diff options
| author | Matt Caswell <matt@openssl.org> | 2020-06-18 09:30:48 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-07-16 14:21:07 +0200 |
| commit | 660c534435e238c6bd8065c1d544a1c4d3c555a3 (patch) | |
| tree | a114a104199c298b21e7670eb169df179f4e3cee | |
| parent | 865adf97c9b8271788ee7293ecde9e8a643a1c45 (diff) | |
Revert "kdf: make function naming consistent."
The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.
This reverts commit 765d04c9460a304c8119f57941341a149498b9db.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12186)
| -rw-r--r-- | apps/kdf.c | 6 | ||||
| -rw-r--r-- | crypto/dh/dh_kdf.c | 6 | ||||
| -rw-r--r-- | crypto/ec/ecdh_kdf.c | 6 | ||||
| -rw-r--r-- | crypto/evp/kdf_lib.c | 20 | ||||
| -rw-r--r-- | crypto/evp/p5_crpt2.c | 6 | ||||
| -rw-r--r-- | crypto/evp/pbe_scrypt.c | 6 | ||||
| -rw-r--r-- | crypto/evp/pkey_kdf.c | 14 | ||||
| -rw-r--r-- | doc/man1/openssl-kdf.pod.in | 2 | ||||
| -rw-r--r-- | doc/man3/EVP_KDF.pod | 40 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-HKDF.pod | 16 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-KB.pod | 20 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-KRB5KDF.pod | 8 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-PBKDF2.pod | 6 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-SCRYPT.pod | 16 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-SS.pod | 32 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-SSHKDF.pod | 12 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-TLS1_PRF.pod | 16 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-X942.pod | 18 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-X963.pod | 16 | ||||
| -rw-r--r-- | include/openssl/kdf.h | 12 | ||||
| -rw-r--r-- | providers/fips/self_test_kats.c | 6 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 8 | ||||
| -rw-r--r-- | ssl/tls13_enc.c | 22 | ||||
| -rw-r--r-- | test/evp_kdf_test.c | 66 | ||||
| -rw-r--r-- | test/evp_test.c | 9 | ||||
| -rw-r--r-- | util/libcrypto.num | 12 |
26 files changed, 200 insertions, 201 deletions
diff --git a/apps/kdf.c b/apps/kdf.c index dd6cc9255c..8d11807f5f 100644 --- a/apps/kdf.c +++ b/apps/kdf.c @@ -104,7 +104,7 @@ opthelp: goto opthelp; } - ctx = EVP_KDF_new_ctx(kdf); + ctx = EVP_KDF_CTX_new(kdf); if (ctx == NULL) goto err; @@ -116,7 +116,7 @@ opthelp: if (params == NULL) goto err; - if (!EVP_KDF_set_ctx_params(ctx, params)) { + if (!EVP_KDF_CTX_set_params(ctx, params)) { BIO_printf(bio_err, "KDF parameter error\n"); ERR_print_errors(bio_err); ok = 0; @@ -161,7 +161,7 @@ err: OPENSSL_clear_free(dkm_bytes, dkm_len); sk_OPENSSL_STRING_free(opts); EVP_KDF_free(kdf); - EVP_KDF_free_ctx(ctx); + EVP_KDF_CTX_free(ctx); BIO_free(out); OPENSSL_free(hexout); return ret; diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c index 50a1df858a..1b8a320db1 100644 --- a/crypto/dh/dh_kdf.c +++ b/crypto/dh/dh_kdf.c @@ -46,7 +46,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, return 0; kdf = EVP_KDF_fetch(provctx, OSSL_KDF_NAME_X942KDF, NULL); - if ((kctx = EVP_KDF_new_ctx(kdf)) == NULL) + if ((kctx = EVP_KDF_CTX_new(kdf)) == NULL) goto err; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, (char *)mdname, 0); @@ -58,10 +58,10 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, (char *)oid_sn, 0); *p = OSSL_PARAM_construct_end(); - ret = EVP_KDF_set_ctx_params(kctx, params) > 0 + ret = EVP_KDF_CTX_set_params(kctx, params) > 0 && EVP_KDF_derive(kctx, out, outlen) > 0; err: - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); EVP_KDF_free(kdf); return ret; } diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c index a502846d55..fb501c6ada 100644 --- a/crypto/ec/ecdh_kdf.c +++ b/crypto/ec/ecdh_kdf.c @@ -32,7 +32,7 @@ int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const char *mdname = EVP_MD_name(md); EVP_KDF *kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_X963KDF, NULL); - if ((kctx = EVP_KDF_new_ctx(kdf)) != NULL) { + if ((kctx = EVP_KDF_CTX_new(kdf)) != NULL) { *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, (char *)mdname, 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, @@ -41,9 +41,9 @@ int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, (void *)sinfo, sinfolen); *p = OSSL_PARAM_construct_end(); - ret = EVP_KDF_set_ctx_params(kctx, params) > 0 + ret = EVP_KDF_CTX_set_params(kctx, params) > 0 && EVP_KDF_derive(kctx, out, outlen) > 0; - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); } EVP_KDF_free(kdf); return ret; diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c index 2461498093..d22bb39c82 100644 --- a/crypto/evp/kdf_lib.c +++ b/crypto/evp/kdf_lib.c @@ -23,7 +23,7 @@ #include "internal/provider.h" #include "evp_local.h" -EVP_KDF_CTX *EVP_KDF_new_ctx(EVP_KDF *kdf) +EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) { EVP_KDF_CTX *ctx = NULL; @@ -34,7 +34,7 @@ EVP_KDF_CTX *EVP_KDF_new_ctx(EVP_KDF *kdf) if (ctx == NULL || (ctx->data = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL || !EVP_KDF_up_ref(kdf)) { - EVPerr(0, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE); if (ctx != NULL) kdf->freectx(ctx->data); OPENSSL_free(ctx); @@ -45,7 +45,7 @@ EVP_KDF_CTX *EVP_KDF_new_ctx(EVP_KDF *kdf) return ctx; } -void EVP_KDF_free_ctx(EVP_KDF_CTX *ctx) +void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) { if (ctx != NULL) { ctx->meth->freectx(ctx->data); @@ -55,7 +55,7 @@ void EVP_KDF_free_ctx(EVP_KDF_CTX *ctx) } } -EVP_KDF_CTX *EVP_KDF_dup_ctx(const EVP_KDF_CTX *src) +EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src) { EVP_KDF_CTX *dst; @@ -64,20 +64,20 @@ EVP_KDF_CTX *EVP_KDF_dup_ctx(const EVP_KDF_CTX *src) dst = OPENSSL_malloc(sizeof(*dst)); if (dst == NULL) { - EVPerr(0, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE); return NULL; } memcpy(dst, src, sizeof(*dst)); if (!EVP_KDF_up_ref(dst->meth)) { - EVPerr(0, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE); OPENSSL_free(dst); return NULL; } dst->data = src->meth->dupctx(src->data); if (dst->data == NULL) { - EVP_KDF_free_ctx(dst); + EVP_KDF_CTX_free(dst); return NULL; } return dst; @@ -98,7 +98,7 @@ const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf) return kdf->prov; } -const EVP_KDF *EVP_KDF_get_ctx_kdf(EVP_KDF_CTX *ctx) +const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) { return ctx->meth; } @@ -151,14 +151,14 @@ int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]) return 1; } -int EVP_KDF_get_ctx_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]) +int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]) { if (ctx->meth->get_ctx_params != NULL) return ctx->meth->get_ctx_params(ctx->data, params); return 1; } -int EVP_KDF_set_ctx_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]) +int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]) { if (ctx->meth->set_ctx_params != NULL) return ctx->meth->set_ctx_params(ctx->data, params); diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index e2f7734afc..6e89ffd999 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -41,7 +41,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, salt = (unsigned char *)empty; kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_PBKDF2, NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); if (kctx == NULL) return 0; @@ -54,11 +54,11 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, (char *)mdname, 0); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) != 1 + if (EVP_KDF_CTX_set_params(kctx, params) != 1 || EVP_KDF_derive(kctx, out, keylen) != 1) rv = 0; - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); OSSL_TRACE_BEGIN(PKCS5V2) { BIO_printf(trc_out, "Password:\n"); diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c index 3fdc82d5a9..fa7b1de17c 100644 --- a/crypto/evp/pbe_scrypt.c +++ b/crypto/evp/pbe_scrypt.c @@ -63,7 +63,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, maxmem = SCRYPT_MAX_MEM; kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_SCRYPT, NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); if (kctx == NULL) return 0; @@ -78,11 +78,11 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_P, &p); *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem); *z = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) != 1 + if (EVP_KDF_CTX_set_params(kctx, params) != 1 || EVP_KDF_derive(kctx, key, keylen) != 1) rv = 0; - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); return rv; } diff --git a/crypto/evp/pkey_kdf.c b/crypto/evp/pkey_kdf.c index dff16bfd41..ac4a0fa461 100644 --- a/crypto/evp/pkey_kdf.c +++ b/crypto/evp/pkey_kdf.c @@ -50,7 +50,7 @@ static int pkey_kdf_init(EVP_PKEY_CTX *ctx) return 0; kdf = EVP_KDF_fetch(NULL, kdf_name, NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); if (kctx == NULL) { OPENSSL_free(pkctx); @@ -66,7 +66,7 @@ static void pkey_kdf_cleanup(EVP_PKEY_CTX *ctx) { EVP_PKEY_KDF_CTX *pkctx = ctx->data; - EVP_KDF_free_ctx(pkctx->kctx); + EVP_KDF_CTX_free(pkctx->kctx); pkey_kdf_free_collected(pkctx); OPENSSL_free(pkctx); } @@ -202,7 +202,7 @@ static int pkey_kdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) break; } - return EVP_KDF_set_ctx_params(kctx, params); + return EVP_KDF_CTX_set_params(kctx, params); } static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, @@ -210,7 +210,7 @@ static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, { EVP_PKEY_KDF_CTX *pkctx = ctx->data; EVP_KDF_CTX *kctx = pkctx->kctx; - const EVP_KDF *kdf = EVP_KDF_get_ctx_kdf(kctx); + const EVP_KDF *kdf = EVP_KDF_CTX_kdf(kctx); BUF_MEM **collector = NULL; const OSSL_PARAM *defs = EVP_KDF_settable_ctx_params(kdf); OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; @@ -239,7 +239,7 @@ static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, if (collector != NULL) ok = collect(collector, params[0].data, params[0].data_size); else - ok = EVP_KDF_set_ctx_params(kctx, params); + ok = EVP_KDF_CTX_set_params(kctx, params); OPENSSL_free(params[0].data); return ok; } @@ -274,7 +274,7 @@ static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, pkctx->collected_seed->data, pkctx->collected_seed->length); - r = EVP_KDF_set_ctx_params(kctx, params); + r = EVP_KDF_CTX_set_params(kctx, params); pkey_kdf_free_collected(pkctx); if (!r) return 0; @@ -287,7 +287,7 @@ static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, pkctx->collected_info->data, pkctx->collected_info->length); - r = EVP_KDF_set_ctx_params(kctx, params); + r = EVP_KDF_CTX_set_params(kctx, params); pkey_kdf_free_collected(pkctx); if (!r) return 0; diff --git a/doc/man1/openssl-kdf.pod.in b/doc/man1/openssl-kdf.pod.in index e92eee27ba..9c585325ba 100644 --- a/doc/man1/openssl-kdf.pod.in +++ b/doc/man1/openssl-kdf.pod.in @@ -46,7 +46,7 @@ Output the derived key in binary form. Uses hexadecimal text format if not speci Passes options to the KDF algorithm. A comprehensive list of parameters can be found in the EVP_KDF_CTX implementation documentation. -Common parameter names used by EVP_KDF_set_ctx_params() are: +Common parameter names used by EVP_KDF_CTX_set_params() are: =over 4 diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod index 5bf7994de8..d97d33936d 100644 --- a/doc/man3/EVP_KDF.pod +++ b/doc/man3/EVP_KDF.pod @@ -3,11 +3,11 @@ =head1 NAME EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref, -EVP_KDF_CTX, EVP_KDF_new_ctx, EVP_KDF_free_ctx, EVP_KDF_dup_ctx, +EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup, EVP_KDF_reset, EVP_KDF_derive, -EVP_KDF_size, EVP_KDF_provider, EVP_KDF_get_ctx_kdf, EVP_KDF_is_a, +EVP_KDF_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a, EVP_KDF_number, EVP_KDF_names_do_all, -EVP_KDF_get_ctx_params, EVP_KDF_set_ctx_params, EVP_KDF_do_all_provided, +EVP_KDF_CTX_get_params, EVP_KDF_CTX_set_params, EVP_KDF_do_all_provided, EVP_KDF_get_params, EVP_KDF_gettable_ctx_params, EVP_KDF_settable_ctx_params, EVP_KDF_gettable_params - EVP KDF routines @@ -18,10 +18,10 @@ EVP_KDF_gettable_params - EVP KDF routines typedef struct evp_kdf_st EVP_KDF; typedef struct evp_kdf_ctx_st EVP_KDF_CTX; - EVP_KDF_CTX *EVP_KDF_new_ctx(const EVP_KDF *kdf); - const EVP_KDF *EVP_KDF_get_ctx_kdf(EVP_KDF_CTX *ctx); - void EVP_KDF_free_ctx(EVP_KDF_CTX *ctx); - EVP_KDF_CTX *EVP_KDF_dup_ctx(const EVP_KDF_CTX *src); + EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf); + const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); + void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); + EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); void EVP_KDF_reset(EVP_KDF_CTX *ctx); size_t EVP_KDF_size(EVP_KDF_CTX *ctx); int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); @@ -39,8 +39,8 @@ EVP_KDF_gettable_params - EVP KDF routines void (*fn)(const char *name, void *data), void *data); int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]); - int EVP_KDF_get_ctx_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]); - int EVP_KDF_set_ctx_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]); + int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]); + int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]); const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf); const OSSL_PARAM *EVP_KDF_gettable_ctx_params(const EVP_KDF *kdf); const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf); @@ -52,8 +52,8 @@ The EVP KDF routines are a high-level interface to Key Derivation Function algorithms and should be used instead of algorithm-specific functions. After creating a B<EVP_KDF_CTX> for the required algorithm using -EVP_KDF_new_ctx(), inputs to the algorithm are supplied -using calls to EVP_KDF_set_ctx_params() before +EVP_KDF_CTX_new(), inputs to the algorithm are supplied +using calls to EVP_KDF_CTX_set_params() before calling EVP_KDF_derive() to derive the key. =head2 Types @@ -82,12 +82,12 @@ NULL is a valid parameter, for which this function is a no-op. =head2 Context manipulation functions -EVP_KDF_new_ctx() creates a new context for the KDF implementation I<kdf>. +EVP_KDF_CTX_new() creates a new context for the KDF implementation I<kdf>. -EVP_KDF_free_ctx() frees up the context I<ctx>. If I<ctx> is NULL, nothing +EVP_KDF_CTX_free() frees up the context I<ctx>. If I<ctx> is NULL, nothing is done. -EVP_KDF_get_ctx_kdf() returns the B<EVP_KDF> associated with the context +EVP_KDF_CTX_kdf() returns the B<EVP_KDF> associated with the context I<ctx>. =head2 Computing functions @@ -107,14 +107,14 @@ parameters should be retrieved. Note that a parameter that is unknown in the underlying context is simply ignored. -EVP_KDF_get_ctx_params() retrieves chosen parameters, given the +EVP_KDF_CTX_get_params() retrieves chosen parameters, given the context I<ctx> and its underlying context. The set of parameters given with I<params> determine exactly what parameters should be retrieved. Note that a parameter that is unknown in the underlying context is simply ignored. -EVP_KDF_set_ctx_params() passes chosen parameters to the underlying +EVP_KDF_CTX_set_params() passes chosen parameters to the underlying context, given a context I<ctx>. The set of parameters given with I<params> determine exactly what parameters are passed down. @@ -126,8 +126,8 @@ defined by the implementation. EVP_KDF_gettable_params(), EVP_KDF_gettable_ctx_params() and EVP_KDF_settable_ctx_params() get a constant B<OSSL_PARAM> array that describes the retrievable and settable parameters, i.e. parameters that -can be used with EVP_KDF_get_params(), EVP_KDF_get_ctx_params() -and EVP_KDF_set_ctx_params(), respectively. +can be used with EVP_KDF_get_params(), EVP_KDF_CTX_get_params() +and EVP_KDF_CTX_set_params(), respectively. See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor. =head2 Information functions @@ -237,10 +237,10 @@ NULL on error. EVP_KDF_up_ref() returns 1 on success, 0 on error. -EVP_KDF_new_ctx() returns either the newly allocated +EVP_KDF_CTX_new() returns either the newly allocated B<EVP_KDF_CTX> structure or NULL if an error occurred. -EVP_KDF_free_ctx() and EVP_KDF_reset() do not return a value. +EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value. EVP_KDF_size() returns the output size. B<SIZE_MAX> is returned to indicate that the algorithm produces a variable amount of output; 0 to indicate failure. diff --git a/doc/man7/EVP_KDF-HKDF.pod b/doc/man7/EVP_KDF-HKDF.pod index de62827b88..a8bb5dacd9 100644 --- a/doc/man7/EVP_KDF-HKDF.pod +++ b/doc/man7/EVP_KDF-HKDF.pod @@ -87,7 +87,7 @@ an error will occur. A context for HKDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "HKDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); The output length of an HKDF expand operation is specified via the I<keylen> parameter to the L<EVP_KDF_derive(3)> function. When using @@ -107,7 +107,7 @@ salt value "salt" and info value "label": OSSL_PARAM params[5], *p = params; kdf = EVP_KDF_fetch(NULL, "HKDF", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, @@ -119,14 +119,14 @@ salt value "salt" and info value "label": *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, "salt", (size_t)4); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { - error("EVP_KDF_set_ctx_params"); + if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { + error("EVP_KDF_CTX_set_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); =head1 CONFORMING TO @@ -135,10 +135,10 @@ RFC 5869 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_new_ctx(3)>, -L<EVP_KDF_free_ctx(3)>, +L<EVP_KDF_CTX_new(3)>, +L<EVP_KDF_CTX_free(3)>, L<EVP_KDF_size(3)>, -L<EVP_KDF_set_ctx_params(3)>, +L<EVP_KDF_CTX_set_params(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-KB.pod b/doc/man7/EVP_KDF-KB.pod index e5a2af67f9..0a84e925d9 100644 --- a/doc/man7/EVP_KDF-KB.pod +++ b/doc/man7/EVP_KDF-KB.pod @@ -57,7 +57,7 @@ Depending on whether mac is CMAC or HMAC, either digest or cipher is required A context for KBKDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); The output length of an KBKDF is specified via the C<keylen> parameter to the L<EVP_KDF_derive(3)> function. @@ -76,7 +76,7 @@ Label "label", and Context "context". OSSL_PARAM params[6], *p = params; kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, @@ -90,12 +90,12 @@ Label "label", and Context "context". *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, "context", strlen("context")); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) <= 0) - error("EVP_KDF_set_ctx_params"); + if (EVP_KDF_CTX_set_params(kctx, params) <= 0) + error("EVP_KDF_CTX_set_params"); else if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) error("EVP_KDF_derive"); - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); This example derives 10 bytes using FEEDBACK-CMAC-AES256, with KI "secret", Label "label", and IV "sixteen bytes iv". @@ -107,7 +107,7 @@ Label "label", and IV "sixteen bytes iv". unsigned char *iv = "sixteen bytes iv"; kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, "AES256", 0); @@ -122,12 +122,12 @@ Label "label", and IV "sixteen bytes iv". *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED, iv, strlen(iv)); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) <= 0) - error("EVP_KDF_set_ctx_params"); + if (EVP_KDF_CTX_set_params(kctx, params) <= 0) + error("EVP_KDF_CTX_set_params"); else if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) error("EVP_KDF_derive"); - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); =head1 CONFORMING TO @@ -136,7 +136,7 @@ NIST SP800-108, IETF RFC 6803, IETF RFC 8009. =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_free_ctx(3)>, +L<EVP_KDF_CTX_free(3)>, L<EVP_KDF_size(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-KRB5KDF.pod b/doc/man7/EVP_KDF-KRB5KDF.pod index 29a8c0f7b8..62f941c3ca 100644 --- a/doc/man7/EVP_KDF-KRB5KDF.pod +++ b/doc/man7/EVP_KDF-KRB5KDF.pod @@ -44,7 +44,7 @@ If a value is already set, the contents are replaced. A context for KRB5KDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); The output length of the KRB5KDF derivation is specified via the I<keylen> parameter to the L<EVP_KDF_derive(3)> function, and MUST match the key @@ -70,7 +70,7 @@ This example derives a key using the AES-128-CBC cipher: OSSL_PARAM params[4], *p = params; kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, @@ -87,7 +87,7 @@ This example derives a key using the AES-128-CBC cipher: if (EVP_KDF_derive(kctx, out, outlen) <= 0) /* Error */ - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); =head1 CONFORMING TO @@ -96,7 +96,7 @@ RFC 3961 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_free_ctx(3)>, +L<EVP_KDF_CTX_free(3)>, L<EVP_KDF_ctrl(3)>, L<EVP_KDF_size(3)>, L<EVP_KDF_derive(3)>, diff --git a/doc/man7/EVP_KDF-PBKDF2.pod b/doc/man7/EVP_KDF-PBKDF2.pod index 2be2db75b5..b0b7ac1d65 100644 --- a/doc/man7/EVP_KDF-PBKDF2.pod +++ b/doc/man7/EVP_KDF-PBKDF2.pod @@ -82,9 +82,9 @@ SP800-132 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_new_ctx(3)>, -L<EVP_KDF_free_ctx(3)>, -L<EVP_KDF_set_ctx_params(3)>, +L<EVP_KDF_CTX_new(3)>, +L<EVP_KDF_CTX_free(3)>, +L<EVP_KDF_CTX_set_params(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-SCRYPT.pod b/doc/man7/EVP_KDF-SCRYPT.pod index 7782f4fa87..8650a8b39a 100644 --- a/doc/man7/EVP_KDF-SCRYPT.pod +++ b/doc/man7/EVP_KDF-SCRYPT.pod @@ -66,7 +66,7 @@ Both r and p are parameters of type B<uint32_t>. A context for scrypt can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); The output length of an scrypt key derivation is specified via the "keylen" parameter to the L<EVP_KDF_derive(3)> function. @@ -82,7 +82,7 @@ This example derives a 64-byte long test vector using scrypt with the password OSSL_PARAM params[6], *p = params; kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, @@ -93,8 +93,8 @@ This example derives a 64-byte long test vector using scrypt with the password *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_R, (uint32_t)8); *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_P, (uint32_t)16); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { - error("EVP_KDF_set_ctx_params"); + if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { + error("EVP_KDF_CTX_set_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); @@ -115,7 +115,7 @@ This example derives a 64-byte long test vector using scrypt with the password assert(!memcmp(out, expected, sizeof(out))); } - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); =head1 CONFORMING TO @@ -124,9 +124,9 @@ RFC 7914 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_new_ctx(3)>, -L<EVP_KDF_free_ctx(3)>, -L<EVP_KDF_set_ctx_params(3)>, +L<EVP_KDF_CTX_new(3)>, +L<EVP_KDF_CTX_free(3)>, +L<EVP_KDF_CTX_set_params(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-SS.pod b/doc/man7/EVP_KDF-SS.pod index 65b15a4d59..e64417388f 100644 --- a/doc/man7/EVP_KDF-SS.pod +++ b/doc/man7/EVP_KDF-SS.pod @@ -66,7 +66,7 @@ This parameter sets an optional value for fixedinfo, also known as otherinfo. A context for SSKDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); The output length of an SSKDF is specified via the I<keylen> parameter to the L<EVP_KDF_derive(3)> function. @@ -82,7 +82,7 @@ and fixedinfo value "label": OSSL_PARAM params[4], *p = params; kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, @@ -92,14 +92,14 @@ and fixedinfo value "label": *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, "label", (size_t)5); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { - error("EVP_KDF_set_ctx_params"); + if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { + error("EVP_KDF_CTX_set_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); This example derives 10 bytes using H(x) = HMAC(SHA-256), with the secret key "secret", fixedinfo value "label" and salt "salt": @@ -110,7 +110,7 @@ fixedinfo value "label" and salt "salt": OSSL_PARAM params[6], *p = params; kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, @@ -124,14 +124,14 @@ fixedinfo value "label" and salt "salt": *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, "salt", (size_t)4); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { - error("EVP_KDF_set_ctx_params"); + if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { + error("EVP_KDF_CTX_set_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); This example derives 10 bytes using H(x) = KMAC128(x,salt,outlen), with the secret key "secret" fixedinfo value "label", salt of "salt" and KMAC outlen of 20: @@ -142,7 +142,7 @@ fixedinfo value "label", salt of "salt" and KMAC outlen of 20: OSSL_PARAM params[7], *p = params; kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - kctx = EVP_KDF_new_ctx(kdf); + kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, @@ -157,14 +157,14 @@ fixedinfo value "label", salt of "salt" and KMAC outlen of 20: "salt", (size_t)4); *p++ = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_MAC_SIZE, (size_t)20); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { - error("EVP_KDF_set_ctx_params"); + if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { + error("EVP_KDF_CTX_set_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_free_ctx(kctx); + EVP_KDF_CTX_free(kctx); =head1 CONFORMING TO @@ -173,9 +173,9 @@ NIST SP800-56Cr1. =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_new_ctx(3)>, -L<EVP_KDF_free_ctx(3)>, -L<EVP_KDF_set_ctx_params(3)>, +L<EVP_KDF_CTX_new(3)>, +L<EVP_KDF_CTX_free(3)>, +L<EVP_KDF_CTX_set_params(3)>, L<EVP_KDF_size(3)>, L<EVP_KDF_derive(3)>, |