVP_MAC_init(ctx)
+ return EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
&& EVP_MAC_update(ctx, hmac->V, hmac->blocklen)
&& EVP_MAC_final(ctx, hmac->V, NULL, sizeof(hmac->V));
}
@@ -150,10 +143,13 @@ static int drbg_hmac_instantiate(PROV_DRBG *drbg,
static int drbg_hmac_instantiate_wrapper(void *vdrbg, unsigned int strength,
int prediction_resistance,
const unsigned char *pstr,
- size_t pstr_len)
+ size_t pstr_len,
+ const OSSL_PARAM params[])
{
PROV_DRBG *drbg = (PROV_DRBG *)vdrbg;
+ if (!ossl_prov_is_running() || !drbg_hmac_set_ctx_params(drbg, params))
+ return 0;
return ossl_prov_drbg_instantiate(drbg, strength, prediction_resistance,
pstr, pstr_len);
}
@@ -202,7 +198,6 @@ static int drbg_hmac_generate(PROV_DRBG *drbg,
PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)drbg->data;
EVP_MAC_CTX *ctx = hmac->ctx;
const unsigned char *temp = hmac->V;
- OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
/* (Step 2) if adin != NULL then (K,V) = HMAC_DRBG_Update(adin, K, V) */
if (adin != NULL
@@ -218,10 +213,7 @@ static int drbg_hmac_generate(PROV_DRBG *drbg,
* }
*/
for (;;) {
- *params = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- hmac->K, hmac->blocklen);
- if (!EVP_MAC_CTX_set_params(ctx, params)
- || !EVP_MAC_init(ctx)
+ if (!EVP_MAC_init(ctx, hmac->K, hmac->blocklen, NULL)
|| !EVP_MAC_update(ctx, temp, hmac->blocklen))
return 0;
diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c
index b87aa0c6cd..ad315efb9b 100644
--- a/providers/implementations/rands/seed_src.c
+++ b/providers/implementations/rands/seed_src.c
@@ -70,7 +70,8 @@ static void seed_src_free(void *vseed)
static int seed_src_instantiate(void *vseed, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len)
+ const unsigned char *pstr, size_t pstr_len,
+ ossl_unused const OSSL_PARAM params[])
{
PROV_SEED_SRC *s = (PROV_SEED_SRC *)vseed;
diff --git a/providers/implementations/rands/test_rng.c b/providers/implementations/rands/test_rng.c
index d28f7e0937..1335de8681 100644
--- a/providers/implementations/rands/test_rng.c
+++ b/providers/implementations/rands/test_rng.c
@@ -79,11 +79,12 @@ static void test_rng_free(void *vtest)
static int test_rng_instantiate(void *vtest, unsigned int strength,
int prediction_resistance,
- const unsigned char *pstr, size_t pstr_len)
+ const unsigned char *pstr, size_t pstr_len,
+ const OSSL_PARAM params[])
{
PROV_TEST_RNG *t = (PROV_TEST_RNG *)vtest;
- if (strength > t->strength)
+ if (!test_rng_set_ctx_params(t, params) || strength > t->strength)
return 0;
t->state = EVP_RAND_STATE_READY;
diff --git a/providers/implementations/signature/mac_legacy.c b/providers/implementations/signature/mac_legacy.c
index 2386583069..fb99221f08 100644
--- a/providers/implementations/signature/mac_legacy.c
+++ b/providers/implementations/signature/mac_legacy.c
@@ -117,11 +117,11 @@ static int mac_digest_sign_init(void *vpmacctx, const char *mdname, void *vkey)
(char *)mdname,
(char *)engine,
pmacctx->key->properties,
- pmacctx->key->priv_key,
- pmacctx->key->priv_key_len))
+ NULL, 0))
return 0;
- if (!EVP_MAC_init(pmacctx->macctx))
+ if (!EVP_MAC_init(pmacctx->macctx, pmacctx->key->priv_key,
+ pmacctx->key->priv_key_len, NULL))
return 0;
return 1;
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 531872bfb0..bb0ee0c5d4 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -69,8 +69,7 @@ static int tls1_PRF(SSL *s,
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED,
(void *)seed5, (size_t)seed5_len);
*p = OSSL_PARAM_construct_end();
- if (EVP_KDF_CTX_set_params(kctx, params)
- && EVP_KDF_derive(kctx, out, olen)) {
+ if (EVP_KDF_derive(kctx, out, olen, params)) {
EVP_KDF_CTX_free(kctx);
return 1;
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ace890d915..4d66db9f9d 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3393,13 +3393,12 @@ EVP_MAC_CTX *ssl_hmac_get0_EVP_MAC_CTX(SSL_HMAC *ctx)
int ssl_hmac_init(SSL_HMAC *ctx, void *key, size_t len, char *md)
{
- OSSL_PARAM params[3], *p = params;
+ OSSL_PARAM params[2], *p = params;
if (ctx->ctx != NULL) {
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, md, 0);
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, key, len);
*p = OSSL_PARAM_construct_end();
- if (EVP_MAC_CTX_set_params(ctx->ctx, params) && EVP_MAC_init(ctx->ctx))
+ if (EVP_MAC_init(ctx->ctx, key, len, params))
return 1;
}
#ifndef OPENSSL_NO_DEPRECATED_3_0
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index c5b4dcc8d1..d48f305b01 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -105,8 +105,7 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
hkdflabel, hkdflabellen);
*p++ = OSSL_PARAM_construct_end();
- ret = EVP_KDF_CTX_set_params(kctx, params) <= 0
- || EVP_KDF_derive(kctx, out, outlen) <= 0;
+ ret = EVP_KDF_derive(kctx, out, outlen, params) <= 0;
EVP_KDF_CTX_free(kctx);
@@ -258,8 +257,7 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
prevsecretlen);
*p++ = OSSL_PARAM_construct_end();
- ret = EVP_KDF_CTX_set_params(kctx, params) <= 0
- || EVP_KDF_derive(kctx, outsecret, mdlen) <= 0;
+ ret = EVP_KDF_derive(kctx, outsecret, mdlen, params) <= 0;
if (ret != 0)
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
@@ -311,9 +309,10 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
EVP_MAC *hmac = EVP_MAC_fetch(s->ctx->libctx, "HMAC", s->ctx->propq);
unsigned char hash[EVP_MAX_MD_SIZE];
unsigned char finsecret[EVP_MAX_MD_SIZE];
+ unsigned char *key = NULL;
size_t hashlen, ret = 0;
EVP_MAC_CTX *ctx = NULL;
- OSSL_PARAM params[4], *p = params;
+ OSSL_PARAM params[3], *p = params;
if (hmac == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
@@ -327,6 +326,7 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_ALG_PARAM_PROPERTIES,
(char *)s->ctx->propq,
0);
+ *p = OSSL_PARAM_construct_end();
if (!ssl_handshake_hash(s, hash, sizeof(hash), &hashlen)) {
/* SSLfatal() already called */
@@ -334,28 +334,20 @@ size_t tls13_final_finish_mac(SSL *s, const char *str, size_t slen,
}
if (str == s->method->ssl3_enc->server_finished_label) {
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- s->server_finished_secret,
- hashlen);
+ key = s->server_finished_secret;
} else if (SSL_IS_FIRST_HANDSHAKE(s)) {
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- s->client_finished_secret,
- hashlen);
+ key = s->client_finished_secret;
} else {
if (!tls13_derive_finishedkey(s, ssl_handshake_md(s),
s->client_app_traffic_secret,
finsecret, hashlen))
goto err;
-
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, finsecret,
- hashlen);
+ key = finsecret;
}
- *p++ = OSSL_PARAM_construct_end();
ctx = EVP_MAC_CTX_new(hmac);
if (ctx == NULL
- || !EVP_MAC_CTX_set_params(ctx, params)
- || !EVP_MAC_init(ctx)
+ || !EVP_MAC_init(ctx, key, hashlen, params)
|| !EVP_MAC_update(ctx, hash, hashlen)
/* outsize as per sizeof(peer_finish_md) */
|| !EVP_MAC_final(ctx, out, &hashlen, EVP_MAX_MD_SIZE * 2)) {
diff --git a/test/acvp_test.c b/test/acvp_test.c
index 6d7360b5b6..dab75a8a13 100644
--- a/test/acvp_test.c
+++ b/test/acvp_test.c
@@ -1383,7 +1383,7 @@ static int drbg_test(int id)
* A NULL personalisation string defaults to the built in so something
* non-NULL is needed if there is no personalisation string
*/
- if (!TEST_true(EVP_RAND_instantiate(ctx, 0, 0, (void *)"", 0))
+ if (!TEST_true(EVP_RAND_instantiate(ctx, 0, 0, (void *)"", 0, NULL))
|| !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len,
0, 0, NULL, 0))
|| !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len,
diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c
index bfbaa7953a..0eef2a2239 100644
--- a/test/bad_dtls_test.c
+++ b/test/bad_dtls_test.c
@@ -286,7 +286,7 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
unsigned char iv[16];
unsigned char pad;
unsigned char *enc;
- OSSL_PARAM params[3];
+ OSSL_PARAM params[2];
seq[0] = (seqnr >> 40) & 0xff;
seq[1] = (seqnr >> 32) & 0xff;
@@ -309,11 +309,8 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
EVP_MAC_free(hmac);
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
"SHA1", 0);
- params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
- mac_key, 20);
- params[2] = OSSL_PARAM_construct_end();
- EVP_MAC_CTX_set_params(ctx, params);
- EVP_MAC_init(ctx);
+ params[1] = OSSL_PARAM_construct_end();
+ EVP_MAC_init(ctx, mac_key, 20, params);
EVP_MAC_update(ctx, epoch, 2);
EVP_MAC_update(ctx, seq, 6);
EVP_MAC_update(ctx, &type, 1);
diff --git a/test/drbgtest.c b/test/drbgtest.c
index 1276f726cc..07f123dce8 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -828,11 +828,11 @@ static int test_rand_prediction_resistance(void)
/* Initialise a three long DRBG chain */
if (!TEST_ptr(x = new_drbg(NULL))
|| !TEST_true(disable_crngt(x))
- || !TEST_true(EVP_RAND_instantiate(x, 0, 0, NULL, 0))
+ || !TEST_true(EVP_RAND_instantiate(x, 0, 0, NULL, 0, NULL))
|| !TEST_ptr(y = new_drbg(x))
- || !TEST_true(EVP_RAND_instantiate(y, 0, 0, NULL, 0))
+ || !TEST_true(EVP_RAND_instantiate(y, 0, 0, NULL, 0, NULL))
|| !TEST_ptr(z = new_drbg(y))
- || !TEST_true(EVP_RAND_instantiate(z, 0, 0, NULL, 0)))
+ || !TEST_true(EVP_RAND_instantiate(z, 0, 0, NULL, 0, NULL)))
goto err;
/*
diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c
index a1a2fadcce..0c1de95f95 100644
--- a/test/evp_kdf_test.c
+++ b/test/evp_kdf_test.c
@@ -61,8 +61,7 @@ static int test_kdf_tls1_prf(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -100,7 +99,7 @@ static int test_kdf_tls1_prf_zero_output_size(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
&& TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_eq(EVP_KDF_derive(kctx, out, 0), 0);
+ && TEST_int_eq(EVP_KDF_derive(kctx, out, 0, NULL), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -118,8 +117,7 @@ static int test_kdf_tls1_prf_empty_secret(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -137,8 +135,7 @@ static int test_kdf_tls1_prf_1byte_secret(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -158,7 +155,7 @@ static int test_kdf_tls1_prf_empty_seed(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
&& TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
+ && TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -176,8 +173,7 @@ static int test_kdf_tls1_prf_1byte_seed(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_TLS1_PRF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -217,8 +213,7 @@ static int test_kdf_hkdf(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -256,7 +251,7 @@ static int test_kdf_hkdf_zero_output_size(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
&& TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_eq(EVP_KDF_derive(kctx, out, 0), 0);
+ && TEST_int_eq(EVP_KDF_derive(kctx, out, 0, NULL), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -274,8 +269,7 @@ static int test_kdf_hkdf_empty_key(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -293,8 +287,7 @@ static int test_kdf_hkdf_1byte_key(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -312,8 +305,7 @@ static int test_kdf_hkdf_empty_salt(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_HKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0);
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -359,8 +351,7 @@ static int test_kdf_pbkdf2(void)
&iterations, &mode);
if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
- || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
|| !TEST_mem_eq(out, sizeof(out), expected, sizeof(expected)))
goto err;
@@ -387,7 +378,7 @@ static int test_kdf_pbkdf2_small_output(void)
if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
|| !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
/* A key length that is too small should fail */
- || !TEST_int_eq(EVP_KDF_derive(kctx, out, 112 / 8 - 1), 0))
+ || !TEST_int_eq(EVP_KDF_derive(kctx, out, 112 / 8 - 1, NULL), 0))
goto err;
ret = 1;
@@ -415,9 +406,9 @@ static int test_kdf_pbkdf2_large_output(void)
&iterations, &mode);
if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
- || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
/* A key length that is too large should fail */
- || (len != 0 && !TEST_int_eq(EVP_KDF_derive(kctx, out, len), 0)))
+ || !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
+ || (len != 0 && !TEST_int_eq(EVP_KDF_derive(kctx, out, len, NULL), 0)))
goto err;
ret = 1;
@@ -492,7 +483,7 @@ static int test_kdf_pbkdf2_small_salt_pkcs5(void)
if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
/* A salt that is too small should pass in pkcs5 mode */
|| !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
+ || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0))
goto err;
mode = 0;
@@ -501,7 +492,7 @@ static int test_kdf_pbkdf2_small_salt_pkcs5(void)
/* If the "pkcs5" mode is disabled then the derive will now fail */
if (!TEST_true(EVP_KDF_CTX_set_params(kctx, mode_params))
- || !TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
+ || !TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0))
goto err;
ret = 1;
@@ -528,7 +519,7 @@ static int test_kdf_pbkdf2_small_iterations_pkcs5(void)
if (!TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_PBKDF2))
/* An iteration count that is too small will pass in pkcs5 mode */
|| !TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
+ || !TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0))
goto err;
mode = 0;
@@ -537,7 +528,7 @@ static int test_kdf_pbkdf2_small_iterations_pkcs5(void)
/* If the "pkcs5" mode is disabled then the derive will now fail */
if (!TEST_true(EVP_KDF_CTX_set_params(kctx, mode_params))
- || !TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out)), 0))
+ || !TEST_int_eq(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0))
goto err;
ret = 1;
@@ -604,10 +595,10 @@ static int test_kdf_scrypt(void)
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SCRYPT))
&& TEST_true(EVP_KDF_CTX_set_params(kctx, params))
/* failure test *//*
- && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0)*/
+ && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)*/
&& TEST_true(OSSL_PARAM_set_uint(p - 1, 10 * 1024 * 1024))
&& TEST_true(EVP_KDF_CTX_set_params(kctx, p - 1))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), NULL), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -646,8 +637,7 @@ static int test_kdf_ss_hash(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -700,8 +690,7 @@ static int test_kdf_x963(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_X963KDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -756,8 +745,8 @@ static int test_kdf_kbkdf_6803_128(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result),
+ params), 0)
&& TEST_mem_eq(result, sizeof(result), outputs[i],
sizeof(outputs[i]));
EVP_KDF_CTX_free(kctx);
@@ -822,8 +811,8 @@ static int test_kdf_kbkdf_6803_256(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result),
+ params), 0)
&& TEST_mem_eq(result, sizeof(result), outputs[i],
sizeof(outputs[i]));
EVP_KDF_CTX_free(kctx);
@@ -913,7 +902,7 @@ static int test_kdf_kbkdf_empty_key(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
&& TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_eq(EVP_KDF_derive(kctx, result, sizeof(result)), 0);
+ && TEST_int_eq(EVP_KDF_derive(kctx, result, sizeof(result), NULL), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -933,8 +922,7 @@ static int test_kdf_kbkdf_1byte_key(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0);
+ && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result), params), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -956,7 +944,7 @@ static int test_kdf_kbkdf_zero_output_size(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
&& TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_eq(EVP_KDF_derive(kctx, result, 0), 0);
+ && TEST_int_eq(EVP_KDF_derive(kctx, result, 0, NULL), 0);
EVP_KDF_CTX_free(kctx);
OPENSSL_free(params);
@@ -998,8 +986,7 @@ static int test_kdf_kbkdf_8009_prf1(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result), params), 0)
&& TEST_mem_eq(result, sizeof(result), output, sizeof(output));
EVP_KDF_CTX_free(kctx);
@@ -1043,8 +1030,7 @@ static int test_kdf_kbkdf_8009_prf2(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result), params), 0)
&& TEST_mem_eq(result, sizeof(result), output, sizeof(output));
EVP_KDF_CTX_free(kctx);
@@ -1104,8 +1090,7 @@ static int test_kdf_kbkdf_fixedinfo(void)
kctx = get_kdfbyname("KBKDF");
ret = TEST_ptr(kctx)
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, result, sizeof(result), params), 0)
&& TEST_mem_eq(result, sizeof(result), output, sizeof(output));
EVP_KDF_CTX_free(kctx);
@@ -1147,8 +1132,7 @@ static int test_kdf_ss_hmac(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -1192,8 +1176,7 @@ static int test_kdf_ss_kmac(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -1250,8 +1233,7 @@ static int test_kdf_sshkdf(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_SSHKDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -1338,8 +1320,7 @@ static int test_kdf_x942_asn1(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_X942KDF_ASN1))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
@@ -1375,8 +1356,7 @@ static int test_kdf_krb5kdf(void)
ret =
TEST_ptr(kctx = get_kdfbyname(OSSL_KDF_NAME_KRB5KDF))
- && TEST_true(EVP_KDF_CTX_set_params(kctx, params))
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out), params), 0)
&& TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
diff --git a/test/evp_test.c b/test/evp_test.c
index d3b02a2e46..8c88f0937c 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1279,11 +1279,6 @@ static int mac_test_run_mac(EVP_TEST *t)
goto err;
}
}
- if (expected->key != NULL)
- params[params_n++] =
- OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- expected->key,
- expected->key_len);
if (expected->custom != NULL)
params[params_n++] =
OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_CUSTOM,
@@ -1339,11 +1334,7 @@ static int mac_test_run_mac(EVP_TEST *t)
goto err;
}
- if (!EVP_MAC_CTX_set_params(ctx, params)) {
- t->err = "MAC_BAD_PARAMS";
- goto err;
- }
- if (!EVP_MAC_init(ctx)) {
+ if (!EVP_MAC_init(ctx, expected->key, expected->key_len, params)) {
t->err = "MAC_INIT_ERROR";
goto err;
}
@@ -2268,16 +2259,15 @@ static int rand_test_run(EVP_TEST *t)
*p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
z, item->nonce_len);
*p = OSSL_PARAM_construct_end();
- if (!TEST_true(EVP_RAND_set_ctx_params(expected->parent, params))
- || !TEST_true(EVP_RAND_instantiate(expected->parent, strength,
- 0, NULL, 0)))
+ if (!TEST_true(EVP_RAND_instantiate(expected->parent, strength,
+ 0, NULL, 0, params)))
goto err;
z = item->pers != NULL ? item->pers : (unsigned char *)"";
if (!TEST_true(EVP_RAND_instantiate
(expected->ctx, strength,
expected->prediction_resistance, z,
- item->pers_len)))
+ item->pers_len, NULL)))
goto err;
if (item->reseed_entropy != NULL) {
@@ -2473,7 +2463,7 @@ static int kdf_test_run(EVP_TEST *t)
t->err = "INTERNAL_ERROR";
goto err;
}
- if (EVP_KDF_derive(expected->ctx, got, got_len) <= 0) {
+ if (EVP_KDF_derive(expected->ctx, got, got_len, NULL) <= 0) {
t->err = "KDF_DERIVE_ERROR";
goto err;
}
diff --git a/test/ossl_shim/ossl_shim.cc b/test/ossl_shim/ossl_shim.cc
index 380e6853c6..eff0b3eb9b 100644
--- a/test/ossl_shim/ossl_shim.cc
+++ b/test/ossl_shim/ossl_shim.cc
@@ -373,7 +373,7 @@ static int NewSessionCallback(SSL *ssl, SSL_SESSION *session) {
static int TicketKeyCallback(SSL *ssl, uint8_t *key_name, uint8_t *iv,
EVP_CIPHER_CTX *ctx, EVP_MAC_CTX *hmac_ctx,
int encrypt) {
- OSSL_PARAM params[3], *p = params;
+ OSSL_PARAM params[2], *p = params;
if (!encrypt) {
if (GetTestState(ssl)->ticket_decrypt_done) {
@@ -396,14 +396,10 @@ static int TicketKeyCallback(SSL *ssl, uint8_t *key_name, uint8_t *iv,
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
const_cast<char *>("SHA256"), 0);
- *p++ = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
- (void *)kZeros,
- sizeof(kZeros));
*p = OSSL_PARAM_construct_end();
if (!EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, kZeros, iv, encrypt)
- || !EVP_MAC_init(hmac_ctx)
- || !EVP_MAC_CTX_set_params(hmac_ctx, params)) {
+ || !EVP_MAC_init(hmac_ctx, kZeros, sizeof(kZeros), params)) {
return -1;
}
diff --git a/test/recipes/30-test_evp_data/evpmac_blake.txt b/test/recipes/30-test_evp_data/evpmac_blake.txt
index ad5836a175..416d6b25dd 100644
--- a/test/recipes/30-test_evp_data/evpmac_blake.txt
+++ b/test/recipes/30-test_evp_data/evpmac_blake.txt
@@ -169,7 +169,7 @@ Output = 233a6c732212f4813ec4c9f357e35297e59a652fd24155205f00363f7c54734ee1e8c73
MAC = BLAKE2BMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
Ctrl = size:128
-Result = MAC_BAD_PARAMS
+Result = MAC_INIT_ERROR
MAC = BLAKE2BMAC
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
@@ -225,7 +225,7 @@ Output = e9f7704dfe5080a4aafe62a806f53ea7f98ffc24175164158f18ec5497b961f5
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f
Ctrl = size:64
-Result = MAC_BAD_PARAMS
+Result = MAC_INIT_ERROR
MAC = BLAKE2SMAC
Key = 000102030405060708090a0b0c0d0e0f
diff --git a/test/recipes/30-test_evp_data/evpmac_common.txt b/test/recipes/30-test_evp_data/evpmac_common.txt
index dcea924695..67a0d3482d 100644
--- a/test/recipes/30-test_evp_data/evpmac_common.txt
+++ b/test/recipes/30-test_evp_data/evpmac_common.txt
@@ -213,7 +213,7 @@ MAC = HMAC
Algorithm = SHAKE128
Input = "Test that SHAKE128 fails"
Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
-Result = MAC_BAD_PARAMS
+Result = MAC_INIT_ERROR
Title = CMAC tests (from FIPS module)
diff --git a/test/recipes/30-test_evp_data/evpmac_siphash.txt b/test/recipes/30-test_evp_data/evpmac_siphash.txt
index 2e24f8b1e5..028b2d656f 100644
--- a/test/recipes/30-test_evp_data/evpmac_siphash.txt
+++ b/test/recipes/30-test_evp_data/evpmac_siphash.txt
@@ -155,7 +155,7 @@ Output = 5150d1772f50834a503e069a973fbd7c
MAC = SipHash
Ctrl = size:13
Key = 000102030405060708090A0B0C0D0E0F
-Result = MAC_BAD_PARAMS
+Result = MAC_INIT_ERROR
# SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size)
# by EVP_PKEY this time
@@ -164,3 +164,24 @@ MAC = SipHash by EVP_PKEY
Ctrl = size:13
Key = 000102030405060708090A0B0C0D0E0F
Result = EVPPKEYCTXCTRL_ERROR
+
+Title = SIPHASH - explicit rounds
+
+MAC = SipHash
+Ctrl = size:0
+Ctrl = c-rounds:2
+Ctrl = d-rounds:4
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
+Output = 5150d1772f50834a503e069a973fbd7c
+
+# Generated by the reference implementation
+Title = SIPHASH - non-default values: 4,8 rounds
+
+MAC = SipHash
+Ctrl = size:8
+Ctrl = c-rounds:4
+Ctrl = d-rounds:8
+Key = 000102030405060708090A0B0C0D0E0F
+Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E
+Output = E67784BC5503DE23
diff --git a/test/sslapitest.c b/test/sslapitest.c
index b6eb6c16db..3fa60538e9 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -6858,7 +6858,7 @@ static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
{
const unsigned char tick_aes_key[16] = "0123456789abcdef";
unsigned char tick_hmac_key[16] = "0123456789abcdef";
- OSSL_PARAM params[3];
+ OSSL_PARAM params[2];
EVP_CIPHER *aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL);
int ret;
@@ -6867,14 +6867,11 @@ static int tick_key_evp_cb(SSL *s, unsigned char key_name[16],
memset(key_name, 0, 16);
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
"SHA256", 0);
- params[1] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
- tick_hmac_key,
- sizeof(tick_hmac_key));
- params[2] = OSSL_PARAM_construct_end();
+ params[1] = OSSL_PARAM_construct_end();
if (aes128cbc == NULL
|| !EVP_CipherInit_ex(ctx, aes128cbc, NULL, tick_aes_key, iv, enc)
- || !EVP_MAC_CTX_set_params(hctx, params)
- || !EVP_MAC_init(hctx))
+ || !EVP_MAC_init(hctx, tick_hmac_key, sizeof(tick_hmac_key),
+ params))
ret = -1;
else
ret = tick_key_renew ? 2 : 1;
diff --git a/test/testutil/fake_random.c b/test/testutil/fake_random.c
index 9d9b10feb1..f8b97d2287 100644
--- a/test/testutil/fake_random.c
+++ b/test/testutil/fake_random.c
@@ -48,7 +48,8 @@ static void fake_rand_freectx(void *vrng)
static int fake_rand_instantiate(void *vrng, ossl_unused unsigned int strength,
ossl_unused int prediction_resistance,
ossl_unused const unsigned char *pstr,
- size_t pstr_len)
+ size_t pstr_len,
+ ossl_unused const OSSL_PARAM params[])
{
FAKE_RAND *frng = (FAKE_RAND *)vrng;
More information about the openssl-commits
mailing list