mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update code to use EVP_MD_xof()

Browse Source 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25285)
This commit is contained in:
slontis 2024-08-26 11:14:55 +10:00 committed by Tomas Mraz
parent c48e56874c
commit 976dd3581a
17 changed files with 21 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/dgst.c
View File

@ -419,7 +419,7 @@ int dgst_main(int argc, char **argv)
md_name = EVP_MD_get0_name(md);
if (xoflen > 0) {
if (!(EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF)) {
if (!EVP_MD_xof(md)) {
BIO_printf(bio_err, "Length can only be specified for XOF\n");
goto end;
}

2
apps/speed.c
View File

@ -631,7 +631,7 @@ static int EVP_Digest_loop(const char *mdname, ossl_unused int algindex, void *a
if (!opt_md_silent(mdname, &md))
return -1;
if (EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) {
if (EVP_MD_xof(md)) {
ctx = EVP_MD_CTX_new();
if (ctx == NULL) {
count = -1;

10
crypto/rsa/rsa_oaep.c
View File

@ -78,11 +78,11 @@ int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx,
#ifdef FIPS_MODULE
/* XOF are approved as standalone; Shake256 in Ed448; MGF */
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
return 0;
}
if ((EVP_MD_get_flags(mgf1md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(mgf1md)) {
ERR_raise(ERR_LIB_RSA, RSA_R_MGF1_DIGEST_NOT_ALLOWED);
return 0;
}
@ -196,11 +196,11 @@ int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
#ifdef FIPS_MODULE
/* XOF are approved as standalone; Shake256 in Ed448; MGF */
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_RSA, RSA_R_DIGEST_NOT_ALLOWED);
return -1;
}
if ((EVP_MD_get_flags(mgf1md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(mgf1md)) {
ERR_raise(ERR_LIB_RSA, RSA_R_MGF1_DIGEST_NOT_ALLOWED);
return -1;
}
@ -360,7 +360,7 @@ int PKCS1_MGF1(unsigned char *mask, long len,
if (c == NULL)
goto err;
mdlen = EVP_MD_get_size(dgst);
if (mdlen < 0)
if (mdlen <= 0)
goto err;
/* step 4 */
for (i = 0; outlen < len; i++) {

2
providers/implementations/exchange/dh_exch.c
View File

@ -392,7 +392,7 @@ static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[])
if (pdhctx->kdf_md == NULL)
return 0;
/* XOF digests are not allowed */
if ((EVP_MD_get_flags(pdhctx->kdf_md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(pdhctx->kdf_md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/exchange/ecdh_exch.c
View File

@ -315,7 +315,7 @@ int ecdh_set_ctx_params(void *vpecdhctx, const OSSL_PARAM params[])
if (pectx->kdf_md == NULL)
return 0;
/* XOF digests are not allowed */
if ((EVP_MD_get_flags(pectx->kdf_md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(pectx->kdf_md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/kdfs/hmacdrbg_kdf.c
View File

@ -217,7 +217,7 @@ static int hmac_drbg_kdf_set_ctx_params(void *vctx,
/* Confirm digest is allowed. Allow all digests that are not XOF */
md = ossl_prov_digest_md(&drbg->digest);
if (md != NULL) {
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/kdfs/pbkdf2.c
View File

@ -266,7 +266,7 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[])
if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx))
return 0;
md = ossl_prov_digest_md(&ctx->digest);
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/kdfs/sshkdf.c
View File

@ -229,7 +229,7 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
return 0;
md = ossl_prov_digest_md(&ctx->digest);
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/kdfs/sskdf.c
View File

@ -577,7 +577,7 @@ static int sskdf_common_set_ctx_params(KDF_SSKDF *ctx, const OSSL_PARAM params[]
return 0;
md = ossl_prov_digest_md(&ctx->digest);
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/kdfs/tls1_prf.c
View File

@ -324,7 +324,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
return 0;
md = ossl_prov_digest_md(&digest);
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
ossl_prov_digest_reset(&digest);
return 0;

2
providers/implementations/kdfs/x942kdf.c
View File

@ -517,7 +517,7 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx))
return 0;
md = ossl_prov_digest_md(&ctx->digest);
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/rands/drbg.c
View File

@ -1030,7 +1030,7 @@ int ossl_drbg_verify_digest(PROV_DRBG *drbg, OSSL_LIB_CTX *libctx,
}
#else /* FIPS_MODULE */
/* Outside of FIPS, any digests that are not XOF are allowed */
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
providers/implementations/signature/dsa_sig.c
View File

@ -156,7 +156,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx,
goto err;
}
/* XOF digests don't work */
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
goto err;
}

2
providers/implementations/signature/ecdsa_sig.c
View File

@ -289,7 +289,7 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname,
goto err;
}
/* XOF digests don't work */
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
goto err;
}

2
providers/implementations/signature/rsa_sig.c
View File

@ -397,7 +397,7 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname,
* We don't support XOF digests with RSA PSS (yet), so just fail.
* When we do support them, uncomment the second clause.
*/
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0
if (EVP_MD_xof(md)
/* && ctx->pad_mode != RSA_PKCS1_PSS_PADDING */) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
goto err;

2
providers/implementations/signature/sm2_sig.c
View File

@ -99,7 +99,7 @@ static int sm2sig_set_mdname(PROV_SM2_CTX *psm2ctx, const char *mdname)
return 0;
/* XOF digests don't work */
if ((EVP_MD_get_flags(psm2ctx->md) & EVP_MD_FLAG_XOF) != 0) {
if (EVP_MD_xof(psm2ctx->md)) {
ERR_raise(ERR_LIB_PROV, PROV_R_XOF_DIGESTS_NOT_ALLOWED);
return 0;
}

2
test/evp_test.c
View File

@ -788,7 +788,7 @@ static int digest_test_run(EVP_TEST *t)
goto err;
}
xof |= (EVP_MD_get_flags(expected->digest) & EVP_MD_FLAG_XOF) != 0;
xof |= EVP_MD_xof(expected->digest);
if (xof) {
EVP_MD_CTX *mctx_cpy;