Call key_check_passed in set_ctx_params

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23900)
2024-11-27 20:14:20 +08:00 · 2024-07-30 17:12:55 +08:00 · 2024-07-30 17:12:55 +08:00 · 81bb88481d
commit 81bb88481d
parent ba977226cf
12 changed files with 43 additions and 37 deletions
--- a/providers/implementations/kdfs/hkdf.c
+++ b/providers/implementations/kdfs/hkdf.c
@ -236,11 +236,6 @@ static int kdf_hkdf_derive(void *vctx, unsigned char *key, size_t keylen,
        return 0;
    }

-#ifdef FIPS_MODULE
-    if (!fips_hkdf_key_check_passed(ctx))
-        return 0;
-#endif
-
    switch (ctx->mode) {
    case EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND:
    default:
@ -345,6 +340,12 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
                                            HKDF_MAXINFO) == 0)
        return 0;

+#ifdef FIPS_MODULE
+    if (OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY) != NULL)
+        if (!fips_hkdf_key_check_passed(ctx))
+            return 0;
+#endif
+
    return 1;
 }

@ -815,11 +816,6 @@ static int kdf_tls1_3_derive(void *vctx, unsigned char *key, size_t keylen,
        return 0;
    }

-#ifdef FIPS_MODULE
-    if (!fips_tls1_3_key_check_passed(ctx))
-        return 0;
-#endif
-
    switch (ctx->mode) {
    default:
        return 0;
@ -895,6 +891,10 @@ static int kdf_tls1_3_set_ctx_params(void *vctx, const OSSL_PARAM params[])
        if (!fips_tls1_3_digest_check_passed(ctx, md))
            return 0;
    }
+
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL)
+        if (!fips_tls1_3_key_check_passed(ctx))
+            return 0;
 #endif

    return 1;
--- a/providers/implementations/kdfs/sshkdf.c
+++ b/providers/implementations/kdfs/sshkdf.c
@ -202,11 +202,6 @@ static int kdf_sshkdf_derive(void *vctx, unsigned char *key, size_t keylen,
        return 0;
    }

-#ifdef FIPS_MODULE
-    if (!fips_key_check_passed(ctx))
-        return 0;
-#endif
-
    return SSHKDF(md, ctx->key, ctx->key_len,
                  ctx->xcghash, ctx->xcghash_len,
                  ctx->session_id, ctx->session_id_len,
@ -247,10 +242,16 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
 #endif
    }

-    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL)
+    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL) {
        if (!sshkdf_set_membuf(&ctx->key, &ctx->key_len, p))
            return 0;

+#ifdef FIPS_MODULE
+        if (!fips_key_check_passed(ctx))
+            return 0;
+#endif
+    }
+
    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SSHKDF_XCGHASH))
        != NULL)
        if (!sshkdf_set_membuf(&ctx->xcghash, &ctx->xcghash_len, p))
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@ -425,11 +425,6 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen,
        return 0;
    }

-#ifdef FIPS_MODULE
-    if (!fips_sskdf_key_check_passed(ctx))
-        return 0;
-#endif
-
    md = ossl_prov_digest_md(&ctx->digest);

    if (ctx->macctx != NULL) {
@ -545,11 +540,6 @@ static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen,
        return 0;
    }

-#ifdef FIPS_MODULE
-    if (!fips_x963kdf_key_check_passed(ctx))
-        return 0;
-#endif
-
    /* H(x) = hash */
    md = ossl_prov_digest_md(&ctx->digest);
    if (md == NULL) {
@ -634,6 +624,13 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
    if (!sskdf_common_set_ctx_params(ctx, params))
        return 0;

+#ifdef FIPS_MODULE
+    if ((OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY) != NULL) ||
+        (OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET) != NULL))
+        if (!fips_sskdf_key_check_passed(ctx))
+            return 0;
+#endif
+
    return 1;
 }

@ -714,6 +711,11 @@ static int x963kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
        if (!fips_x963kdf_digest_check_passed(ctx, md))
            return 0;
    }
+
+    if ((OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY) != NULL) ||
+        (OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET) != NULL))
+        if (!fips_x963kdf_key_check_passed(ctx))
+            return 0;
 #endif

    return 1;
--- a/providers/implementations/kdfs/tls1_prf.c
+++ b/providers/implementations/kdfs/tls1_prf.c
@ -274,8 +274,6 @@ static int kdf_tls1_prf_derive(void *vctx, unsigned char *key, size_t keylen,
 #ifdef FIPS_MODULE
    if (!fips_ems_check_passed(ctx))
        return 0;
-    if (!fips_key_check_passed(ctx))
-        return 0;
 #endif

    return tls1_prf_alg(ctx->P_hash, ctx->P_sha1,
@ -349,6 +347,11 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
        ctx->sec = NULL;
        if (!OSSL_PARAM_get_octet_string(p, (void **)&ctx->sec, 0, &ctx->seclen))
            return 0;
+
+#ifdef FIPS_MODULE
+        if (!fips_key_check_passed(ctx))
+            return 0;
+#endif
    }
    /* The seed fields concatenate, so process them all */
    if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SEED)) != NULL) {
--- a/test/recipes/30-test_evp_data/evpkdf_hkdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_hkdf.txt
@ -242,7 +242,7 @@ Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = hexsalt:000102030405060708090a0b0c
 Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
--- a/test/recipes/30-test_evp_data/evpkdf_ss.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_ss.txt
@ -1160,7 +1160,7 @@ KDF = SSKDF
 Ctrl.digest = digest:SHA1
 Ctrl.hexsecret = hexsecret:d7e6
 Ctrl.hexinfo = hexinfo:0bbe1fa8722023d7c3da4fff
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
--- a/test/recipes/30-test_evp_data/evpkdf_ssh.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_ssh.txt
@ -4919,7 +4919,7 @@ Ctrl.hexkey = hexkey:0102030405060708090a0b
 Ctrl.hexxcghash = hexxcghash:a4ebd45934f56792b5112dcd75a1075fdc889245
 Ctrl.hexsession_id = hexsession_id:a4ebd45934f56792b5112dcd75a1075fdc889245
 Ctrl.type = type:A
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
--- a/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
@ -115,7 +115,7 @@ Ctrl.Secret = hexsecret:0102030405060708090a0b
 Ctrl.label = seed:extended master secret
 Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
 Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
--- a/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt
@ -4978,7 +4978,7 @@ KDF = TLS13-KDF
 Ctrl.mode = mode:EXTRACT_ONLY
 Ctrl.digest = digest:SHA2-256
 Ctrl.key = hexkey:0102030405060708090a0b
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 FIPSversion = >=3.4.0
 KDF = TLS13-KDF
@ -4988,7 +4988,7 @@ Ctrl.key = hexkey:0102030405060708090a0b
 Ctrl.data = hexdata:7c92f68bd5bf3638ea338a6494722e1b44127e1b7e8aad535f2322a644ff22b3
 Ctrl.prefix = hexprefix:746c73313320
 Ctrl.label = hexlabel:6320652074726166666963
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
--- a/test/recipes/30-test_evp_data/evpkdf_x963.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_x963.txt
@ -163,7 +163,7 @@ KDF = X963KDF
 Ctrl.digest = digest:SHA224
 Ctrl.hexsecret = hexsecret:0102030405060908090a0b
 Ctrl.hexinfo = hexinfo:0102030405060708090a0b0c0d0e0f10
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
--- a/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt
+++ b/test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt
@ -214,7 +214,7 @@ Ctrl.digest = digest:SHA1
 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b
 Ctrl.salt = hexsalt:000102030405060708090a0b0c
 Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9
-Result = KDF_DERIVE_ERROR
+Result = PKEY_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved
--- a/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt
+++ b/test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt
@ -112,7 +112,7 @@ Ctrl.Secret = hexsecret:0102030405060708090a0b
 Ctrl.label = seed:extended master secret
 Ctrl.client_random = hexseed:36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c
 Ctrl.server_random = hexseed:f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce
-Result = KDF_DERIVE_ERROR
+Result = KDF_CTRL_ERROR

 # Test that the key whose length is shorter than 112 bits is reported as
 # unapproved