EVP module documentation pass

Replace ECDH_KDF_X9_62() with internal ecdh_KDF_X9_63()

Signed-off-by: Antoine Salon <asalon@vmware.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/7345)

5 files changed, 31 insertions, 9 deletions

diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 21302685d8..a3164b5b2e 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -699,7 +699,7 @@ static int ecdh_cms_set_kdf_param(EVP_PKEY_CTX *pctx, int eckdf_nid)
     if (EVP_PKEY_CTX_set_ecdh_cofactor_mode(pctx, cofactor) <= 0)
         return 0;
 
-    if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_62) <= 0)
+    if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0)
         return 0;
 
     kdf_md = EVP_get_digestbynid(kdfmd_nid);
@@ -864,7 +864,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
         ecdh_nid = NID_dh_cofactor_kdf;
 
     if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) {
-        kdf_type = EVP_PKEY_ECDH_KDF_X9_62;
+        kdf_type = EVP_PKEY_ECDH_KDF_X9_63;
         if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0)
             goto err;
     } else
diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index 5bee031b92..f4ad0749ef 100644
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -209,7 +209,7 @@ static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx,
     if (!pkey_ec_derive(ctx, ktmp, &ktmplen))
         goto err;
     /* Do KDF stuff */
-    if (!ECDH_KDF_X9_62(key, *keylen, ktmp, ktmplen,
+    if (!ecdh_KDF_X9_63(key, *keylen, ktmp, ktmplen,
                         dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md))
         goto err;
     rv = 1;
@@ -281,7 +281,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
     case EVP_PKEY_CTRL_EC_KDF_TYPE:
         if (p1 == -2)
             return dctx->kdf_type;
-        if (p1 != EVP_PKEY_ECDH_KDF_NONE && p1 != EVP_PKEY_ECDH_KDF_X9_62)
+        if (p1 != EVP_PKEY_ECDH_KDF_NONE && p1 != EVP_PKEY_ECDH_KDF_X9_63)
             return -2;
         dctx->kdf_type = p1;
         return 1;
diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c
index d47486eb34..d686f9d897 100644
--- a/crypto/ec/ecdh_kdf.c
+++ b/crypto/ec/ecdh_kdf.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -10,12 +10,13 @@
 #include <string.h>
 #include <openssl/ec.h>
 #include <openssl/evp.h>
+#include "ec_lcl.h"
 
-/* Key derivation function from X9.62/SECG */
+/* Key derivation function from X9.63/SECG */
 /* Way more than we will ever need */
 #define ECDH_KDF_MAX    (1 << 30)
 
-int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
                    const unsigned char *Z, size_t Zlen,
                    const unsigned char *sinfo, size_t sinfolen,
                    const EVP_MD *md)
@@ -66,3 +67,15 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
     EVP_MD_CTX_free(mctx);
     return rv;
 }
+
+/*-
+ * The old name for ecdh_KDF_X9_63
+ * Retained for ABI compatibility
+ */
+int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+                   const unsigned char *Z, size_t Zlen,
+                   const unsigned char *sinfo, size_t sinfolen,
+                   const EVP_MD *md)
+{
+    return ecdh_KDF_X9_63(out, outlen, Z, Zlen, sinfo, sinfolen, md);
+}
diff --git a/crypto/include/internal/ec_int.h b/crypto/include/internal/ec_int.h
index bb4b5129d0..182c39cc80 100644
--- a/crypto/include/internal/ec_int.h
+++ b/crypto/include/internal/ec_int.h
@@ -41,5 +41,13 @@
 __owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res,
                                    const BIGNUM *x, BN_CTX *ctx);
 
+/*-
+ * ECDH Key Derivation Function as defined in ANSI X9.63
+ */
+int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
+                   const unsigned char *Z, size_t Zlen,
+                   const unsigned char *sinfo, size_t sinfolen,
+                   const EVP_MD *md);
+
 # endif /* OPENSSL_NO_EC */
 #endif
diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c
index 9c69a45054..4389fc731e 100644
--- a/crypto/sm2/sm2_crypt.c
+++ b/crypto/sm2/sm2_crypt.c
@@ -11,6 +11,7 @@
 
 #include "internal/sm2.h"
 #include "internal/sm2err.h"
+#include "internal/ec_int.h" /* ecdh_KDF_X9_63() */
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/bn.h>
@@ -203,7 +204,7 @@ int sm2_encrypt(const EC_KEY *key,
    }
 
     /* X9.63 with no salt happens to match the KDF used in SM2 */
-    if (!ECDH_KDF_X9_62(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
+    if (!ecdh_KDF_X9_63(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
                         digest)) {
         SM2err(SM2_F_SM2_ENCRYPT, ERR_R_EVP_LIB);
         goto done;
@@ -344,7 +345,7 @@ int sm2_decrypt(const EC_KEY *key,
 
     if (BN_bn2binpad(x2, x2y2, field_size) < 0
             || BN_bn2binpad(y2, x2y2 + field_size, field_size) < 0
-            || !ECDH_KDF_X9_62(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
+            || !ecdh_KDF_X9_63(msg_mask, msg_len, x2y2, 2 * field_size, NULL, 0,
                                digest)) {
         SM2err(SM2_F_SM2_DECRYPT, ERR_R_INTERNAL_ERROR);
         goto done;