summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortb <>2022-05-04 18:56:34 +0000
committertb <>2022-05-04 18:56:34 +0000
commitf0d9959720b55426dfdd7bbd2b125370cfb94ad1 (patch)
treeba15d10ff36cb0e1baf8b5068af797555a402e02
parent79383f3a7188f4266d3f0a219c4263c5392cc265 (diff)
downloadopenbsd-f0d9959720b55426dfdd7bbd2b125370cfb94ad1.tar.gz
openbsd-f0d9959720b55426dfdd7bbd2b125370cfb94ad1.tar.bz2
openbsd-f0d9959720b55426dfdd7bbd2b125370cfb94ad1.zip
KNF according to knfmt(1)
Diffstat
-rw-r--r--src/lib/libcrypto/kdf/hkdf_evp.c480
-rw-r--r--src/lib/libcrypto/kdf/kdf_err.c83
2 files changed, 288 insertions, 275 deletions
diff --git a/src/lib/libcrypto/kdf/hkdf_evp.c b/src/lib/libcrypto/kdf/hkdf_evp.c
index 033718c626..85ed2d5e42 100644
--- a/src/lib/libcrypto/kdf/hkdf_evp.c
+++ b/src/lib/libcrypto/kdf/hkdf_evp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: hkdf_evp.c,v 1.4 2022/05/04 18:49:50 tb Exp $ */ 1/* $OpenBSD: hkdf_evp.c,v 1.5 2022/05/04 18:56:34 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2016-2018 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2016-2018 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -58,335 +58,347 @@
58#define HKDF_MAXBUF 1024 58#define HKDF_MAXBUF 1024
59 59
60static unsigned char *HKDF(const EVP_MD *evp_md, 60static unsigned char *HKDF(const EVP_MD *evp_md,
61 const unsigned char *salt, size_t salt_len, 61 const unsigned char *salt, size_t salt_len,
62 const unsigned char *key, size_t key_len, 62 const unsigned char *key, size_t key_len,
63 const unsigned char *info, size_t info_len, 63 const unsigned char *info, size_t info_len,
64 unsigned char *okm, size_t okm_len); 64 unsigned char *okm, size_t okm_len);
65 65
66static unsigned char *HKDF_Extract(const EVP_MD *evp_md, 66static unsigned char *HKDF_Extract(const EVP_MD *evp_md,
67 const unsigned char *salt, size_t salt_len, 67 const unsigned char *salt, size_t salt_len,
68 const unsigned char *key, size_t key_len, 68 const unsigned char *key, size_t key_len,
69 unsigned char *prk, size_t *prk_len); 69 unsigned char *prk, size_t *prk_len);
70 70
71static unsigned char *HKDF_Expand(const EVP_MD *evp_md, 71static unsigned char *HKDF_Expand(const EVP_MD *evp_md,
72 const unsigned char *prk, size_t prk_len, 72 const unsigned char *prk, size_t prk_len,
73 const unsigned char *info, size_t info_len, 73 const unsigned char *info, size_t info_len,
74 unsigned char *okm, size_t okm_len); 74 unsigned char *okm, size_t okm_len);
75 75
76typedef struct { 76typedef struct {
77 int mode; 77 int mode;
78 const EVP_MD *md; 78 const EVP_MD *md;
79 unsigned char *salt; 79 unsigned char *salt;
80 size_t salt_len; 80 size_t salt_len;
81 unsigned char *key; 81 unsigned char *key;
82 size_t key_len; 82 size_t key_len;
83 unsigned char info[HKDF_MAXBUF]; 83 unsigned char info[HKDF_MAXBUF];
84 size_t info_len; 84 size_t info_len;
85} HKDF_PKEY_CTX; 85} HKDF_PKEY_CTX;
86 86
87static int pkey_hkdf_init(EVP_PKEY_CTX *ctx) 87static int
88pkey_hkdf_init(EVP_PKEY_CTX *ctx)
88{ 89{
89 HKDF_PKEY_CTX *kctx; 90 HKDF_PKEY_CTX *kctx;
90 91
91 if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) { 92 if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) {
92 KDFerr(KDF_F_PKEY_HKDF_INIT, ERR_R_MALLOC_FAILURE); 93 KDFerr(KDF_F_PKEY_HKDF_INIT, ERR_R_MALLOC_FAILURE);
93 return 0; 94 return 0;
94 } 95 }
95 96
96 ctx->data = kctx; 97 ctx->data = kctx;
97 98
98 return 1; 99 return 1;
99} 100}
100 101
101static void pkey_hkdf_cleanup(EVP_PKEY_CTX *ctx) 102static void
103pkey_hkdf_cleanup(EVP_PKEY_CTX *ctx)
102{ 104{
103 HKDF_PKEY_CTX *kctx = ctx->data; 105 HKDF_PKEY_CTX *kctx = ctx->data;
104 OPENSSL_clear_free(kctx->salt, kctx->salt_len); 106 OPENSSL_clear_free(kctx -> salt, kctx -> salt_len);
105 OPENSSL_clear_free(kctx->key, kctx->key_len); 107 OPENSSL_clear_free(kctx -> key, kctx -> key_len);
106 OPENSSL_cleanse(kctx->info, kctx->info_len); 108 OPENSSL_cleanse(kctx -> info, kctx -> info_len);
107 OPENSSL_free(kctx); 109 OPENSSL_free(kctx);
108} 110}
109 111
110static int pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) 112static int
113pkey_hkdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
111{ 114{
112 HKDF_PKEY_CTX *kctx = ctx->data; 115 HKDF_PKEY_CTX *kctx = ctx->data;
113 116
114 switch (type) { 117 switch (type) {
115 case EVP_PKEY_CTRL_HKDF_MD: 118 case EVP_PKEY_CTRL_HKDF_MD:
116 if (p2 == NULL) 119 if (p2 == NULL)
117 return 0; 120 return 0;
118 121
119 kctx->md = p2; 122 kctx->md = p2;
120 return 1; 123 return 1;
121 124
122 case EVP_PKEY_CTRL_HKDF_MODE: 125 case EVP_PKEY_CTRL_HKDF_MODE:
123 kctx->mode = p1; 126 kctx->mode = p1;
124 return 1; 127 return 1;
125 128
126 case EVP_PKEY_CTRL_HKDF_SALT: 129 case EVP_PKEY_CTRL_HKDF_SALT:
127 if (p1 == 0 || p2 == NULL) 130 if (p1 == 0 || p2 == NULL)
128 return 1; 131 return 1;
129 132
130 if (p1 < 0) 133 if (p1 < 0)
131 return 0; 134 return 0;
132 135
133 if (kctx->salt != NULL) 136 if (kctx->salt != NULL)
134 OPENSSL_clear_free(kctx->salt, kctx->salt_len); 137 OPENSSL_clear_free(kctx->salt, kctx->salt_len);
135 138
136 kctx->salt = OPENSSL_memdup(p2, p1); 139 kctx->salt = OPENSSL_memdup(p2, p1);
137 if (kctx->salt == NULL) 140 if (kctx->salt == NULL)
138 return 0; 141 return 0;
139 142
140 kctx->salt_len = p1; 143 kctx->salt_len = p1;
141 return 1; 144 return 1;
142 145
143 case EVP_PKEY_CTRL_HKDF_KEY: 146 case EVP_PKEY_CTRL_HKDF_KEY:
144 if (p1 < 0) 147 if (p1 < 0)
145 return 0; 148 return 0;
146 149
147 if (kctx->key != NULL) 150 if (kctx->key != NULL)
148 OPENSSL_clear_free(kctx->key, kctx->key_len); 151 OPENSSL_clear_free(kctx->key, kctx->key_len);
149 152
150 kctx->key = OPENSSL_memdup(p2, p1); 153 kctx->key = OPENSSL_memdup(p2, p1);
151 if (kctx->key == NULL) 154 if (kctx->key == NULL)
152 return 0; 155 return 0;
153 156
154 kctx->key_len = p1; 157 kctx->key_len = p1;
155 return 1; 158 return 1;
156 159
157 case EVP_PKEY_CTRL_HKDF_INFO: 160 case EVP_PKEY_CTRL_HKDF_INFO:
158 if (p1 == 0 || p2 == NULL) 161 if (p1 == 0 || p2 == NULL)
159 return 1; 162 return 1;
160 163
161 if (p1 < 0 || p1 > (int)(HKDF_MAXBUF - kctx->info_len)) 164 if (p1 < 0 || p1 > (int)(HKDF_MAXBUF - kctx->info_len))
162 return 0; 165 return 0;
163 166
164 memcpy(kctx->info + kctx->info_len, p2, p1); 167 memcpy(kctx->info + kctx->info_len, p2, p1);
165 kctx->info_len += p1; 168 kctx->info_len += p1;
166 return 1; 169 return 1;
167 170
168 default: 171 default:
169 return -2; 172 return -2;
170 173 }
171 }
172} 174}
173 175
174static int pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, 176static int
175 const char *value) 177pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
178 const char *value)
176{ 179{
177 if (strcmp(type, "mode") == 0) { 180 if (strcmp(type, "mode") == 0) {
178 int mode; 181 int mode;
179 182
180 if (strcmp(value, "EXTRACT_AND_EXPAND") == 0) 183 if (strcmp(value, "EXTRACT_AND_EXPAND") == 0)
181 mode = EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND; 184 mode = EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND;
182 else if (strcmp(value, "EXTRACT_ONLY") == 0) 185 else if (strcmp(value, "EXTRACT_ONLY") == 0)
183 mode = EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY; 186 mode = EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY;
184 else if (strcmp(value, "EXPAND_ONLY") == 0) 187 else if (strcmp(value, "EXPAND_ONLY") == 0)
185 mode = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY; 188 mode = EVP_PKEY_HKDEF_MODE_EXPAND_ONLY;
186 else 189 else
187 return 0; 190 return 0;
188 191
189 return EVP_PKEY_CTX_hkdf_mode(ctx, mode); 192 return EVP_PKEY_CTX_hkdf_mode(ctx, mode);
190 } 193 }
191 194
192 if (strcmp(type, "md") == 0) 195 if (strcmp(type, "md") == 0)
193 return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_DERIVE, 196 return EVP_PKEY_CTX_md(ctx, EVP_PKEY_OP_DERIVE,
194 EVP_PKEY_CTRL_HKDF_MD, value); 197 EVP_PKEY_CTRL_HKDF_MD, value);
195 198
196 if (strcmp(type, "salt") == 0) 199 if (strcmp(type, "salt") == 0)
197 return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); 200 return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT,
201 value);
198 202
199 if (strcmp(type, "hexsalt") == 0) 203 if (strcmp(type, "hexsalt") == 0)
200 return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT, value); 204 return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_SALT,
205 value);
201 206
202 if (strcmp(type, "key") == 0) 207 if (strcmp(type, "key") == 0)
203 return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); 208 return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value);
204 209
205 if (strcmp(type, "hexkey") == 0) 210 if (strcmp(type, "hexkey") == 0)
206 return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value); 211 return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_KEY, value);
207 212
208 if (strcmp(type, "info") == 0) 213 if (strcmp(type, "info") == 0)
209 return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); 214 return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO,
215 value);
210 216
211 if (strcmp(type, "hexinfo") == 0) 217 if (strcmp(type, "hexinfo") == 0)
212 return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO, value); 218 return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_HKDF_INFO,
219 value);
213 220
214 KDFerr(KDF_F_PKEY_HKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE); 221 KDFerr(KDF_F_PKEY_HKDF_CTRL_STR, KDF_R_UNKNOWN_PARAMETER_TYPE);
215 return -2; 222 return -2;
216} 223}
217 224
218static int pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx) 225static int
226pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx)
219{ 227{
220 HKDF_PKEY_CTX *kctx = ctx->data; 228 HKDF_PKEY_CTX *kctx = ctx->data;
221 229
222 OPENSSL_clear_free(kctx->key, kctx->key_len); 230 OPENSSL_clear_free(kctx->key, kctx->key_len);
223 OPENSSL_clear_free(kctx->salt, kctx->salt_len); 231 OPENSSL_clear_free(kctx->salt, kctx->salt_len);
224 OPENSSL_cleanse(kctx->info, kctx->info_len); 232 OPENSSL_cleanse(kctx->info, kctx->info_len);
225 memset(kctx, 0, sizeof(*kctx)); 233 memset(kctx, 0, sizeof(*kctx));
226 234
227 return 1; 235 return 1;
228} 236}
229 237
230static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, 238static int
231 size_t *keylen) 239pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
240 size_t *keylen)
232{ 241{
233 HKDF_PKEY_CTX *kctx = ctx->data; 242 HKDF_PKEY_CTX *kctx = ctx->data;
234 243
235 if (kctx->md == NULL) { 244 if (kctx->md == NULL) {
236 KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); 245 KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST);
237 return 0; 246 return 0;
238 } 247 }
239 if (kctx->key == NULL) { 248 if (kctx->key == NULL) {
240 KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_KEY); 249 KDFerr(KDF_F_PKEY_HKDF_DERIVE, KDF_R_MISSING_KEY);
241 return 0; 250 return 0;
242 } 251 }
243 252
244 switch (kctx->mode) { 253 switch (kctx->mode) {
245 case EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: 254 case EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND:
246 return HKDF(kctx->md, kctx->salt, kctx->salt_len, kctx->key, 255 return HKDF(kctx->md, kctx->salt, kctx->salt_len, kctx->key,
247 kctx->key_len, kctx->info, kctx->info_len, key, 256 kctx->key_len, kctx->info, kctx->info_len, key,
248 *keylen) != NULL; 257 *keylen) != NULL;
249 258
250 case EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: 259 case EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY:
251 if (key == NULL) { 260 if (key == NULL) {
252 *keylen = EVP_MD_size(kctx->md); 261 *keylen = EVP_MD_size(kctx->md);
253 return 1; 262 return 1;
254 } 263 }
255 return HKDF_Extract(kctx->md, kctx->salt, kctx->salt_len, kctx->key, 264 return HKDF_Extract(kctx->md, kctx->salt, kctx->salt_len,
256 kctx->key_len, key, keylen) != NULL; 265 kctx->key, kctx->key_len, key, keylen) != NULL;
257 266
258 case EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: 267 case EVP_PKEY_HKDEF_MODE_EXPAND_ONLY:
259 return HKDF_Expand(kctx->md, kctx->key, kctx->key_len, kctx->info, 268 return HKDF_Expand(kctx->md, kctx->key, kctx->key_len,
260 kctx->info_len, key, *keylen) != NULL; 269 kctx->info, kctx->info_len, key, *keylen) != NULL;
261 270
262 default: 271 default:
263 return 0; 272 return 0;
264 } 273 }
265} 274}
266 275
267const EVP_PKEY_METHOD hkdf_pkey_meth = { 276const EVP_PKEY_METHOD hkdf_pkey_meth = {
268 EVP_PKEY_HKDF, 277 EVP_PKEY_HKDF,
269 0, 278 0,
270 pkey_hkdf_init, 279 pkey_hkdf_init,
271 0, 280 0,
272 pkey_hkdf_cleanup, 281 pkey_hkdf_cleanup,
273 282
274 0, 0, 283 0, 0,
275 0, 0, 284 0, 0,
276 285
277 0, 286 0,
278 0, 287 0,
279 288
280 0, 289 0,
281 0, 290 0,
282 291
283 0, 0, 292 0, 0,
284 293
285 0, 0, 0, 0, 294 0, 0, 0, 0,
286 295
287 0, 0, 296 0, 0,
288 297
289 0, 0, 298 0, 0,
290 299
291 pkey_hkdf_derive_init, 300 pkey_hkdf_derive_init,
292 pkey_hkdf_derive, 301 pkey_hkdf_derive,
293 pkey_hkdf_ctrl, 302 pkey_hkdf_ctrl,
294 pkey_hkdf_ctrl_str 303 pkey_hkdf_ctrl_str
295}; 304};
296 305
297static unsigned char *HKDF(const EVP_MD *evp_md, 306static unsigned char *
298 const unsigned char *salt, size_t salt_len, 307HKDF(const EVP_MD *evp_md,
299 const unsigned char *key, size_t key_len, 308 const unsigned char *salt, size_t salt_len,
300 const unsigned char *info, size_t info_len, 309 const unsigned char *key, size_t key_len,
301 unsigned char *okm, size_t okm_len) 310 const unsigned char *info, size_t info_len,
311 unsigned char *okm, size_t okm_len)
302{ 312{
303 unsigned char prk[EVP_MAX_MD_SIZE]; 313 unsigned char prk[EVP_MAX_MD_SIZE];
304 unsigned char *ret; 314 unsigned char *ret;
305 size_t prk_len; 315 size_t prk_len;
306 316
307 if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, &prk_len)) 317 if (!HKDF_Extract(evp_md, salt, salt_len, key, key_len, prk, &prk_len))
308 return NULL; 318 return NULL;
309 319
310 ret = HKDF_Expand(evp_md, prk, prk_len, info, info_len, okm, okm_len); 320 ret = HKDF_Expand(evp_md, prk, prk_len, info, info_len, okm, okm_len);
311 OPENSSL_cleanse(prk, sizeof(prk)); 321 OPENSSL_cleanse(prk, sizeof(prk));
312 322
313 return ret; 323 return ret;
314} 324}
315 325
316static unsigned char *HKDF_Extract(const EVP_MD *evp_md, 326static unsigned char *
317 const unsigned char *salt, size_t salt_len, 327HKDF_Extract(const EVP_MD *evp_md,
318 const unsigned char *key, size_t key_len, 328 const unsigned char *salt, size_t salt_len,
319 unsigned char *prk, size_t *prk_len) 329 const unsigned char *key, size_t key_len,
330 unsigned char *prk, size_t *prk_len)
320{ 331{
321 unsigned int tmp_len; 332 unsigned int tmp_len;
322 333
323 if (!HMAC(evp_md, salt, salt_len, key, key_len, prk, &tmp_len)) 334 if (!HMAC(evp_md, salt, salt_len, key, key_len, prk, &tmp_len))
324 return NULL; 335 return NULL;
325 336
326 *prk_len = tmp_len; 337 *prk_len = tmp_len;
327 return prk; 338 return prk;
328} 339}
329 340
330static unsigned char *HKDF_Expand(const EVP_MD *evp_md, 341static unsigned char *
331 const unsigned char *prk, size_t prk_len, 342HKDF_Expand(const EVP_MD *evp_md,
332 const unsigned char *info, size_t info_len, 343 const unsigned char *prk, size_t prk_len,
333 unsigned char *okm, size_t okm_len) 344 const unsigned char *info, size_t info_len,
345 unsigned char *okm, size_t okm_len)
334{ 346{
335 HMAC_CTX *hmac; 347 HMAC_CTX *hmac;
336 unsigned char *ret = NULL; 348 unsigned char *ret = NULL;
337 349
338 unsigned int i; 350 unsigned int i;
339 351
340 unsigned char prev[EVP_MAX_MD_SIZE]; 352 unsigned char prev[EVP_MAX_MD_SIZE];
341 353
342 size_t done_len = 0, dig_len = EVP_MD_size(evp_md); 354 size_t done_len = 0, dig_len = EVP_MD_size(evp_md);
343 355
344 size_t n = okm_len / dig_len; 356 size_t n = okm_len / dig_len;
345 if (okm_len % dig_len) 357 if (okm_len % dig_len)
346 n++; 358 n++;
347 359
348 if (n > 255 || okm == NULL) 360 if (n > 255 || okm == NULL)
349 return NULL; 361 return NULL;
350 362
351 if ((hmac = HMAC_CTX_new()) == NULL) 363 if ((hmac = HMAC_CTX_new()) == NULL)
352 return NULL; 364 return NULL;
353 365
354 if (!HMAC_Init_ex(hmac, prk, prk_len, evp_md, NULL)) 366 if (!HMAC_Init_ex(hmac, prk, prk_len, evp_md, NULL))
355 goto err; 367 goto err;
356 368
357 for (i = 1; i <= n; i++) { 369 for (i = 1; i <= n; i++) {
358 size_t copy_len; 370 size_t copy_len;
359 const unsigned char ctr = i; 371 const unsigned char ctr = i;
360 372
361 if (i > 1) { 373 if (i > 1) {
362 if (!HMAC_Init_ex(hmac, NULL, 0, NULL, NULL)) 374 if (!HMAC_Init_ex(hmac, NULL, 0, NULL, NULL))
363 goto err; 375 goto err;
364 376
365 if (!HMAC_Update(hmac, prev, dig_len)) 377 if (!HMAC_Update(hmac, prev, dig_len))
366 goto err; 378 goto err;
367 } 379 }
368 380
369 if (!HMAC_Update(hmac, info, info_len)) 381 if (!HMAC_Update(hmac, info, info_len))
370 goto err; 382 goto err;
371 383
372 if (!HMAC_Update(hmac, &ctr, 1)) 384 if (!HMAC_Update(hmac, &ctr, 1))
373 goto err; 385 goto err;
374 386
375 if (!HMAC_Final(hmac, prev, NULL)) 387 if (!HMAC_Final(hmac, prev, NULL))
376 goto err; 388 goto err;
377 389
378 copy_len = (done_len + dig_len > okm_len) ? 390 copy_len = (done_len + dig_len > okm_len) ?
379 okm_len - done_len : 391 okm_len - done_len :
380 dig_len; 392 dig_len;
381 393
382 memcpy(okm + done_len, prev, copy_len); 394 memcpy(okm + done_len, prev, copy_len);
383 395
384 done_len += copy_len; 396 done_len += copy_len;
385 } 397 }
386 ret = okm; 398 ret = okm;
387 399
388 err: 400 err:
389 OPENSSL_cleanse(prev, sizeof(prev)); 401 OPENSSL_cleanse(prev, sizeof(prev));
390 HMAC_CTX_free(hmac); 402 HMAC_CTX_free(hmac);
391 return ret; 403 return ret;
392} 404}
diff --git a/src/lib/libcrypto/kdf/kdf_err.c b/src/lib/libcrypto/kdf/kdf_err.c
index a3f0f92581..f3e3fb8339 100644
--- a/src/lib/libcrypto/kdf/kdf_err.c
+++ b/src/lib/libcrypto/kdf/kdf_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kdf_err.c,v 1.4 2022/05/04 18:49:50 tb Exp $ */ 1/* $OpenBSD: kdf_err.c,v 1.5 2022/05/04 18:56:34 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -64,54 +64,55 @@
64#ifndef OPENSSL_NO_ERR 64#ifndef OPENSSL_NO_ERR
65 65
66static const ERR_STRING_DATA KDF_str_functs[] = { 66static const ERR_STRING_DATA KDF_str_functs[] = {
67 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, 67 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"},
68 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, 68 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"},
69 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, 69 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"},
70 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_CTRL_STR, 0), 70 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_CTRL_STR, 0),
71 "pkey_scrypt_ctrl_str"}, 71 "pkey_scrypt_ctrl_str"},
72 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_CTRL_UINT64, 0), 72 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_CTRL_UINT64, 0),
73 "pkey_scrypt_ctrl_uint64"}, 73 "pkey_scrypt_ctrl_uint64"},
74 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_DERIVE, 0), "pkey_scrypt_derive"}, 74 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_DERIVE, 0), "pkey_scrypt_derive"},
75 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_INIT, 0), "pkey_scrypt_init"}, 75 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_INIT, 0), "pkey_scrypt_init"},
76 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_SET_MEMBUF, 0), 76 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_SET_MEMBUF, 0),
77 "pkey_scrypt_set_membuf"}, 77 "pkey_scrypt_set_membuf"},
78 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0), 78 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0),
79 "pkey_tls1_prf_ctrl_str"}, 79 "pkey_tls1_prf_ctrl_str"},
80 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), 80 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0),
81 "pkey_tls1_prf_derive"}, 81 "pkey_tls1_prf_derive"},
82 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, 82 {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"},
83 {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"}, 83 {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "tls1_prf_alg"},
84 {0, NULL} 84 {0, NULL}
85}; 85};
86 86
87static const ERR_STRING_DATA KDF_str_reasons[] = { 87static const ERR_STRING_DATA KDF_str_reasons[] = {
88 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, 88 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"},
89 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_ITERATION_COUNT), 89 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_ITERATION_COUNT),
90 "missing iteration count"}, 90 "missing iteration count"},
91 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, 91 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"},
92 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), 92 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST),
93 "missing message digest"}, 93 "missing message digest"},
94 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PARAMETER), "missing parameter"}, 94 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PARAMETER), "missing parameter"},
95 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PASS), "missing pass"}, 95 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PASS), "missing pass"},
96 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SALT), "missing salt"}, 96 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SALT), "missing salt"},
97 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, 97 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"},
98 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, 98 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"},
99 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), 99 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE),
100 "unknown parameter type"}, 100 "unknown parameter type"},
101 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"}, 101 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_ERROR), "value error"},
102 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, 102 {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"},
103 {0, NULL} 103 {0, NULL}
104}; 104};
105 105
106#endif 106#endif
107 107
108int ERR_load_KDF_strings(void) 108int
109ERR_load_KDF_strings(void)
109{ 110{
110#ifndef OPENSSL_NO_ERR 111#ifndef OPENSSL_NO_ERR
111 if (ERR_func_error_string(KDF_str_functs[0].error) == NULL) { 112 if (ERR_func_error_string(KDF_str_functs[0].error) == NULL) {
112 ERR_load_strings_const(KDF_str_functs); 113 ERR_load_strings_const(KDF_str_functs);
113 ERR_load_strings_const(KDF_str_reasons); 114 ERR_load_strings_const(KDF_str_reasons);
114 } 115 }
115#endif 116#endif
116 return 1; 117 return 1;
117} 118}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 05:37:16 +0000