Cleanup and add explicit ikme rejection

mamckee · mamckee · commit cd59a30fc549 · 2025-12-10T19:15:43.000Z
diff --git a/SymCryptProvider/src/decoder/p_scossl_decode_mlkem.c b/SymCryptProvider/src/decoder/p_scossl_decode_mlkem.c
@@ -142,7 +142,7 @@ static SCOSSL_STATUS p_scossl_der_to_mlkem_export_object(_In_ SCOSSL_DECODE_CTX
     }                                                                                                       \
                                                                                                             \
     static const SCOSSL_DECODE_KEYTYPE_DESC p_scossl_mlkem##bits##_##decoderType##_desc = {                 \
-        "MLKEM"#bits,                                                                                       \
+        "ML-KEM-"#bits,                                                                                     \
         select_##decoderType,                                                                               \
         (PSCOSSL_DECODE_INTERNAL_FN)p_scossl_##decoderType##_to_mlkem##bits,                                \
         (OSSL_FUNC_keymgmt_free_fn *)p_scossl_mlkem_keymgmt_free_key_ctx};                                  \
diff --git a/SymCryptProvider/src/encoder/p_scossl_encode_mlkem.c b/SymCryptProvider/src/encoder/p_scossl_encode_mlkem.c
@@ -332,7 +332,7 @@ static SCOSSL_STATUS p_scossl_mlkem_to_text(ossl_unused SCOSSL_ENCODE_CTX *ctx,
             goto cleanup;
         }
 
-        if (!p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, keyCtx->format, &pbKey, &cbKey))
+        if (p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, keyCtx->format, &pbKey, &cbKey) != SCOSSL_SUCCESS)
         {
             goto cleanup;
         }
@@ -363,13 +363,13 @@ static SCOSSL_STATUS p_scossl_mlkem_to_text(ossl_unused SCOSSL_ENCODE_CTX *ctx,
         pbKey = NULL;
         cbKey = 0;
 
-        if (!p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, &pbKey, &cbKey))
+        if (p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, &pbKey, &cbKey) != SCOSSL_SUCCESS)
         {
             goto cleanup;
         }
 
         if ((!printedPrivateKey && BIO_printf(out, "MLKEM Public-Key (%ld bit):\n", cbKey * 8) <= 0) ||
-                 BIO_printf(out, "encapsulation-key") <= 0)
+            BIO_printf(out, "encapsulation-key") <= 0)
         {
             goto cleanup;
         }
diff --git a/SymCryptProvider/src/kem/p_scossl_mlkem.c b/SymCryptProvider/src/kem/p_scossl_mlkem.c
@@ -28,9 +28,15 @@ typedef struct
     SCOSSL_MLKEM_KEY_CTX *keyCtx;
 } SCOSSL_MLKEM_CTX;
 
-static const OSSL_PARAM p_scossl_mlkem_param_types[] = {
+static const OSSL_PARAM p_scossl_mlkem_settable_param_types[] = {
+    OSSL_PARAM_octet_string(OSSL_KEM_PARAM_IKME, NULL, 0),
     OSSL_PARAM_END};
 
+static const OSSL_PARAM p_scossl_mlkem_gettable_param_types[] = {
+    OSSL_PARAM_END};
+
+static SCOSSL_STATUS p_scossl_mlkem_set_ctx_params(_In_ SCOSSL_MLKEM_CTX *ctx, _In_ const OSSL_PARAM params[]);
+
 /* Context management */
 static SCOSSL_MLKEM_CTX *p_scossl_mlkem_newctx(ossl_unused SCOSSL_PROVCTX *provctx)
 {
@@ -86,7 +92,12 @@ static SCOSSL_STATUS p_scossl_mlkem_init(_Inout_ SCOSSL_MLKEM_CTX *ctx, _In_ SCO
 static SCOSSL_STATUS p_scossl_mlkem_encapsulate_init(_Inout_ SCOSSL_MLKEM_CTX *ctx, _In_ SCOSSL_MLKEM_KEY_CTX *keyCtx,
                                                      ossl_unused const OSSL_PARAM params[])
 {
-    return p_scossl_mlkem_init(ctx, keyCtx, EVP_PKEY_OP_ENCAPSULATE);
+    if (p_scossl_mlkem_init(ctx, keyCtx, EVP_PKEY_OP_ENCAPSULATE) != SCOSSL_SUCCESS)
+    {
+        return SCOSSL_FAILURE;
+    }
+
+    return p_scossl_mlkem_set_ctx_params(ctx, params);
 }
 
 static SCOSSL_STATUS p_scossl_mlkem_encapsulate(_In_ SCOSSL_MLKEM_CTX *ctx,
@@ -248,16 +259,35 @@ static SCOSSL_STATUS p_scossl_mlkem_decapsulate(_In_ SCOSSL_MLKEM_CTX *ctx,
 //
 // Parameters
 //
-static const OSSL_PARAM *p_scossl_mlkem_ctx_param_types(ossl_unused void *ctx, ossl_unused void *provctx)
+static const OSSL_PARAM *p_scossl_mlkem_settable_ctx_param_types(ossl_unused void *ctx, ossl_unused void *provctx)
 {
-    return p_scossl_mlkem_param_types;
+    return p_scossl_mlkem_settable_param_types;
 }
 
-static SCOSSL_STATUS p_scossl_mlkem_set_ctx_params(ossl_unused void *ctx, ossl_unused const OSSL_PARAM params[])
+static SCOSSL_STATUS p_scossl_mlkem_set_ctx_params(_In_ SCOSSL_MLKEM_CTX *ctx, _In_ const OSSL_PARAM params[])
 {
+    const OSSL_PARAM *p;
+
+    if (ctx == NULL)
+    {
+        return SCOSSL_FAILURE;
+    }
+
+    if (ctx->operation == EVP_PKEY_OP_ENCAPSULATE &&
+        (p = OSSL_PARAM_locate_const(params, OSSL_KEM_PARAM_IKME)) != NULL)
+    {
+        ERR_raise(ERR_LIB_PROV, PROV_R_NOT_SUPPORTED);
+        return SCOSSL_FAILURE;
+    }
+
     return SCOSSL_SUCCESS;
 }
 
+static const OSSL_PARAM *p_scossl_mlkem_gettable_ctx_param_types(ossl_unused void *ctx, ossl_unused void *provctx)
+{
+    return p_scossl_mlkem_gettable_param_types;
+}
+
 static SCOSSL_STATUS p_scossl_mlkem_get_ctx_params(ossl_unused void *ctx, ossl_unused OSSL_PARAM params[])
 {
     return SCOSSL_SUCCESS;
@@ -271,10 +301,10 @@ const OSSL_DISPATCH p_scossl_mlkem_functions[] = {
     {OSSL_FUNC_KEM_ENCAPSULATE, (void (*)(void))p_scossl_mlkem_encapsulate},
     {OSSL_FUNC_KEM_DECAPSULATE_INIT, (void (*)(void))p_scossl_mlkem_decapsulate_init},
     {OSSL_FUNC_KEM_DECAPSULATE, (void (*)(void))p_scossl_mlkem_decapsulate},
+    {OSSL_FUNC_KEM_SETTABLE_CTX_PARAMS, (void (*)(void))p_scossl_mlkem_settable_ctx_param_types},
     {OSSL_FUNC_KEM_SET_CTX_PARAMS, (void (*)(void))p_scossl_mlkem_set_ctx_params},
-    {OSSL_FUNC_KEM_SETTABLE_CTX_PARAMS, (void (*)(void))p_scossl_mlkem_ctx_param_types},
+    {OSSL_FUNC_KEM_GETTABLE_CTX_PARAMS, (void (*)(void))p_scossl_mlkem_gettable_ctx_param_types},
     {OSSL_FUNC_KEM_GET_CTX_PARAMS, (void (*)(void))p_scossl_mlkem_get_ctx_params},
-    {OSSL_FUNC_KEM_GETTABLE_CTX_PARAMS, (void (*)(void))p_scossl_mlkem_ctx_param_types},
     {0, NULL}};
 
 _Use_decl_annotations_
diff --git a/SymCryptProvider/src/keymgmt/p_scossl_mlkem_hybrid_keymgmt.c b/SymCryptProvider/src/keymgmt/p_scossl_mlkem_hybrid_keymgmt.c
@@ -476,13 +476,15 @@ static BOOL p_scossl_mlkem_hybrid_keymgmt_match(_In_ SCOSSL_MLKEM_HYBRID_KEY_CTX
     BOOL ret = FALSE;
     SCOSSL_STATUS success;
 
-    if (keyCtx1->mlkemParams != keyCtx2->mlkemParams ||
+    if (keyCtx1 == NULL ||
+        keyCtx2 == NULL ||
+        keyCtx1->mlkemParams != keyCtx2->mlkemParams ||
         keyCtx1->classicGroupNid != keyCtx2->classicGroupNid)
     {
         goto cleanup;
     }
 
-    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR))
+    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
     {
         if (keyCtx1->key != NULL && keyCtx2->key != NULL)
         {
@@ -910,7 +912,11 @@ SCOSSL_STATUS p_scossl_mlkem_hybrid_keymgmt_set_encoded_key(SCOSSL_MLKEM_HYBRID_
 cleanup:
     if (ret != SCOSSL_SUCCESS && isNewKey)
     {
-        SymCryptMlKemkeyFree(keyCtx->key);
+        if (keyCtx->key != NULL)
+        {
+            SymCryptMlKemkeyFree(keyCtx->key);
+        }
+
         p_scossl_ecc_free_ctx(keyCtx->classicKeyCtx);
         keyCtx->key = NULL;
         keyCtx->classicKeyCtx = NULL;
diff --git a/SymCryptProvider/src/keymgmt/p_scossl_mlkem_keymgmt.c b/SymCryptProvider/src/keymgmt/p_scossl_mlkem_keymgmt.c
@@ -496,12 +496,14 @@ static BOOL p_scossl_mlkem_keymgmt_match(_In_ SCOSSL_MLKEM_KEY_CTX *keyCtx1, _In
     BOOL ret = FALSE;
     SCOSSL_STATUS success;
 
-    if (keyCtx1->mlkemParams != keyCtx2->mlkemParams)
+    if (keyCtx1 == NULL ||
+        keyCtx2 == NULL ||
+        keyCtx1->mlkemParams != keyCtx2->mlkemParams)
     {
         goto cleanup;
     }
 
-    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR))
+    if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
     {
         if (keyCtx1->key != NULL && keyCtx2->key != NULL)
         {
@@ -691,7 +693,7 @@ SCOSSL_STATUS p_scossl_mlkem_keymgmt_export(_In_ SCOSSL_MLKEM_KEY_CTX *keyCtx, i
                 goto cleanup;
             }
 
-            __fallthrough;
+            /* fall through */
         case SYMCRYPT_MLKEMKEY_FORMAT_DECAPSULATION_KEY:
             OPENSSL_secure_clear_free(pbKey, cbKey);
             pbKey = NULL;
@@ -937,8 +939,6 @@ SCOSSL_STATUS p_scossl_mlkem_keymgmt_set_encoded_key(SCOSSL_MLKEM_KEY_CTX *keyCt
     return ret;
 }
 
-
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/SymCryptProvider/src/keymgmt/p_scossl_mlkem_keymgmt.h b/SymCryptProvider/src/keymgmt/p_scossl_mlkem_keymgmt.h
@@ -4,7 +4,6 @@
 
 #pragma once
 
-#include "p_scossl_base.h"
 #include "kem/p_scossl_mlkem.h"
 
 #ifdef __cplusplus

Original file line number	Diff line number	Diff line change
`@@ -142,7 +142,7 @@ static SCOSSL_STATUS p_scossl_der_to_mlkem_export_object(_In_ SCOSSL_DECODE_CTX`
`142`	`142`	`} \`
`143`	`143`	`\`
`144`	`144`	`static const SCOSSL_DECODE_KEYTYPE_DESC p_scossl_mlkem##bits##_##decoderType##_desc = { \`
`145`		`- "MLKEM"#bits, \`
	`145`	`+ "ML-KEM-"#bits, \`
`146`	`146`	`select_##decoderType, \`
`147`	`147`	`(PSCOSSL_DECODE_INTERNAL_FN)p_scossl_##decoderType##_to_mlkem##bits, \`
`148`	`148`	`(OSSL_FUNC_keymgmt_free_fn *)p_scossl_mlkem_keymgmt_free_key_ctx}; \`
Original file line number	Diff line number	Diff line change
`@@ -332,7 +332,7 @@ static SCOSSL_STATUS p_scossl_mlkem_to_text(ossl_unused SCOSSL_ENCODE_CTX *ctx,`
`332`	`332`	`goto cleanup;`
`333`	`333`	`}`
`334`	`334`
`335`		`- if (!p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, keyCtx->format, &pbKey, &cbKey))`
	`335`	`+ if (p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, keyCtx->format, &pbKey, &cbKey) != SCOSSL_SUCCESS)`
`336`	`336`	`{`
`337`	`337`	`goto cleanup;`
`338`	`338`	`}`
`@@ -363,13 +363,13 @@ static SCOSSL_STATUS p_scossl_mlkem_to_text(ossl_unused SCOSSL_ENCODE_CTX *ctx,`
`363`	`363`	`pbKey = NULL;`
`364`	`364`	`cbKey = 0;`
`365`	`365`
`366`		`- if (!p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, &pbKey, &cbKey))`
	`366`	`+ if (p_scossl_mlkem_keymgmt_get_encoded_key(keyCtx, OSSL_KEYMGMT_SELECT_PUBLIC_KEY, &pbKey, &cbKey) != SCOSSL_SUCCESS)`
`367`	`367`	`{`
`368`	`368`	`goto cleanup;`
`369`	`369`	`}`
`370`	`370`
`371`	`371`	`if ((!printedPrivateKey && BIO_printf(out, "MLKEM Public-Key (%ld bit):\n", cbKey * 8) <= 0) \|\|`
`372`		`- BIO_printf(out, "encapsulation-key") <= 0)`
	`372`	`+ BIO_printf(out, "encapsulation-key") <= 0)`
`373`	`373`	`{`
`374`	`374`	`goto cleanup;`
`375`	`375`	`}`
Original file line number	Diff line number	Diff line change
`@@ -476,13 +476,15 @@ static BOOL p_scossl_mlkem_hybrid_keymgmt_match(_In_ SCOSSL_MLKEM_HYBRID_KEY_CTX`
`476`	`476`	`BOOL ret = FALSE;`
`477`	`477`	`SCOSSL_STATUS success;`
`478`	`478`
`479`		`- if (keyCtx1->mlkemParams != keyCtx2->mlkemParams \|\|`
	`479`	`+ if (keyCtx1 == NULL \|\|`
	`480`	`+ keyCtx2 == NULL \|\|`
	`481`	`+ keyCtx1->mlkemParams != keyCtx2->mlkemParams \|\|`
`480`	`482`	`keyCtx1->classicGroupNid != keyCtx2->classicGroupNid)`
`481`	`483`	`{`
`482`	`484`	`goto cleanup;`
`483`	`485`	`}`
`484`	`486`
`485`		`- if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR))`
	`487`	`+ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)`
`486`	`488`	`{`
`487`	`489`	`if (keyCtx1->key != NULL && keyCtx2->key != NULL)`
`488`	`490`	`{`
`@@ -910,7 +912,11 @@ SCOSSL_STATUS p_scossl_mlkem_hybrid_keymgmt_set_encoded_key(SCOSSL_MLKEM_HYBRID_`
`910`	`912`	`cleanup:`
`911`	`913`	`if (ret != SCOSSL_SUCCESS && isNewKey)`
`912`	`914`	`{`
`913`		`- SymCryptMlKemkeyFree(keyCtx->key);`
	`915`	`+ if (keyCtx->key != NULL)`
	`916`	`+ {`
	`917`	`+ SymCryptMlKemkeyFree(keyCtx->key);`
	`918`	`+ }`
	`919`	`+`
`914`	`920`	`p_scossl_ecc_free_ctx(keyCtx->classicKeyCtx);`
`915`	`921`	`keyCtx->key = NULL;`
`916`	`922`	`keyCtx->classicKeyCtx = NULL;`
Original file line number	Diff line number	Diff line change
`@@ -496,12 +496,14 @@ static BOOL p_scossl_mlkem_keymgmt_match(_In_ SCOSSL_MLKEM_KEY_CTX *keyCtx1, _In`
`496`	`496`	`BOOL ret = FALSE;`
`497`	`497`	`SCOSSL_STATUS success;`
`498`	`498`
`499`		`- if (keyCtx1->mlkemParams != keyCtx2->mlkemParams)`
	`499`	`+ if (keyCtx1 == NULL \|\|`
	`500`	`+ keyCtx2 == NULL \|\|`
	`501`	`+ keyCtx1->mlkemParams != keyCtx2->mlkemParams)`
`500`	`502`	`{`
`501`	`503`	`goto cleanup;`
`502`	`504`	`}`
`503`	`505`
`504`		`- if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR))`
	`506`	`+ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)`
`505`	`507`	`{`
`506`	`508`	`if (keyCtx1->key != NULL && keyCtx2->key != NULL)`
`507`	`509`	`{`
`@@ -691,7 +693,7 @@ SCOSSL_STATUS p_scossl_mlkem_keymgmt_export(_In_ SCOSSL_MLKEM_KEY_CTX *keyCtx, i`
`691`	`693`	`goto cleanup;`
`692`	`694`	`}`
`693`	`695`
`694`		`- __fallthrough;`
	`696`	`+ /* fall through */`
`695`	`697`	`case SYMCRYPT_MLKEMKEY_FORMAT_DECAPSULATION_KEY:`
`696`	`698`	`OPENSSL_secure_clear_free(pbKey, cbKey);`
`697`	`699`	`pbKey = NULL;`
`@@ -937,8 +939,6 @@ SCOSSL_STATUS p_scossl_mlkem_keymgmt_set_encoded_key(SCOSSL_MLKEM_KEY_CTX *keyCt`
`937`	`939`	`return ret;`
`938`	`940`	`}`
`939`	`941`
`940`		`-`
`941`		`-`
`942`	`942`	`#ifdef __cplusplus`
`943`	`943`	`}`
`944`	`944`	`#endif`