Added X963KDF API (8bbeaaa4) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/ec/ecdh_kdf.c

+15 −49

Original line number	Original line	Diff line number	Diff line
	/*		/*
	* Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.		* Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
	*		*
	* Licensed under the Apache License 2.0 (the "License"). You may not use		* Licensed under the Apache License 2.0 (the "License"). You may not use
	* this file except in compliance with the License. You can obtain a copy		* this file except in compliance with the License. You can obtain a copy
	@@ -10,62 +10,28 @@
	#include <string.h>		#include <string.h>
	#include <openssl/ec.h>		#include <openssl/ec.h>
	#include <openssl/evp.h>		#include <openssl/evp.h>
			#include <openssl/kdf.h>
	#include "ec_lcl.h"		#include "ec_lcl.h"

	/* Key derivation function from X9.63/SECG */		/* Key derivation function from X9.63/SECG */
	/* Way more than we will ever need */
	#define ECDH_KDF_MAX (1 << 30)

	int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,		int ecdh_KDF_X9_63(unsigned char *out, size_t outlen,
	const unsigned char *Z, size_t Zlen,		const unsigned char *Z, size_t Zlen,
	const unsigned char *sinfo, size_t sinfolen,		const unsigned char *sinfo, size_t sinfolen,
	const EVP_MD *md)		const EVP_MD *md)
	{		{
	EVP_MD_CTX *mctx = NULL;		int ret;
	int rv = 0;		EVP_KDF_CTX *kctx = NULL;
	unsigned int i;
	size_t mdlen;		kctx = EVP_KDF_CTX_new(EVP_get_kdfbyname(SN_x963kdf));
	unsigned char ctr[4];		ret =
	if (sinfolen > ECDH_KDF_MAX \|\| outlen > ECDH_KDF_MAX		kctx != NULL
	\|\| Zlen > ECDH_KDF_MAX)		&& EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_MD, md) > 0
	return 0;		&& EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_KEY, Z, Zlen) > 0
	mctx = EVP_MD_CTX_new();		&& EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SHARED_INFO, sinfo, sinfolen) > 0
	if (mctx == NULL)		&& EVP_KDF_derive(kctx, out, outlen) > 0;
	return 0;
	mdlen = EVP_MD_size(md);		EVP_KDF_CTX_free(kctx);
	for (i = 1;; i++) {		return ret;
	unsigned char mtmp[EVP_MAX_MD_SIZE];
	if (!EVP_DigestInit_ex(mctx, md, NULL))
	goto err;
	ctr[3] = i & 0xFF;
	ctr[2] = (i >> 8) & 0xFF;
	ctr[1] = (i >> 16) & 0xFF;
	ctr[0] = (i >> 24) & 0xFF;
	if (!EVP_DigestUpdate(mctx, Z, Zlen))
	goto err;
	if (!EVP_DigestUpdate(mctx, ctr, sizeof(ctr)))
	goto err;
	if (!EVP_DigestUpdate(mctx, sinfo, sinfolen))
	goto err;
	if (outlen >= mdlen) {
	if (!EVP_DigestFinal(mctx, out, NULL))
	goto err;
	outlen -= mdlen;
	if (outlen == 0)
	break;
	out += mdlen;
	} else {
	if (!EVP_DigestFinal(mctx, mtmp, NULL))
	goto err;
	memcpy(out, mtmp, outlen);
	OPENSSL_cleanse(mtmp, mdlen);
	break;
	}
	}
	rv = 1;
	err:
	EVP_MD_CTX_free(mctx);
	return rv;
	}		}

	/*-		/*-

crypto/err/openssl.txt

+2 −0

crypto/evp/c_allkdf.c

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -20,4 +20,5 @@ void openssl_add_all_kdfs_int(void)
	EVP_add_kdf(&hkdf_kdf_meth);		EVP_add_kdf(&hkdf_kdf_meth);
	EVP_add_kdf(&sshkdf_kdf_meth);		EVP_add_kdf(&sshkdf_kdf_meth);
	EVP_add_kdf(&ss_kdf_meth);		EVP_add_kdf(&ss_kdf_meth);
			EVP_add_kdf(&x963_kdf_meth);
	}		}

crypto/evp/kdf_lib.c

+5 −3

Original line number	Original line	Diff line number	Diff line
	@@ -22,8 +22,12 @@

	EVP_KDF_CTX EVP_KDF_CTX_new(const EVP_KDF kdf)		EVP_KDF_CTX EVP_KDF_CTX_new(const EVP_KDF kdf)
	{		{
	EVP_KDF_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_KDF_CTX));		EVP_KDF_CTX *ctx = NULL;

			if (kdf == NULL)
			return NULL;

			ctx = OPENSSL_zalloc(sizeof(EVP_KDF_CTX));
	if (ctx == NULL \|\| (ctx->impl = kdf->new()) == NULL) {		if (ctx == NULL \|\| (ctx->impl = kdf->new()) == NULL) {
	EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE);		EVPerr(EVP_F_EVP_KDF_CTX_NEW, ERR_R_MALLOC_FAILURE);
	OPENSSL_free(ctx);		OPENSSL_free(ctx);
	@@ -38,8 +42,6 @@ EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id)
	{		{
	const EVP_KDF *kdf = EVP_get_kdfbynid(id);		const EVP_KDF *kdf = EVP_get_kdfbynid(id);

	if (kdf == NULL)
	return NULL;
	return EVP_KDF_CTX_new(kdf);		return EVP_KDF_CTX_new(kdf);
	}		}

crypto/include/internal/evp_int.h

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -172,6 +172,7 @@ extern const EVP_KDF tls1_prf_kdf_meth;
	extern const EVP_KDF hkdf_kdf_meth;		extern const EVP_KDF hkdf_kdf_meth;
	extern const EVP_KDF sshkdf_kdf_meth;		extern const EVP_KDF sshkdf_kdf_meth;
	extern const EVP_KDF ss_kdf_meth;		extern const EVP_KDF ss_kdf_meth;
			extern const EVP_KDF x963_kdf_meth;

	struct evp_md_st {		struct evp_md_st {
	/* nid */		/* nid */

Original line number	Original line	Diff line number	Diff line
	@@ -925,6 +925,7 @@ KDF_F_SSKDF_MAC2CTRL:136:sskdf_mac2ctrl
	KDF_F_SSKDF_NEW:137:sskdf_new		KDF_F_SSKDF_NEW:137:sskdf_new
	KDF_F_SSKDF_SIZE:138:sskdf_size		KDF_F_SSKDF_SIZE:138:sskdf_size
	KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg		KDF_F_TLS1_PRF_ALG:111:tls1_prf_alg
			KDF_F_X963KDF_DERIVE:139:x963kdf_derive
	OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object		OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
	OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid		OBJ_F_OBJ_ADD_SIGID:107:OBJ_add_sigid
	OBJ_F_OBJ_CREATE:100:OBJ_create		OBJ_F_OBJ_CREATE:100:OBJ_create
	@@ -2464,6 +2465,7 @@ KDF_R_MISSING_SEED:106:missing seed
	KDF_R_MISSING_SESSION_ID:113:missing session id		KDF_R_MISSING_SESSION_ID:113:missing session id
	KDF_R_MISSING_TYPE:114:missing type		KDF_R_MISSING_TYPE:114:missing type
	KDF_R_MISSING_XCGHASH:115:missing xcghash		KDF_R_MISSING_XCGHASH:115:missing xcghash
			KDF_R_NOT_SUPPORTED:118:not supported
	KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type		KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type
	KDF_R_UNSUPPORTED_MAC_TYPE:117:unsupported mac type		KDF_R_UNSUPPORTED_MAC_TYPE:117:unsupported mac type
	KDF_R_VALUE_ERROR:108:value error		KDF_R_VALUE_ERROR:108:value error

Admin message