diff options
| author | tb <> | 2024-04-17 13:56:36 +0000 |
|---|---|---|
| committer | tb <> | 2024-04-17 13:56:36 +0000 |
| commit | 99a43012a8f0a03ed1e849715108514314388aea (patch) | |
| tree | 5a0cd526f5d7652bc3fc0b24e5c29aac7e7e13a9 /src | |
| parent | 6fbacb82c0b080050ecaf737025ed8fb0d79f203 (diff) | |
| download | openbsd-99a43012a8f0a03ed1e849715108514314388aea.tar.gz openbsd-99a43012a8f0a03ed1e849715108514314388aea.tar.bz2 openbsd-99a43012a8f0a03ed1e849715108514314388aea.zip | |
ecdh_cms_encrypt: simplify setting the KDF type
It is much simpler to avoid the key_type variable altogether and inline
its use. Also it makes no sense to have 15 unrelated lines between the
getting of the kdf type, checking its content, and then actually setting
it to EVP_PKEY_ECDH_KDF_X9_63.
ok jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_ameth.c | 19 |
1 files changed, 6 insertions, 13 deletions
diff --git a/src/lib/libcrypto/ec/ec_ameth.c b/src/lib/libcrypto/ec/ec_ameth.c index 38d5a0d1e1..aa18a68234 100644 --- a/src/lib/libcrypto/ec/ec_ameth.c +++ b/src/lib/libcrypto/ec/ec_ameth.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_ameth.c,v 1.58 2024/04/17 13:54:39 tb Exp $ */ | 1 | /* $OpenBSD: ec_ameth.c,v 1.59 2024/04/17 13:56:36 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006. | 3 | * project 2006. |
| 4 | */ | 4 | */ |
| @@ -921,7 +921,7 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) | |||
| 921 | ASN1_OCTET_STRING *ukm; | 921 | ASN1_OCTET_STRING *ukm; |
| 922 | unsigned char *penc = NULL; | 922 | unsigned char *penc = NULL; |
| 923 | int penclen; | 923 | int penclen; |
| 924 | int ecdh_nid, kdf_type, kdf_nid, wrap_nid; | 924 | int ecdh_nid, kdf_nid, wrap_nid; |
| 925 | const EVP_MD *kdf_md; | 925 | const EVP_MD *kdf_md; |
| 926 | int ret = 0; | 926 | int ret = 0; |
| 927 | 927 | ||
| @@ -953,10 +953,11 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) | |||
| 953 | goto err; | 953 | goto err; |
| 954 | } | 954 | } |
| 955 | 955 | ||
| 956 | /* See if custom parameters set */ | 956 | if (EVP_PKEY_CTX_get_ecdh_kdf_type(pctx) != EVP_PKEY_ECDH_KDF_NONE) |
| 957 | kdf_type = EVP_PKEY_CTX_get_ecdh_kdf_type(pctx); | ||
| 958 | if (kdf_type <= 0) | ||
| 959 | goto err; | 957 | goto err; |
| 958 | if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) | ||
| 959 | goto err; | ||
| 960 | |||
| 960 | if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) | 961 | if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) |
| 961 | goto err; | 962 | goto err; |
| 962 | ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx); | 963 | ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx); |
| @@ -967,14 +968,6 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) | |||
| 967 | else if (ecdh_nid == 1) | 968 | else if (ecdh_nid == 1) |
| 968 | ecdh_nid = NID_dh_cofactor_kdf; | 969 | ecdh_nid = NID_dh_cofactor_kdf; |
| 969 | 970 | ||
| 970 | if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) { | ||
| 971 | kdf_type = EVP_PKEY_ECDH_KDF_X9_63; | ||
| 972 | if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0) | ||
| 973 | goto err; | ||
| 974 | } else { | ||
| 975 | /* Unknown KDF */ | ||
| 976 | goto err; | ||
| 977 | } | ||
| 978 | if (kdf_md == NULL) { | 971 | if (kdf_md == NULL) { |
| 979 | /* Fixme later for better MD */ | 972 | /* Fixme later for better MD */ |
| 980 | kdf_md = EVP_sha1(); | 973 | kdf_md = EVP_sha1(); |