diff options
| author | Pauli <paul.dale@oracle.com> | 2020-06-09 09:10:41 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-06-11 11:14:21 +1000 |
| commit | 765d04c9460a304c8119f57941341a149498b9db (patch) | |
| tree | ebbf22a15cb6976260f84fa7747d02dd923393c4 | |
| parent | 5cff2df8cedd7b8185756df216f16a213fb22637 (diff) | |
kdf: make function naming consistent.
The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace
for consistency.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11996)
| -rw-r--r-- | apps/kdf.c | 6 | ||||
| -rw-r--r-- | crypto/dh/dh_kdf.c | 6 | ||||
| -rw-r--r-- | crypto/ec/ecdh_kdf.c | 6 | ||||
| -rw-r--r-- | crypto/evp/kdf_lib.c | 20 | ||||
| -rw-r--r-- | crypto/evp/p5_crpt2.c | 6 | ||||
| -rw-r--r-- | crypto/evp/pbe_scrypt.c | 6 | ||||
| -rw-r--r-- | crypto/evp/pkey_kdf.c | 14 | ||||
| -rw-r--r-- | doc/man1/openssl-kdf.pod.in | 2 | ||||
| -rw-r--r-- | doc/man3/EVP_KDF.pod | 40 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-HKDF.pod | 16 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-KB.pod | 20 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-KRB5KDF.pod | 8 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-PBKDF2.pod | 6 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-SCRYPT.pod | 16 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-SS.pod | 32 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-SSHKDF.pod | 12 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-TLS1_PRF.pod | 16 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-X942.pod | 18 | ||||
| -rw-r--r-- | doc/man7/EVP_KDF-X963.pod | 16 | ||||
| -rw-r--r-- | include/openssl/kdf.h | 12 | ||||
| -rw-r--r-- | providers/fips/self_test_kats.c | 6 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 8 | ||||
| -rw-r--r-- | ssl/tls13_enc.c | 22 | ||||
| -rw-r--r-- | test/evp_kdf_test.c | 66 | ||||
| -rw-r--r-- | test/evp_test.c | 9 | ||||
| -rw-r--r-- | util/libcrypto.num | 12 |
26 files changed, 201 insertions, 200 deletions
diff --git a/apps/kdf.c b/apps/kdf.c index 8d11807f5f..dd6cc9255c 100644 --- a/apps/kdf.c +++ b/apps/kdf.c @@ -104,7 +104,7 @@ opthelp: goto opthelp; } - ctx = EVP_KDF_CTX_new(kdf); + ctx = EVP_KDF_new_ctx(kdf); if (ctx == NULL) goto err; @@ -116,7 +116,7 @@ opthelp: if (params == NULL) goto err; - if (!EVP_KDF_CTX_set_params(ctx, params)) { + if (!EVP_KDF_set_ctx_params(ctx, params)) { BIO_printf(bio_err, "KDF parameter error\n"); ERR_print_errors(bio_err); ok = 0; @@ -161,7 +161,7 @@ err: OPENSSL_clear_free(dkm_bytes, dkm_len); sk_OPENSSL_STRING_free(opts); EVP_KDF_free(kdf); - EVP_KDF_CTX_free(ctx); + EVP_KDF_free_ctx(ctx); BIO_free(out); OPENSSL_free(hexout); return ret; diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c index 1b8a320db1..50a1df858a 100644 --- a/crypto/dh/dh_kdf.c +++ b/crypto/dh/dh_kdf.c @@ -46,7 +46,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, return 0; kdf = EVP_KDF_fetch(provctx, OSSL_KDF_NAME_X942KDF, NULL); - if ((kctx = EVP_KDF_CTX_new(kdf)) == NULL) + if ((kctx = EVP_KDF_new_ctx(kdf)) == NULL) goto err; *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, (char *)mdname, 0); @@ -58,10 +58,10 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG, (char *)oid_sn, 0); *p = OSSL_PARAM_construct_end(); - ret = EVP_KDF_CTX_set_params(kctx, params) > 0 + ret = EVP_KDF_set_ctx_params(kctx, params) > 0 && EVP_KDF_derive(kctx, out, outlen) > 0; err: - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); EVP_KDF_free(kdf); return ret; } diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c index fb501c6ada..a502846d55 100644 --- a/crypto/ec/ecdh_kdf.c +++ b/crypto/ec/ecdh_kdf.c @@ -32,7 +32,7 @@ int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const char *mdname = EVP_MD_name(md); EVP_KDF *kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_X963KDF, NULL); - if ((kctx = EVP_KDF_CTX_new(kdf)) != NULL) { + if ((kctx = EVP_KDF_new_ctx(kdf)) != NULL) { *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, (char *)mdname, 0); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, @@ -41,9 +41,9 @@ int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, (void *)sinfo, sinfolen); *p = OSSL_PARAM_construct_end(); - ret = EVP_KDF_CTX_set_params(kctx, params) > 0 + ret = EVP_KDF_set_ctx_params(kctx, params) > 0 && EVP_KDF_derive(kctx, out, outlen) > 0; - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); } EVP_KDF_free(kdf); return ret; diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c index d22bb39c82..2461498093 100644 --- a/crypto/evp/kdf_lib.c +++ b/crypto/evp/kdf_lib.c @@ -23,7 +23,7 @@ #include "internal/provider.h" #include "evp_local.h" -EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) +EVP_KDF_CTX *EVP_KDF_new_ctx(EVP_KDF *kdf) { EVP_KDF_CTX *ctx = NULL; @@ -34,7 +34,7 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) if (ctx == NULL || (ctx->data = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL || !EVP_KDF_up_ref(kdf)) { - EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE); + EVPerr(0, ERR_R_MALLOC_FAILURE); if (ctx != NULL) kdf->freectx(ctx->data); OPENSSL_free(ctx); @@ -45,7 +45,7 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) return ctx; } -void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) +void EVP_KDF_free_ctx(EVP_KDF_CTX *ctx) { if (ctx != NULL) { ctx->meth->freectx(ctx->data); @@ -55,7 +55,7 @@ void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) } } -EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src) +EVP_KDF_CTX *EVP_KDF_dup_ctx(const EVP_KDF_CTX *src) { EVP_KDF_CTX *dst; @@ -64,20 +64,20 @@ EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src) dst = OPENSSL_malloc(sizeof(*dst)); if (dst == NULL) { - EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE); + EVPerr(0, ERR_R_MALLOC_FAILURE); return NULL; } memcpy(dst, src, sizeof(*dst)); if (!EVP_KDF_up_ref(dst->meth)) { - EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE); + EVPerr(0, ERR_R_MALLOC_FAILURE); OPENSSL_free(dst); return NULL; } dst->data = src->meth->dupctx(src->data); if (dst->data == NULL) { - EVP_KDF_CTX_free(dst); + EVP_KDF_free_ctx(dst); return NULL; } return dst; @@ -98,7 +98,7 @@ const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf) return kdf->prov; } -const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) +const EVP_KDF *EVP_KDF_get_ctx_kdf(EVP_KDF_CTX *ctx) { return ctx->meth; } @@ -151,14 +151,14 @@ int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]) return 1; } -int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]) +int EVP_KDF_get_ctx_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]) { if (ctx->meth->get_ctx_params != NULL) return ctx->meth->get_ctx_params(ctx->data, params); return 1; } -int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]) +int EVP_KDF_set_ctx_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]) { if (ctx->meth->set_ctx_params != NULL) return ctx->meth->set_ctx_params(ctx->data, params); diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 6e89ffd999..e2f7734afc 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -41,7 +41,7 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, salt = (unsigned char *)empty; kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_PBKDF2, NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); if (kctx == NULL) return 0; @@ -54,11 +54,11 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, (char *)mdname, 0); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) != 1 + if (EVP_KDF_set_ctx_params(kctx, params) != 1 || EVP_KDF_derive(kctx, out, keylen) != 1) rv = 0; - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); OSSL_TRACE_BEGIN(PKCS5V2) { BIO_printf(trc_out, "Password:\n"); diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c index 62b9687949..5081b85c8d 100644 --- a/crypto/evp/pbe_scrypt.c +++ b/crypto/evp/pbe_scrypt.c @@ -63,7 +63,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, maxmem = SCRYPT_MAX_MEM; kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_SCRYPT, NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); if (kctx == NULL) return 0; @@ -78,11 +78,11 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_P, &p); *z++ = OSSL_PARAM_construct_uint64(OSSL_KDF_PARAM_SCRYPT_MAXMEM, &maxmem); *z = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) != 1 + if (EVP_KDF_set_ctx_params(kctx, params) != 1 || EVP_KDF_derive(kctx, key, keylen) != 1) rv = 0; - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); return rv; } diff --git a/crypto/evp/pkey_kdf.c b/crypto/evp/pkey_kdf.c index ac4a0fa461..dff16bfd41 100644 --- a/crypto/evp/pkey_kdf.c +++ b/crypto/evp/pkey_kdf.c @@ -50,7 +50,7 @@ static int pkey_kdf_init(EVP_PKEY_CTX *ctx) return 0; kdf = EVP_KDF_fetch(NULL, kdf_name, NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); if (kctx == NULL) { OPENSSL_free(pkctx); @@ -66,7 +66,7 @@ static void pkey_kdf_cleanup(EVP_PKEY_CTX *ctx) { EVP_PKEY_KDF_CTX *pkctx = ctx->data; - EVP_KDF_CTX_free(pkctx->kctx); + EVP_KDF_free_ctx(pkctx->kctx); pkey_kdf_free_collected(pkctx); OPENSSL_free(pkctx); } @@ -202,7 +202,7 @@ static int pkey_kdf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) break; } - return EVP_KDF_CTX_set_params(kctx, params); + return EVP_KDF_set_ctx_params(kctx, params); } static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, @@ -210,7 +210,7 @@ static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, { EVP_PKEY_KDF_CTX *pkctx = ctx->data; EVP_KDF_CTX *kctx = pkctx->kctx; - const EVP_KDF *kdf = EVP_KDF_CTX_kdf(kctx); + const EVP_KDF *kdf = EVP_KDF_get_ctx_kdf(kctx); BUF_MEM **collector = NULL; const OSSL_PARAM *defs = EVP_KDF_settable_ctx_params(kdf); OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; @@ -239,7 +239,7 @@ static int pkey_kdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, if (collector != NULL) ok = collect(collector, params[0].data, params[0].data_size); else - ok = EVP_KDF_CTX_set_params(kctx, params); + ok = EVP_KDF_set_ctx_params(kctx, params); OPENSSL_free(params[0].data); return ok; } @@ -274,7 +274,7 @@ static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, pkctx->collected_seed->data, pkctx->collected_seed->length); - r = EVP_KDF_CTX_set_params(kctx, params); + r = EVP_KDF_set_ctx_params(kctx, params); pkey_kdf_free_collected(pkctx); if (!r) return 0; @@ -287,7 +287,7 @@ static int pkey_kdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, pkctx->collected_info->data, pkctx->collected_info->length); - r = EVP_KDF_CTX_set_params(kctx, params); + r = EVP_KDF_set_ctx_params(kctx, params); pkey_kdf_free_collected(pkctx); if (!r) return 0; diff --git a/doc/man1/openssl-kdf.pod.in b/doc/man1/openssl-kdf.pod.in index 9c585325ba..e92eee27ba 100644 --- a/doc/man1/openssl-kdf.pod.in +++ b/doc/man1/openssl-kdf.pod.in @@ -46,7 +46,7 @@ Output the derived key in binary form. Uses hexadecimal text format if not speci Passes options to the KDF algorithm. A comprehensive list of parameters can be found in the EVP_KDF_CTX implementation documentation. -Common parameter names used by EVP_KDF_CTX_set_params() are: +Common parameter names used by EVP_KDF_set_ctx_params() are: =over 4 diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod index 8893a20302..7d6228a73d 100644 --- a/doc/man3/EVP_KDF.pod +++ b/doc/man3/EVP_KDF.pod @@ -3,11 +3,11 @@ =head1 NAME EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref, -EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup, +EVP_KDF_CTX, EVP_KDF_new_ctx, EVP_KDF_free_ctx, EVP_KDF_dup_ctx, EVP_KDF_reset, EVP_KDF_derive, -EVP_KDF_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a, +EVP_KDF_size, EVP_KDF_provider, EVP_KDF_get_ctx_kdf, EVP_KDF_is_a, EVP_KDF_number, EVP_KDF_names_do_all, -EVP_KDF_CTX_get_params, EVP_KDF_CTX_set_params, EVP_KDF_do_all_provided, +EVP_KDF_get_ctx_params, EVP_KDF_set_ctx_params, EVP_KDF_do_all_provided, EVP_KDF_get_params, EVP_KDF_gettable_ctx_params, EVP_KDF_settable_ctx_params, EVP_KDF_gettable_params - EVP KDF routines @@ -18,10 +18,10 @@ EVP_KDF_gettable_params - EVP KDF routines typedef struct evp_kdf_st EVP_KDF; typedef struct evp_kdf_ctx_st EVP_KDF_CTX; - EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf); - const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); - void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); - EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); + EVP_KDF_CTX *EVP_KDF_new_ctx(const EVP_KDF *kdf); + const EVP_KDF *EVP_KDF_get_ctx_kdf(EVP_KDF_CTX *ctx); + void EVP_KDF_free_ctx(EVP_KDF_CTX *ctx); + EVP_KDF_CTX *EVP_KDF_dup_ctx(const EVP_KDF_CTX *src); void EVP_KDF_reset(EVP_KDF_CTX *ctx); size_t EVP_KDF_size(EVP_KDF_CTX *ctx); int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); @@ -39,8 +39,8 @@ EVP_KDF_gettable_params - EVP KDF routines void (*fn)(const char *name, void *data), void *data); int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]); - int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]); - int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]); + int EVP_KDF_get_ctx_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]); + int EVP_KDF_set_ctx_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]); const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf); const OSSL_PARAM *EVP_KDF_gettable_ctx_params(const EVP_KDF *kdf); const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf); @@ -52,8 +52,8 @@ The EVP KDF routines are a high level interface to Key Derivation Function algorithms and should be used instead of algorithm-specific functions. After creating a B<EVP_KDF_CTX> for the required algorithm using -EVP_KDF_CTX_new(), inputs to the algorithm are supplied -using calls to EVP_KDF_CTX_set_params() before +EVP_KDF_new_ctx(), inputs to the algorithm are supplied +using calls to EVP_KDF_set_ctx_params() before calling EVP_KDF_derive() to derive the key. =head2 Types @@ -82,12 +82,12 @@ NULL is a valid parameter, for which this function is a no-op. =head2 Context manipulation functions -EVP_KDF_CTX_new() creates a new context for the KDF implementation I<kdf>. +EVP_KDF_new_ctx() creates a new context for the KDF implementation I<kdf>. -EVP_KDF_CTX_free() frees up the context I<ctx>. If I<ctx> is NULL, nothing +EVP_KDF_free_ctx() frees up the context I<ctx>. If I<ctx> is NULL, nothing is done. -EVP_KDF_CTX_kdf() returns the B<EVP_KDF> associated with the context +EVP_KDF_get_ctx_kdf() returns the B<EVP_KDF> associated with the context I<ctx>. =head2 Computing functions @@ -107,14 +107,14 @@ parameters should be retrieved. Note that a parameter that is unknown in the underlying context is simply ignored. -EVP_KDF_CTX_get_params() retrieves chosen parameters, given the +EVP_KDF_get_ctx_params() retrieves chosen parameters, given the context I<ctx> and its underlying context. The set of parameters given with I<params> determine exactly what parameters should be retrieved. Note that a parameter that is unknown in the underlying context is simply ignored. -EVP_KDF_CTX_set_params() passes chosen parameters to the underlying +EVP_KDF_set_ctx_params() passes chosen parameters to the underlying context, given a context I<ctx>. The set of parameters given with I<params> determine exactly what parameters are passed down. @@ -126,8 +126,8 @@ defined by the implementation. EVP_KDF_gettable_params(), EVP_KDF_gettable_ctx_params() and EVP_KDF_settable_ctx_params() get a constant B<OSSL_PARAM> array that describes the retrievable and settable parameters, i.e. parameters that -can be used with EVP_KDF_get_params(), EVP_KDF_CTX_get_params() -and EVP_KDF_CTX_set_params(), respectively. +can be used with EVP_KDF_get_params(), EVP_KDF_get_ctx_params() +and EVP_KDF_set_ctx_params(), respectively. See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor. =head2 Information functions @@ -237,10 +237,10 @@ NULL on error. EVP_KDF_up_ref() returns 1 on success, 0 on error. -EVP_KDF_CTX_new() returns either the newly allocated +EVP_KDF_new_ctx() returns either the newly allocated B<EVP_KDF_CTX> structure or NULL if an error occurred. -EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value. +EVP_KDF_free_ctx() and EVP_KDF_reset() do not return a value. EVP_KDF_size() returns the output size. B<SIZE_MAX> is returned to indicate that the algorithm produces a variable amount of output; 0 to indicate failure. diff --git a/doc/man7/EVP_KDF-HKDF.pod b/doc/man7/EVP_KDF-HKDF.pod index 6a4c7eb860..f0bcd91e85 100644 --- a/doc/man7/EVP_KDF-HKDF.pod +++ b/doc/man7/EVP_KDF-HKDF.pod @@ -87,7 +87,7 @@ an error will occur. A context for HKDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "HKDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); The output length of an HKDF expand operation is specified via the I<keylen> parameter to the L<EVP_KDF_derive(3)> function. When using @@ -107,7 +107,7 @@ salt value "salt" and info value "label": OSSL_PARAM params[5], *p = params; kdf = EVP_KDF_fetch(NULL, "HKDF", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, @@ -119,14 +119,14 @@ salt value "salt" and info value "label": *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, "salt", (size_t)4); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { - error("EVP_KDF_CTX_set_params"); + if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { + error("EVP_KDF_set_ctx_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); =head1 CONFORMING TO @@ -135,10 +135,10 @@ RFC 5869 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_CTX_new(3)>, -L<EVP_KDF_CTX_free(3)>, +L<EVP_KDF_new_ctx(3)>, +L<EVP_KDF_free_ctx(3)>, L<EVP_KDF_size(3)>, -L<EVP_KDF_CTX_set_params(3)>, +L<EVP_KDF_set_ctx_params(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-KB.pod b/doc/man7/EVP_KDF-KB.pod index 8a84a3d044..d31a1ce0eb 100644 --- a/doc/man7/EVP_KDF-KB.pod +++ b/doc/man7/EVP_KDF-KB.pod @@ -57,7 +57,7 @@ Depending on whether mac is CMAC or HMAC, either digest or cipher is required A context for KBKDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); The output length of an KBKDF is specified via the C<keylen> parameter to the L<EVP_KDF_derive(3)> function. @@ -76,7 +76,7 @@ Label "label", and Context "context". OSSL_PARAM params[6], *p = params; kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, @@ -90,12 +90,12 @@ Label "label", and Context "context". *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, "context", strlen("context")); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) <= 0) - error("EVP_KDF_CTX_set_params"); + if (EVP_KDF_set_ctx_params(kctx, params) <= 0) + error("EVP_KDF_set_ctx_params"); else if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) error("EVP_KDF_derive"); - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); This example derives 10 bytes using FEEDBACK-CMAC-AES256, with KI "secret", Label "label", and IV "sixteen bytes iv". @@ -107,7 +107,7 @@ Label "label", and IV "sixteen bytes iv". unsigned char *iv = "sixteen bytes iv"; kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, "AES256", 0); @@ -122,12 +122,12 @@ Label "label", and IV "sixteen bytes iv". *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED, iv, strlen(iv)); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) <= 0) - error("EVP_KDF_CTX_set_params"); + if (EVP_KDF_set_ctx_params(kctx, params) <= 0) + error("EVP_KDF_set_ctx_params"); else if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) error("EVP_KDF_derive"); - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); =head1 CONFORMING TO @@ -136,7 +136,7 @@ NIST SP800-108, IETF RFC 6803, IETF RFC 8009. =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_CTX_free(3)>, +L<EVP_KDF_free_ctx(3)>, L<EVP_KDF_size(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-KRB5KDF.pod b/doc/man7/EVP_KDF-KRB5KDF.pod index 071cb4e8e4..192ca3f34b 100644 --- a/doc/man7/EVP_KDF-KRB5KDF.pod +++ b/doc/man7/EVP_KDF-KRB5KDF.pod @@ -44,7 +44,7 @@ If a value is already set, the contents are replaced. A context for KRB5KDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); The output length of the KRB5KDF derivation is specified via the I<keylen> parameter to the L<EVP_KDF_derive(3)> function, and MUST match the key @@ -70,7 +70,7 @@ This example derives a key using the AES-128-CBC cipher: OSSL_PARAM params[4], *p = params; kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, @@ -87,7 +87,7 @@ This example derives a key using the AES-128-CBC cipher: if (EVP_KDF_derive(kctx, out, outlen) <= 0) /* Error */ - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); =head1 CONFORMING TO @@ -96,7 +96,7 @@ RFC 3961 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_CTX_free(3)>, +L<EVP_KDF_free_ctx(3)>, L<EVP_KDF_ctrl(3)>, L<EVP_KDF_size(3)>, L<EVP_KDF_derive(3)>, diff --git a/doc/man7/EVP_KDF-PBKDF2.pod b/doc/man7/EVP_KDF-PBKDF2.pod index 43d074bdcc..270d50bc80 100644 --- a/doc/man7/EVP_KDF-PBKDF2.pod +++ b/doc/man7/EVP_KDF-PBKDF2.pod @@ -82,9 +82,9 @@ SP800-132 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_CTX_new(3)>, -L<EVP_KDF_CTX_free(3)>, -L<EVP_KDF_CTX_set_params(3)>, +L<EVP_KDF_new_ctx(3)>, +L<EVP_KDF_free_ctx(3)>, +L<EVP_KDF_set_ctx_params(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-SCRYPT.pod b/doc/man7/EVP_KDF-SCRYPT.pod index 1459d07cfa..db54aa48c0 100644 --- a/doc/man7/EVP_KDF-SCRYPT.pod +++ b/doc/man7/EVP_KDF-SCRYPT.pod @@ -66,7 +66,7 @@ Both r and p are parameters of type B<uint32_t>. A context for scrypt can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); The output length of an scrypt key derivation is specified via the "keylen" parameter to the L<EVP_KDF_derive(3)> function. @@ -82,7 +82,7 @@ This example derives a 64-byte long test vector using scrypt with the password OSSL_PARAM params[6], *p = params; kdf = EVP_KDF_fetch(NULL, "SCRYPT", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_PASSWORD, @@ -93,8 +93,8 @@ This example derives a 64-byte long test vector using scrypt with the password *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_R, (uint32_t)8); *p++ = OSSL_PARAM_construct_uint32(OSSL_KDF_PARAM_SCRYPT_P, (uint32_t)16); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { - error("EVP_KDF_CTX_set_params"); + if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { + error("EVP_KDF_set_ctx_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); @@ -115,7 +115,7 @@ This example derives a 64-byte long test vector using scrypt with the password assert(!memcmp(out, expected, sizeof(out))); } - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); =head1 CONFORMING TO @@ -124,9 +124,9 @@ RFC 7914 =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_CTX_new(3)>, -L<EVP_KDF_CTX_free(3)>, -L<EVP_KDF_CTX_set_params(3)>, +L<EVP_KDF_new_ctx(3)>, +L<EVP_KDF_free_ctx(3)>, +L<EVP_KDF_set_ctx_params(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-SS.pod b/doc/man7/EVP_KDF-SS.pod index 2281cc3cb7..e8915fb699 100644 --- a/doc/man7/EVP_KDF-SS.pod +++ b/doc/man7/EVP_KDF-SS.pod @@ -66,7 +66,7 @@ This parameter sets an optional value for fixedinfo, also known as otherinfo. A context for SSKDF can be obtained by calling: EVP_KDF *kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - EVP_KDF_CTX *kctx = EVP_KDF_CTX_new(kdf); + EVP_KDF_CTX *kctx = EVP_KDF_new_ctx(kdf); The output length of an SSKDF is specified via the I<keylen> parameter to the L<EVP_KDF_derive(3)> function. @@ -82,7 +82,7 @@ and fixedinfo value "label": OSSL_PARAM params[4], *p = params; kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, @@ -92,14 +92,14 @@ and fixedinfo value "label": *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, "label", (size_t)5); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { - error("EVP_KDF_CTX_set_params"); + if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { + error("EVP_KDF_set_ctx_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); This example derives 10 bytes using H(x) = HMAC(SHA-256), with the secret key "secret", fixedinfo value "label" and salt "salt": @@ -110,7 +110,7 @@ fixedinfo value "label" and salt "salt": OSSL_PARAM params[6], *p = params; kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, @@ -124,14 +124,14 @@ fixedinfo value "label" and salt "salt": *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, "salt", (size_t)4); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { - error("EVP_KDF_CTX_set_params"); + if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { + error("EVP_KDF_set_ctx_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); This example derives 10 bytes using H(x) = KMAC128(x,salt,outlen), with the secret key "secret" fixedinfo value "label", salt of "salt" and KMAC outlen of 20: @@ -142,7 +142,7 @@ fixedinfo value "label", salt of "salt" and KMAC outlen of 20: OSSL_PARAM params[7], *p = params; kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); - kctx = EVP_KDF_CTX_new(kdf); + kctx = EVP_KDF_new_ctx(kdf); EVP_KDF_free(kdf); *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, @@ -157,14 +157,14 @@ fixedinfo value "label", salt of "salt" and KMAC outlen of 20: "salt", (size_t)4); *p++ = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_MAC_SIZE, (size_t)20); *p = OSSL_PARAM_construct_end(); - if (EVP_KDF_CTX_set_params(kctx, params) <= 0) { - error("EVP_KDF_CTX_set_params"); + if (EVP_KDF_set_ctx_params(kctx, params) <= 0) { + error("EVP_KDF_set_ctx_params"); } if (EVP_KDF_derive(kctx, out, sizeof(out)) <= 0) { error("EVP_KDF_derive"); } - EVP_KDF_CTX_free(kctx); + EVP_KDF_free_ctx(kctx); =head1 CONFORMING TO @@ -173,9 +173,9 @@ NIST SP800-56Cr1. =head1 SEE ALSO L<EVP_KDF(3)>, -L<EVP_KDF_CTX_new(3)>, -L<EVP_KDF_CTX_free(3)>, -L<EVP_KDF_CTX_set_params(3)>, +L<EVP_KDF_new_ctx(3)>, +L<EVP_KDF_free_ctx(3)>, +L<EVP_KDF_set_ctx_params(3)>, L<EVP_KDF_size(3)>, L<EVP_KDF_derive(3)>, L<EVP_KDF(3)/PARAMETERS> diff --git a/doc/man7/EVP_KDF-SSHKDF.pod b/doc/man7/EVP_KDF-SSHKDF.pod index e91858c051..f71457211a 100644 --- a/doc/man7/EVP |