[openssl] master update
Richard Levitte
levitte at openssl.org
Fri May 3 15:53:50 UTC 2019
The branch master has been updated
via ff8029c189786196c010292b647f3bca6d51e91d (commit)
via d2ba812343a62b1f86a15ae09bdeafec6d82f43a (commit)
from e616c11e170ef524b12e218537f4bf290057f8b7 (commit)
- Log -----------------------------------------------------------------
commit ff8029c189786196c010292b647f3bca6d51e91d
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Wed Apr 24 10:06:54 2019 +1000
Added generated files for EVP_KDF changes
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8808)
commit d2ba812343a62b1f86a15ae09bdeafec6d82f43a
Author: Shane Lontis <shane.lontis at oracle.com>
Date: Mon Apr 22 17:18:56 2019 +1000
Added EVP_KDF (similiar to the EVP_MAC)
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8808)
-----------------------------------------------------------------------
Summary of changes:
crypto/err/openssl.txt | 1 +
crypto/evp/build.info | 2 +-
test/ossl_test_endian.h => crypto/evp/c_allkdf.c | 23 +--
crypto/evp/evp_err.c | 1 +
crypto/evp/evp_locl.h | 2 +-
crypto/evp/kdf_lib.c | 98 ++++------
crypto/evp/names.c | 33 +++-
crypto/include/internal/evp_int.h | 18 +-
crypto/init.c | 29 +++
crypto/kdf/hkdf.c | 2 +-
crypto/kdf/pbkdf2.c | 2 +-
crypto/kdf/scrypt.c | 2 +-
crypto/kdf/sshkdf.c | 2 +-
crypto/kdf/sskdf.c | 2 +-
crypto/kdf/tls1_prf.c | 2 +-
doc/man3/EVP_KDF_CTX.pod | 76 ++++++--
include/openssl/crypto.h | 2 +
include/openssl/evperr.h | 1 +
include/openssl/kdf.h | 7 +
include/openssl/objects.h | 5 +-
include/openssl/ossl_typ.h | 1 +
test/evp_kdf_test.c | 219 +++++++++++++----------
test/evp_test.c | 9 +-
util/libcrypto.num | 4 +
util/private.num | 4 +
25 files changed, 332 insertions(+), 215 deletions(-)
copy test/ossl_test_endian.h => crypto/evp/c_allkdf.c (50%)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 225fe21..8ad85f5 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -802,6 +802,7 @@ EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex
EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate
EVP_F_EVP_KDF_CTRL:224:EVP_KDF_ctrl
EVP_F_EVP_KDF_CTRL_STR:225:EVP_KDF_ctrl_str
+EVP_F_EVP_KDF_CTX_NEW:240:EVP_KDF_CTX_new
EVP_F_EVP_KDF_CTX_NEW_ID:226:EVP_KDF_CTX_new_id
EVP_F_EVP_MAC_CTRL:209:EVP_MAC_ctrl
EVP_F_EVP_MAC_CTRL_STR:210:EVP_MAC_ctrl_str
diff --git a/crypto/evp/build.info b/crypto/evp/build.info
index 10ba3a3..23aa733 100644
--- a/crypto/evp/build.info
+++ b/crypto/evp/build.info
@@ -10,7 +10,7 @@ SOURCE[../../libcrypto]=\
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_allc.c c_alld.c evp_lib.c bio_ok.c \
evp_pkey.c kdf_lib.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \
- pkey_kdf.c \
+ pkey_kdf.c c_allkdf.c \
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
e_chacha20_poly1305.c cmeth_lib.c \
diff --git a/test/ossl_test_endian.h b/crypto/evp/c_allkdf.c
similarity index 50%
copy from test/ossl_test_endian.h
copy to crypto/evp/c_allkdf.c
index 0bcec04..34109ca 100644
--- a/test/ossl_test_endian.h
+++ b/crypto/evp/c_allkdf.c
@@ -7,16 +7,17 @@
* https://www.openssl.org/source/license.html
*/
-#ifndef HEADER_INTERNAL_ENDIAN_H
-# define HEADER_INTERNAL_ENDIAN_H
-
-# define DECLARE_IS_ENDIAN \
- const union { \
- long one; \
- char little; \
- } ossl_is_endian = { 1 }
-
-# define IS_LITTLE_ENDIAN (ossl_is_endian.little != 0)
-# define IS_BIG_ENDIAN (ossl_is_endian.little == 0)
+#include <openssl/evp.h>
+#include "internal/evp_int.h"
+void openssl_add_all_kdfs_int(void)
+{
+ EVP_add_kdf(&pbkdf2_kdf_meth);
+#ifndef OPENSSL_NO_SCRYPT
+ EVP_add_kdf(&scrypt_kdf_meth);
#endif
+ EVP_add_kdf(&tls1_prf_kdf_meth);
+ EVP_add_kdf(&hkdf_kdf_meth);
+ EVP_add_kdf(&sshkdf_kdf_meth);
+ EVP_add_kdf(&ss_kdf_meth);
+}
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index 3555c0e..703d172 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -74,6 +74,7 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTUPDATE, 0), "EVP_EncryptUpdate"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL, 0), "EVP_KDF_ctrl"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTRL_STR, 0), "EVP_KDF_ctrl_str"},
+ {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTX_NEW, 0), "EVP_KDF_CTX_new"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_KDF_CTX_NEW_ID, 0), "EVP_KDF_CTX_new_id"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTRL, 0), "EVP_MAC_ctrl"},
{ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_MAC_CTRL_STR, 0), "EVP_MAC_ctrl_str"},
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index 3172c49..0bb6d15 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -56,7 +56,7 @@ struct evp_mac_ctx_st {
} /* EVP_MAC_CTX */;
struct evp_kdf_ctx_st {
- const EVP_KDF_METHOD *kmeth;
+ const EVP_KDF *meth; /* Method structure */
EVP_KDF_IMPL *impl; /* Algorithm-specific data */
} /* EVP_KDF_CTX */ ;
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index de2ab23..be5d7c6 100644
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -1,6 +1,6 @@
/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -20,70 +20,37 @@
#include "internal/numbers.h"
#include "evp_locl.h"
-typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
-
-/* This array needs to be in order of NIDs */
-static const EVP_KDF_METHOD *standard_methods[] = {
- &pbkdf2_kdf_meth,
-#ifndef OPENSSL_NO_SCRYPT
- &scrypt_kdf_meth,
-#endif
- &tls1_prf_kdf_meth,
- &hkdf_kdf_meth,
- &sshkdf_kdf_meth,
- &ss_kdf_meth
-};
-
-DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *,
- kmeth);
-
-static int kmeth_cmp(const EVP_KDF_METHOD *const *a,
- const EVP_KDF_METHOD *const *b)
+EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf)
{
- return ((*a)->type - (*b)->type);
+ EVP_KDF_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_KDF_CTX));
+
+ if (ctx == NULL || (ctx->impl = kdf->new()) == NULL) {
+ EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(ctx);
+ ctx = NULL;
+ } else {
+ ctx->meth = kdf;
+ }
+ return ctx;
}
-IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_KDF_METHOD *, const EVP_KDF_METHOD *,
- kmeth);
-
-static const EVP_KDF_METHOD *kdf_meth_find(int type)
+EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id)
{
- EVP_KDF_METHOD tmp;
- const EVP_KDF_METHOD *t = &tmp, **ret;
+ const EVP_KDF *kdf = EVP_get_kdfbynid(id);
- tmp.type = type;
- ret = OBJ_bsearch_kmeth(&t, standard_methods,
- OSSL_NELEM(standard_methods));
- if (ret == NULL || *ret == NULL)
+ if (kdf == NULL)
return NULL;
-
- return *ret;
+ return EVP_KDF_CTX_new(kdf);
}
-EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id)
+int EVP_KDF_nid(const EVP_KDF *kdf)
{
- EVP_KDF_CTX *ret;
- const EVP_KDF_METHOD *kmeth;
-
- kmeth = kdf_meth_find(id);
- if (kmeth == NULL) {
- EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, EVP_R_UNSUPPORTED_ALGORITHM);
- return NULL;
- }
-
- ret = OPENSSL_zalloc(sizeof(*ret));
- if (ret == NULL) {
- EVPerr(EVP_F_EVP_KDF_CTX_NEW_ID, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if (kmeth->new != NULL && (ret->impl = kmeth->new()) == NULL) {
- EVP_KDF_CTX_free(ret);
- return NULL;
- }
+ return kdf->type;
+}
- ret->kmeth = kmeth;
- return ret;
+const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx)
+{
+ return ctx->meth;
}
void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx)
@@ -91,7 +58,7 @@ void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx)
if (ctx == NULL)
return;
- ctx->kmeth->free(ctx->impl);
+ ctx->meth->free(ctx->impl);
OPENSSL_free(ctx);
}
@@ -100,8 +67,8 @@ void EVP_KDF_reset(EVP_KDF_CTX *ctx)
if (ctx == NULL)
return;
- if (ctx->kmeth->reset != NULL)
- ctx->kmeth->reset(ctx->impl);
+ if (ctx->meth->reset != NULL)
+ ctx->meth->reset(ctx->impl);
}
int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...)
@@ -124,7 +91,7 @@ int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args)
if (ctx == NULL)
return 0;
- return ctx->kmeth->ctrl(ctx->impl, cmd, args);
+ return ctx->meth->ctrl(ctx->impl, cmd, args);
}
int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value)
@@ -134,12 +101,12 @@ int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value)
if (ctx == NULL)
return 0;
- if (ctx->kmeth->ctrl_str == NULL) {
+ if (ctx->meth->ctrl_str == NULL) {
EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
return -2;
}
- ret = ctx->kmeth->ctrl_str(ctx->impl, type, value);
+ ret = ctx->meth->ctrl_str(ctx->impl, type, value);
if (ret == -2)
EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
@@ -151,10 +118,10 @@ size_t EVP_KDF_size(EVP_KDF_CTX *ctx)
if (ctx == NULL)
return 0;
- if (ctx->kmeth->size == NULL)
+ if (ctx->meth->size == NULL)
return SIZE_MAX;
- return ctx->kmeth->size(ctx->impl);
+ return ctx->meth->size(ctx->impl);
}
int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen)
@@ -162,6 +129,5 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen)
if (ctx == NULL)
return 0;
- return ctx->kmeth->derive(ctx->impl, key, keylen);
+ return ctx->meth->derive(ctx->impl, key, keylen);
}
-
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
index 4e17926..5237bca 100644
--- a/crypto/evp/names.c
+++ b/crypto/evp/names.c
@@ -10,6 +10,7 @@
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
+#include <openssl/kdf.h>
#include "internal/objects.h"
#include <openssl/x509.h>
#include "internal/evp_int.h"
@@ -71,6 +72,23 @@ int EVP_add_mac(const EVP_MAC *m)
return r;
}
+/* TODO(3.0) Is this needed after changing to providers? */
+int EVP_add_kdf(const EVP_KDF *k)
+{
+ int r;
+
+ if (k == NULL)
+ return 0;
+
+ r = OBJ_NAME_add(OBJ_nid2sn(k->type), OBJ_NAME_TYPE_KDF_METH,
+ (const char *)k);
+ if (r == 0)
+ return 0;
+ r = OBJ_NAME_add(OBJ_nid2ln(k->type), OBJ_NAME_TYPE_KDF_METH,
+ (const char *)k);
+ return r;
+}
+
const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
{
const EVP_CIPHER *cp;
@@ -104,9 +122,22 @@ const EVP_MAC *EVP_get_macbyname(const char *name)
return mp;
}
+/* TODO(3.0) Is this API needed after implementing providers? */
+const EVP_KDF *EVP_get_kdfbyname(const char *name)
+{
+ const EVP_KDF *kdf;
+
+ if (!OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_KDFS, NULL))
+ return NULL;
+
+ kdf = (const EVP_KDF *)OBJ_NAME_get(name, OBJ_NAME_TYPE_KDF_METH);
+ return kdf;
+}
+
void evp_cleanup_int(void)
{
OBJ_NAME_cleanup(OBJ_NAME_TYPE_MAC_METH);
+ OBJ_NAME_cleanup(OBJ_NAME_TYPE_KDF_METH);
OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
/*
@@ -207,6 +238,7 @@ void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *md,
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
}
+/* TODO(3.0) Are these do_all API's needed for MAC? */
struct doall_mac {
void *arg;
void (*fn) (const EVP_MAC *ciph,
@@ -250,4 +282,3 @@ void EVP_MAC_do_all_sorted(void (*fn)
dc.arg = arg;
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MAC_METH, do_all_mac_fn, &dc);
}
-
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
index b3d9694..c5d82e6 100644
--- a/crypto/include/internal/evp_int.h
+++ b/crypto/include/internal/evp_int.h
@@ -151,10 +151,11 @@ const EVP_MD *evp_keccak_kmac256(void);
* object database.
*/
int EVP_add_mac(const EVP_MAC *mac);
+int EVP_add_kdf(const EVP_KDF *kdf);
/* struct evp_kdf_impl_st is defined by the implementation */
typedef struct evp_kdf_impl_st EVP_KDF_IMPL;
-typedef struct {
+struct evp_kdf_st {
int type;
EVP_KDF_IMPL *(*new) (void);
void (*free) (EVP_KDF_IMPL *impl);
@@ -163,14 +164,14 @@ typedef struct {
int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value);
size_t (*size) (EVP_KDF_IMPL *impl);
int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen);
-} EVP_KDF_METHOD;
+};
-extern const EVP_KDF_METHOD pbkdf2_kdf_meth;
-extern const EVP_KDF_METHOD scrypt_kdf_meth;
-extern const EVP_KDF_METHOD tls1_prf_kdf_meth;
-extern const EVP_KDF_METHOD hkdf_kdf_meth;
-extern const EVP_KDF_METHOD sshkdf_kdf_meth;
-extern const EVP_KDF_METHOD ss_kdf_meth;
+extern const EVP_KDF pbkdf2_kdf_meth;
+extern const EVP_KDF scrypt_kdf_meth;
+extern const EVP_KDF tls1_prf_kdf_meth;
+extern const EVP_KDF hkdf_kdf_meth;
+extern const EVP_KDF sshkdf_kdf_meth;
+extern const EVP_KDF ss_kdf_meth;
struct evp_md_st {
/* nid */
@@ -528,6 +529,7 @@ struct evp_pkey_st {
void openssl_add_all_ciphers_int(void);
void openssl_add_all_digests_int(void);
void openssl_add_all_macs_int(void);
+void openssl_add_all_kdfs_int(void);
void evp_cleanup_int(void);
void evp_app_cleanup_int(void);
diff --git a/crypto/init.c b/crypto/init.c
index d2048ea..58fff70 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -293,6 +293,26 @@ DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_macs, ossl_init_add_all_macs)
return 1;
}
+static CRYPTO_ONCE add_all_kdfs = CRYPTO_ONCE_STATIC_INIT;
+DEFINE_RUN_ONCE_STATIC(ossl_init_add_all_kdfs)
+{
+ /*
+ * OPENSSL_NO_AUTOALGINIT is provided here to prevent at compile time
+ * pulling in all the macs during static linking
+ */
+#ifndef OPENSSL_NO_AUTOALGINIT
+ OSSL_TRACE(INIT, "openssl_add_all_kdfs_int()\n");
+ openssl_add_all_kdfs_int();
+#endif
+ return 1;
+}
+
+DEFINE_RUN_ONCE_STATIC_ALT(ossl_init_no_add_all_kdfs, ossl_init_add_all_kdfs)
+{
+ /* Do nothing */
+ return 1;
+}
+
static CRYPTO_ONCE config = CRYPTO_ONCE_STATIC_INIT;
static int config_inited = 0;
static const OPENSSL_INIT_SETTINGS *conf_settings = NULL;
@@ -666,6 +686,15 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings)
&& !RUN_ONCE(&add_all_macs, ossl_init_add_all_macs))
return 0;
+ if ((opts & OPENSSL_INIT_NO_ADD_ALL_KDFS)
+ && !RUN_ONCE_ALT(&add_all_kdfs, ossl_init_no_add_all_kdfs,
+ ossl_init_add_all_kdfs))
+ return 0;
+
+ if ((opts & OPENSSL_INIT_ADD_ALL_KDFS)
+ && !RUN_ONCE(&add_all_kdfs, ossl_init_add_all_kdfs))
+ return 0;
+
if ((opts & OPENSSL_INIT_ATFORK)
&& !openssl_init_fork_handlers())
return 0;
diff --git a/crypto/kdf/hkdf.c b/crypto/kdf/hkdf.c
index c8b3f03..f759e30 100644
--- a/crypto/kdf/hkdf.c
+++ b/crypto/kdf/hkdf.c
@@ -229,7 +229,7 @@ static int kdf_hkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key,
}
}
-const EVP_KDF_METHOD hkdf_kdf_meth = {
+const EVP_KDF hkdf_kdf_meth = {
EVP_KDF_HKDF,
kdf_hkdf_new,
kdf_hkdf_free,
diff --git a/crypto/kdf/pbkdf2.c b/crypto/kdf/pbkdf2.c
index bf1ac6d..7009dfd 100644
--- a/crypto/kdf/pbkdf2.c
+++ b/crypto/kdf/pbkdf2.c
@@ -180,7 +180,7 @@ static int kdf_pbkdf2_derive(EVP_KDF_IMPL *impl, unsigned char *key,
impl->md, key, keylen);
}
-const EVP_KDF_METHOD pbkdf2_kdf_meth = {
+const EVP_KDF pbkdf2_kdf_meth = {
EVP_KDF_PBKDF2,
kdf_pbkdf2_new,
kdf_pbkdf2_free,
diff --git a/crypto/kdf/scrypt.c b/crypto/kdf/scrypt.c
index ee77f1e..29ceeb3 100644
--- a/crypto/kdf/scrypt.c
+++ b/crypto/kdf/scrypt.c
@@ -266,7 +266,7 @@ static int kdf_scrypt_derive(EVP_KDF_IMPL *impl, unsigned char *key,
impl->maxmem_bytes, key, keylen);
}
-const EVP_KDF_METHOD scrypt_kdf_meth = {
+const EVP_KDF scrypt_kdf_meth = {
EVP_KDF_SCRYPT,
kdf_scrypt_new,
kdf_scrypt_free,
diff --git a/crypto/kdf/sshkdf.c b/crypto/kdf/sshkdf.c
index 300e1ad..964b033 100644
--- a/crypto/kdf/sshkdf.c
+++ b/crypto/kdf/sshkdf.c
@@ -200,7 +200,7 @@ static int kdf_sshkdf_derive(EVP_KDF_IMPL *impl, unsigned char *key,
impl->type, key, keylen);
}
-const EVP_KDF_METHOD sshkdf_kdf_meth = {
+const EVP_KDF sshkdf_kdf_meth = {
EVP_KDF_SSHKDF,
kdf_sshkdf_new,
kdf_sshkdf_free,
diff --git a/crypto/kdf/sskdf.c b/crypto/kdf/sskdf.c
index 89e4e5b..3dd5b78 100644
--- a/crypto/kdf/sskdf.c
+++ b/crypto/kdf/sskdf.c
@@ -472,7 +472,7 @@ static int sskdf_derive(EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen)
}
}
-const EVP_KDF_METHOD ss_kdf_meth = {
+const EVP_KDF ss_kdf_meth = {
EVP_KDF_SS,
sskdf_new,
sskdf_free,
diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c
index 1f8374f..913af29 100644
--- a/crypto/kdf/tls1_prf.c
+++ b/crypto/kdf/tls1_prf.c
@@ -157,7 +157,7 @@ static int kdf_tls1_prf_derive(EVP_KDF_IMPL *impl, unsigned char *key,
key, keylen);
}
-const EVP_KDF_METHOD tls1_prf_kdf_meth = {
+const EVP_KDF tls1_prf_kdf_meth = {
EVP_KDF_TLS1_PRF,
kdf_tls1_prf_new,
kdf_tls1_prf_free,
diff --git a/doc/man3/EVP_KDF_CTX.pod b/doc/man3/EVP_KDF_CTX.pod
index f646528..2bdefc6 100644
--- a/doc/man3/EVP_KDF_CTX.pod
+++ b/doc/man3/EVP_KDF_CTX.pod
@@ -2,17 +2,21 @@
=head1 NAME
-EVP_KDF_CTX, EVP_KDF_CTX_new_id, EVP_KDF_CTX_free, EVP_KDF_reset,
-EVP_KDF_ctrl, EVP_KDF_vctrl, EVP_KDF_ctrl_str, EVP_KDF_size,
-EVP_KDF_derive - EVP KDF routines
+EVP_KDF, EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_new_id, EVP_KDF_CTX_free,
+EVP_KDF_CTX_kdf, EVP_KDF_reset, EVP_KDF_ctrl, EVP_KDF_vctrl, EVP_KDF_ctrl_str,
+EVP_KDF_size, EVP_KDF_derive, EVP_KDF_nid, EVP_KDF_name,
+EVP_get_kdfbyname, EVP_get_kdfbynid, EVP_get_kdfbyobj - EVP KDF routines
=head1 SYNOPSIS
#include <openssl/kdf.h>
+ typedef struct evp_kdf_st EVP_KDF;
typedef struct evp_kdf_ctx_st EVP_KDF_CTX;
- EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id);
+ EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf);
+ EVP_KDF_CTX *EVP_KDF_CTX_new_id(int nid);
+ const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx);
void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx);
void EVP_KDF_reset(EVP_KDF_CTX *ctx);
int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...);
@@ -20,29 +24,40 @@ EVP_KDF_derive - EVP KDF routines
int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value);
size_t EVP_KDF_size(EVP_KDF_CTX *ctx);
int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen);
+ int EVP_KDF_nid(const EVP_KDF *kdf);
+ const char *EVP_KDF_name(const EVP_KDF *kdf);
+ const EVP_KDF *EVP_get_kdfbyname(const char *name);
+ const EVP_KDF *EVP_get_kdfbynid(int nid);
+ const EVP_KDF *EVP_get_kdfbyobj(const ASN1_OBJECT *o);
=head1 DESCRIPTION
The EVP KDF routines are a high level interface to Key Derivation Function
algorithms and should be used instead of algorithm-specific functions.
-After creating a C<EVP_KDF_CTX> for the required algorithm using
-EVP_KDF_CTX_new_id(), inputs to the algorithm are supplied using calls to
-EVP_KDF_ctrl(), EVP_KDF_vctrl() or EVP_KDF_ctrl_str() before calling
-EVP_KDF_derive() to derive the key.
+After creating a C<EVP_KDF_CTX> for the required algorithm using either
+EVP_KDF_CTX_new() or EVP_KDF_CTX_new_id(), inputs to the algorithm are supplied
+using calls to EVP_KDF_ctrl(), EVP_KDF_vctrl() or EVP_KDF_ctrl_str() before
+calling EVP_KDF_derive() to derive the key.
=head2 Types
+B<EVP_KDF> is a type that holds the implementation of a KDF.
+
B<EVP_KDF_CTX> is a context type that holds the algorithm inputs.
=head2 Context manipulation functions
-EVP_KDF_CTX_new_id() creates a KDF context for the algorithm identified by the
-specified NID.
+EVP_KDF_CTX_new() creates a new context for the KDF type C<kdf>.
+
+EVP_KDF_CTX_new_id() creates a new context for the numerical KDF identity C<nid>.
EVP_KDF_CTX_free() frees up the context C<ctx>. If C<ctx> is C<NULL>, nothing
is done.
+EVP_KDF_CTX_kdf() returns the B<EVP_KDF> associated with the context
+C<ctx>.
+
=head2 Computing functions
EVP_KDF_reset() resets the context to the default state as if the context
@@ -61,15 +76,32 @@ EVP_KDF_ctrl_str() allows an application to send an algorithm specific control
operation to a context C<ctx> in string form. This is intended to be used for
options specified on the command line or in text files.
+EVP_KDF_derive() derives C<keylen> bytes of key material and places it in the
+C<key> buffer. If the algorithm produces a fixed amount of output then an
+error will occur unless the C<keylen> parameter is equal to that output size,
+as returned by EVP_KDF_size().
+
+=head2 Information functions
+
EVP_KDF_size() returns the output size if the algorithm produces a fixed amount
of output and C<SIZE_MAX> otherwise. If an error occurs then 0 is returned.
For some algorithms an error may result if input parameters necessary to
calculate a fixed output size have not yet been supplied.
-EVP_KDF_derive() derives C<keylen> bytes of key material and places it in the
-C<key> buffer. If the algorithm produces a fixed amount of output then an
-error will occur unless the C<keylen> parameter is equal to that output size,
-as returned by EVP_KDF_size().
+EVP_KDF_nid() returns the numeric identity of the given KDF implementation.
+
+EVP_KDF_name() returns the name of the given KDF implementation.
+
+=head2 Object database functions
+
+EVP_get_kdfbyname() fetches a KDF implementation from the object
+database by name.
+
+EVP_get_kdfbynid() fetches a KDF implementation from the object
+database by numeric identity.
+
+EVP_get_kdfbyobj() fetches a KDF implementation from the object
+database by ASN.1 OBJECT (i.e. an encoded OID).
=head1 CONTROLS
@@ -213,14 +245,26 @@ The value string is expected to be a decimal number.
=head1 RETURN VALUES
-EVP_KDF_CTX_new_id() returns either the newly allocated C<EVP_KDF_CTX>
-structure or C<NULL> if an error occurred.
+EVP_KDF_CTX_new() and EVP_KDF_CTX_new_id() return either the newly allocated
+C<EVP_KDF_CTX> structure or C<NULL> if an error occurred.
EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value.
EVP_KDF_size() returns the output size. C<SIZE_MAX> is returned to indicate
that the algorithm produces a variable amount of output; 0 to indicate failure.
+EVP_KDF_nid() returns the numeric identity for the given C<kdf>.
+
+EVP_KDF_name() returns the name for the given C<kdf>, if it has been
+added to the object database.
+
+EVP_add_kdf() returns 1 if the given C<kdf> was successfully added to
+the object database, otherwise 0.
+
+EVP_get_kdfbyname(), EVP_get_kdfbynid() and EVP_get_kdfbyobj() return
+the requested KDF implementation, if it exists in the object database,
+otherwise B<NULL>.
+
The remaining functions return 1 for success and 0 or a negative value for
failure. In particular, a return value of -2 indicates the operation is not
supported by the KDF algorithm.
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 7d9532f..3eef3e9 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -402,6 +402,8 @@ int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len);
/* FREE: 0x40000000L */
/* FREE: 0x80000000L */
/* Max OPENSSL_INIT flag value is 0x80000000 */
+# define OPENSSL_INIT_NO_ADD_ALL_KDFS 0x100000000L
+# define OPENSSL_INIT_ADD_ALL_KDFS 0x200000000L
/* openssl and dasync not counted as builtin */
# define OPENSSL_INIT_ENGINE_ALL_BUILTIN \
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index d88d4a8..ba95fd2 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -70,6 +70,7 @@ int ERR_load_EVP_strings(void);
# define EVP_F_EVP_ENCRYPTUPDATE 167
# define EVP_F_EVP_KDF_CTRL 224
# define EVP_F_EVP_KDF_CTRL_STR 225
+# define EVP_F_EVP_KDF_CTX_NEW 240
# define EVP_F_EVP_KDF_CTX_NEW_ID 226
# define EVP_F_EVP_MAC_CTRL 209
# define EVP_F_EVP_MAC_CTRL_STR 210
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
index 3a14662..6f38066 100644
--- a/include/openssl/kdf.h
+++ b/include/openssl/kdf.h
@@ -26,7 +26,9 @@ extern "C" {
# define EVP_KDF_SS NID_sskdf
EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id);
+EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf);
void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx);
+const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx);
void EVP_KDF_reset(EVP_KDF_CTX *ctx);
int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...);
@@ -35,6 +37,11 @@ int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value);
size_t EVP_KDF_size(EVP_KDF_CTX *ctx);
int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen);
+int EVP_KDF_nid(const EVP_KDF *kdf);
+# define EVP_get_kdfbynid(a) EVP_get_kdfbyname(OBJ_nid2sn(a))
+# define EVP_get_kdfbyobj(a) EVP_get_kdfbynid(OBJ_obj2nid(a))
+# define EVP_KDF_name(o) OBJ_nid2sn(EVP_KDF_nid(o))
+const EVP_KDF *EVP_get_kdfbyname(const char *name);
# define EVP_KDF_CTRL_SET_PASS 0x01 /* unsigned char *, size_t */
# define EVP_KDF_CTRL_SET_SALT 0x02 /* unsigned char *, size_t */
diff --git a/include/openssl/objects.h b/include/openssl/objects.h
index d077ad4..9416df2 100644
--- a/include/openssl/objects.h
+++ b/include/openssl/objects.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -21,7 +21,8 @@
# define OBJ_NAME_TYPE_PKEY_METH 0x03
# define OBJ_NAME_TYPE_COMP_METH 0x04
# define OBJ_NAME_TYPE_MAC_METH 0x05
-# define OBJ_NAME_TYPE_NUM 0x06
+# define OBJ_NAME_TYPE_KDF_METH 0x06
+# define OBJ_NAME_TYPE_NUM 0x07
# define OBJ_NAME_ALIAS 0x8000
diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h
index 07e5f02..202e366 100644
--- a/include/openssl/ossl_typ.h
+++ b/include/openssl/ossl_typ.h
@@ -101,6 +101,7 @@ typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+typedef struct evp_kdf_st EVP_KDF;
typedef struct evp_kdf_ctx_st EVP_KDF_CTX;
typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
diff --git a/test/evp_kdf_test.c b/test/evp_kdf_test.c
index 955daf7..51f601e 100644
--- a/test/evp_kdf_test.c
+++ b/test/evp_kdf_test.c
@@ -20,22 +20,26 @@
static int test_kdf_tls1_prf(void)
{
int ret;
- EVP_KDF_CTX *kctx;
+ EVP_KDF_CTX *kctx = NULL;
+ const EVP_KDF *kdf;
unsigned char out[16];
const unsigned char expected[sizeof(out)] = {
0x8e, 0x4d, 0x93, 0x25, 0x30, 0xd7, 0x65, 0xa0,
0xaa, 0xe9, 0x74, 0xc3, 0x04, 0x73, 0x5e, 0xcc
};
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_TLS1_PRF))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
- 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET,
- "secret", (size_t)6), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed",
- (size_t)4), 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ ret =
+ TEST_ptr(kdf = EVP_get_kdfbyname(SN_tls1_prf))
+ && TEST_ptr(kctx = EVP_KDF_CTX_new(kdf))
+ && TEST_ptr_eq(EVP_KDF_CTX_kdf(kctx), kdf)
+ && TEST_str_eq(EVP_KDF_name(kdf), SN_tls1_prf)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_TLS_SECRET,
+ "secret", (size_t)6), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_TLS_SEED, "seed",
+ (size_t)4), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
@@ -50,17 +54,17 @@ static int test_kdf_hkdf(void)
0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8, 0xde, 0x13
};
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
- 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt",
- (size_t)4), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret",
- (size_t)6), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO,
- "label", (size_t)5), 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ ret =
+ TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_HKDF))
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt",
+ (size_t)4), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, "secret",
+ (size_t)6), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_ADD_HKDF_INFO, "label",
+ (size_t)5), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
@@ -78,16 +82,16 @@ static int test_kdf_pbkdf2(void)
0xd6, 0xe2, 0xd8, 0x5a, 0x95, 0x47, 0x4c, 0x43
};
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password",
- (size_t)8), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt",
- (size_t)4), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
- 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ ret =
+ TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_PBKDF2))
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password",
+ (size_t)8), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "salt",
+ (size_t)4), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_ITER, 2), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
@@ -110,25 +114,26 @@ static int test_kdf_scrypt(void)
0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
};
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password",
- (size_t)8), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl",
- (size_t)4), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N,
- (uint64_t)1024), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R,
- (uint32_t)8), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P,
- (uint32_t)16), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
- (uint64_t)16), 0)
- /* failure test */
- && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
- (uint64_t)(10 * 1024 * 1024)), 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ ret =
+ TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SCRYPT))
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, "password",
+ (size_t)8), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, "NaCl",
+ (size_t)4), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_N,
+ (uint64_t)1024), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_R,
+ (uint32_t)8), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SCRYPT_P,
+ (uint32_t)16), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
+ (uint64_t)16), 0)
+ /* failure test */
+ && TEST_int_le(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAXMEM_BYTES,
+ (uint64_t)(10 * 1024 * 1024)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
@@ -156,15 +161,14 @@ static int test_kdf_ss_hash(void)
};
unsigned char out[14];
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()),
- 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)),
- 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
- sizeof(other)), 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ ret =
+ TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha224()), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
+ sizeof(other)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
@@ -192,19 +196,18 @@ static int test_kdf_ss_hmac(void)
};
unsigned char out[16];
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
- && TEST_ptr(mac = EVP_get_macbyname("HMAC"))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
- 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)),
- 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
- sizeof(other)), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
- sizeof(salt)), 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ ret =
+ TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
+ && TEST_ptr(mac = EVP_get_macbyname("HMAC"))
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z, sizeof(z)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
+ sizeof(other)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
+ sizeof(salt)), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
@@ -235,19 +238,20 @@ static int test_kdf_ss_kmac(void)
0xae,0x15,0x7e,0x1d,0xe8,0x14,0x98,0x03
};
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
- && TEST_ptr(mac = EVP_get_macbyname("KMAC128"))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z,
- sizeof(z)), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
- sizeof(other)), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
- sizeof(salt)), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC_SIZE,
- (size_t)20), 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ ret =
+ TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SS))
+ && TEST_ptr(mac = EVP_get_macbyname("KMAC128"))
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC, mac), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, z,
+ sizeof(z)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSKDF_INFO, other,
+ sizeof(other)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT, salt,
+ sizeof(salt)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MAC_SIZE,
+ (size_t)20), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
@@ -287,28 +291,45 @@ static int test_kdf_sshkdf(void)
0x41, 0xff, 0x2e, 0xad, 0x16, 0x83, 0xf1, 0xe6
};
- ret = TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF))
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()),
- 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key,
- sizeof(key)), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
- xcghash, sizeof(xcghash)), 0)
- && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
- sessid, sizeof(sessid)), 0)
- && TEST_int_gt(
+ ret =
+ TEST_ptr(kctx = EVP_KDF_CTX_new_id(EVP_KDF_SSHKDF))
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, EVP_sha256()), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, key,
+ sizeof(key)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_XCGHASH,
+ xcghash, sizeof(xcghash)), 0)
+ && TEST_int_gt(EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID,
+ sessid, sizeof(sessid)), 0)
+ && TEST_int_gt(
EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SSHKDF_TYPE,
- (int)EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV),
- 0)
- && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
- && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
+ (int)EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV), 0)
+ && TEST_int_gt(EVP_KDF_derive(kctx, out, sizeof(out)), 0)
+ && TEST_mem_eq(out, sizeof(out), expected, sizeof(expected));
EVP_KDF_CTX_free(kctx);
return ret;
}
+static int test_kdf_get_kdf(void)
+{
+ const EVP_KDF *kdf1, *kdf2;
+ ASN1_OBJECT *obj;
+
+ return
+ TEST_ptr(obj = OBJ_nid2obj(NID_id_pbkdf2))
+ && TEST_ptr(kdf1 = EVP_get_kdfbyname(LN_id_pbkdf2))
+ && TEST_ptr(kdf2 = EVP_get_kdfbyobj(obj))
+ && TEST_ptr_eq(kdf1, kdf2)
+ && TEST_ptr(kdf1 = EVP_get_kdfbyname(SN_tls1_prf))
+ && TEST_ptr(kdf2 = EVP_get_kdfbyname(LN_tls1_prf))
+ && TEST_ptr_eq(kdf1, kdf2)
+ && TEST_ptr(kdf2 = EVP_get_kdfbynid(NID_tls1_prf))
+ && TEST_ptr_eq(kdf1, kdf2);
+}
+
int setup_tests(void)
{
+ ADD_TEST(test_kdf_get_kdf);
ADD_TEST(test_kdf_tls1_prf);
ADD_TEST(test_kdf_hkdf);
ADD_TEST(test_kdf_pbkdf2);
diff --git a/test/evp_test.c b/test/evp_test.c
index 0563986..1836ddb 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -1938,7 +1938,7 @@ typedef struct kdf_data_st {
static int kdf_test_init(EVP_TEST *t, const char *name)
{
KDF_DATA *kdata;
- int kdf_nid = OBJ_sn2nid(name);
+ const EVP_KDF *kdf;
#ifdef OPENSSL_NO_SCRYPT
if (strcmp(name, "scrypt") == 0) {
@@ -1947,12 +1947,13 @@ static int kdf_test_init(EVP_TEST *t, const char *name)
}
#endif
- if (kdf_nid == NID_undef)
- kdf_nid = OBJ_ln2nid(name);
+ kdf = EVP_get_kdfbyname(name);
+ if (kdf == NULL)
+ return 0;
if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata))))
return 0;
- kdata->ctx = EVP_KDF_CTX_new_id(kdf_nid);
+ kdata->ctx = EVP_KDF_CTX_new(kdf);
if (kdata->ctx == NULL) {
OPENSSL_free(kdata);
return 0;
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 8259ddb..010f868 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4800,3 +4800,7 @@ EVP_CIPHER_upref 4747 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_fetch 4748 3_0_0 EXIST::FUNCTION:
EVP_CIPHER_mode 4749 3_0_0 EXIST::FUNCTION:
OPENSSL_info 4750 3_0_0 EXIST::FUNCTION:
+EVP_KDF_CTX_new 4751 3_0_0 EXIST::FUNCTION:
+EVP_KDF_CTX_kdf 4752 3_0_0 EXIST::FUNCTION:
+EVP_KDF_nid 4753 3_0_0 EXIST::FUNCTION:
+EVP_get_kdfbyname 4754 3_0_0 EXIST::FUNCTION:
diff --git a/util/private.num b/util/private.num
index f15957b..cf08a83 100644
--- a/util/private.num
+++ b/util/private.num
@@ -22,6 +22,7 @@ CRYPTO_EX_dup datatype
CRYPTO_EX_free datatype
CRYPTO_EX_new datatype
DTLS_timer_cb datatype
+EVP_KDF datatype
EVP_KDF_CTX datatype
EVP_MAC datatype
EVP_MAC_CTX datatype
@@ -196,6 +197,7 @@ ERR_free_strings define deprecated 1.1.0
ERR_load_crypto_strings define deprecated 1.1.0
EVP_DigestSignUpdate define
EVP_DigestVerifyUpdate define
+EVP_KDF_name define
EVP_MAC_name define
EVP_MD_CTX_block_size define
EVP_MD_CTX_size define
@@ -287,6 +289,8 @@ EVP_get_digestbynid define
EVP_get_digestbyobj define
EVP_get_macbynid define
EVP_get_macbyobj define
+EVP_get_kdfbynid define
+EVP_get_kdfbyobj define
EVP_idea_cfb define
EVP_rc2_cfb define
EVP_rc5_32_12_16_cfb define
More information about the openssl-commits
mailing list