Add KDF for DH. (dc1ce3bc) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/asn1/asn1.h

+2 −2

Original line number	Diff line number	Diff line
		@@ -208,14 +208,14 @@ typedef struct asn1_const_ctx_st
		#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
		#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
		#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
		typedef struct asn1_object_st
		struct asn1_object_st
		{
		const char sn,ln;
		int nid;
		int length;
		const unsigned char data; / data remains const after init */
		int flags; /* Should we free this one */
		} ASN1_OBJECT;
		};

		#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
		/* This indicates that the ASN1_STRING is not a real value but just a place

+3 −0

Original line number	Diff line number	Diff line
		@@ -364,6 +364,9 @@ EVP_CIPHER_CTX CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo ri);
		int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo cms, CMS_RecipientInfo ri,
		CMS_RecipientEncryptedKey *rek);

		int CMS_SharedInfo_encode(unsigned char *pder, X509_ALGOR kekalg,
		ASN1_OCTET_STRING *ukm, int keylen);

		/* BEGIN ERROR CODES */
		/* The following lines are auto generated by the script mkerr.pl. Any changes
		* made after this point may be overwritten when the script is next run.

+43 −0

Original line number	Diff line number	Diff line
		@@ -423,3 +423,46 @@ ASN1_SEQUENCE(CMS_Receipt) = {
		ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
		} ASN1_SEQUENCE_END(CMS_Receipt)

		/* Utilities to encode the CMS_SharedInfo structure used during key
		* derivation.
		*/

		typedef struct {
		X509_ALGOR *keyInfo;
		ASN1_OCTET_STRING *entityUInfo;
		ASN1_OCTET_STRING *suppPubInfo;
		} CMS_SharedInfo;

		ASN1_SEQUENCE(CMS_SharedInfo) = {
		ASN1_SIMPLE(CMS_SharedInfo, keyInfo, X509_ALGOR),
		ASN1_EXP_OPT(CMS_SharedInfo, entityUInfo, ASN1_OCTET_STRING, 0),
		ASN1_EXP_OPT(CMS_SharedInfo, suppPubInfo, ASN1_OCTET_STRING, 2),
		} ASN1_SEQUENCE_END(CMS_SharedInfo)

		int CMS_SharedInfo_encode(unsigned char *pder, X509_ALGOR kekalg,
		ASN1_OCTET_STRING *ukm, int keylen)
		{
		union {
		CMS_SharedInfo *pecsi;
		ASN1_VALUE *a;
		} intsi = {NULL};

		ASN1_OCTET_STRING oklen;
		unsigned char kl[4];
		CMS_SharedInfo ecsi;

		keylen <<= 3;
		kl[0] = (keylen >> 24) & 0xff;
		kl[1] = (keylen >> 16) & 0xff;
		kl[2] = (keylen >> 8) & 0xff;
		kl[3] = keylen & 0xff;
		oklen.length = 4;
		oklen.data = kl;
		oklen.type = V_ASN1_OCTET_STRING;
		oklen.flags = 0;
		ecsi.keyInfo = kekalg;
		ecsi.entityUInfo = ukm;
		ecsi.suppPubInfo = &oklen;
		intsi.pecsi = &ecsi;
		return ASN1_item_i2d(intsi.a, pder, ASN1_ITEM_rptr(CMS_SharedInfo));
		}

+2 −2

Original line number	Diff line number	Diff line
		@@ -18,9 +18,9 @@ APPS=

		LIB=$(TOP)/libcrypto.a
		LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \
		dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c
		dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c
		LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \
		dh_ameth.o dh_pmeth.o dh_prn.o dh_rfc5114.o
		dh_ameth.o dh_pmeth.o dh_prn.o dh_rfc5114.o dh_kdf.o

		SRC= $(LIBSRC)

+7 −0

Original line number	Diff line number	Diff line
		@@ -239,6 +239,13 @@ DH *DH_get_1024_160(void);
		DH *DH_get_2048_224(void);
		DH *DH_get_2048_256(void);

		/* RFC2631 KDF */
		int DH_KDF_X9_42(unsigned char *out, size_t outlen,
		const unsigned char *Z, size_t Zlen,
		ASN1_OBJECT *key_oid,
		const unsigned char *ukm, size_t ukmlen,
		const EVP_MD *md);

		#define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
		EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
		EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)