EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate
EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex
EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate
+EVP_F_EVP_KEYEXCH_FROM_DISPATCH:244:evp_keyexch_from_dispatch
EVP_F_EVP_KDF_CTRL:224:EVP_KDF_ctrl
EVP_F_EVP_KDF_CTRL_STR:225:EVP_KDF_ctrl_str
EVP_F_EVP_KDF_CTX_NEW:240:EVP_KDF_CTX_new
EVP_F_EVP_PKEY_DECRYPT_OLD:151:EVP_PKEY_decrypt_old
EVP_F_EVP_PKEY_DERIVE:153:EVP_PKEY_derive
EVP_F_EVP_PKEY_DERIVE_INIT:154:EVP_PKEY_derive_init
+EVP_F_EVP_PKEY_DERIVE_INIT_EX:243:EVP_PKEY_derive_init_ex
EVP_F_EVP_PKEY_DERIVE_SET_PEER:155:EVP_PKEY_derive_set_peer
EVP_F_EVP_PKEY_ENCRYPT:105:EVP_PKEY_encrypt
EVP_F_EVP_PKEY_ENCRYPT_INIT:139:EVP_PKEY_encrypt_init
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
e_chacha20_poly1305.c \
- mac_lib.c c_allm.c pkey_mac.c
+ mac_lib.c c_allm.c pkey_mac.c exchange.c
SOURCE[../../providers/fips]=$COMMON
INCLUDE[e_aes.o]=.. ../modes
#include <openssl/objects.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
+#include <openssl/dh.h>
#include "internal/evp_int.h"
#include "internal/provider.h"
#include "evp_locl.h"
OPENSSL_free(bin);
return rv;
}
+
+#ifndef FIPS_MODE
+/*
+ * TODO(3.0): Temporarily unavailable in FIPS mode. This will need to be added
+ * in later.
+ */
+
+#define MAX_PARAMS 10
+typedef struct {
+ /* Number of the current param */
+ size_t curr;
+ struct {
+ /* Key for the current param */
+ const char *key;
+ /* Value for the current param */
+ const BIGNUM *bnparam;
+ /* Size of the buffer required for the BN */
+ size_t bufsz;
+ } params[MAX_PARAMS];
+ /* Running count of the total size required */
+ size_t totsz;
+ int ispublic;
+} PARAMS_TEMPLATE;
+
+static int push_param_bn(PARAMS_TEMPLATE *tmpl, const char *key,
+ const BIGNUM *bn)
+{
+ int sz;
+
+ sz = BN_num_bytes(bn);
+ if (sz <= 0)
+ return 0;
+ tmpl->params[tmpl->curr].key = key;
+ tmpl->params[tmpl->curr].bnparam = bn;
+ tmpl->params[tmpl->curr++].bufsz = (size_t)sz;
+ tmpl->totsz += sizeof(OSSL_PARAM) + (size_t)sz;
+
+ return 1;
+}
+
+static OSSL_PARAM *param_template_to_param(PARAMS_TEMPLATE *tmpl, size_t *sz)
+{
+ size_t i;
+ void *buf;
+ OSSL_PARAM *param = NULL;
+ unsigned char *currbuf = NULL;
+
+ if (tmpl->totsz == 0)
+ return NULL;
+
+ /* Add some space for the end of OSSL_PARAM marker */
+ tmpl->totsz += sizeof(*param);
+
+ if (tmpl->ispublic)
+ buf = OPENSSL_zalloc(tmpl->totsz);
+ else
+ buf = OPENSSL_secure_zalloc(tmpl->totsz);
+ if (buf == NULL)
+ return NULL;
+ param = buf;
+
+ currbuf = (unsigned char *)buf + (sizeof(*param) * (tmpl->curr + 1));
+
+ for (i = 0; i < tmpl->curr; i++) {
+ if (!ossl_assert((currbuf - (unsigned char *)buf )
+ + tmpl->params[i].bufsz <= tmpl->totsz))
+ goto err;
+ if (BN_bn2nativepad(tmpl->params[i].bnparam, currbuf,
+ tmpl->params[i].bufsz) < 0)
+ goto err;
+ param[i] = OSSL_PARAM_construct_BN(tmpl->params[i].key, currbuf,
+ tmpl->params[i].bufsz);
+ currbuf += tmpl->params[i].bufsz;
+ }
+ param[i] = OSSL_PARAM_construct_end();
+
+ if (sz != NULL)
+ *sz = tmpl->totsz;
+ return param;
+
+ err:
+ if (tmpl->ispublic)
+ OPENSSL_free(param);
+ else
+ OPENSSL_clear_free(param, tmpl->totsz);
+ return NULL;
+}
+
+static OSSL_PARAM *evp_pkey_dh_to_param(EVP_PKEY *pkey, size_t *sz)
+{
+ DH *dh = pkey->pkey.dh;
+ PARAMS_TEMPLATE tmpl = {0};
+ const BIGNUM *p = DH_get0_p(dh), *g = DH_get0_g(dh), *q = DH_get0_q(dh);
+ const BIGNUM *pub_key = DH_get0_pub_key(dh);
+ const BIGNUM *priv_key = DH_get0_priv_key(dh);
+
+ if (p == NULL || g == NULL || pub_key == NULL)
+ return NULL;
+
+ if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_P, p)
+ || !push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_G, g)
+ || !push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_PUB_KEY, pub_key))
+ return NULL;
+
+ if (q != NULL) {
+ if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_Q, q))
+ return NULL;
+ }
+
+ if (priv_key != NULL) {
+ if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_PRIV_KEY, priv_key))
+ return NULL;
+ } else {
+ tmpl.ispublic = 1;
+ }
+
+ return param_template_to_param(&tmpl, sz);
+}
+
+OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz)
+{
+ switch (pkey->type) {
+ case EVP_PKEY_DH:
+ return evp_pkey_dh_to_param(pkey, sz);
+ default:
+ return NULL;
+ }
+}
+
+#endif /* FIPS_MODE */
/* EVP_MD_CTX related stuff */
+#include <openssl/core_numbers.h>
+
struct evp_md_ctx_st {
const EVP_MD *reqdigest; /* The original requested digest */
const EVP_MD *digest;
EVP_KDF_IMPL *impl; /* Algorithm-specific data */
} /* EVP_KDF_CTX */ ;
+struct evp_keyexch_st {
+ OSSL_PROVIDER *prov;
+ CRYPTO_REF_COUNT refcnt;
+ CRYPTO_RWLOCK *lock;
+
+ OSSL_OP_keyexch_newctx_fn *newctx;
+ OSSL_OP_keyexch_init_fn *init;
+ OSSL_OP_keyexch_set_peer_fn *set_peer;
+ OSSL_OP_keyexch_derive_fn *derive;
+ OSSL_OP_keyexch_freectx_fn *freectx;
+ OSSL_OP_keyexch_dupctx_fn *dupctx;
+} /* EVP_KEYEXCH */;
+
+
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
int passlen, ASN1_TYPE *param,
const EVP_CIPHER *c, const EVP_MD *md,
OSSL_PARAM params[]);
int evp_do_ciph_ctx_setparams(const EVP_CIPHER *ciph, void *provctx,
OSSL_PARAM params[]);
+
+OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz);
+
+#define M_check_autoarg(ctx, arg, arglen, err) \
+ if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
+ size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
+ \
+ if (pksize == 0) { \
+ EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ if (arg == NULL) { \
+ *arglen = pksize; \
+ return 1; \
+ } \
+ if (*arglen < pksize) { \
+ EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ }
--- /dev/null
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include "internal/refcount.h"
+#include "internal/evp_int.h"
+#include "internal/provider.h"
+#include "evp_locl.h"
+
+static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
+{
+ EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH));
+
+ exchange->lock = CRYPTO_THREAD_lock_new();
+ if (exchange->lock == NULL) {
+ OPENSSL_free(exchange);
+ return NULL;
+ }
+ exchange->prov = prov;
+ ossl_provider_up_ref(prov);
+ exchange->refcnt = 1;
+
+ return exchange;
+}
+
+static void *evp_keyexch_from_dispatch(const OSSL_DISPATCH *fns,
+ OSSL_PROVIDER *prov)
+{
+ EVP_KEYEXCH *exchange = NULL;
+ int fncnt = 0;
+
+ if ((exchange = evp_keyexch_new(prov)) == NULL)
+ return NULL;
+
+ for (; fns->function_id != 0; fns++) {
+ switch (fns->function_id) {
+ case OSSL_FUNC_KEYEXCH_NEWCTX:
+ if (exchange->newctx != NULL)
+ break;
+ exchange->newctx = OSSL_get_OP_keyexch_newctx(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_INIT:
+ if (exchange->init != NULL)
+ break;
+ exchange->init = OSSL_get_OP_keyexch_init(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_SET_PEER:
+ if (exchange->set_peer != NULL)
+ break;
+ exchange->set_peer = OSSL_get_OP_keyexch_set_peer(fns);
+ break;
+ case OSSL_FUNC_KEYEXCH_DERIVE:
+ if (exchange->derive != NULL)
+ break;
+ exchange->derive = OSSL_get_OP_keyexch_derive(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_FREECTX:
+ if (exchange->freectx != NULL)
+ break;
+ exchange->freectx = OSSL_get_OP_keyexch_freectx(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_DUPCTX:
+ if (exchange->dupctx != NULL)
+ break;
+ exchange->dupctx = OSSL_get_OP_keyexch_dupctx(fns);
+ break;
+ }
+ }
+ if (fncnt != 4) {
+ /*
+ * In order to be a consistent set of functions we must have at least
+ * a complete set of "exchange" functions: init, derive, newctx,
+ * and freectx. The dupctx and set_peer functions are optional.
+ */
+ EVP_KEYEXCH_free(exchange);
+ EVPerr(EVP_F_EVP_KEYEXCH_FROM_DISPATCH,
+ EVP_R_INVALID_PROVIDER_FUNCTIONS);
+ return NULL;
+ }
+
+ return exchange;
+}
+
+void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange)
+{
+ if (exchange != NULL) {
+ int i;
+
+ CRYPTO_DOWN_REF(&exchange->refcnt, &i, exchange->lock);
+ if (i > 0)
+ return;
+ ossl_provider_free(exchange->prov);
+ CRYPTO_THREAD_lock_free(exchange->lock);
+ OPENSSL_free(exchange);
+ }
+}
+
+int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange)
+{
+ int ref = 0;
+
+ CRYPTO_UP_REF(&exchange->refcnt, &ref, exchange->lock);
+ return 1;
+}
+
+EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties)
+{
+ return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties,
+ evp_keyexch_from_dispatch,
+ (int (*)(void *))EVP_KEYEXCH_up_ref,
+ (void (*)(void *))EVP_KEYEXCH_free);
+}
+
+int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, EVP_KEYEXCH *exchange)
+{
+ int ret;
+ OSSL_PARAM *param = NULL;
+ size_t paramsz = 0;
+
+ ctx->operation = EVP_PKEY_OP_DERIVE;
+
+ if (ctx->engine != NULL)
+ goto legacy;
+
+ if (exchange != NULL) {
+ if (!EVP_KEYEXCH_up_ref(exchange))
+ goto err;
+ } else {
+ int nid = ctx->pkey != NULL ? ctx->pkey->type : ctx->pmeth->pkey_id;
+
+ /*
+ * TODO(3.0): Check for legacy handling. Remove this once all all
+ * algorithms are moved to providers.
+ */
+ if (ctx->pkey != NULL) {
+ switch (ctx->pkey->type) {
+#if 0
+ case EVP_PKEY_DH:
+ break;
+#endif
+ default:
+ goto legacy;
+ }
+ exchange = EVP_KEYEXCH_fetch(NULL, OBJ_nid2sn(nid), NULL);
+ } else {
+ goto legacy;
+ }
+
+ if (exchange == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX, EVP_R_INITIALIZATION_ERROR);
+ goto err;
+ }
+ }
+
+ if (ctx->exchprovctx != NULL && ctx->exchange != NULL)
+ ctx->exchange->freectx(ctx->exchprovctx);
+ EVP_KEYEXCH_free(ctx->exchange);
+ ctx->exchange = exchange;
+ if (ctx->pkey != NULL) {
+ param = evp_pkey_to_param(ctx->pkey, ¶msz);
+ if (param == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX, EVP_R_INITIALIZATION_ERROR);
+ goto err;
+ }
+ }
+ ctx->exchprovctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
+ if (ctx->exchprovctx == NULL) {
+ OPENSSL_secure_clear_free(param, paramsz);
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX, EVP_R_INITIALIZATION_ERROR);
+ goto err;
+ }
+ ret = exchange->init(ctx->exchprovctx, param);
+ /*
+ * TODO(3.0): Really we should detect whether to call OPENSSL_free or
+ * OPENSSL_secure_clear_free based on the presence of a private key or not.
+ * Since we always expect a private key to be present we just call
+ * OPENSSL_secure_clear_free for now.
+ */
+ OPENSSL_secure_clear_free(param, paramsz);
+
+ return ret ? 1 : 0;
+ err:
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return 0;
+
+ legacy:
+ if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ctx->pmeth->derive_init == NULL)
+ return 1;
+ ret = ctx->pmeth->derive_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
+{
+ return EVP_PKEY_derive_init_ex(ctx, NULL);
+}
+
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
+{
+ int ret;
+ OSSL_PARAM *param = NULL;
+
+ if (ctx == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ctx->exchprovctx == NULL)
+ goto legacy;
+
+ if (ctx->operation != EVP_PKEY_OP_DERIVE) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ if (ctx->exchange->set_peer == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ param = evp_pkey_to_param(peer, NULL);
+ if (param == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ ret = ctx->exchange->set_peer(ctx->exchprovctx, param);
+ /*
+ * TODO(3.0): Really we should detect whether to call OPENSSL_free or
+ * OPENSSL_secure_clear_free based on the presence of a private key or not.
+ * Since we always expect a public key to be present we just call
+ * OPENSSL_free for now.
+ */
+ OPENSSL_free(param);
+
+ return ret;
+
+ legacy:
+ if (ctx->pmeth == NULL
+ || !(ctx->pmeth->derive != NULL
+ || ctx->pmeth->encrypt != NULL
+ || ctx->pmeth->decrypt != NULL)
+ || ctx->pmeth->ctrl == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_DERIVE
+ && ctx->operation != EVP_PKEY_OP_ENCRYPT
+ && ctx->operation != EVP_PKEY_OP_DECRYPT) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
+
+ if (ret <= 0)
+ return ret;
+
+ if (ret == 2)
+ return 1;
+
+ if (ctx->pkey == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
+ return -1;
+ }
+
+ if (ctx->pkey->type != peer->type) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
+ return -1;
+ }
+
+ /*
+ * For clarity. The error is if parameters in peer are
+ * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
+ * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
+ * (different key types) is impossible here because it is checked earlier.
+ * -2 is OK for us here, as well as 1, so we can check for 0 only.
+ */
+ if (!EVP_PKEY_missing_parameters(peer) &&
+ !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
+ return -1;
+ }
+
+ EVP_PKEY_free(ctx->peerkey);
+ ctx->peerkey = peer;
+
+ ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
+
+ if (ret <= 0) {
+ ctx->peerkey = NULL;
+ return ret;
+ }
+
+ EVP_PKEY_up_ref(peer);
+ return 1;
+}
+
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
+{
+ int ret;
+
+ if (ctx == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ctx->operation != EVP_PKEY_OP_DERIVE) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ if (ctx->exchprovctx == NULL)
+ goto legacy;
+
+ ret = ctx->exchange->derive(ctx->exchprovctx, key, pkeylen, SIZE_MAX);
+
+ return ret;
+ legacy:
+ if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
+ return ctx->pmeth->derive(ctx, key, pkeylen);
+}
#include <stdio.h>
#include <stdlib.h>
-#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
+#include "internal/cryptlib.h"
#include "internal/evp_int.h"
-
-#define M_check_autoarg(ctx, arg, arglen, err) \
- if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
- size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
- \
- if (pksize == 0) { \
- EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \
- return 0; \
- } \
- if (!arg) { \
- *arglen = pksize; \
- return 1; \
- } \
- if (*arglen < pksize) { \
- EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
- return 0; \
- } \
- }
+#include "evp_locl.h"
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
{
M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
}
-
-int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
-{
- int ret;
- if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
- ctx->operation = EVP_PKEY_OP_DERIVE;
- if (!ctx->pmeth->derive_init)
- return 1;
- ret = ctx->pmeth->derive_init(ctx);
- if (ret <= 0)
- ctx->operation = EVP_PKEY_OP_UNDEFINED;
- return ret;
-}
-
-int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
-{
- int ret;
- if (!ctx || !ctx->pmeth
- || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt)
- || !ctx->pmeth->ctrl) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
- if (ctx->operation != EVP_PKEY_OP_DERIVE
- && ctx->operation != EVP_PKEY_OP_ENCRYPT
- && ctx->operation != EVP_PKEY_OP_DECRYPT) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
- EVP_R_OPERATON_NOT_INITIALIZED);
- return -1;
- }
-
- ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
-
- if (ret <= 0)
- return ret;
-
- if (ret == 2)
- return 1;
-
- if (!ctx->pkey) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
- return -1;
- }
-
- if (ctx->pkey->type != peer->type) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
- return -1;
- }
-
- /*
- * For clarity. The error is if parameters in peer are
- * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
- * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
- * (different key types) is impossible here because it is checked earlier.
- * -2 is OK for us here, as well as 1, so we can check for 0 only.
- */
- if (!EVP_PKEY_missing_parameters(peer) &&
- !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
- return -1;
- }
-
- EVP_PKEY_free(ctx->peerkey);
- ctx->peerkey = peer;
-
- ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
-
- if (ret <= 0) {
- ctx->peerkey = NULL;
- return ret;
- }
-
- EVP_PKEY_up_ref(peer);
- return 1;
-}
-
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
-{
- if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
- if (ctx->operation != EVP_PKEY_OP_DERIVE) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
- return -1;
- }
- M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
- return ctx->pmeth->derive(ctx, key, pkeylen);
-}
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "internal/numbers.h"
+#include "evp_locl.h"
typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
{
EVP_PKEY_CTX *rctx;
- if (!pctx->pmeth || !pctx->pmeth->copy)
+
+ if (((pctx->pmeth == NULL) || (pctx->pmeth->copy == NULL))
+ && pctx->exchprovctx == NULL)
return NULL;
#ifndef OPENSSL_NO_ENGINE
/* Make sure it's safe to copy a pkey context using an ENGINE */
return 0;
}
#endif
- rctx = OPENSSL_malloc(sizeof(*rctx));
+ rctx = OPENSSL_zalloc(sizeof(*rctx));
if (rctx == NULL) {
EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_MALLOC_FAILURE);
return NULL;
}
+ if (pctx->pkey != NULL)
+ EVP_PKEY_up_ref(pctx->pkey);
+ rctx->pkey = pctx->pkey;
+ rctx->operation = pctx->operation;
+
+ if (pctx->exchprovctx != NULL) {
+ if (!ossl_assert(pctx->exchange != NULL))
+ return NULL;
+ rctx->exchange = pctx->exchange;
+ if (!EVP_KEYEXCH_up_ref(rctx->exchange)) {
+ OPENSSL_free(rctx);
+ return NULL;
+ }
+ rctx->exchprovctx = pctx->exchange->dupctx(pctx->exchprovctx);
+ if (rctx->exchprovctx == NULL) {
+ EVP_KEYEXCH_free(rctx->exchange);
+ OPENSSL_free(rctx);
+ return NULL;
+ }
+ return rctx;
+ }
+
rctx->pmeth = pctx->pmeth;
#ifndef OPENSSL_NO_ENGINE
rctx->engine = pctx->engine;
#endif
- if (pctx->pkey)
- EVP_PKEY_up_ref(pctx->pkey);
-
- rctx->pkey = pctx->pkey;
-
if (pctx->peerkey)
EVP_PKEY_up_ref(pctx->peerkey);
-
rctx->peerkey = pctx->peerkey;
- rctx->data = NULL;
- rctx->app_data = NULL;
- rctx->operation = pctx->operation;
-
if (pctx->pmeth->copy(rctx, pctx) > 0)
return rctx;
return;
if (ctx->pmeth && ctx->pmeth->cleanup)
ctx->pmeth->cleanup(ctx);
+
+ if (ctx->exchprovctx != NULL && ctx->exchange != NULL)
+ ctx->exchange->freectx(ctx->exchprovctx);
+
+ EVP_KEYEXCH_free(ctx->exchange);
+
EVP_PKEY_free(ctx->pkey);
EVP_PKEY_free(ctx->peerkey);
#ifndef OPENSSL_NO_ENGINE
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
struct evp_pkey_ctx_st {
+ EVP_KEYEXCH *exchange;
+ void *exchprovctx;
+
+ /* Legacy fields below */
+
/* Method associated with this operation */
const EVP_PKEY_METHOD *pmeth;
/* Engine that implements this method or NULL if builtin */
sizeof(size_t));
}
-#ifndef FIPS_MODE
-/*
- * TODO(3.0): Make this available in FIPS mode.
- *
- * Temporarily we don't include these functions in FIPS mode to avoid pulling
- * in the entire BN sub-library into the module at this point.
- */
int OSSL_PARAM_get_BN(const OSSL_PARAM *p, BIGNUM **val)
{
BIGNUM *b;
return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER,
buf, bsize);
}
-#endif
int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
{
#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type"
#define OSSL_DIGEST_PARAM_MICALG "micalg"
+/* PKEY parameters */
+/* Diffie-Hellman Parameters */
+#define OSSL_PKEY_PARAM_DH_P "dh-p"
+#define OSSL_PKEY_PARAM_DH_G "dh-g"
+#define OSSL_PKEY_PARAM_DH_Q "dh-q"
+/* Diffie-Hellman Keys */
+#define OSSL_PKEY_PARAM_DH_PUB_KEY "dh-pub"
+#define OSSL_PKEY_PARAM_DH_PRIV_KEY "dh-priv"
+
# ifdef __cplusplus
}
# endif
OSSL_CORE_MAKE_FUNC(int, OP_cipher_ctx_set_params, (void *cctx,
const OSSL_PARAM params[]))
+/* Key Exchange */
+
+# define OSSL_OP_KEYEXCH 3
+
+# define OSSL_FUNC_KEYEXCH_NEWCTX 1
+# define OSSL_FUNC_KEYEXCH_INIT 2
+# define OSSL_FUNC_KEYEXCH_DERIVE 3
+# define OSSL_FUNC_KEYEXCH_SET_PEER 4
+# define OSSL_FUNC_KEYEXCH_FREECTX 5
+# define OSSL_FUNC_KEYEXCH_DUPCTX 6
+
+OSSL_CORE_MAKE_FUNC(void *, OP_keyexch_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, OP_keyexch_init, (void *ctx,
+ OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, OP_keyexch_derive, (void *ctx, unsigned char *key,
+ size_t *keylen, size_t outlen))
+OSSL_CORE_MAKE_FUNC(int, OP_keyexch_set_peer, (void *ctx,
+ OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(void, OP_keyexch_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(void *, OP_keyexch_dupctx, (void *ctx))
+
# ifdef __cplusplus
}
# endif
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
+int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, EVP_KEYEXCH *exchange);
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX *mctx));
+
+void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange);
+int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange);
+EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+
void EVP_add_alg_module(void);
/*
typedef struct evp_kdf_st EVP_KDF;
typedef struct evp_kdf_ctx_st EVP_KDF_CTX;
+typedef struct evp_keyexch_st EVP_KEYEXCH;
+
typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
typedef struct hmac_ctx_st HMAC_CTX;
BN_rand_range_ex 4785 3_0_0 EXIST::FUNCTION:
BN_priv_rand_range_ex 4786 3_0_0 EXIST::FUNCTION:
BN_generate_prime_ex2 4787 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_derive_init_ex 4788 3_0_0 EXIST::FUNCTION:
+EVP_KEYEXCH_free 4789 3_0_0 EXIST::FUNCTION:
+EVP_KEYEXCH_up_ref 4790 3_0_0 EXIST::FUNCTION:
+EVP_KEYEXCH_fetch 4791 3_0_0 EXIST::FUNCTION: