public/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

kdfs: implement key length check in X9.42

Browse source 
Similar to other KDFs, the input key should be 112 bits long.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25529)
This commit is contained in:
Dimitri John Ledkov 2024-09-21 15:25:53 +01:00 committed by Tomas Mraz
parent 3be6387588
commit fc68cf21b5
10 changed files with 109 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

11
apps/fipsinstall.c
View file

@ -59,6 +59,7 @@ typedef enum OPTION_choice {
OPT_SSHKDF_KEY_CHECK, OPT_SSHKDF_KEY_CHECK,
OPT_SSKDF_KEY_CHECK, OPT_SSKDF_KEY_CHECK,
OPT_X963KDF_KEY_CHECK, OPT_X963KDF_KEY_CHECK,
OPT_X942KDF_KEY_CHECK,
OPT_NO_PBKDF2_LOWER_BOUND_CHECK, OPT_NO_PBKDF2_LOWER_BOUND_CHECK,
OPT_ECDH_COFACTOR_CHECK, OPT_ECDH_COFACTOR_CHECK,
OPT_SELF_TEST_ONLOAD, OPT_SELF_TEST_ONINSTALL OPT_SELF_TEST_ONLOAD, OPT_SELF_TEST_ONINSTALL
@ -128,6 +129,8 @@ const OPTIONS fipsinstall_options[] = {
"Enable key check for SSKDF"}, "Enable key check for SSKDF"},
{"x963kdf_key_check", OPT_X963KDF_KEY_CHECK, '-', {"x963kdf_key_check", OPT_X963KDF_KEY_CHECK, '-',
"Enable key check for X963KDF"}, "Enable key check for X963KDF"},
{"x942kdf_key_check", OPT_X942KDF_KEY_CHECK, '-',
"Enable key check for X942KDF"},
{"no_pbkdf2_lower_bound_check", OPT_NO_PBKDF2_LOWER_BOUND_CHECK, '-', {"no_pbkdf2_lower_bound_check", OPT_NO_PBKDF2_LOWER_BOUND_CHECK, '-',
"Disable lower bound check for PBKDF2"}, "Disable lower bound check for PBKDF2"},
{"ecdh_cofactor_check", OPT_ECDH_COFACTOR_CHECK, '-', {"ecdh_cofactor_check", OPT_ECDH_COFACTOR_CHECK, '-',
@ -176,6 +179,7 @@ typedef struct {
unsigned int sshkdf_key_check : 1; unsigned int sshkdf_key_check : 1;
unsigned int sskdf_key_check : 1; unsigned int sskdf_key_check : 1;
unsigned int x963kdf_key_check : 1; unsigned int x963kdf_key_check : 1;
unsigned int x942kdf_key_check : 1;
unsigned int pbkdf2_lower_bound_check : 1; unsigned int pbkdf2_lower_bound_check : 1;
unsigned int ecdh_cofactor_check : 1; unsigned int ecdh_cofactor_check : 1;
} FIPS_OPTS; } FIPS_OPTS;
@ -209,6 +213,7 @@ static const FIPS_OPTS pedantic_opts = {
1, /* sshkdf_key_check */ 1, /* sshkdf_key_check */
1, /* sskdf_key_check */ 1, /* sskdf_key_check */
1, /* x963kdf_key_check */ 1, /* x963kdf_key_check */
1, /* x942kdf_key_check */
1, /* pbkdf2_lower_bound_check */ 1, /* pbkdf2_lower_bound_check */
1, /* ecdh_cofactor_check */ 1, /* ecdh_cofactor_check */
}; };
@ -242,6 +247,7 @@ static FIPS_OPTS fips_opts = {
0, /* sshkdf_key_check */ 0, /* sshkdf_key_check */
0, /* sskdf_key_check */ 0, /* sskdf_key_check */
0, /* x963kdf_key_check */ 0, /* x963kdf_key_check */
0, /* x942kdf_key_check */
1, /* pbkdf2_lower_bound_check */ 1, /* pbkdf2_lower_bound_check */
0, /* ecdh_cofactor_check */ 0, /* ecdh_cofactor_check */
}; };
@ -419,6 +425,8 @@ static int write_config_fips_section(BIO *out, const char *section,
opts->sskdf_key_check ? "1": "0") <= 0 opts->sskdf_key_check ? "1": "0") <= 0
|| BIO_printf(out, "%s = %s\n", OSSL_PROV_PARAM_X963KDF_KEY_CHECK, || BIO_printf(out, "%s = %s\n", OSSL_PROV_PARAM_X963KDF_KEY_CHECK,
opts->x963kdf_key_check ? "1": "0") <= 0 opts->x963kdf_key_check ? "1": "0") <= 0
|| BIO_printf(out, "%s = %s\n", OSSL_PROV_PARAM_X942KDF_KEY_CHECK,
opts->x942kdf_key_check ? "1": "0") <= 0
|| BIO_printf(out, "%s = %s\n", || BIO_printf(out, "%s = %s\n",
OSSL_PROV_PARAM_PBKDF2_LOWER_BOUND_CHECK, OSSL_PROV_PARAM_PBKDF2_LOWER_BOUND_CHECK,
opts->pbkdf2_lower_bound_check ? "1" : "0") <= 0 opts->pbkdf2_lower_bound_check ? "1" : "0") <= 0
@ -676,6 +684,9 @@ int fipsinstall_main(int argc, char **argv)
case OPT_X963KDF_KEY_CHECK: case OPT_X963KDF_KEY_CHECK:
fips_opts.x963kdf_key_check = 1; fips_opts.x963kdf_key_check = 1;
break; break;
case OPT_X942KDF_KEY_CHECK:
fips_opts.x942kdf_key_check = 1;
break;
case OPT_NO_PBKDF2_LOWER_BOUND_CHECK: case OPT_NO_PBKDF2_LOWER_BOUND_CHECK:
if (!check_non_pedantic_fips(pedantic, "no_pbkdf2_lower_bound_check")) if (!check_non_pedantic_fips(pedantic, "no_pbkdf2_lower_bound_check"))
goto end; goto end;

7
doc/man1/openssl-fipsinstall.pod.in
View file

@ -47,6 +47,7 @@ B<openssl fipsinstall>
[B<-sshkdf_key_check>] [B<-sshkdf_key_check>]
[B<-sskdf_key_check>] [B<-sskdf_key_check>]
[B<-x963kdf_key_check>] [B<-x963kdf_key_check>]
[B<-x942kdf_key_check>]
[B<-ecdh_cofactor_check>] [B<-ecdh_cofactor_check>]
[B<-self_test_onload>] [B<-self_test_onload>]
[B<-self_test_oninstall>] [B<-self_test_oninstall>]
@ -340,6 +341,12 @@ Configure the module to enable a run-time short key-derivation key check when
deriving a key by X963KDF. deriving a key by X963KDF.
See NIST SP 800-131Ar2 for details. See NIST SP 800-131Ar2 for details.
=item B<-x942kdf_key_check>
Configure the module to enable a run-time short key-derivation key check when
deriving a key by X942KDF.
See NIST SP 800-131Ar2 for details.
=item B<-no_pbkdf2_lower_bound_check> =item B<-no_pbkdf2_lower_bound_check>
Configure the module to not perform run-time lower bound check for PBKDF2. Configure the module to not perform run-time lower bound check for PBKDF2.

4
doc/man5/fips_config.pod
View file

@ -182,6 +182,10 @@ See L<openssl-fipsinstall(1)/OPTIONS> B<-sskdf_key_check>
See L<openssl-fipsinstall(1)/OPTIONS> B<-x963kdf_key_check> See L<openssl-fipsinstall(1)/OPTIONS> B<-x963kdf_key_check>
=item B<x942kdf-key-check>
See L<openssl-fipsinstall(1)/OPTIONS> B<-x942kdf_key_check>
=item B<pbkdf2-lower-bound-check> =item B<pbkdf2-lower-bound-check>
See L<openssl-fipsinstall(1)/OPTIONS> B<-no_pbkdf2_lower_bound_check> See L<openssl-fipsinstall(1)/OPTIONS> B<-no_pbkdf2_lower_bound_check>

22
doc/man7/EVP_KDF-X942-ASN1.pod
View file

@ -77,6 +77,28 @@ Valid values are "AES-128-WRAP", "AES-192-WRAP", "AES-256-WRAP" and "DES3-WRAP".
=back =back
The OpenSSL FIPS provider also supports the following parameters:
=over 4
=item "fips-indicator" (B<OSSL_KDF_PARAM_FIPS_APPROVED_INDICATOR>) <integer>
A getter that returns 1 if the operation is FIPS approved, or 0 otherwise.
This may be used after calling EVP_KDF_derive. It returns 0 if "key-check"
parameter is set to 0 and the check fails.
=item "key-check" (B<OSSL_KDF_PARAM_FIPS_KEY_CHECK>) <integer>
The default value of 1 causes an error during EVP_KDF_CTX_set_params() if the
length of used key-derivation key (B<OSSL_KDF_PARAM_KEY>) is shorter than 112
bits.
Setting this to zero will ignore the error and set the approved
"fips-indicator" to 0.
This option breaks FIPS compliance if it causes the approved "fips-indicator"
to return 0.
=back
=head1 NOTES =head1 NOTES
A context for X942KDF can be obtained by calling: A context for X942KDF can be obtained by calling:

1
providers/fips/include/fips_indicator_params.inc
View file

@ -23,5 +23,6 @@ OSSL_FIPS_PARAM(tls1_prf_key_check, TLS1_PRF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(sshkdf_key_check, SSHKDF_KEY_CHECK, 0) OSSL_FIPS_PARAM(sshkdf_key_check, SSHKDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(sskdf_key_check, SSKDF_KEY_CHECK, 0) OSSL_FIPS_PARAM(sskdf_key_check, SSKDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(x963kdf_key_check, X963KDF_KEY_CHECK, 0) OSSL_FIPS_PARAM(x963kdf_key_check, X963KDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(x942kdf_key_check, X942KDF_KEY_CHECK, 0)
OSSL_FIPS_PARAM(pbkdf2_lower_bound_check, PBKDF2_LOWER_BOUND_CHECK, 1) OSSL_FIPS_PARAM(pbkdf2_lower_bound_check, PBKDF2_LOWER_BOUND_CHECK, 1)
OSSL_FIPS_PARAM(ecdh_cofactor_check, ECDH_COFACTOR_CHECK, 0) OSSL_FIPS_PARAM(ecdh_cofactor_check, ECDH_COFACTOR_CHECK, 0)

52
providers/implementations/kdfs/x942kdf.c
View file

@ -22,6 +22,7 @@
#include "prov/providercommon.h" #include "prov/providercommon.h"
#include "prov/implementations.h" #include "prov/implementations.h"
#include "prov/provider_util.h" #include "prov/provider_util.h"
#include "prov/securitycheck.h"
#include "prov/der_wrap.h" #include "prov/der_wrap.h"
#define X942KDF_MAX_INLEN (1 << 30) #define X942KDF_MAX_INLEN (1 << 30)
@ -49,6 +50,7 @@ typedef struct {
const unsigned char *cek_oid; const unsigned char *cek_oid;
size_t cek_oid_len; size_t cek_oid_len;
int use_keybits; int use_keybits;
OSSL_FIPS_IND_DECLARE
} KDF_X942; } KDF_X942;
/* /*
@ -336,9 +338,12 @@ static void *x942kdf_new(void *provctx)
if (!ossl_prov_is_running()) if (!ossl_prov_is_running())
return NULL; return NULL;
if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx == NULL)
return NULL; return NULL;
ctx->provctx = provctx; ctx->provctx = provctx;
OSSL_FIPS_IND_INIT(ctx)
ctx->use_keybits = 1; ctx->use_keybits = 1;
return ctx; return ctx;
} }
@ -397,6 +402,7 @@ static void *x942kdf_dup(void *vctx)
dest->cek_oid_len = src->cek_oid_len; dest->cek_oid_len = src->cek_oid_len;
dest->dkm_len = src->dkm_len; dest->dkm_len = src->dkm_len;
dest->use_keybits = src->use_keybits; dest->use_keybits = src->use_keybits;
OSSL_FIPS_IND_COPY(dest, src)
} }
return dest; return dest;
@ -429,6 +435,24 @@ static size_t x942kdf_size(KDF_X942 *ctx)
return (len <= 0) ? 0 : (size_t)len; return (len <= 0) ? 0 : (size_t)len;
} }
#ifdef FIPS_MODULE
static int fips_x942kdf_key_check_passed(KDF_X942 *ctx)
{
OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx);
int key_approved = ossl_kdf_check_key_size(ctx->secret_len);
if (!key_approved) {
if (!OSSL_FIPS_IND_ON_UNAPPROVED(ctx, OSSL_FIPS_IND_SETTABLE0,
libctx, "X942KDF", "Key size",
ossl_fips_config_x942kdf_key_check)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
}
return 1;
}
#endif
static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen, static int x942kdf_derive(void *vctx, unsigned char *key, size_t keylen,
const OSSL_PARAM params[]) const OSSL_PARAM params[])
{ {
@ -513,6 +537,10 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
if (params == NULL) if (params == NULL)
return 1; return 1;
if (!OSSL_FIPS_IND_SET_CTX_PARAM(ctx, OSSL_FIPS_IND_SETTABLE0, params,
OSSL_KDF_PARAM_FIPS_KEY_CHECK))
return 0;
if (OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_DIGEST) != NULL) { if (OSSL_PARAM_locate_const(params, OSSL_ALG_PARAM_DIGEST) != NULL) {
if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx))
return 0; return 0;
@ -526,8 +554,14 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET); p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET);
if (p == NULL) if (p == NULL)
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY); p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY);
if (p != NULL && !x942kdf_set_buffer(&ctx->secret, &ctx->secret_len, p)) if (p != NULL) {
return 0; if (!x942kdf_set_buffer(&ctx->secret, &ctx->secret_len, p))
return 0;
#ifdef FIPS_MODULE
if (!fips_x942kdf_key_check_passed(ctx))
return 0;
#endif
}
p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_X942_ACVPINFO); p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_X942_ACVPINFO);
if (p != NULL if (p != NULL
@ -598,6 +632,7 @@ static const OSSL_PARAM *x942kdf_settable_ctx_params(ossl_unused void *ctx,
OSSL_PARAM_octet_string(OSSL_KDF_PARAM_X942_SUPP_PRIVINFO, NULL, 0), OSSL_PARAM_octet_string(OSSL_KDF_PARAM_X942_SUPP_PRIVINFO, NULL, 0),
OSSL_PARAM_int(OSSL_KDF_PARAM_X942_USE_KEYBITS, NULL), OSSL_PARAM_int(OSSL_KDF_PARAM_X942_USE_KEYBITS, NULL),
OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CEK_ALG, NULL, 0), OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CEK_ALG, NULL, 0),
OSSL_FIPS_IND_SETTABLE_CTX_PARAM(OSSL_KDF_PARAM_FIPS_KEY_CHECK)
OSSL_PARAM_END OSSL_PARAM_END
}; };
return known_settable_ctx_params; return known_settable_ctx_params;
@ -608,9 +643,13 @@ static int x942kdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
KDF_X942 *ctx = (KDF_X942 *)vctx; KDF_X942 *ctx = (KDF_X942 *)vctx;
OSSL_PARAM *p; OSSL_PARAM *p;
if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL) p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE);
return OSSL_PARAM_set_size_t(p, x942kdf_size(ctx)); if (p != NULL && !OSSL_PARAM_set_size_t(p, x942kdf_size(ctx)))
return -2; return 0;
if (!OSSL_FIPS_IND_GET_CTX_PARAM(ctx, params))
return 0;
return 1;
} }
static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *ctx, static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *ctx,
@ -618,6 +657,7 @@ static const OSSL_PARAM *x942kdf_gettable_ctx_params(ossl_unused void *ctx,
{ {
static const OSSL_PARAM known_gettable_ctx_params[] = { static const OSSL_PARAM known_gettable_ctx_params[] = {
OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL), OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
OSSL_FIPS_IND_GETTABLE_CTX_PARAM()
OSSL_PARAM_END OSSL_PARAM_END
}; };
return known_gettable_ctx_params; return known_gettable_ctx_params;

3
test/recipes/03-test_fipsinstall.t
View file

@ -59,7 +59,8 @@ my @commandline =
( 'tls1_prf_key_check', 'tls1-prf-key-check' ), ( 'tls1_prf_key_check', 'tls1-prf-key-check' ),
( 'sshkdf_key_check', 'sshkdf-key-check' ), ( 'sshkdf_key_check', 'sshkdf-key-check' ),
( 'sskdf_key_check', 'sskdf-key-check' ), ( 'sskdf_key_check', 'sskdf-key-check' ),
( 'x963kdf_key_check', 'x963kdf-key-check' ) ( 'x963kdf_key_check', 'x963kdf-key-check' ),
( 'x942kdf_key_check', 'x942kdf-key-check' )
); );
plan tests => 35 + (scalar @pedantic_okay) + (scalar @pedantic_fail) plan tests => 35 + (scalar @pedantic_okay) + (scalar @pedantic_fail)

14
test/recipes/30-test_evp_data/evpkdf_x942.txt
View file

@ -77,6 +77,7 @@ Output = 2c5c1f028c6d1fc9ba752e41fdb9edb2ea936f1b2449f214acd56d31
Title = X9.42 KDF tests (ACVP test vectors) Title = X9.42 KDF tests (ACVP test vectors)
FIPSversion = <3.4.0
KDF = X942KDF-ASN1 KDF = X942KDF-ASN1
Ctrl.digest = digest:SHA256 Ctrl.digest = digest:SHA256
Ctrl.hexsecret = hexsecret:6B Ctrl.hexsecret = hexsecret:6B
@ -88,6 +89,7 @@ Output = C2E6A0978C24AF3932F478583ADBFB5F57D491822592EAD3C538875F46EB057A
# Negative tests # Negative tests
# Fail if both acvp and ukm values are specified. # Fail if both acvp and ukm values are specified.
FIPSversion = <3.4.0
KDF = X942KDF-ASN1 KDF = X942KDF-ASN1
Ctrl.digest = digest:SHA256 Ctrl.digest = digest:SHA256
Ctrl.hexsecret = hexsecret:6B Ctrl.hexsecret = hexsecret:6B
@ -118,3 +120,15 @@ Ctrl.cekalg = cekalg:id-aes128-wrap
Ctrl.hexacvp-info = hexacvp-info:a020299D468D60BC6A257E0B6523D691A3FC1602453B35F308C762FBBAC6069A88BCa12080D49BFE5BE01C7D56489AB017663C22B8CBB34C3174D1D71F00CB7505AC759Aa2203C21A5EA5988562C007986E0503D039E7231D9F152FE72A231A1FD98C59BCA6Aa320FD47477542989B51E4A0845DFABD6EEAA465F69B3D75349B2520051782C7F3FC Ctrl.hexacvp-info = hexacvp-info:a020299D468D60BC6A257E0B6523D691A3FC1602453B35F308C762FBBAC6069A88BCa12080D49BFE5BE01C7D56489AB017663C22B8CBB34C3174D1D71F00CB7505AC759Aa2203C21A5EA5988562C007986E0503D039E7231D9F152FE72A231A1FD98C59BCA6Aa320FD47477542989B51E4A0845DFABD6EEAA465F69B3D75349B2520051782C7F3FC
Result = KDF_CTRL_ERROR Result = KDF_CTRL_ERROR
Reason = xof digests not allowed Reason = xof digests not allowed
Availablein = fips
FIPSversion = >=3.4.0
KDF = X942KDF-ASN1
Ctrl.digest = digest:SHA256
Ctrl.hexsecret = hexsecret:6B
Ctrl.use-keybits = use-keybits:0
Ctrl.cekalg = cekalg:id-aes128-wrap
Ctrl.hexacvp-info = hexacvp-info:a020299D468D60BC6A257E0B6523D691A3FC1602453B35F308C762FBBAC6069A88BCa12080D49BFE5BE01C7D56489AB017663C22B8CBB34C3174D1D71F00CB7505AC759Aa2203C21A5EA5988562C007986E0503D039E7231D9F152FE72A231A1FD98C59BCA6Aa320FD47477542989B51E4A0845DFABD6EEAA465F69B3D75349B2520051782C7F3FC
Output = C2E6A0978C24AF3932F478583ADBFB5F57D491822592EAD3C538875F46EB057A
Result = KDF_CTRL_ERROR
Reason = invalid key length

1
util/mk-fipsmodule-cnf.pl
View file

@ -81,6 +81,7 @@ tls1-prf-key-check = $kdf_key_check
sshkdf-key-check = $kdf_key_check sshkdf-key-check = $kdf_key_check
sskdf-key-check = $kdf_key_check sskdf-key-check = $kdf_key_check
x963kdf-key-check = $kdf_key_check x963kdf-key-check = $kdf_key_check
x942kdf-key-check = $kdf_key_check
pbkdf2-lower-bound-check = $pbkdf2_lower_bound_check pbkdf2-lower-bound-check = $pbkdf2_lower_bound_check
ecdh-cofactor-check = $ec_cofactor_check ecdh-cofactor-check = $ec_cofactor_check
hmac-key-check = $mac_key_check hmac-key-check = $mac_key_check

1
util/perl/OpenSSL/paramnames.pm
View file

@ -54,6 +54,7 @@ my %params = (
'PROV_PARAM_SSHKDF_KEY_CHECK' => "sshkdf-key-check", # uint 'PROV_PARAM_SSHKDF_KEY_CHECK' => "sshkdf-key-check", # uint
'PROV_PARAM_SSKDF_KEY_CHECK' => "sskdf-key-check", # uint 'PROV_PARAM_SSKDF_KEY_CHECK' => "sskdf-key-check", # uint
'PROV_PARAM_X963KDF_KEY_CHECK' => "x963kdf-key-check", # uint 'PROV_PARAM_X963KDF_KEY_CHECK' => "x963kdf-key-check", # uint
'PROV_PARAM_X942KDF_KEY_CHECK' => "x942kdf-key-check", # uint
'PROV_PARAM_PBKDF2_LOWER_BOUND_CHECK' => "pbkdf2-lower-bound-check", # uint 'PROV_PARAM_PBKDF2_LOWER_BOUND_CHECK' => "pbkdf2-lower-bound-check", # uint
'PROV_PARAM_ECDH_COFACTOR_CHECK' => "ecdh-cofactor-check", # uint 'PROV_PARAM_ECDH_COFACTOR_CHECK' => "ecdh-cofactor-check", # uint
'PROV_PARAM_SIGNATURE_DIGEST_CHECK' => "signature-digest-check", # uint 'PROV_PARAM_SIGNATURE_DIGEST_CHECK' => "signature-digest-check", # uint