[thirdparty/openssl.git] / crypto / evp / exchange.c

/*
 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/crypto.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include "internal/cryptlib.h"
#include "internal/refcount.h"
#include "internal/provider.h"
#include "internal/core.h"
#include "internal/numbers.h"   /* includes SIZE_MAX */
#include "crypto/evp.h"
#include "evp_local.h"

static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
{
    EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH));

    if (exchange == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
        return NULL;
    }

    exchange->lock = CRYPTO_THREAD_lock_new();
    if (exchange->lock == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(exchange);
        return NULL;
    }
    exchange->prov = prov;
    ossl_provider_up_ref(prov);
    exchange->refcnt = 1;

    return exchange;
}

static void *evp_keyexch_from_algorithm(int name_id,
                                        const OSSL_ALGORITHM *algodef,
                                        OSSL_PROVIDER *prov)
{
    const OSSL_DISPATCH *fns = algodef->implementation;
    EVP_KEYEXCH *exchange = NULL;
    int fncnt = 0, sparamfncnt = 0, gparamfncnt = 0;

    if ((exchange = evp_keyexch_new(prov)) == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
        goto err;
    }

    exchange->name_id = name_id;
    if ((exchange->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
        goto err;
    exchange->description = algodef->algorithm_description;

    for (; fns->function_id != 0; fns++) {
        switch (fns->function_id) {
        case OSSL_FUNC_KEYEXCH_NEWCTX:
            if (exchange->newctx != NULL)
                break;
            exchange->newctx = OSSL_FUNC_keyexch_newctx(fns);
            fncnt++;
            break;
        case OSSL_FUNC_KEYEXCH_INIT:
            if (exchange->init != NULL)
                break;
            exchange->init = OSSL_FUNC_keyexch_init(fns);
            fncnt++;
            break;
        case OSSL_FUNC_KEYEXCH_SET_PEER:
            if (exchange->set_peer != NULL)
                break;
            exchange->set_peer = OSSL_FUNC_keyexch_set_peer(fns);
            break;
        case OSSL_FUNC_KEYEXCH_DERIVE:
            if (exchange->derive != NULL)
                break;
            exchange->derive = OSSL_FUNC_keyexch_derive(fns);
            fncnt++;
            break;
        case OSSL_FUNC_KEYEXCH_FREECTX:
            if (exchange->freectx != NULL)
                break;
            exchange->freectx = OSSL_FUNC_keyexch_freectx(fns);
            fncnt++;
            break;
        case OSSL_FUNC_KEYEXCH_DUPCTX:
            if (exchange->dupctx != NULL)
                break;
            exchange->dupctx = OSSL_FUNC_keyexch_dupctx(fns);
            break;
        case OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS:
            if (exchange->get_ctx_params != NULL)
                break;
            exchange->get_ctx_params = OSSL_FUNC_keyexch_get_ctx_params(fns);
            gparamfncnt++;
            break;
        case OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS:
            if (exchange->gettable_ctx_params != NULL)
                break;
            exchange->gettable_ctx_params
                = OSSL_FUNC_keyexch_gettable_ctx_params(fns);
            gparamfncnt++;
            break;
        case OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS:
            if (exchange->set_ctx_params != NULL)
                break;
            exchange->set_ctx_params = OSSL_FUNC_keyexch_set_ctx_params(fns);
            sparamfncnt++;
            break;
        case OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS:
            if (exchange->settable_ctx_params != NULL)
                break;
            exchange->settable_ctx_params
                = OSSL_FUNC_keyexch_settable_ctx_params(fns);
            sparamfncnt++;
            break;
        }
    }
    if (fncnt != 4
            || (gparamfncnt != 0 && gparamfncnt != 2)
            || (sparamfncnt != 0 && sparamfncnt != 2)) {
        /*
         * In order to be a consistent set of functions we must have at least
         * a complete set of "exchange" functions: init, derive, newctx,
         * and freectx. The set_ctx_params and settable_ctx_params functions are
         * optional, but if one of them is present then the other one must also
         * be present. Same goes for get_ctx_params and gettable_ctx_params.
         * The dupctx and set_peer functions are optional.
         */
        ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
        goto err;
    }

    return exchange;

 err:
    EVP_KEYEXCH_free(exchange);
    return NULL;
}

void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange)
{
    int i;

    if (exchange == NULL)
        return;
    CRYPTO_DOWN_REF(&exchange->refcnt, &i, exchange->lock);
    if (i > 0)
        return;
    OPENSSL_free(exchange->type_name);
    ossl_provider_free(exchange->prov);
    CRYPTO_THREAD_lock_free(exchange->lock);
    OPENSSL_free(exchange);
}

int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange)
{
    int ref = 0;

    CRYPTO_UP_REF(&exchange->refcnt, &ref, exchange->lock);
    return 1;
}

OSSL_PROVIDER *EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH *exchange)
{
    return exchange->prov;
}

EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                               const char *properties)
{
    return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties,
                             evp_keyexch_from_algorithm,
                             (int (*)(void *))EVP_KEYEXCH_up_ref,
                             (void (*)(void *))EVP_KEYEXCH_free);
}

EVP_KEYEXCH *evp_keyexch_fetch_from_prov(OSSL_PROVIDER *prov,
                                         const char *algorithm,
                                         const char *properties)
{
    return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYEXCH,
                                       algorithm, properties,
                                       evp_keyexch_from_algorithm,
                                       (int (*)(void *))EVP_KEYEXCH_up_ref,
                                       (void (*)(void *))EVP_KEYEXCH_free);
}

int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
{
    return EVP_PKEY_derive_init_ex(ctx, NULL);
}

int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
{
    int ret;
    void *provkey = NULL;
    EVP_KEYEXCH *exchange = NULL;
    EVP_KEYMGMT *tmp_keymgmt = NULL;
    const OSSL_PROVIDER *tmp_prov = NULL;
    const char *supported_exch = NULL;
    int iter;

    if (ctx == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
        return -2;
    }

    evp_pkey_ctx_free_old_ops(ctx);
    ctx->operation = EVP_PKEY_OP_DERIVE;

    ERR_set_mark();

    if (evp_pkey_ctx_is_legacy(ctx))
        goto legacy;

    /*
     * Some algorithms (e.g. legacy KDFs) don't have a pkey - so we create
     * a blank one.
     */
    if (ctx->pkey == NULL) {
        EVP_PKEY *pkey = EVP_PKEY_new();

        if (pkey == NULL
            || !EVP_PKEY_set_type_by_keymgmt(pkey, ctx->keymgmt)
            || (pkey->keydata = evp_keymgmt_newdata(ctx->keymgmt)) == NULL) {
            ERR_clear_last_mark();
            EVP_PKEY_free(pkey);
            ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
            goto err;
        }
        ctx->pkey = pkey;
    }

    /*
     * Try to derive the supported exch from |ctx->keymgmt|.
     */
    if (!ossl_assert(ctx->pkey->keymgmt == NULL
                     || ctx->pkey->keymgmt == ctx->keymgmt)) {
        ERR_clear_last_mark();
        ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
        goto err;
    }
    supported_exch = evp_keymgmt_util_query_operation_name(ctx->keymgmt,
                                                           OSSL_OP_KEYEXCH);
    if (supported_exch == NULL) {
        ERR_clear_last_mark();
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
        goto err;
    }


    /*
     * We perform two iterations:
     *
     * 1.  Do the normal exchange fetch, using the fetching data given by
     *     the EVP_PKEY_CTX.
     * 2.  Do the provider specific exchange fetch, from the same provider
     *     as |ctx->keymgmt|
     *
     * We then try to fetch the keymgmt from the same provider as the
     * exchange, and try to export |ctx->pkey| to that keymgmt (when
     * this keymgmt happens to be the same as |ctx->keymgmt|, the export
     * is a no-op, but we call it anyway to not complicate the code even
     * more).
     * If the export call succeeds (returns a non-NULL provider key pointer),
     * we're done and can perform the operation itself.  If not, we perform
     * the second iteration, or jump to legacy.
     */
    for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) {
        EVP_KEYMGMT *tmp_keymgmt_tofree = NULL;

        /*
         * If we're on the second iteration, free the results from the first.
         * They are NULL on the first iteration, so no need to check what
         * iteration we're on.
         */
        EVP_KEYEXCH_free(exchange);
        EVP_KEYMGMT_free(tmp_keymgmt);

        switch (iter) {
        case 1:
            exchange =
                EVP_KEYEXCH_fetch(ctx->libctx, supported_exch, ctx->propquery);
            if (exchange != NULL)
                tmp_prov = EVP_KEYEXCH_get0_provider(exchange);
            break;
        case 2:
            tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt);
            exchange =
                evp_keyexch_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
                                              supported_exch, ctx->propquery);
            if (exchange == NULL)
                goto legacy;
            break;
        }
        if (exchange == NULL)
            continue;

        /*
         * Ensure that the key is provided, either natively, or as a cached
         * export.  We start by fetching the keymgmt with the same name as
         * |ctx->pkey|, but from the provider of the exchange method, using
         * the same property query as when fetching the exchange method.
         * With the keymgmt we found (if we did), we try to export |ctx->pkey|
         * to it (evp_pkey_export_to_provider() is smart enough to only actually
         * export it if |tmp_keymgmt| is different from |ctx->pkey|'s keymgmt)
         */
        tmp_keymgmt_tofree = tmp_keymgmt =
            evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
                                        EVP_KEYMGMT_get0_name(ctx->keymgmt),
                                        ctx->propquery);
        if (tmp_keymgmt != NULL)
            provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
                                                  &tmp_keymgmt, ctx->propquery);
        if (tmp_keymgmt == NULL)
            EVP_KEYMGMT_free(tmp_keymgmt_tofree);
    }

    if (provkey == NULL) {
        EVP_KEYEXCH_free(exchange);
        goto legacy;
    }

    ERR_pop_to_mark();

    /* No more legacy from here down to legacy: */

    ctx->op.kex.exchange = exchange;
    ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
    if (ctx->op.kex.algctx == NULL) {
        /* The provider key can stay in the cache */
        ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
        goto err;
    }
    ret = exchange->init(ctx->op.kex.algctx, provkey, params);

    EVP_KEYMGMT_free(tmp_keymgmt);
    return ret ? 1 : 0;
 err:
    evp_pkey_ctx_free_old_ops(ctx);
    ctx->operation = EVP_PKEY_OP_UNDEFINED;
    EVP_KEYMGMT_free(tmp_keymgmt);
    return 0;

 legacy:
    /*
     * If we don't have the full support we need with provided methods,
     * let's go see if legacy does.
     */
    ERR_pop_to_mark();

#ifdef FIPS_MODULE
    return 0;
#else
    if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
        return -2;
    }

    if (ctx->pmeth->derive_init == NULL)
        return 1;
    ret = ctx->pmeth->derive_init(ctx);
    if (ret <= 0)
        ctx->operation = EVP_PKEY_OP_UNDEFINED;
    EVP_KEYMGMT_free(tmp_keymgmt);
    return ret;
#endif
}

int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer,
                                int validate_peer)
{
    int ret = 0, check;
    void *provkey = NULL;
    EVP_PKEY_CTX *check_ctx = NULL;

    if (ctx == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
        return -1;
    }

    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.algctx == NULL)
        goto legacy;

    if (ctx->op.kex.exchange->set_peer == NULL) {
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
        return -2;
    }

    if (validate_peer) {
        check_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, peer, ctx->propquery);
        if (check_ctx == NULL)
            return -1;
        check = EVP_PKEY_public_check(check_ctx);
        EVP_PKEY_CTX_free(check_ctx);
        if (check <= 0)
            return -1;
    }

    provkey = evp_pkey_export_to_provider(peer, ctx->libctx, &ctx->keymgmt,
                                          ctx->propquery);
    /*
     * If making the key provided wasn't possible, legacy may be able to pick
     * it up
     */
    if (provkey == NULL)
        goto legacy;
    return ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey);

 legacy:
#ifdef FIPS_MODULE
    return ret;
#else
    if (ctx->pmeth == NULL
        || !(ctx->pmeth->derive != NULL
             || ctx->pmeth->encrypt != NULL
             || ctx->pmeth->decrypt != NULL)
        || ctx->pmeth->ctrl == NULL) {
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
        return -2;
    }
    if (ctx->operation != EVP_PKEY_OP_DERIVE
        && ctx->operation != EVP_PKEY_OP_ENCRYPT
        && ctx->operation != EVP_PKEY_OP_DECRYPT) {
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
        return -1;
    }

    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);

    if (ret <= 0)
        return ret;

    if (ret == 2)
        return 1;

    if (ctx->pkey == NULL) {
        ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
        return -1;
    }

    if (ctx->pkey->type != peer->type) {
        ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES);
        return -1;
    }

    /*
     * For clarity.  The error is if parameters in peer are
     * present (!missing) but don't match.  EVP_PKEY_parameters_eq may return
     * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
     * (different key types) is impossible here because it is checked earlier.
     * -2 is OK for us here, as well as 1, so we can check for 0 only.
     */
    if (!EVP_PKEY_missing_parameters(peer) &&
        !EVP_PKEY_parameters_eq(ctx->pkey, peer)) {
        ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS);
        return -1;
    }

    EVP_PKEY_free(ctx->peerkey);
    ctx->peerkey = peer;

    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);

    if (ret <= 0) {
        ctx->peerkey = NULL;
        return ret;
    }

    EVP_PKEY_up_ref(peer);
    return 1;
#endif
}

int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
{
    return EVP_PKEY_derive_set_peer_ex(ctx, peer, 1);
}

int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
{
    int ret;

    if (ctx == NULL || pkeylen == NULL) {
        ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
        return -1;
    }

    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
        return -1;
    }

    if (ctx->op.kex.algctx == NULL)
        goto legacy;

    ret = ctx->op.kex.exchange->derive(ctx->op.kex.algctx, key, pkeylen,
                                       key != NULL ? *pkeylen : 0);

    return ret;
 legacy:
    if (ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
        ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
        return -2;
    }

    M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
        return ctx->pmeth->derive(ctx, key, pkeylen);
}

int evp_keyexch_get_number(const EVP_KEYEXCH *keyexch)
{
    return keyexch->name_id;
}

const char *EVP_KEYEXCH_get0_name(const EVP_KEYEXCH *keyexch)
{
    return keyexch->type_name;
}

const char *EVP_KEYEXCH_get0_description(const EVP_KEYEXCH *keyexch)
{
    return keyexch->description;
}

int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name)
{
    return evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
}

void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
                                 void (*fn)(EVP_KEYEXCH *keyexch, void *arg),
                                 void *arg)
{
    evp_generic_do_all(libctx, OSSL_OP_KEYEXCH,
                       (void (*)(void *, void *))fn, arg,
                       evp_keyexch_from_algorithm,
                       (int (*)(void *))EVP_KEYEXCH_up_ref,
                       (void (*)(void *))EVP_KEYEXCH_free);
}

int EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
                             void (*fn)(const char *name, void *data),
                             void *data)
{
    if (keyexch->prov != NULL)
        return evp_names_do_all(keyexch->prov, keyexch->name_id, fn, data);

    return 1;
}

const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch)
{
    void *provctx;

    if (keyexch == NULL || keyexch->gettable_ctx_params == NULL)
        return NULL;

    provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
    return keyexch->gettable_ctx_params(NULL, provctx);
}

const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch)
{
    void *provctx;

    if (keyexch == NULL || keyexch->settable_ctx_params == NULL)
        return NULL;
    provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
    return keyexch->settable_ctx_params(NULL, provctx);
}
Commit	Line	Data
ff64702b	1	/*
4333b89f	2	* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
ff64702b MC	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <openssl/crypto.h>
	11	#include <openssl/evp.h>
	12	#include <openssl/err.h>
5246183e	13	#include "internal/cryptlib.h"
ff64702b	14	#include "internal/refcount.h"
ff64702b	15	#include "internal/provider.h"
6c9bc258	16	#include "internal/core.h"
ac5a61ca	17	#include "internal/numbers.h" /* includes SIZE_MAX */
6c9bc258	18	#include "crypto/evp.h"
706457b7	19	#include "evp_local.h"
ff64702b MC	20
	21	static EVP_KEYEXCH evp_keyexch_new(OSSL_PROVIDER prov)
	22	{
	23	EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH));
	24
c1ff5994 MC	25	if (exchange == NULL) {
	26	ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
	27	return NULL;
	28	}
	29
ff64702b MC	30	exchange->lock = CRYPTO_THREAD_lock_new();
ff64702b MC	31	if (exchange->lock == NULL) {
c1ff5994	32	ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
ff64702b MC	33	OPENSSL_free(exchange);
	34	return NULL;
	35	}
	36	exchange->prov = prov;
	37	ossl_provider_up_ref(prov);
	38	exchange->refcnt = 1;
	39
	40	return exchange;
	41	}
	42
309a78aa RL	43	static void *evp_keyexch_from_algorithm(int name_id,
	44	const OSSL_ALGORITHM *algodef,
	45	OSSL_PROVIDER *prov)
ff64702b	46	{
309a78aa	47	const OSSL_DISPATCH *fns = algodef->implementation;
ff64702b	48	EVP_KEYEXCH *exchange = NULL;
4fe54d67	49	int fncnt = 0, sparamfncnt = 0, gparamfncnt = 0;
ff64702b	50
f7c16d48	51	if ((exchange = evp_keyexch_new(prov)) == NULL) {
3ca9d210 RL	52	ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
3ca9d210 RL	53	goto err;
6b9e3724	54	}
ff64702b	55
f7c16d48	56	exchange->name_id = name_id;
6c9bc258 TM	57	if ((exchange->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
6c9bc258 TM	58	goto err;
309a78aa	59	exchange->description = algodef->algorithm_description;
3ca9d210	60
ff64702b MC	61	for (; fns->function_id != 0; fns++) {
	62	switch (fns->function_id) {
	63	case OSSL_FUNC_KEYEXCH_NEWCTX:
	64	if (exchange->newctx != NULL)
	65	break;
363b1e5d	66	exchange->newctx = OSSL_FUNC_keyexch_newctx(fns);
ff64702b MC	67	fncnt++;
	68	break;
	69	case OSSL_FUNC_KEYEXCH_INIT:
	70	if (exchange->init != NULL)
	71	break;
363b1e5d	72	exchange->init = OSSL_FUNC_keyexch_init(fns);
ff64702b MC	73	fncnt++;
	74	break;
	75	case OSSL_FUNC_KEYEXCH_SET_PEER:
	76	if (exchange->set_peer != NULL)
	77	break;
363b1e5d	78	exchange->set_peer = OSSL_FUNC_keyexch_set_peer(fns);
ff64702b MC	79	break;
	80	case OSSL_FUNC_KEYEXCH_DERIVE:
	81	if (exchange->derive != NULL)
	82	break;
363b1e5d	83	exchange->derive = OSSL_FUNC_keyexch_derive(fns);
ff64702b MC	84	fncnt++;
	85	break;
	86	case OSSL_FUNC_KEYEXCH_FREECTX:
	87	if (exchange->freectx != NULL)
	88	break;
363b1e5d	89	exchange->freectx = OSSL_FUNC_keyexch_freectx(fns);
ff64702b MC	90	fncnt++;
	91	break;
	92	case OSSL_FUNC_KEYEXCH_DUPCTX:
	93	if (exchange->dupctx != NULL)
	94	break;
363b1e5d	95	exchange->dupctx = OSSL_FUNC_keyexch_dupctx(fns);
ff64702b	96	break;
4fe54d67 NT	97	case OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS:
	98	if (exchange->get_ctx_params != NULL)
	99	break;
363b1e5d	100	exchange->get_ctx_params = OSSL_FUNC_keyexch_get_ctx_params(fns);
4fe54d67 NT	101	gparamfncnt++;
	102	break;
	103	case OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS:
	104	if (exchange->gettable_ctx_params != NULL)
	105	break;
	106	exchange->gettable_ctx_params
363b1e5d	107	= OSSL_FUNC_keyexch_gettable_ctx_params(fns);
4fe54d67 NT	108	gparamfncnt++;
4fe54d67 NT	109	break;
9c45222d MC	110	case OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS:
9c45222d MC	111	if (exchange->set_ctx_params != NULL)
35aca9ec	112	break;
363b1e5d	113	exchange->set_ctx_params = OSSL_FUNC_keyexch_set_ctx_params(fns);
4fe54d67	114	sparamfncnt++;
9c45222d MC	115	break;
	116	case OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS:
	117	if (exchange->settable_ctx_params != NULL)
	118	break;
	119	exchange->settable_ctx_params
363b1e5d	120	= OSSL_FUNC_keyexch_settable_ctx_params(fns);
4fe54d67	121	sparamfncnt++;
35aca9ec	122	break;
ff64702b MC	123	}
ff64702b MC	124	}
4fe54d67 NT	125	if (fncnt != 4
	126	\|\| (gparamfncnt != 0 && gparamfncnt != 2)
	127	\|\| (sparamfncnt != 0 && sparamfncnt != 2)) {
ff64702b MC	128	/*
	129	* In order to be a consistent set of functions we must have at least
	130	* a complete set of "exchange" functions: init, derive, newctx,
9c45222d MC	131	* and freectx. The set_ctx_params and settable_ctx_params functions are
9c45222d MC	132	* optional, but if one of them is present then the other one must also
4fe54d67 NT	133	* be present. Same goes for get_ctx_params and gettable_ctx_params.
4fe54d67 NT	134	* The dupctx and set_peer functions are optional.
ff64702b	135	*/
9311d0c4	136	ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
3ca9d210	137	goto err;
ff64702b MC	138	}
	139
	140	return exchange;
3ca9d210 RL	141
	142	err:
	143	EVP_KEYEXCH_free(exchange);
3ca9d210	144	return NULL;
ff64702b MC	145	}
	146
	147	void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange)
	148	{
543e740b RS	149	int i;
	150
	151	if (exchange == NULL)
	152	return;
	153	CRYPTO_DOWN_REF(&exchange->refcnt, &i, exchange->lock);
	154	if (i > 0)
	155	return;
6c9bc258	156	OPENSSL_free(exchange->type_name);
543e740b RS	157	ossl_provider_free(exchange->prov);
	158	CRYPTO_THREAD_lock_free(exchange->lock);
	159	OPENSSL_free(exchange);
ff64702b MC	160	}
	161
	162	int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange)
	163	{
	164	int ref = 0;
	165
	166	CRYPTO_UP_REF(&exchange->refcnt, &ref, exchange->lock);
	167	return 1;
	168	}
	169
ed576acd	170	OSSL_PROVIDER EVP_KEYEXCH_get0_provider(const EVP_KEYEXCH exchange)
8b84b075 RL	171	{
	172	return exchange->prov;
	173	}
	174
b4250010	175	EVP_KEYEXCH EVP_KEYEXCH_fetch(OSSL_LIB_CTX ctx, const char *algorithm,
ff64702b MC	176	const char *properties)
ff64702b MC	177	{
0ddf74bf	178	return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties,
309a78aa	179	evp_keyexch_from_algorithm,
0ddf74bf RL	180	(int ()(void ))EVP_KEYEXCH_up_ref,
0ddf74bf RL	181	(void ()(void ))EVP_KEYEXCH_free);
ff64702b MC	182	}
ff64702b MC	183
ff778146 RL	184	EVP_KEYEXCH evp_keyexch_fetch_from_prov(OSSL_PROVIDER prov,
	185	const char *algorithm,
	186	const char *properties)
	187	{
	188	return evp_generic_fetch_from_prov(prov, OSSL_OP_KEYEXCH,
	189	algorithm, properties,
	190	evp_keyexch_from_algorithm,
	191	(int ()(void ))EVP_KEYEXCH_up_ref,
	192	(void ()(void ))EVP_KEYEXCH_free);
	193	}
	194
c0e0984f	195	int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
4b58d9b4 P	196	{
	197	return EVP_PKEY_derive_init_ex(ctx, NULL);
	198	}
	199
	200	int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
ff64702b MC	201	{
ff64702b MC	202	int ret;
8b84b075	203	void *provkey = NULL;
c0e0984f	204	EVP_KEYEXCH *exchange = NULL;
f6aa5774	205	EVP_KEYMGMT *tmp_keymgmt = NULL;
839ffdd1	206	const OSSL_PROVIDER *tmp_prov = NULL;
f6aa5774	207	const char *supported_exch = NULL;
839ffdd1	208	int iter;
c0e0984f RL	209
c0e0984f RL	210	if (ctx == NULL) {
6d9a54c6	211	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
c0e0984f RL	212	return -2;
c0e0984f RL	213	}
ff64702b	214
864b89ce	215	evp_pkey_ctx_free_old_ops(ctx);
ff64702b MC	216	ctx->operation = EVP_PKEY_OP_DERIVE;
ff64702b MC	217
0b9dd384 RL	218	ERR_set_mark();
0b9dd384 RL	219
f21c9c64	220	if (evp_pkey_ctx_is_legacy(ctx))
ff64702b MC	221	goto legacy;
ff64702b MC	222
3c6ed955	223	/*
5246183e RL	224	* Some algorithms (e.g. legacy KDFs) don't have a pkey - so we create
5246183e RL	225	* a blank one.
3c6ed955	226	*/
ac2d58c7	227	if (ctx->pkey == NULL) {
ac2d58c7 MC	228	EVP_PKEY *pkey = EVP_PKEY_new();
ac2d58c7 MC	229
5246183e RL	230	if (pkey == NULL
	231	\|\| !EVP_PKEY_set_type_by_keymgmt(pkey, ctx->keymgmt)
	232	\|\| (pkey->keydata = evp_keymgmt_newdata(ctx->keymgmt)) == NULL) {
ac2d58c7 MC	233	ERR_clear_last_mark();
	234	EVP_PKEY_free(pkey);
	235	ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
	236	goto err;
	237	}
5246183e	238	ctx->pkey = pkey;
ac2d58c7	239	}
5246183e RL	240
	241	/*
	242	* Try to derive the supported exch from \|ctx->keymgmt\|.
	243	*/
	244	if (!ossl_assert(ctx->pkey->keymgmt == NULL
	245	\|\| ctx->pkey->keymgmt == ctx->keymgmt)) {
	246	ERR_clear_last_mark();
	247	ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
	248	goto err;
	249	}
	250	supported_exch = evp_keymgmt_util_query_operation_name(ctx->keymgmt,
	251	OSSL_OP_KEYEXCH);
	252	if (supported_exch == NULL) {
0b9dd384	253	ERR_clear_last_mark();
f6aa5774 RL	254	ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
f6aa5774 RL	255	goto err;
c0e0984f	256	}
f6aa5774	257
f6aa5774 RL	258
f6aa5774 RL	259	/*
839ffdd1 RL	260	* We perform two iterations:
	261	*
	262	* 1. Do the normal exchange fetch, using the fetching data given by
	263	* the EVP_PKEY_CTX.
	264	* 2. Do the provider specific exchange fetch, from the same provider
	265	* as \|ctx->keymgmt\|
	266	*
	267	* We then try to fetch the keymgmt from the same provider as the
	268	* exchange, and try to export \|ctx->pkey\| to that keymgmt (when
	269	* this keymgmt happens to be the same as \|ctx->keymgmt\|, the export
	270	* is a no-op, but we call it anyway to not complicate the code even
	271	* more).
	272	* If the export call succeeds (returns a non-NULL provider key pointer),
	273	* we're done and can perform the operation itself. If not, we perform
	274	* the second iteration, or jump to legacy.
f6aa5774	275	*/
839ffdd1	276	for (iter = 1, provkey = NULL; iter < 3 && provkey == NULL; iter++) {
dc010ca6	277	EVP_KEYMGMT *tmp_keymgmt_tofree = NULL;
ff64702b	278
839ffdd1 RL	279	/*
	280	* If we're on the second iteration, free the results from the first.
	281	* They are NULL on the first iteration, so no need to check what
	282	* iteration we're on.
	283	*/
	284	EVP_KEYEXCH_free(exchange);
	285	EVP_KEYMGMT_free(tmp_keymgmt);
	286
	287	switch (iter) {
	288	case 1:
	289	exchange =
	290	EVP_KEYEXCH_fetch(ctx->libctx, supported_exch, ctx->propquery);
	291	if (exchange != NULL)
	292	tmp_prov = EVP_KEYEXCH_get0_provider(exchange);
	293	break;
	294	case 2:
	295	tmp_prov = EVP_KEYMGMT_get0_provider(ctx->keymgmt);
	296	exchange =
	297	evp_keyexch_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
	298	supported_exch, ctx->propquery);
	299	if (exchange == NULL)
	300	goto legacy;
	301	break;
	302	}
	303	if (exchange == NULL)
	304	continue;
	305
	306	/*
	307	* Ensure that the key is provided, either natively, or as a cached
	308	* export. We start by fetching the keymgmt with the same name as
	309	* \|ctx->pkey\|, but from the provider of the exchange method, using
	310	* the same property query as when fetching the exchange method.
	311	* With the keymgmt we found (if we did), we try to export \|ctx->pkey\|
	312	* to it (evp_pkey_export_to_provider() is smart enough to only actually
	313	* export it if \|tmp_keymgmt\| is different from \|ctx->pkey\|'s keymgmt)
	314	*/
	315	tmp_keymgmt_tofree = tmp_keymgmt =
	316	evp_keymgmt_fetch_from_prov((OSSL_PROVIDER *)tmp_prov,
	317	EVP_KEYMGMT_get0_name(ctx->keymgmt),
	318	ctx->propquery);
	319	if (tmp_keymgmt != NULL)
	320	provkey = evp_pkey_export_to_provider(ctx->pkey, ctx->libctx,
	321	&tmp_keymgmt, ctx->propquery);
	322	if (tmp_keymgmt == NULL)
	323	EVP_KEYMGMT_free(tmp_keymgmt_tofree);
	324	}
	325
	326	if (provkey == NULL) {
	327	EVP_KEYEXCH_free(exchange);
5246183e	328	goto legacy;
839ffdd1	329	}
5246183e	330
0b9dd384 RL	331	ERR_pop_to_mark();
	332
	333	/* No more legacy from here down to legacy: */
c0e0984f	334
864b89ce	335	ctx->op.kex.exchange = exchange;
7c14d0c1 SL	336	ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
7c14d0c1 SL	337	if (ctx->op.kex.algctx == NULL) {
8b84b075	338	/* The provider key can stay in the cache */
9311d0c4	339	ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
ff64702b MC	340	goto err;
ff64702b MC	341	}
7c14d0c1	342	ret = exchange->init(ctx->op.kex.algctx, provkey, params);
ff64702b	343
5246183e	344	EVP_KEYMGMT_free(tmp_keymgmt);
ff64702b MC	345	return ret ? 1 : 0;
ff64702b MC	346	err:
c7fa9297	347	evp_pkey_ctx_free_old_ops(ctx);
ff64702b	348	ctx->operation = EVP_PKEY_OP_UNDEFINED;
5246183e	349	EVP_KEYMGMT_free(tmp_keymgmt);
ff64702b MC	350	return 0;
	351
	352	legacy:
0b9dd384	353	/*
0b9dd384 RL	354	* If we don't have the full support we need with provided methods,
	355	* let's go see if legacy does.
	356	*/
	357	ERR_pop_to_mark();
	358
f844f9eb	359	#ifdef FIPS_MODULE
62f49b90 SL	360	return 0;
62f49b90 SL	361	#else
e0d8523e	362	if (ctx->pmeth == NULL \|\| ctx->pmeth->derive == NULL) {
9311d0c4	363	ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
ff64702b MC	364	return -2;
	365	}
	366
	367	if (ctx->pmeth->derive_init == NULL)
	368	return 1;
	369	ret = ctx->pmeth->derive_init(ctx);
	370	if (ret <= 0)
	371	ctx->operation = EVP_PKEY_OP_UNDEFINED;
5246183e	372	EVP_KEYMGMT_free(tmp_keymgmt);
ff64702b	373	return ret;
62f49b90	374	#endif
ff64702b MC	375	}
ff64702b MC	376
e454a393 SL	377	int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX ctx, EVP_PKEY peer,
e454a393 SL	378	int validate_peer)
ff64702b	379	{
e454a393	380	int ret = 0, check;
8b84b075	381	void *provkey = NULL;
e454a393	382	EVP_PKEY_CTX *check_ctx = NULL;
ff64702b MC	383
ff64702b MC	384	if (ctx == NULL) {
6d9a54c6 TM	385	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
6d9a54c6 TM	386	return -1;
ff64702b MC	387	}
ff64702b MC	388
7c14d0c1	389	if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) \|\| ctx->op.kex.algctx == NULL)
ff64702b MC	390	goto legacy;
ff64702b MC	391
864b89ce	392	if (ctx->op.kex.exchange->set_peer == NULL) {
9311d0c4	393	ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
ff64702b MC	394	return -2;
	395	}
	396
e454a393 SL	397	if (validate_peer) {
	398	check_ctx = EVP_PKEY_CTX_new_from_pkey(ctx->libctx, peer, ctx->propquery);
	399	if (check_ctx == NULL)
	400	return -1;
	401	check = EVP_PKEY_public_check(check_ctx);
	402	EVP_PKEY_CTX_free(check_ctx);
	403	if (check <= 0)
	404	return -1;
	405	}
	406
3c6ed955 RL	407	provkey = evp_pkey_export_to_provider(peer, ctx->libctx, &ctx->keymgmt,
3c6ed955 RL	408	ctx->propquery);
3f7ce7f1 RL	409	/*
	410	* If making the key provided wasn't possible, legacy may be able to pick
	411	* it up
	412	*/
e0d8523e RL	413	if (provkey == NULL)
e0d8523e RL	414	goto legacy;
7c14d0c1	415	return ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey);
ff64702b MC	416
ff64702b MC	417	legacy:
f844f9eb	418	#ifdef FIPS_MODULE
62f49b90 SL	419	return ret;
62f49b90 SL	420	#else
ff64702b MC	421	if (ctx->pmeth == NULL
	422	\|\| !(ctx->pmeth->derive != NULL
	423	\|\| ctx->pmeth->encrypt != NULL
	424	\|\| ctx->pmeth->decrypt != NULL)
	425	\|\| ctx->pmeth->ctrl == NULL) {
9311d0c4	426	ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
ff64702b MC	427	return -2;
	428	}
	429	if (ctx->operation != EVP_PKEY_OP_DERIVE
	430	&& ctx->operation != EVP_PKEY_OP_ENCRYPT
	431	&& ctx->operation != EVP_PKEY_OP_DECRYPT) {
bf23b9a1	432	ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
ff64702b MC	433	return -1;
	434	}
	435
	436	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
	437
	438	if (ret <= 0)
	439	return ret;
	440
	441	if (ret == 2)
	442	return 1;
	443
	444	if (ctx->pkey == NULL) {
9311d0c4	445	ERR_raise(ERR_LIB_EVP, EVP_R_NO_KEY_SET);
ff64702b MC	446	return -1;
	447	}
	448
	449	if (ctx->pkey->type != peer->type) {
9311d0c4	450	ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_KEY_TYPES);
ff64702b MC	451	return -1;
	452	}
	453
	454	/*
	455	* For clarity. The error is if parameters in peer are
c74aaa39	456	* present (!missing) but don't match. EVP_PKEY_parameters_eq may return
ff64702b MC	457	* 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
	458	* (different key types) is impossible here because it is checked earlier.
	459	* -2 is OK for us here, as well as 1, so we can check for 0 only.
	460	*/
	461	if (!EVP_PKEY_missing_parameters(peer) &&
c74aaa39	462	!EVP_PKEY_parameters_eq(ctx->pkey, peer)) {
9311d0c4	463	ERR_raise(ERR_LIB_EVP, EVP_R_DIFFERENT_PARAMETERS);
ff64702b MC	464	return -1;
	465	}
	466
	467	EVP_PKEY_free(ctx->peerkey);
	468	ctx->peerkey = peer;
	469
	470	ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
	471
	472	if (ret <= 0) {
	473	ctx->peerkey = NULL;
	474	return ret;
	475	}
	476
	477	EVP_PKEY_up_ref(peer);
	478	return 1;
62f49b90	479	#endif
ff64702b MC	480	}
ff64702b MC	481
e454a393 SL	482	int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX ctx, EVP_PKEY peer)
	483	{
	484	return EVP_PKEY_derive_set_peer_ex(ctx, peer, 1);
	485	}
	486
ff64702b MC	487	int EVP_PKEY_derive(EVP_PKEY_CTX ctx, unsigned char key, size_t *pkeylen)
	488	{
	489	int ret;
	490
6d9a54c6 TM	491	if (ctx == NULL \|\| pkeylen == NULL) {
	492	ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
	493	return -1;
ff64702b MC	494	}
ff64702b MC	495
864b89ce	496	if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
bf23b9a1	497	ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_INITIALIZED);
ff64702b MC	498	return -1;
	499	}
	500
7c14d0c1	501	if (ctx->op.kex.algctx == NULL)
ff64702b MC	502	goto legacy;
ff64702b MC	503
7c14d0c1	504	ret = ctx->op.kex.exchange->derive(ctx->op.kex.algctx, key, pkeylen,
6d9a54c6	505	key != NULL ? *pkeylen : 0);
ff64702b MC	506
	507	return ret;
	508	legacy:
6d9a54c6	509	if (ctx->pmeth == NULL \|\| ctx->pmeth->derive == NULL) {
9311d0c4	510	ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
ff64702b MC	511	return -2;
	512	}
	513
	514	M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
	515	return ctx->pmeth->derive(ctx, key, pkeylen);
	516	}
251e610c	517
bcd5d3a2	518	int evp_keyexch_get_number(const EVP_KEYEXCH *keyexch)
506cb0f6 RL	519	{
	520	return keyexch->name_id;
	521	}
	522
ed576acd	523	const char EVP_KEYEXCH_get0_name(const EVP_KEYEXCH keyexch)
6c9bc258 TM	524	{
	525	return keyexch->type_name;
	526	}
	527
ed576acd	528	const char EVP_KEYEXCH_get0_description(const EVP_KEYEXCH keyexch)
03888233 RL	529	{
	530	return keyexch->description;
	531	}
	532
251e610c RL	533	int EVP_KEYEXCH_is_a(const EVP_KEYEXCH keyexch, const char name)
251e610c RL	534	{
e4a1d023	535	return evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
251e610c RL	536	}
251e610c RL	537
b4250010	538	void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
251e610c RL	539	void (fn)(EVP_KEYEXCH keyexch, void *arg),
	540	void *arg)
	541	{
251e610c RL	542	evp_generic_do_all(libctx, OSSL_OP_KEYEXCH,
251e610c RL	543	(void ()(void , void *))fn, arg,
309a78aa	544	evp_keyexch_from_algorithm,
cd770738	545	(int ()(void ))EVP_KEYEXCH_up_ref,
251e610c RL	546	(void ()(void ))EVP_KEYEXCH_free);
251e610c RL	547	}
f651c727	548
d84f5515 MC	549	int EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch,
	550	void (fn)(const char name, void *data),
	551	void *data)
f651c727 RL	552	{
f651c727 RL	553	if (keyexch->prov != NULL)
d84f5515 MC	554	return evp_names_do_all(keyexch->prov, keyexch->name_id, fn, data);
	555
	556	return 1;
f651c727	557	}
e3efe7a5 SL	558
	559	const OSSL_PARAM EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH keyexch)
	560	{
	561	void *provctx;
	562
	563	if (keyexch == NULL \|\| keyexch->gettable_ctx_params == NULL)
	564	return NULL;
	565
ed576acd	566	provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
fb67126e	567	return keyexch->gettable_ctx_params(NULL, provctx);
e3efe7a5 SL	568	}
	569
	570	const OSSL_PARAM EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH keyexch)
	571	{
	572	void *provctx;
	573
	574	if (keyexch == NULL \|\| keyexch->settable_ctx_params == NULL)
	575	return NULL;
ed576acd	576	provctx = ossl_provider_ctx(EVP_KEYEXCH_get0_provider(keyexch));
fb67126e	577	return keyexch->settable_ctx_params(NULL, provctx);
e3efe7a5	578	}