diff options
| author | Pauli <paul.dale@oracle.com> | 2019-08-21 18:54:35 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2019-09-06 19:27:57 +1000 |
| commit | fb9e6dd6f8b1de99c880ff3b458d6bc0dec907bb (patch) | |
| tree | 60daa87494f3243dc9cce72284843ba8981b21cf /crypto/evp/kdf_lib.c | |
| parent | 55accfd2f11d02cf4cfdc6077216ae59f1748f6a (diff) | |
KDF/PRF updates to libcrypto
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)
Diffstat (limited to 'crypto/evp/kdf_lib.c')
| -rw-r--r-- | crypto/evp/kdf_lib.c | 140 |
1 files changed, 83 insertions, 57 deletions
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c index 6131d8ef77..aa0c5e341f 100644 --- a/crypto/evp/kdf_lib.c +++ b/crypto/evp/kdf_lib.c @@ -15,12 +15,15 @@ #include <openssl/evp.h> #include <openssl/x509v3.h> #include <openssl/kdf.h> +#include <openssl/core.h> +#include <openssl/core_names.h> #include "internal/asn1_int.h" #include "internal/evp_int.h" #include "internal/numbers.h" +#include "internal/provider.h" #include "evp_locl.h" -EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf) +EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf) { EVP_KDF_CTX *ctx = NULL; @@ -28,8 +31,12 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf) return NULL; ctx = OPENSSL_zalloc(sizeof(EVP_KDF_CTX)); - if (ctx == NULL || (ctx->impl = kdf->new()) == NULL) { + if (ctx == NULL + || (ctx->data = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL + || !EVP_KDF_up_ref(kdf)) { EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE); + if (ctx != NULL) + kdf->freectx(ctx->data); OPENSSL_free(ctx); ctx = NULL; } else { @@ -38,30 +45,57 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf) return ctx; } -EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id) +void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) { - const EVP_KDF *kdf = EVP_get_kdfbynid(id); - - return EVP_KDF_CTX_new(kdf); + if (ctx != NULL) { + ctx->meth->freectx(ctx->data); + ctx->data = NULL; + EVP_KDF_free(ctx->meth); + OPENSSL_free(ctx); + } } -int EVP_KDF_nid(const EVP_KDF *kdf) +EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src) { - return kdf->type; + EVP_KDF_CTX *dst; + + if (src->data == NULL || src == NULL || src->meth->dupctx == NULL) + return NULL; + + dst = OPENSSL_malloc(sizeof(*dst)); + if (dst == NULL) { + EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE); + return NULL; + } + + memcpy(dst, src, sizeof(*dst)); + if (!EVP_KDF_up_ref(dst->meth)) { + EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE); + OPENSSL_free(dst); + return NULL; + } + + dst->data = src->meth->dupctx(src->data); + if (dst->data == NULL) { + EVP_KDF_CTX_free(dst); + return NULL; + } + return dst; } -const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) +const char *EVP_KDF_name(const EVP_KDF *kdf) { - return ctx->meth; + return kdf->name; } -void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx) +const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf) { - if (ctx == NULL) - return; + return kdf->prov; +} - ctx->meth->free(ctx->impl); - OPENSSL_free(ctx); +const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) +{ + return ctx->meth; } void EVP_KDF_reset(EVP_KDF_CTX *ctx) @@ -70,66 +104,58 @@ void EVP_KDF_reset(EVP_KDF_CTX *ctx) return; if (ctx->meth->reset != NULL) - ctx->meth->reset(ctx->impl); + ctx->meth->reset(ctx->data); } -int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...) +size_t EVP_KDF_size(EVP_KDF_CTX *ctx) { - int ret; - va_list args; - - va_start(args, cmd); - ret = EVP_KDF_vctrl(ctx, cmd, args); - va_end(args); - - if (ret == -2) - EVPerr(EVP_F_EVP_KDF_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); + OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; + size_t s; - return ret; -} - -int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args) -{ if (ctx == NULL) return 0; - return ctx->meth->ctrl(ctx->impl, cmd, args); + *params = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_SIZE, &s); + if (ctx->meth->get_ctx_params != NULL + && ctx->meth->get_ctx_params(ctx, params)) + return s; + if (ctx->meth->get_params != NULL + && ctx->meth->get_params(params)) + return s; + return 0; } -int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value) +int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen) { - int ret; - if (ctx == NULL) return 0; - if (ctx->meth->ctrl_str == NULL) { - EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); - return -2; - } - - ret = ctx->meth->ctrl_str(ctx->impl, type, value); - if (ret == -2) - EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED); - - return ret; + return ctx->meth->derive(ctx->data, key, keylen); } -size_t EVP_KDF_size(EVP_KDF_CTX *ctx) +/* + * The {get,set}_params functions return 1 if there is no corresponding + * function in the implementation. This is the same as if there was one, + * but it didn't recognise any of the given params, i.e. nothing in the + * bag of parameters was useful. + */ +int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]) { - if (ctx == NULL) - return 0; - - if (ctx->meth->size == NULL) - return SIZE_MAX; - - return ctx->meth->size(ctx->impl); + if (kdf->get_params != NULL) + return kdf->get_params(params); + return 1; } -int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen) +int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]) { - if (ctx == NULL) - return 0; + if (ctx->meth->get_ctx_params != NULL) + return ctx->meth->get_ctx_params(ctx->data, params); + return 1; +} - return ctx->meth->derive(ctx->impl, key, keylen); +int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]) +{ + if (ctx->meth->set_ctx_params != NULL) + return ctx->meth->set_ctx_params(ctx->data, params); + return 1; } |