diff --git a/crypto/cmp/cmp_asn.c b/crypto/cmp/cmp_asn.c index 5f4999a400781..cdedabba80222 100644 --- a/crypto/cmp/cmp_asn.c +++ b/crypto/cmp/cmp_asn.c @@ -69,17 +69,14 @@ IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEMCIPHERTEXTINFO) ASN1_SEQUENCE(OSSL_CMP_KEMOTHERINFO) = { ASN1_SEQUENCE_OF(OSSL_CMP_KEMOTHERINFO, staticString, ASN1_UTF8STRING), - ASN1_EXP_OPT(OSSL_CMP_KEMOTHERINFO, transactionID, ASN1_OCTET_STRING, 0), - ASN1_EXP_OPT(OSSL_CMP_KEMOTHERINFO, senderNonce, ASN1_OCTET_STRING, 1), - ASN1_EXP_OPT(OSSL_CMP_KEMOTHERINFO, recipNonce, ASN1_OCTET_STRING, 2), - ASN1_SIMPLE(OSSL_CMP_KEMOTHERINFO, len, ASN1_INTEGER), - ASN1_SIMPLE(OSSL_CMP_KEMOTHERINFO, mac, X509_ALGOR), - ASN1_SIMPLE(OSSL_CMP_KEMOTHERINFO, ct, ASN1_OCTET_STRING) + ASN1_SIMPLE(OSSL_CMP_KEMOTHERINFO, transactionID, ASN1_OCTET_STRING), + ASN1_EXP_OPT(OSSL_CMP_KEMOTHERINFO, kemContext, ASN1_OCTET_STRING, 0), } ASN1_SEQUENCE_END(OSSL_CMP_KEMOTHERINFO) IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEMOTHERINFO) ASN1_SEQUENCE(OSSL_CMP_KEMBMPARAMETER) = { ASN1_SIMPLE(OSSL_CMP_KEMBMPARAMETER, kdf, X509_ALGOR), + ASN1_EXP_OPT(OSSL_CMP_KEMBMPARAMETER, kemContext, ASN1_OCTET_STRING, 0), ASN1_SIMPLE(OSSL_CMP_KEMBMPARAMETER, len, ASN1_INTEGER), ASN1_SIMPLE(OSSL_CMP_KEMBMPARAMETER, mac, X509_ALGOR) } ASN1_SEQUENCE_END(OSSL_CMP_KEMBMPARAMETER) @@ -304,19 +301,14 @@ int ossl_cmp_kem_KemOtherInfo_new(OSSL_CMP_CTX *ctx, goto err; kemOtherInfo->transactionID = ctx->transactionID; - kemOtherInfo->senderNonce = ossl_cmp_ctx_get_kem_senderNonce(ctx); - kemOtherInfo->recipNonce = ossl_cmp_ctx_get_kem_recipNonce(ctx); - - if (!ASN1_INTEGER_set(kemOtherInfo->len, ctx->kem_ssklen) - || !X509_ALGOR_set0(kemOtherInfo->mac, OBJ_nid2obj(NID_hmacWithSHA256), - V_ASN1_UNDEF, NULL)) - goto err; +#if 0 + /*setting kemContext with ct for testing*/ if (ctx->kem_ct != NULL - && !ossl_cmp_asn1_octet_string_set1(&kemOtherInfo->ct, + && !ossl_cmp_asn1_octet_string_set1(&kemOtherInfo->kemContext, ctx->kem_ct)) goto err; - +#endif *out = NULL; if ((*len = i2d_OSSL_CMP_KEMOTHERINFO(kemOtherInfo, out)) <= 0) goto err; @@ -325,8 +317,6 @@ int ossl_cmp_kem_KemOtherInfo_new(OSSL_CMP_CTX *ctx, err: kemOtherInfo->transactionID = NULL; - kemOtherInfo->senderNonce = NULL; - kemOtherInfo->recipNonce = NULL; OSSL_CMP_KEMOTHERINFO_free(kemOtherInfo); return ret; } diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h index 60e95a4c3efcb..b09930a2563a4 100644 --- a/crypto/cmp/cmp_local.h +++ b/crypto/cmp/cmp_local.h @@ -249,35 +249,29 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CMP_KEMCIPHERTEXTINFO) /* * KemOtherInfo ::= SEQUENCE { - * staticString PKIFreeText, - * transactionID [0] OCTET STRING OPTIONAL, - * senderNonce [1] OCTET STRING OPTIONAL, - * recipNonce [2] OCTET STRING OPTIONAL, - * len INTEGER (1..MAX), - * mac AlgorithmIdentifier{MAC-ALGORITHM, {...}} - * ct OCTET STRING - * } + * staticString PKIFreeText, + * transactionID OCTET STRING, + * kemContext [0] OCTET STRING OPTIONAL + } */ struct ossl_cmp_KemOtherInfo_st { OSSL_CMP_PKIFREETEXT *staticString; ASN1_OCTET_STRING *transactionID; - ASN1_OCTET_STRING *senderNonce; - ASN1_OCTET_STRING *recipNonce; - ASN1_INTEGER *len; - X509_ALGOR *mac; - ASN1_OCTET_STRING *ct; + ASN1_OCTET_STRING *kemContext; } /* OSSL_CMP_KEMOTHERINFO */; DECLARE_ASN1_FUNCTIONS(OSSL_CMP_KEMOTHERINFO) /* * KemBMParameter ::= SEQUENCE { * kdf AlgorithmIdentifier{KEY-DERIVATION, {...}}, + * kemContext [0] OCTET STRING OPTIONAL, * len INTEGER (1..MAX), * mac AlgorithmIdentifier{MAC-ALGORITHM, {...}} * } */ typedef struct ossl_cmp_KemBMParameter_st { X509_ALGOR *kdf; + ASN1_OCTET_STRING *kemContext; ASN1_INTEGER *len; X509_ALGOR *mac; } OSSL_CMP_KEMBMPARAMETER;