2 * Copyright 2013-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DH low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
19 #include <openssl/core_names.h>
20 #include <openssl/dh.h>
21 #include <openssl/evp.h>
22 #include <openssl/asn1.h>
23 #include <openssl/kdf.h>
24 #include "internal/provider.h"
25 #include "crypto/dh.h"
27 /* Key derivation function from X9.63/SECG */
28 int ossl_dh_kdf_X9_42_asn1(unsigned char *out
, size_t outlen
,
29 const unsigned char *Z
, size_t Zlen
,
31 const unsigned char *ukm
, size_t ukmlen
,
33 OSSL_LIB_CTX
*libctx
, const char *propq
)
36 EVP_KDF_CTX
*kctx
= NULL
;
38 OSSL_PARAM params
[5], *p
= params
;
39 const char *mdname
= EVP_MD_get0_name(md
);
41 kdf
= EVP_KDF_fetch(libctx
, OSSL_KDF_NAME_X942KDF_ASN1
, propq
);
42 kctx
= EVP_KDF_CTX_new(kdf
);
46 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST
,
48 *p
++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY
,
49 (unsigned char *)Z
, Zlen
);
51 *p
++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_UKM
,
52 (unsigned char *)ukm
, ukmlen
);
53 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG
,
55 *p
= OSSL_PARAM_construct_end();
56 ret
= EVP_KDF_derive(kctx
, out
, outlen
, params
) > 0;
58 EVP_KDF_CTX_free(kctx
);
63 #if !defined(FIPS_MODULE)
64 int DH_KDF_X9_42(unsigned char *out
, size_t outlen
,
65 const unsigned char *Z
, size_t Zlen
,
67 const unsigned char *ukm
, size_t ukmlen
, const EVP_MD
*md
)
69 char key_alg
[OSSL_MAX_NAME_SIZE
];
70 const OSSL_PROVIDER
*prov
= EVP_MD_get0_provider(md
);
71 OSSL_LIB_CTX
*libctx
= ossl_provider_libctx(prov
);
73 if (OBJ_obj2txt(key_alg
, sizeof(key_alg
), key_oid
, 0) <= 0)
76 return ossl_dh_kdf_X9_42_asn1(out
, outlen
, Z
, Zlen
, key_alg
,
77 ukm
, ukmlen
, md
, libctx
, NULL
);
79 #endif /* !defined(FIPS_MODULE) */