change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible (965a1cb9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

apps/speed.c

+5 −3

Original line number	Diff line number	Diff line
		@@ -449,11 +449,13 @@ static double Time_F(int s)


		static const int KDF1_SHA1_len = 20;
		static void KDF1_SHA1(void in, size_t inlen, void *out, size_t outlen)
		static void KDF1_SHA1(const void in, size_t inlen, void out, size_t outlen)
		{
		#ifndef OPENSSL_NO_SHA
		if (outlen != SHA_DIGEST_LENGTH)
		if (*outlen < SHA_DIGEST_LENGTH)
		return NULL;
		else
		*outlen = SHA_DIGEST_LENGTH;
		return SHA1(in, inlen, out);
		#else
		return NULL;
		@@ -2189,7 +2191,7 @@ int MAIN(int argc, char **argv)
		* otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt).
		*/
		int field_size, outlen;
		void (kdf)(void in, size_t inlen, void out, size_t xoutlen);
		void (kdf)(const void in, size_t inlen, void out, size_t *xoutlen);
		field_size = EC_GROUP_get_degree(ecdh_a[j]->group);
		if (field_size <= 24 * 8)
		{

+2 −2

Original line number	Diff line number	Diff line
		@@ -92,7 +92,7 @@ struct ecdh_method
		{
		const char *name;
		int (compute_key)(void key, size_t outlen, const EC_POINT pub_key, EC_KEY ecdh,
		void (KDF)(void in, size_t inlen, void out, size_t outlen));
		void (KDF)(const void in, size_t inlen, void out, size_t *outlen));
		#if 0
		int (init)(EC_KEY eckey);
		int (finish)(EC_KEY eckey);
		@@ -127,7 +127,7 @@ const ECDH_METHOD *ECDH_get_default_method(void);
		int ECDH_set_method(EC_KEY , const ECDH_METHOD );

		int ECDH_compute_key(void out, size_t outlen, const EC_POINT pub_key, EC_KEY *ecdh,
		void (KDF)(void in, size_t inlen, void out, size_t outlen));
		void (KDF)(const void in, size_t inlen, void out, size_t *outlen));

		int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
		new_func, CRYPTO_EX_dup dup_func, CRYPTO_EX_free *free_func);

+4 −2

Original line number	Diff line number	Diff line
		@@ -105,11 +105,13 @@ static const char rnd_seed[] = "string to make the random number generator think


		static const int KDF1_SHA1_len = 20;
		static void KDF1_SHA1(void in, size_t inlen, void *out, size_t outlen)
		static void KDF1_SHA1(const void in, size_t inlen, void out, size_t outlen)
		{
		#ifndef OPENSSL_NO_SHA
		if (outlen != SHA_DIGEST_LENGTH)
		if (*outlen < SHA_DIGEST_LENGTH)
		return NULL;
		else
		*outlen = SHA_DIGEST_LENGTH;
		return SHA1(in, inlen, out);
		#else
		return NULL;

+3 −2

Original line number	Diff line number	Diff line
		@@ -72,8 +72,9 @@
		#include <openssl/engine.h>
		#endif

		int ECDH_compute_key(void out, size_t outlen, const EC_POINT pub_key, EC_KEY *eckey,
		void (KDF)(void in, size_t inlen, void out, size_t outlen))
		int ECDH_compute_key(void out, size_t outlen, const EC_POINT pub_key,
		EC_KEY *eckey,
		void (KDF)(const void in, size_t inlen, void out, size_t *outlen))
		{
		ECDH_DATA *ecdh = ecdh_check(eckey);
		if (ecdh == NULL)

+7 −5

Original line number	Diff line number	Diff line
		@@ -79,8 +79,9 @@
		#include <openssl/obj_mac.h>
		#include <openssl/bn.h>

		static int ecdh_compute_key(void out, size_t len, const EC_POINT pub_key, EC_KEY *ecdh,
		void (KDF)(void in, size_t inlen, void out, size_t outlen));
		static int ecdh_compute_key(void out, size_t len, const EC_POINT pub_key,
		EC_KEY *ecdh,
		void (KDF)(const void in, size_t inlen, void out, size_t *outlen));

		static ECDH_METHOD openssl_ecdh_meth = {
		"OpenSSL ECDH method",
		@@ -104,8 +105,9 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
		* - ECSVDP-DH
		* Finally an optional KDF is applied.
		*/
		static int ecdh_compute_key(void out, size_t outlen, const EC_POINT pub_key, EC_KEY *ecdh,
		void (KDF)(void in, size_t inlen, void out, size_t outlen))
		static int ecdh_compute_key(void out, size_t outlen, const EC_POINT pub_key,
		EC_KEY *ecdh,
		void (KDF)(const void in, size_t inlen, void out, size_t *outlen))
		{
		BN_CTX *ctx;
		EC_POINT *tmp=NULL;
		@@ -182,7 +184,7 @@ static int ecdh_compute_key(void out, size_t outlen, const EC_POINT pub_key, E

		if (KDF != 0)
		{
		if (KDF(buf, buflen, out, outlen) == NULL)
		if (KDF(buf, buflen, out, &outlen) == NULL)
		{
		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
		goto err;

Original line number	Diff line number	Diff line
		@@ -92,7 +92,7 @@ struct ecdh_method
		{
		const char *name;
		int (compute_key)(void key, size_t outlen, const EC_POINT pub_key, EC_KEY ecdh,
		void (KDF)(void in, size_t inlen, void out, size_t outlen));
		void (KDF)(const void in, size_t inlen, void out, size_t *outlen));
		#if 0
		int (init)(EC_KEY eckey);
		int (finish)(EC_KEY eckey);
		@@ -127,7 +127,7 @@ const ECDH_METHOD *ECDH_get_default_method(void);
		int ECDH_set_method(EC_KEY , const ECDH_METHOD );

		int ECDH_compute_key(void out, size_t outlen, const EC_POINT pub_key, EC_KEY *ecdh,
		void (KDF)(void in, size_t inlen, void out, size_t outlen));
		void (KDF)(const void in, size_t inlen, void out, size_t *outlen));

		int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
		new_func, CRYPTO_EX_dup dup_func, CRYPTO_EX_free *free_func);