Skip to content

Commit 3d30f6f

Browse files
committed
provider: Don't allow to use XOF digests
Check if the selected digest is an XOF digest and fail if so. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
1 parent 5e2b675 commit 3d30f6f

File tree

6 files changed

+76
-0
lines changed

6 files changed

+76
-0
lines changed

src/provider/dh_keyexch.c

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -685,6 +685,13 @@ static int ibmca_keyexch_dh_set_ctx_params(void *vctx,
685685
return 0;
686686
}
687687

688+
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
689+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
690+
"XOF Digest '%s' is not allowed", name);
691+
EVP_MD_free(md);
692+
return 0;
693+
}
694+
688695
if (ctx->dh.derive.kdf_md != NULL)
689696
EVP_MD_free(ctx->dh.derive.kdf_md);
690697
ctx->dh.derive.kdf_md = md;

src/provider/ec_keyexch.c

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -636,6 +636,13 @@ static int ibmca_keyexch_ec_set_ctx_params(void *vctx,
636636
return 0;
637637
}
638638

639+
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
640+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
641+
"XOF Digest '%s' is not allowed", name);
642+
EVP_MD_free(md);
643+
return 0;
644+
}
645+
639646
if (ctx->ec.derive.kdf_md != NULL)
640647
EVP_MD_free(ctx->ec.derive.kdf_md);
641648
ctx->ec.derive.kdf_md = md;

src/provider/ec_signature.c

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -212,6 +212,13 @@ static int ibmca_signature_ec_set_md(struct ibmca_op_ctx *ctx,
212212
return 0;
213213
}
214214

215+
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
216+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
217+
"XOF Digest '%s' is not allowed", mdname);
218+
EVP_MD_free(md);
219+
return 0;
220+
}
221+
215222
if (ctx->ec.signature.md != NULL)
216223
EVP_MD_free(ctx->ec.signature.md);
217224

src/provider/rsa_asym_cipher.c

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -303,6 +303,15 @@ static int ibmca_asym_cipher_rsa_set_ctx_params(void *vctx,
303303
"Failed to fetch default OAEP digest");
304304
return 0;
305305
}
306+
307+
if ((EVP_MD_get_flags(ctx->rsa.cipher.oaep_md) &
308+
EVP_MD_FLAG_XOF) != 0) {
309+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
310+
"XOF Digest '%s' is not allowed", name);
311+
EVP_MD_free(ctx->rsa.cipher.oaep_md);
312+
ctx->rsa.cipher.oaep_md = NULL;
313+
return 0;
314+
}
306315
}
307316
break;
308317
case RSA_PKCS1_PSS_PADDING: /* PSS is for signatures only */
@@ -337,6 +346,15 @@ static int ibmca_asym_cipher_rsa_set_ctx_params(void *vctx,
337346
"Invalid RSA OAEP digest: '%s'", name);
338347
return 0;
339348
}
349+
350+
if ((EVP_MD_get_flags(ctx->rsa.cipher.oaep_md) &
351+
EVP_MD_FLAG_XOF) != 0) {
352+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
353+
"XOF Digest '%s' is not allowed", name);
354+
EVP_MD_free(ctx->rsa.cipher.oaep_md);
355+
ctx->rsa.cipher.oaep_md = NULL;
356+
return 0;
357+
}
340358
}
341359

342360
/* OSSL_ASYM_CIPHER_PARAM_MGF1_DIGEST_PROPS */
@@ -361,6 +379,15 @@ static int ibmca_asym_cipher_rsa_set_ctx_params(void *vctx,
361379
"Invalid RSA MGF1 digest: '%s'", name);
362380
return 0;
363381
}
382+
383+
if ((EVP_MD_get_flags(ctx->rsa.cipher.mgf1_md) &
384+
EVP_MD_FLAG_XOF) != 0) {
385+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
386+
"XOF Digest '%s' is not allowed", name);
387+
EVP_MD_free(ctx->rsa.cipher.mgf1_md);
388+
ctx->rsa.cipher.mgf1_md = NULL;
389+
return 0;
390+
}
364391
}
365392

366393
/* OSSL_ASYM_CIPHER_PARAM_OAEP_LABEL */

src/provider/rsa_keymgmt.c

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,13 @@ static int ibmca_keymgmt_rsa_pss_parms_from_data(
106106
return 0;
107107
}
108108

109+
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
110+
put_error_ctx(provctx, IBMCA_ERR_INVALID_PARAM,
111+
"XOF Digest '%s' is not allowed", name);
112+
EVP_MD_free(md);
113+
return 0;
114+
}
115+
109116
pss->digest_nid = EVP_MD_get_type(md);
110117
EVP_MD_free(md);
111118
pss->restricted = true;
@@ -142,6 +149,13 @@ static int ibmca_keymgmt_rsa_pss_parms_from_data(
142149
return 0;
143150
}
144151

152+
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
153+
put_error_ctx(provctx, IBMCA_ERR_INVALID_PARAM,
154+
"XOF Digest '%s' is not allowed", name);
155+
EVP_MD_free(md);
156+
return 0;
157+
}
158+
145159
pss->mgf_digest_nid = EVP_MD_get_type(md);
146160
EVP_MD_free(md);
147161
pss->restricted = true;

src/provider/rsa_signature.c

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -228,6 +228,13 @@ static int ibmca_signature_rsa_set_md(struct ibmca_op_ctx *ctx,
228228
return 0;
229229
}
230230

231+
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
232+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
233+
"XOF Digest '%s' is not allowed", mdname);
234+
EVP_MD_free(md);
235+
return 0;
236+
}
237+
231238
if (ctx->key->type == EVP_PKEY_RSA_PSS &&
232239
ctx->rsa.signature.pss.restricted &&
233240
EVP_MD_get_type(md) != ctx->rsa.signature.pss.digest_nid) {
@@ -264,6 +271,13 @@ static int ibmca_signature_rsa_set_mgf1_md(struct ibmca_op_ctx *ctx,
264271
return 0;
265272
}
266273

274+
if ((EVP_MD_get_flags(md) & EVP_MD_FLAG_XOF) != 0) {
275+
put_error_op_ctx(ctx, IBMCA_ERR_INVALID_PARAM,
276+
"XOF Digest '%s' is not allowed", mdname);
277+
EVP_MD_free(md);
278+
return 0;
279+
}
280+
267281
if (ctx->key->type == EVP_PKEY_RSA_PSS &&
268282
ctx->rsa.signature.pss.restricted &&
269283
EVP_MD_get_type(md) != ctx->rsa.signature.pss.mgf_digest_nid) {

0 commit comments

Comments
 (0)