diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c index 35276d8101..64a3e8f05e 100644 --- a/providers/implementations/kdfs/hkdf.c +++ b/providers/implementations/kdfs/hkdf.c @@ -236,11 +236,6 @@ static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen, return 0; } -#ifdef FIPS_MODULE - if (!fips_hkdf_key_check_passed(ctx)) - return 0; -#endif - switch (ctx->mode) { case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND: default: @@ -345,6 +340,12 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) HKDF_MAXINFO) == 0) return 0; +#ifdef FIPS_MODULE + if (OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY) != NULL) + if (!fips_hkdf_key_check_passed(ctx)) + return 0; +#endif + return 1; } @@ -815,11 +816,6 @@ static int kdf_tls1_3_derive(void *vctx, unsigned char *key, size_t keylen, return 0; } -#ifdef FIPS_MODULE - if (!fips_tls1_3_key_check_passed(ctx)) - return 0; -#endif - switch (ctx->mode) { default: return 0; @@ -895,6 +891,10 @@ static int kdf_tls1_3_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (!fips_tls1_3_digest_check_passed(ctx, md)) return 0; } + + if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL) + if (!fips_tls1_3_key_check_passed(ctx)) + return 0; #endif return 1; diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index c4e4971992..fd77dabcb7 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -202,11 +202,6 @@ static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen, return 0; } -#ifdef FIPS_MODULE - if (!fips_key_check_passed(ctx)) - return 0; -#endif - return SSHKDF(md, ctx->key, ctx->key_len, ctx->xcghash, ctx->xcghash_len, ctx->session_id, ctx->session_id_len, @@ -247,10 +242,16 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) #endif } - if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL) + if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL) { if (!sshkdf_set_membuf(&ctx->key, &ctx->key_len, p)) return 0; +#ifdef FIPS_MODULE + if (!fips_key_check_passed(ctx)) + return 0; +#endif + } + if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SSHKDF_XCGHASH)) != NULL) if (!sshkdf_set_membuf(&ctx->xcghash, &ctx->xcghash_len, p)) diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index da72d405f5..4bdb4e039c 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -425,11 +425,6 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen, return 0; } -#ifdef FIPS_MODULE - if (!fips_sskdf_key_check_passed(ctx)) - return 0; -#endif - md = ossl_prov_digest_md(&ctx->digest); if (ctx->macctx != NULL) { @@ -545,11 +540,6 @@ static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen, return 0; } -#ifdef FIPS_MODULE - if (!fips_x963kdf_key_check_passed(ctx)) - return 0; -#endif - /* H(x) = hash */ md = ossl_prov_digest_md(&ctx->digest); if (md == NULL) { @@ -634,6 +624,13 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (!sskdf_common_set_ctx_params(ctx, params)) return 0; +#ifdef FIPS_MODULE + if ((OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY) != NULL) || + (OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET) != NULL)) + if (!fips_sskdf_key_check_passed(ctx)) + return 0; +#endif + return 1; } @@ -714,6 +711,11 @@ static int x963kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (!fips_x963kdf_digest_check_passed(ctx, md)) return 0; } + + if ((OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY) != NULL) || + (OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET) != NULL)) + if (!fips_x963kdf_key_check_passed(ctx)) + return 0; #endif return 1; diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index 3d40b0b119..a82e4573d4 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -274,8 +274,6 @@ static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen, #ifdef FIPS_MODULE if (!fips_ems_check_passed(ctx)) return 0; - if (!fips_key_check_passed(ctx)) - return 0; #endif return tls1_prf_alg(ctx->P_hash, ctx->P_sha1, @@ -349,6 +347,11 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ctx->sec = NULL; if (!OSSL_PARAM_get_octet_string(p, (void **)&ctx->sec, 0, &ctx->seclen)) return 0; + +#ifdef FIPS_MODULE + if (!fips_key_check_passed(ctx)) + return 0; +#endif } /* The seed fields concatenate, so process them all */ if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SEED)) != NULL) { diff --git a/test/recipes/30-test_evp_data/evpkdf_hkdf.txt b/test/recipes/30-test_evp_data/evpkdf_hkdf.txt index 433c8c7481..262f336bec 100644 --- a/test/recipes/30-test_evp_data/evpkdf_hkdf.txt +++ b/test/recipes/30-test_evp_data/evpkdf_hkdf.txt @@ -242,7 +242,7 @@ Ctrl.digest = digest:SHA1 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b Ctrl.salt = hexsalt:000102030405060708090a0b0c Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved diff --git a/test/recipes/30-test_evp_data/evpkdf_ss.txt b/test/recipes/30-test_evp_data/evpkdf_ss.txt index a5ef1aab89..08d4e8c703 100644 --- a/test/recipes/30-test_evp_data/evpkdf_ss.txt +++ b/test/recipes/30-test_evp_data/evpkdf_ss.txt @@ -1160,7 +1160,7 @@ KDF = SSKDF Ctrl.digest = digest:SHA1 Ctrl.hexsecret = hexsecret:d7e6 Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved diff --git a/test/recipes/30-test_evp_data/evpkdf_ssh.txt b/test/recipes/30-test_evp_data/evpkdf_ssh.txt index 7785a0a8b9..674a244224 100644 --- a/test/recipes/30-test_evp_data/evpkdf_ssh.txt +++ b/test/recipes/30-test_evp_data/evpkdf_ssh.txt @@ -4919,7 +4919,7 @@ Ctrl.hexkey = hexkey:0102030405060708090a0b Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245 Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245 Ctrl.type = type:A -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved diff --git a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt index 5f99274c05..84af44c63c 100644 --- a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt +++ b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt @@ -115,7 +115,7 @@ Ctrl.Secret = hexsecret:0102030405060708090a0b Ctrl.label = seed:extended master secret Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved diff --git a/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt b/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt index 3d8453eef0..f31208cd38 100644 --- a/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt +++ b/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt @@ -4978,7 +4978,7 @@ KDF = TLS13-KDF Ctrl.mode = mode:EXTRACT_ONLY Ctrl.digest = digest:SHA2-256 Ctrl.key = hexkey:0102030405060708090a0b -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR FIPSversion = >=3.4.0 KDF = TLS13-KDF @@ -4988,7 +4988,7 @@ Ctrl.key = hexkey:0102030405060708090a0b Ctrl.data = hexdata:7c92f68bd5bf3638ea338a6494722e1b44127e1b7e8aad535f2322a644ff22b3 Ctrl.prefix = hexprefix:746c73313320 Ctrl.label = hexlabel:6320652074726166666963 -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved diff --git a/test/recipes/30-test_evp_data/evpkdf_x963.txt b/test/recipes/30-test_evp_data/evpkdf_x963.txt index 924684837a..9341217a73 100644 --- a/test/recipes/30-test_evp_data/evpkdf_x963.txt +++ b/test/recipes/30-test_evp_data/evpkdf_x963.txt @@ -163,7 +163,7 @@ KDF = X963KDF Ctrl.digest = digest:SHA224 Ctrl.hexsecret = hexsecret:0102030405060908090a0b Ctrl.hexinfo = hexinfo:0102030405060708090a0b0c0d0e0f10 -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved diff --git a/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt b/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt index de12543409..a01178f192 100644 --- a/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt +++ b/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt @@ -214,7 +214,7 @@ Ctrl.digest = digest:SHA1 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b Ctrl.salt = hexsalt:000102030405060708090a0b0c Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 -Result = KDF_DERIVE_ERROR +Result = PKEY_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved diff --git a/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt b/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt index e8bc6956fb..96d4d6c721 100644 --- a/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt +++ b/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt @@ -112,7 +112,7 @@ Ctrl.Secret = hexsecret:0102030405060708090a0b Ctrl.label = seed:extended master secret Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce -Result = KDF_DERIVE_ERROR +Result = KDF_CTRL_ERROR # Test that the key whose length is shorter than 112 bits is reported as # unapproved