LIBS=../../libcrypto
$COMMON=digest.c evp_enc.c evp_lib.c evp_fetch.c cmeth_lib.c evp_utils.c \
- mac_lib.c mac_meth.c keymgmt_meth.c keymgmt_lib.c
+ mac_lib.c mac_meth.c keymgmt_meth.c keymgmt_lib.c kdf_lib.c kdf_meth.c
SOURCE[../../libcrypto]=$COMMON\
encode.c evp_key.c evp_cnf.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
c_allc.c c_alld.c bio_ok.c \
- evp_pkey.c kdf_lib.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \
- pkey_kdf.c c_allkdf.c \
+ evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c pbe_scrypt.c \
+ pkey_kdf.c \
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
e_chacha20_poly1305.c \
} /* EVP_MAC_CTX */;
struct evp_kdf_ctx_st {
- const EVP_KDF *meth; /* Method structure */
- EVP_KDF_IMPL *impl; /* Algorithm-specific data */
+ EVP_KDF *meth; /* Method structure */
+ void *data; /* Algorithm-specific data */
} /* EVP_KDF_CTX */ ;
struct evp_keymgmt_st {
#include <openssl/evp.h>
#include <openssl/x509v3.h>
#include <openssl/kdf.h>
+#include <openssl/core.h>
+#include <openssl/core_names.h>
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "internal/numbers.h"
+#include "internal/provider.h"
#include "evp_locl.h"
-EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf)
+EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf)
{
EVP_KDF_CTX *ctx = NULL;
return NULL;
ctx = OPENSSL_zalloc(sizeof(EVP_KDF_CTX));
- if (ctx == NULL || (ctx->impl = kdf->new()) == NULL) {
+ if (ctx == NULL
+ || (ctx->data = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL
+ || !EVP_KDF_up_ref(kdf)) {
EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ if (ctx != NULL)
+ kdf->freectx(ctx->data);
OPENSSL_free(ctx);
ctx = NULL;
} else {
return ctx;
}
-EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id)
+void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx)
{
- const EVP_KDF *kdf = EVP_get_kdfbynid(id);
-
- return EVP_KDF_CTX_new(kdf);
+ if (ctx != NULL) {
+ ctx->meth->freectx(ctx->data);
+ ctx->data = NULL;
+ EVP_KDF_free(ctx->meth);
+ OPENSSL_free(ctx);
+ }
}
-int EVP_KDF_nid(const EVP_KDF *kdf)
+EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src)
{
- return kdf->type;
+ EVP_KDF_CTX *dst;
+
+ if (src->data == NULL || src == NULL || src->meth->dupctx == NULL)
+ return NULL;
+
+ dst = OPENSSL_malloc(sizeof(*dst));
+ if (dst == NULL) {
+ EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ memcpy(dst, src, sizeof(*dst));
+ if (!EVP_KDF_up_ref(dst->meth)) {
+ EVPerr(EVP_F_EVP_KDF_CTX_DUP, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(dst);
+ return NULL;
+ }
+
+ dst->data = src->meth->dupctx(src->data);
+ if (dst->data == NULL) {
+ EVP_KDF_CTX_free(dst);
+ return NULL;
+ }
+ return dst;
}
-const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx)
+const char *EVP_KDF_name(const EVP_KDF *kdf)
{
- return ctx->meth;
+ return kdf->name;
}
-void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx)
+const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf)
{
- if (ctx == NULL)
- return;
+ return kdf->prov;
+}
- ctx->meth->free(ctx->impl);
- OPENSSL_free(ctx);
+const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx)
+{
+ return ctx->meth;
}
void EVP_KDF_reset(EVP_KDF_CTX *ctx)
return;
if (ctx->meth->reset != NULL)
- ctx->meth->reset(ctx->impl);
+ ctx->meth->reset(ctx->data);
}
-int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...)
+size_t EVP_KDF_size(EVP_KDF_CTX *ctx)
{
- int ret;
- va_list args;
-
- va_start(args, cmd);
- ret = EVP_KDF_vctrl(ctx, cmd, args);
- va_end(args);
-
- if (ret == -2)
- EVPerr(EVP_F_EVP_KDF_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+ OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
+ size_t s;
- return ret;
-}
-
-int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args)
-{
if (ctx == NULL)
return 0;
- return ctx->meth->ctrl(ctx->impl, cmd, args);
+ *params = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_SIZE, &s);
+ if (ctx->meth->get_ctx_params != NULL
+ && ctx->meth->get_ctx_params(ctx, params))
+ return s;
+ if (ctx->meth->get_params != NULL
+ && ctx->meth->get_params(params))
+ return s;
+ return 0;
}
-int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value)
+int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen)
{
- int ret;
-
if (ctx == NULL)
return 0;
- if (ctx->meth->ctrl_str == NULL) {
- EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
- return -2;
- }
-
- ret = ctx->meth->ctrl_str(ctx->impl, type, value);
- if (ret == -2)
- EVPerr(EVP_F_EVP_KDF_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
-
- return ret;
+ return ctx->meth->derive(ctx->data, key, keylen);
}
-size_t EVP_KDF_size(EVP_KDF_CTX *ctx)
+/*
+ * The {get,set}_params functions return 1 if there is no corresponding
+ * function in the implementation. This is the same as if there was one,
+ * but it didn't recognise any of the given params, i.e. nothing in the
+ * bag of parameters was useful.
+ */
+int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[])
{
- if (ctx == NULL)
- return 0;
-
- if (ctx->meth->size == NULL)
- return SIZE_MAX;
-
- return ctx->meth->size(ctx->impl);
+ if (kdf->get_params != NULL)
+ return kdf->get_params(params);
+ return 1;
}
-int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen)
+int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[])
{
- if (ctx == NULL)
- return 0;
+ if (ctx->meth->get_ctx_params != NULL)
+ return ctx->meth->get_ctx_params(ctx->data, params);
+ return 1;
+}
- return ctx->meth->derive(ctx->impl, key, keylen);
+int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[])
+{
+ if (ctx->meth->set_ctx_params != NULL)
+ return ctx->meth->set_ctx_params(ctx->data, params);
+ return 1;
}
--- /dev/null
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/core.h>
+#include <openssl/core_numbers.h>
+#include <openssl/kdf.h>
+#include "internal/evp_int.h"
+#include "internal/provider.h"
+#include "evp_locl.h"
+
+static int evp_kdf_up_ref(void *vkdf)
+{
+ EVP_KDF *kdf = (EVP_KDF *)vkdf;
+ int ref = 0;
+
+ CRYPTO_UP_REF(&kdf->refcnt, &ref, kdf->lock);
+ return 1;
+}
+
+static void evp_kdf_free(void *vkdf){
+ EVP_KDF *kdf = (EVP_KDF *)vkdf;
+ int ref = 0;
+
+ if (kdf != NULL) {
+ CRYPTO_DOWN_REF(&kdf->refcnt, &ref, kdf->lock);
+ if (ref <= 0) {
+ ossl_provider_free(kdf->prov);
+ OPENSSL_free(kdf->name);
+ CRYPTO_THREAD_lock_free(kdf->lock);
+ OPENSSL_free(kdf);
+ }
+ }
+}
+
+static void *evp_kdf_new(void)
+{
+ EVP_KDF *kdf = NULL;
+
+ if ((kdf = OPENSSL_zalloc(sizeof(*kdf))) == NULL
+ || (kdf->lock = CRYPTO_THREAD_lock_new()) == NULL) {
+ OPENSSL_free(kdf);
+ return NULL;
+ }
+ kdf->refcnt = 1;
+ return kdf;
+}
+
+static void *evp_kdf_from_dispatch(const char *name, const OSSL_DISPATCH *fns,
+ OSSL_PROVIDER *prov, void *method_data)
+{
+ EVP_KDF *kdf = NULL;
+ int fnkdfcnt = 0, fnctxcnt = 0;
+
+ if ((kdf = evp_kdf_new()) == NULL
+ || (kdf->name = OPENSSL_strdup(name)) == NULL) {
+ evp_kdf_free(kdf);
+ EVPerr(0, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ for (; fns->function_id != 0; fns++) {
+ switch (fns->function_id) {
+ case OSSL_FUNC_KDF_NEWCTX:
+ if (kdf->newctx != NULL)
+ break;
+ kdf->newctx = OSSL_get_OP_kdf_newctx(fns);
+ fnctxcnt++;
+ break;
+ case OSSL_FUNC_KDF_DUPCTX:
+ if (kdf->dupctx != NULL)
+ break;
+ kdf->dupctx = OSSL_get_OP_kdf_dupctx(fns);
+ break;
+ case OSSL_FUNC_KDF_FREECTX:
+ if (kdf->freectx != NULL)
+ break;
+ kdf->freectx = OSSL_get_OP_kdf_freectx(fns);
+ fnctxcnt++;
+ break;
+ case OSSL_FUNC_KDF_DERIVE:
+ if (kdf->derive != NULL)
+ break;
+ kdf->derive = OSSL_get_OP_kdf_derive(fns);
+ fnkdfcnt++;
+ break;
+ case OSSL_FUNC_KDF_GETTABLE_PARAMS:
+ if (kdf->gettable_params != NULL)
+ break;
+ kdf->gettable_params =
+ OSSL_get_OP_kdf_gettable_params(fns);
+ break;
+ case OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS:
+ if (kdf->gettable_ctx_params != NULL)
+ break;
+ kdf->gettable_ctx_params =
+ OSSL_get_OP_kdf_gettable_ctx_params(fns);
+ break;
+ case OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS:
+ if (kdf->settable_ctx_params != NULL)
+ break;
+ kdf->settable_ctx_params =
+ OSSL_get_OP_kdf_settable_ctx_params(fns);
+ break;
+ case OSSL_FUNC_KDF_GET_PARAMS:
+ if (kdf->get_params != NULL)
+ break;
+ kdf->get_params = OSSL_get_OP_kdf_get_params(fns);
+ break;
+ case OSSL_FUNC_KDF_GET_CTX_PARAMS:
+ if (kdf->get_ctx_params != NULL)
+ break;
+ kdf->get_ctx_params = OSSL_get_OP_kdf_get_ctx_params(fns);
+ break;
+ case OSSL_FUNC_KDF_SET_CTX_PARAMS:
+ if (kdf->set_ctx_params != NULL)
+ break;
+ kdf->set_ctx_params = OSSL_get_OP_kdf_set_ctx_params(fns);
+ break;
+ }
+ }
+ if (fnkdfcnt != 1 || fnctxcnt != 2) {
+ /*
+ * In order to be a consistent set of functions we must have at least
+ * a derive function, and a complete set of context management
+ * functions.
+ */
+ evp_kdf_free(kdf);
+ ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
+ return NULL;
+ }
+ kdf->prov = prov;
+ if (prov != NULL)
+ ossl_provider_up_ref(prov);
+
+ return kdf;
+}
+
+EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+ const char *properties)
+{
+ return evp_generic_fetch(libctx, OSSL_OP_KDF, algorithm, properties,
+ evp_kdf_from_dispatch, NULL, evp_kdf_up_ref,
+ evp_kdf_free);
+}
+
+int EVP_KDF_up_ref(EVP_KDF *kdf)
+{
+ return evp_kdf_up_ref(kdf);
+}
+
+void EVP_KDF_free(EVP_KDF *kdf)
+{
+ evp_kdf_free(kdf);
+}
+
+const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf)
+{
+ if (kdf->gettable_params == NULL)
+ return NULL;
+ return kdf->gettable_params();
+}
+
+const OSSL_PARAM *EVP_KDF_CTX_gettable_params(const EVP_KDF *kdf)
+{
+ if (kdf->gettable_ctx_params == NULL)
+ return NULL;
+ return kdf->gettable_ctx_params();
+}
+
+const OSSL_PARAM *EVP_KDF_CTX_settable_params(const EVP_KDF *kdf)
+{
+ if (kdf->settable_ctx_params == NULL)
+ return NULL;
+ return kdf->settable_ctx_params();
+}
+
+void EVP_KDF_do_all_ex(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_KDF *kdf, void *arg),
+ void *arg)
+{
+ evp_generic_do_all(libctx, OSSL_OP_KDF,
+ (void (*)(void *, void *))fn, arg,
+ evp_kdf_from_dispatch, NULL, evp_kdf_free);
+}
return r;
}
-/* TODO(3.0) Is this needed after changing to providers? */
-int EVP_add_kdf(const EVP_KDF *k)
-{
- int r;
-
- if (k == NULL)
- return 0;
-
- r = OBJ_NAME_add(OBJ_nid2sn(k->type), OBJ_NAME_TYPE_KDF_METH,
- (const char *)k);
- if (r == 0)
- return 0;
- r = OBJ_NAME_add(OBJ_nid2ln(k->type), OBJ_NAME_TYPE_KDF_METH,
- (const char *)k);
- return r;
-}
-
const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
{
const EVP_CIPHER *cp;
return cp;
}
-/* TODO(3.0) Is this API needed after implementing providers? */
-const EVP_KDF *EVP_get_kdfbyname(const char *name)
-{
- const EVP_KDF *kdf;
-
- if (!OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_KDFS, NULL))
- return NULL;
-
- kdf = (const EVP_KDF *)OBJ_NAME_get(name, OBJ_NAME_TYPE_KDF_METH);
- return kdf;
-}
-
void evp_cleanup_int(void)
{
OBJ_NAME_cleanup(OBJ_NAME_TYPE_KDF_METH);
OSSL_OP_mac_set_ctx_params_fn *set_ctx_params;
};
-/*
- * This function is internal for now, but can be made external when needed.
- * The documentation would read:
- *
- * EVP_add_mac() adds the MAC implementation C<mac> to the internal
- * object database.
- */
-int EVP_add_kdf(const EVP_KDF *kdf);
-
-/* struct evp_kdf_impl_st is defined by the implementation */
-typedef struct evp_kdf_impl_st EVP_KDF_IMPL;
struct evp_kdf_st {
- int type;
- EVP_KDF_IMPL *(*new) (void);
- void (*free) (EVP_KDF_IMPL *impl);
- void (*reset) (EVP_KDF_IMPL *impl);
- int (*ctrl) (EVP_KDF_IMPL *impl, int cmd, va_list args);
- int (*ctrl_str) (EVP_KDF_IMPL *impl, const char *type, const char *value);
- size_t (*size) (EVP_KDF_IMPL *impl);
- int (*derive) (EVP_KDF_IMPL *impl, unsigned char *key, size_t keylen);
+ OSSL_PROVIDER *prov;
+ char *name;
+ CRYPTO_REF_COUNT refcnt;
+ CRYPTO_RWLOCK *lock;
+
+ OSSL_OP_kdf_newctx_fn *newctx;
+ OSSL_OP_kdf_dupctx_fn *dupctx;
+ OSSL_OP_kdf_freectx_fn *freectx;
+ OSSL_OP_kdf_reset_fn *reset;
+ OSSL_OP_kdf_derive_fn *derive;
+ OSSL_OP_kdf_gettable_params_fn *gettable_params;
+ OSSL_OP_kdf_gettable_ctx_params_fn *gettable_ctx_params;
+ OSSL_OP_kdf_settable_ctx_params_fn *settable_ctx_params;
+ OSSL_OP_kdf_get_params_fn *get_params;
+ OSSL_OP_kdf_get_ctx_params_fn *get_ctx_params;
+ OSSL_OP_kdf_set_ctx_params_fn *set_ctx_params;
};
extern const EVP_KDF pbkdf2_kdf_meth;
void openssl_add_all_ciphers_int(void);
void openssl_add_all_digests_int(void);
-void openssl_add_all_macs_int(void);
-void openssl_add_all_kdfs_int(void);
void evp_cleanup_int(void);
void evp_app_cleanup_int(void);
LIBS=../../libcrypto
SOURCE[../../libcrypto]=\
- tls1_prf.c kdf_err.c kdf_util.c hkdf.c scrypt.c pbkdf2.c sshkdf.c \
- sskdf.c x942kdf.c
+ kdf_err.c kdf_util.c
+++ /dev/null
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- EVP_KDF_IMPL *impl, int cmd, ...);
-int kdf_str2ctrl(EVP_KDF_IMPL *impl,
- int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- int cmd, const char *str);
-int kdf_hex2ctrl(EVP_KDF_IMPL *impl,
- int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- int cmd, const char *hex);
-int kdf_md2ctrl(EVP_KDF_IMPL *impl,
- int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- int cmd, const char *md_name);
-
+++ /dev/null
-/*
- * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- */
-
-#include <string.h>
-#include <stdarg.h>
-#include <openssl/kdf.h>
-#include <openssl/evp.h>
-#include "internal/cryptlib.h"
-#include "internal/evp_int.h"
-#include "internal/numbers.h"
-#include "kdf_local.h"
-
-int call_ctrl(int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- EVP_KDF_IMPL *impl, int cmd, ...)
-{
- int ret;
- va_list args;
-
- va_start(args, cmd);
- ret = ctrl(impl, cmd, args);
- va_end(args);
-
- return ret;
-}
-
-/* Utility functions to send a string or hex string to a ctrl */
-
-int kdf_str2ctrl(EVP_KDF_IMPL *impl,
- int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- int cmd, const char *str)
-{
- return call_ctrl(ctrl, impl, cmd, (const unsigned char *)str, strlen(str));
-}
-
-int kdf_hex2ctrl(EVP_KDF_IMPL *impl,
- int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- int cmd, const char *hex)
-{
- unsigned char *bin;
- long binlen;
- int ret = -1;
-
- bin = OPENSSL_hexstr2buf(hex, &binlen);
- if (bin == NULL)
- return 0;
-
- if (binlen <= INT_MAX)
- ret = call_ctrl(ctrl, impl, cmd, bin, (size_t)binlen);
- OPENSSL_free(bin);
- return ret;
-}
-
-/* Pass a message digest to a ctrl */
-int kdf_md2ctrl(EVP_KDF_IMPL *impl,
- int (*ctrl)(EVP_KDF_IMPL *impl, int cmd, va_list args),
- int cmd, const char *md_name)
-{
- const EVP_MD *md;
-
- if (md_name == NULL || (md = EVP_get_digestbyname(md_name)) == NULL) {
- KDFerr(KDF_F_KDF_MD2CTRL, KDF_R_INVALID_DIGEST);
- return 0;
- }
- return call_ctrl(ctrl, impl, cmd, md);
-}
-
# include <stdarg.h>
# include <stddef.h>
# include <openssl/ossl_typ.h>
-# include <openssl/kdferr.h>
+# include <openssl/core.h>
+
# ifdef __cplusplus
extern "C" {
# endif
# define EVP_KDF_X963 NID_x963kdf
# define EVP_KDF_X942 NID_x942kdf
-EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id);
-EVP_KDF_CTX *EVP_KDF_CTX_new(const EVP_KDF *kdf);
+int EVP_KDF_up_ref(EVP_KDF *kdf);
+void EVP_KDF_free(EVP_KDF *kdf);
+EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm,
+ const char *properties);
+#define EVP_get_kdfbyname(name) EVP_KDF_fetch(NULL, (name), NULL)
+
+EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf);
void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx);
+EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src);
+const char *EVP_KDF_name(const EVP_KDF *kdf);
+const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf);
const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx);
void EVP_KDF_reset(EVP_KDF_CTX *ctx);
-int EVP_KDF_ctrl(EVP_KDF_CTX *ctx, int cmd, ...);
-int EVP_KDF_vctrl(EVP_KDF_CTX *ctx, int cmd, va_list args);
-int EVP_KDF_ctrl_str(EVP_KDF_CTX *ctx, const char *type, const char *value);
size_t EVP_KDF_size(EVP_KDF_CTX *ctx);
int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen);
+int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]);
+int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]);
+int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]);
+const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf);
+const OSSL_PARAM *EVP_KDF_CTX_gettable_params(const EVP_KDF *kdf);
+const OSSL_PARAM *EVP_KDF_CTX_settable_params(const EVP_KDF *kdf);
-int EVP_KDF_nid(const EVP_KDF *kdf);
-# define EVP_get_kdfbynid(a) EVP_get_kdfbyname(OBJ_nid2sn(a))
-# define EVP_get_kdfbyobj(a) EVP_get_kdfbynid(OBJ_obj2nid(a))
-# define EVP_KDF_name(o) OBJ_nid2sn(EVP_KDF_nid(o))
-const EVP_KDF *EVP_get_kdfbyname(const char *name);
+void EVP_KDF_do_all_ex(OPENSSL_CTX *libctx,
+ void (*fn)(EVP_KDF *kdf, void *arg),
+ void *arg);
# define EVP_KDF_CTRL_SET_PASS 0x01 /* unsigned char *, size_t */
# define EVP_KDF_CTRL_SET_SALT 0x02 /* unsigned char *, size_t */
# define EVP_KDF_CTRL_SET_KEY 0x05 /* unsigned char *, size_t */
# define EVP_KDF_CTRL_SET_MAXMEM_BYTES 0x06 /* uint64_t */
# define EVP_KDF_CTRL_SET_TLS_SECRET 0x07 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_RESET_TLS_SEED 0x08
-# define EVP_KDF_CTRL_ADD_TLS_SEED 0x09 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_RESET_HKDF_INFO 0x0a
-# define EVP_KDF_CTRL_ADD_HKDF_INFO 0x0b /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_HKDF_MODE 0x0c /* int */
-# define EVP_KDF_CTRL_SET_SCRYPT_N 0x0d /* uint64_t */
-# define EVP_KDF_CTRL_SET_SCRYPT_R 0x0e /* uint32_t */
-# define EVP_KDF_CTRL_SET_SCRYPT_P 0x0f /* uint32_t */
-# define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */
-# define EVP_KDF_CTRL_SET_MAC 0x13 /* EVP_MAC * */
-# define EVP_KDF_CTRL_SET_MAC_SIZE 0x14 /* size_t */
-# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x15 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE 0x16 /* int */
-# define EVP_KDF_CTRL_SET_UKM 0x17 /* unsigned char *, size_t */
-# define EVP_KDF_CTRL_SET_CEK_ALG 0x18 /* char * */
+# define EVP_KDF_CTRL_ADD_TLS_SEED 0x08 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_RESET_HKDF_INFO 0x09
+# define EVP_KDF_CTRL_ADD_HKDF_INFO 0x0a /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_HKDF_MODE 0x0b /* int */
+# define EVP_KDF_CTRL_SET_SCRYPT_N 0x0c /* uint64_t */
+# define EVP_KDF_CTRL_SET_SCRYPT_R 0x0d /* uint32_t */
+# define EVP_KDF_CTRL_SET_SCRYPT_P 0x0e /* uint32_t */
+# define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x0f /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x10 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x11 /* int */
+# define EVP_KDF_CTRL_SET_MAC 0x12 /* EVP_MAC * */
+# define EVP_KDF_CTRL_SET_MAC_SIZE 0x13 /* size_t */
+# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x14 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_PBKDF2_PKCS5_MODE 0x15 /* int */
+# define EVP_KDF_CTRL_SET_UKM 0x16 /* unsigned char *, size_t */
+# define EVP_KDF_CTRL_SET_CEK_ALG 0x17 /* char * */
# define EVP_KDF_CTRL_SET_SHARED_INFO EVP_KDF_CTRL_SET_SSKDF_INFO
# define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0