2 * Copyright 2013-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 * DH low level APIs are deprecated for public use, but still ok for
14 #include "internal/deprecated.h"
19 #include <openssl/core_names.h>
20 #include <openssl/dh.h>
21 #include <openssl/evp.h>
22 #include <openssl/asn1.h>
23 #include <openssl/kdf.h>
24 #include <internal/provider.h>
25 #include <crypto/dh.h>
27 /* Key derivation function from X9.63/SECG */
28 int dh_KDF_X9_42_asn1(unsigned char *out
, size_t outlen
,
29 const unsigned char *Z
, size_t Zlen
,
31 const unsigned char *ukm
, size_t ukmlen
, const EVP_MD
*md
,
32 OSSL_LIB_CTX
*libctx
, const char *propq
)
35 EVP_KDF_CTX
*kctx
= NULL
;
37 OSSL_PARAM params
[5], *p
= params
;
38 const char *mdname
= EVP_MD_name(md
);
40 kdf
= EVP_KDF_fetch(libctx
, OSSL_KDF_NAME_X942KDF_ASN1
, propq
);
41 kctx
= EVP_KDF_CTX_new(kdf
);
45 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST
,
47 *p
++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY
,
48 (unsigned char *)Z
, Zlen
);
50 *p
++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_UKM
,
51 (unsigned char *)ukm
, ukmlen
);
52 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CEK_ALG
,
54 *p
= OSSL_PARAM_construct_end();
55 ret
= EVP_KDF_CTX_set_params(kctx
, params
) > 0
56 && EVP_KDF_derive(kctx
, out
, outlen
) > 0;
58 EVP_KDF_CTX_free(kctx
);
63 #if !defined(FIPS_MODULE)
64 int DH_KDF_X9_42(unsigned char *out
, size_t outlen
,
65 const unsigned char *Z
, size_t Zlen
,
67 const unsigned char *ukm
, size_t ukmlen
, const EVP_MD
*md
)
70 const char *key_alg
= NULL
;
71 const OSSL_PROVIDER
*prov
= EVP_MD_provider(md
);
72 OSSL_LIB_CTX
*libctx
= ossl_provider_libctx(prov
);
74 nid
= OBJ_obj2nid(key_oid
);
77 key_alg
= OBJ_nid2sn(nid
);
81 return dh_KDF_X9_42_asn1(out
, outlen
, Z
, Zlen
, key_alg
,
82 ukm
, ukmlen
, md
, libctx
, NULL
);
84 #endif /* !defined(FIPS_MODULE) */