Add dh_kdf support to provider

Similiar to ecdh this supports the legacy kdf inside the provider dh key exchange. The supporting EVP_PKEY_CTX macros have been changed into mehtods and moved into dh_ctrl.c New kdfs such as SSKDF should be done as a seperate pass after doing the derive. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12575)
author: Shane Lontis <shane.lontis@oracle.com> 2020-08-04 11:21:21 +1000
committer: Shane Lontis <shane.lontis@oracle.com> 2020-08-11 20:39:19 +1000
commit: 116d2510f7e95d1e6f4a6b9db2df1ec8d11b61fb (patch)
tree: f05970c6c5e9c20e0fb38659d1391fed1e175b8f /crypto/evp/pmeth_lib.c
parent: 627c220311bcd3bd6f4f745b76ce6a548bed4629 (diff)
1 files changed, 22 insertions, 1 deletions
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 6f2f52912b..ba85a8c143 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -150,7 +150,6 @@ static int is_legacy_alg(int id, const char *keytype)
      * support
      */
     case EVP_PKEY_SM2:
-    case EVP_PKEY_DHX:
     case EVP_PKEY_CMAC:
     case EVP_PKEY_HMAC:
     case EVP_PKEY_SIPHASH:
@@ -1040,6 +1039,28 @@ static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
         return -2;
 
 # ifndef OPENSSL_NO_DH
+    if (keytype == EVP_PKEY_DHX) {
+        switch (cmd) {
+        case EVP_PKEY_CTRL_DH_KDF_TYPE:
+            return EVP_PKEY_CTX_set_dh_kdf_type(ctx, p1);
+        case EVP_PKEY_CTRL_DH_KDF_MD:
+            return EVP_PKEY_CTX_set_dh_kdf_md(ctx, p2);
+        case EVP_PKEY_CTRL_DH_KDF_OUTLEN:
+            return EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, p1);
+        case EVP_PKEY_CTRL_DH_KDF_UKM:
+            return EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p2, p1);
+        case EVP_PKEY_CTRL_DH_KDF_OID:
+            return EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_MD:
+            return EVP_PKEY_CTX_get_dh_kdf_md(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN:
+            return EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_UKM:
+            return EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p2);
+        case EVP_PKEY_CTRL_GET_DH_KDF_OID:
+            return EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, p2);
+        }
+    }
     if (keytype == EVP_PKEY_DH) {
         switch (cmd) {
             case EVP_PKEY_CTRL_DH_PAD:
author	Shane Lontis <shane.lontis@oracle.com>	2020-08-04 11:21:21 +1000
committer	Shane Lontis <shane.lontis@oracle.com>	2020-08-11 20:39:19 +1000
commit	116d2510f7e95d1e6f4a6b9db2df1ec8d11b61fb (patch)
tree	f05970c6c5e9c20e0fb38659d1391fed1e175b8f /crypto/evp/pmeth_lib.c
parent	627c220311bcd3bd6f4f745b76ce6a548bed4629 (diff)