2018-06-22 05:16:18 +08:00
|
|
|
/*
|
2019-04-22 15:18:56 +08:00
|
|
|
* Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
* Copyright (c) 2018-2019, Oracle and/or its affiliates. All rights reserved.
|
2018-06-22 05:16:18 +08:00
|
|
|
*
|
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include "internal/cryptlib.h"
|
|
|
|
#include <openssl/engine.h>
|
|
|
|
#include <openssl/evp.h>
|
|
|
|
#include <openssl/x509v3.h>
|
|
|
|
#include <openssl/kdf.h>
|
2019-08-21 16:54:35 +08:00
|
|
|
#include <openssl/core.h>
|
|
|
|
#include <openssl/core_names.h>
|
2019-09-28 06:45:33 +08:00
|
|
|
#include "crypto/asn1.h"
|
|
|
|
#include "crypto/evp.h"
|
2018-06-22 05:16:18 +08:00
|
|
|
#include "internal/numbers.h"
|
2019-08-21 16:54:35 +08:00
|
|
|
#include "internal/provider.h"
|
2019-09-28 06:45:40 +08:00
|
|
|
#include "evp_local.h"
|
2018-06-22 05:16:18 +08:00
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf)
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
2019-05-16 09:43:41 +08:00
|
|
|
EVP_KDF_CTX *ctx = NULL;
|
2019-04-22 15:18:56 +08:00
|
|
|
|
2019-05-16 09:43:41 +08:00
|
|
|
if (kdf == NULL)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
ctx = OPENSSL_zalloc(sizeof(EVP_KDF_CTX));
|
2019-08-21 16:54:35 +08:00
|
|
|
if (ctx == NULL
|
|
|
|
|| (ctx->data = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL
|
|
|
|
|| !EVP_KDF_up_ref(kdf)) {
|
2019-04-22 15:18:56 +08:00
|
|
|
EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE);
|
2019-08-21 16:54:35 +08:00
|
|
|
if (ctx != NULL)
|
|
|
|
kdf->freectx(ctx->data);
|
2019-04-22 15:18:56 +08:00
|
|
|
OPENSSL_free(ctx);
|
|
|
|
ctx = NULL;
|
|
|
|
} else {
|
|
|
|
ctx->meth = kdf;
|
|
|
|
}
|
|
|
|
return ctx;
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx)
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
2019-08-21 16:54:35 +08:00
|
|
|
if (ctx != NULL) {
|
|
|
|
ctx->meth->freectx(ctx->data);
|
|
|
|
ctx->data = NULL;
|
|
|
|
EVP_KDF_free(ctx->meth);
|
|
|
|
OPENSSL_free(ctx);
|
|
|
|
}
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src)
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
2019-08-21 16:54:35 +08:00
|
|
|
EVP_KDF_CTX *dst;
|
|
|
|
|
2019-09-08 16:29:58 +08:00
|
|
|
if (src == NULL || src->data == NULL || src->meth->dupctx == NULL)
|
2019-08-21 16:54:35 +08:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
dst = OPENSSL_malloc(sizeof(*dst));
|
|
|
|
if (dst == NULL) {
|
|
|
|
EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
memcpy(dst, src, sizeof(*dst));
|
|
|
|
if (!EVP_KDF_up_ref(dst->meth)) {
|
|
|
|
EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE);
|
|
|
|
OPENSSL_free(dst);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
dst->data = src->meth->dupctx(src->data);
|
|
|
|
if (dst->data == NULL) {
|
|
|
|
EVP_KDF_CTX_free(dst);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
return dst;
|
2019-04-22 15:18:56 +08:00
|
|
|
}
|
2018-06-22 05:16:18 +08:00
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
const char *EVP_KDF_name(const EVP_KDF *kdf)
|
2019-04-22 15:18:56 +08:00
|
|
|
{
|
In provider implemented methods, save the name number, not the name string
Multiple names per implementation is already supported in the namemap,
but hasn't been used yet. However, as soon as we have multiple names,
we will get an issue with what name should be saved in the method.
The solution is to not save the name itself, but rather the number
it's associated with. This number is supposed to be unique for each
set of names, and we assume that algorithm names are globally unique,
i.e. there can be no name overlap between different algorithm types.
Incidently, it was also found that the 'get' function used by
ossl_construct_method() doesn't need all the parameters it was given;
most of what it needs, it can now get through the data structure given
by the caller of ossl_construct_method(). As a consequence,
ossl_construct_method() itself doesn't need all the parameters it was
given either.
There are some added internal functions that are expected to disappear
as soon as legacy code is removed, such as evp_first_name() and
ossl_namemap_num2name().
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9897)
2019-09-14 22:22:19 +08:00
|
|
|
return evp_first_name(kdf->prov, kdf->name_id);
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf)
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
2019-08-21 16:54:35 +08:00
|
|
|
return kdf->prov;
|
|
|
|
}
|
2018-06-22 05:16:18 +08:00
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx)
|
|
|
|
{
|
|
|
|
return ctx->meth;
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
void EVP_KDF_reset(EVP_KDF_CTX *ctx)
|
|
|
|
{
|
|
|
|
if (ctx == NULL)
|
|
|
|
return;
|
|
|
|
|
2019-04-22 15:18:56 +08:00
|
|
|
if (ctx->meth->reset != NULL)
|
2019-08-21 16:54:35 +08:00
|
|
|
ctx->meth->reset(ctx->data);
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
size_t EVP_KDF_size(EVP_KDF_CTX *ctx)
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
2019-08-21 16:54:35 +08:00
|
|
|
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
|
|
|
|
size_t s;
|
2018-06-22 05:16:18 +08:00
|
|
|
|
|
|
|
if (ctx == NULL)
|
|
|
|
return 0;
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
*params = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_SIZE, &s);
|
|
|
|
if (ctx->meth->get_ctx_params != NULL
|
2019-09-11 18:52:47 +08:00
|
|
|
&& ctx->meth->get_ctx_params(ctx->data, params))
|
2019-08-21 16:54:35 +08:00
|
|
|
return s;
|
|
|
|
if (ctx->meth->get_params != NULL
|
|
|
|
&& ctx->meth->get_params(params))
|
|
|
|
return s;
|
|
|
|
return 0;
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen)
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
|
|
|
if (ctx == NULL)
|
|
|
|
return 0;
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
return ctx->meth->derive(ctx->data, key, keylen);
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
/*
|
|
|
|
* The {get,set}_params functions return 1 if there is no corresponding
|
|
|
|
* function in the implementation. This is the same as if there was one,
|
|
|
|
* but it didn't recognise any of the given params, i.e. nothing in the
|
|
|
|
* bag of parameters was useful.
|
|
|
|
*/
|
|
|
|
int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[])
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
2019-08-21 16:54:35 +08:00
|
|
|
if (kdf->get_params != NULL)
|
|
|
|
return kdf->get_params(params);
|
|
|
|
return 1;
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[])
|
2018-06-22 05:16:18 +08:00
|
|
|
{
|
2019-08-21 16:54:35 +08:00
|
|
|
if (ctx->meth->get_ctx_params != NULL)
|
|
|
|
return ctx->meth->get_ctx_params(ctx->data, params);
|
|
|
|
return 1;
|
|
|
|
}
|
2018-06-22 05:16:18 +08:00
|
|
|
|
2019-08-21 16:54:35 +08:00
|
|
|
int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[])
|
|
|
|
{
|
|
|
|
if (ctx->meth->set_ctx_params != NULL)
|
|
|
|
return ctx->meth->set_ctx_params(ctx->data, params);
|
|
|
|
return 1;
|
2018-06-22 05:16:18 +08:00
|
|
|
}
|