public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix kbkdf bug if MAC is set to KMAC and then something else

Browse source 
A context that is set to KMAC sets the is_kmac flag and this cannot be reset.
So a user that does kbkdf using KMAC and then wants to use HMAC or CMAC will
experience a failure.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24883)

(cherry picked from commit f35fc4f184)
This commit is contained in:
Pauli 2024-07-15 13:26:50 +10:00
parent 5c3227e94e
commit 24fa24b3e6
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
providers/implementations/kdfs/kbkdf.c
View file

@ -354,7 +354,8 @@ static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
if (!ossl_prov_macctx_load_from_params(&ctx->ctx_init, params, NULL,
NULL, NULL, libctx))
return 0;
else if (ctx->ctx_init != NULL) {
if (ctx->ctx_init != NULL) {
ctx->is_kmac = 0;
if (EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init),
OSSL_MAC_NAME_KMAC128)
|| EVP_MAC_is_a(EVP_MAC_CTX_get0_mac(ctx->ctx_init),