]>
Commit | Line | Data |
---|---|---|
89e29174 | 1 | /* |
da1c088f | 2 | * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. |
89e29174 MC |
3 | * |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
ada66e78 P |
10 | /* |
11 | * DH low level APIs are deprecated for public use, but still ok for | |
12 | * internal use. | |
13 | */ | |
14 | #include "internal/deprecated.h" | |
15 | ||
116d2510 | 16 | #include <string.h> |
89e29174 | 17 | #include <openssl/crypto.h> |
23c48d94 | 18 | #include <openssl/core_dispatch.h> |
89e29174 MC |
19 | #include <openssl/core_names.h> |
20 | #include <openssl/dh.h> | |
116d2510 | 21 | #include <openssl/err.h> |
77b03f0e | 22 | #include <openssl/proverr.h> |
89e29174 | 23 | #include <openssl/params.h> |
ca94057f | 24 | #include "prov/providercommon.h" |
af3e7e1b | 25 | #include "prov/implementations.h" |
62f49b90 | 26 | #include "prov/provider_ctx.h" |
7a810fac | 27 | #include "prov/securitycheck.h" |
62f49b90 | 28 | #include "crypto/dh.h" |
89e29174 | 29 | |
363b1e5d DMSP |
30 | static OSSL_FUNC_keyexch_newctx_fn dh_newctx; |
31 | static OSSL_FUNC_keyexch_init_fn dh_init; | |
32 | static OSSL_FUNC_keyexch_set_peer_fn dh_set_peer; | |
33 | static OSSL_FUNC_keyexch_derive_fn dh_derive; | |
34 | static OSSL_FUNC_keyexch_freectx_fn dh_freectx; | |
35 | static OSSL_FUNC_keyexch_dupctx_fn dh_dupctx; | |
36 | static OSSL_FUNC_keyexch_set_ctx_params_fn dh_set_ctx_params; | |
37 | static OSSL_FUNC_keyexch_settable_ctx_params_fn dh_settable_ctx_params; | |
116d2510 SL |
38 | static OSSL_FUNC_keyexch_get_ctx_params_fn dh_get_ctx_params; |
39 | static OSSL_FUNC_keyexch_gettable_ctx_params_fn dh_gettable_ctx_params; | |
40 | ||
41 | /* | |
42 | * This type is only really used to handle some legacy related functionality. | |
43 | * If you need to use other KDF's (such as SSKDF) just use PROV_DH_KDF_NONE | |
44 | * here and then create and run a KDF after the key is derived. | |
45 | * Note that X942 has 2 variants of key derivation: | |
46 | * (1) DH_KDF_X9_42_ASN1 - which contains an ANS1 encoded object that has | |
47 | * the counter embedded in it. | |
48 | * (2) DH_KDF_X941_CONCAT - which is the same as ECDH_X963_KDF (which can be | |
49 | * done by creating a "X963KDF". | |
50 | */ | |
51 | enum kdf_type { | |
52 | PROV_DH_KDF_NONE = 0, | |
53 | PROV_DH_KDF_X9_42_ASN1 | |
54 | }; | |
89e29174 | 55 | |
8b84b075 RL |
56 | /* |
57 | * What's passed as an actual key is defined by the KEYMGMT interface. | |
58 | * We happen to know that our KEYMGMT simply passes DH structures, so | |
59 | * we use that here too. | |
60 | */ | |
89e29174 MC |
61 | |
62 | typedef struct { | |
b4250010 | 63 | OSSL_LIB_CTX *libctx; |
89e29174 MC |
64 | DH *dh; |
65 | DH *dhpeer; | |
1c3ace68 | 66 | unsigned int pad : 1; |
116d2510 SL |
67 | |
68 | /* DH KDF */ | |
69 | /* KDF (if any) to use for DH */ | |
70 | enum kdf_type kdf_type; | |
71 | /* Message digest to use for key derivation */ | |
72 | EVP_MD *kdf_md; | |
73 | /* User key material */ | |
74 | unsigned char *kdf_ukm; | |
75 | size_t kdf_ukmlen; | |
76 | /* KDF output length */ | |
77 | size_t kdf_outlen; | |
78 | char *kdf_cekalg; | |
89e29174 MC |
79 | } PROV_DH_CTX; |
80 | ||
81 | static void *dh_newctx(void *provctx) | |
82 | { | |
ca94057f | 83 | PROV_DH_CTX *pdhctx; |
62f49b90 | 84 | |
ca94057f P |
85 | if (!ossl_prov_is_running()) |
86 | return NULL; | |
87 | ||
88 | pdhctx = OPENSSL_zalloc(sizeof(PROV_DH_CTX)); | |
62f49b90 SL |
89 | if (pdhctx == NULL) |
90 | return NULL; | |
a829b735 | 91 | pdhctx->libctx = PROV_LIBCTX_OF(provctx); |
116d2510 | 92 | pdhctx->kdf_type = PROV_DH_KDF_NONE; |
62f49b90 | 93 | return pdhctx; |
89e29174 MC |
94 | } |
95 | ||
2b2f4f9b | 96 | static int dh_init(void *vpdhctx, void *vdh, const OSSL_PARAM params[]) |
89e29174 MC |
97 | { |
98 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
99 | ||
ca94057f P |
100 | if (!ossl_prov_is_running() |
101 | || pdhctx == NULL | |
102 | || vdh == NULL | |
103 | || !DH_up_ref(vdh)) | |
d753cc33 | 104 | return 0; |
89e29174 | 105 | DH_free(pdhctx->dh); |
8b84b075 | 106 | pdhctx->dh = vdh; |
116d2510 | 107 | pdhctx->kdf_type = PROV_DH_KDF_NONE; |
6ce58488 MC |
108 | return dh_set_ctx_params(pdhctx, params) |
109 | && ossl_dh_check_key(pdhctx->libctx, vdh); | |
89e29174 MC |
110 | } |
111 | ||
46eee710 SL |
112 | /* The 2 parties must share the same domain parameters */ |
113 | static int dh_match_params(DH *priv, DH *peer) | |
114 | { | |
115 | int ret; | |
116 | FFC_PARAMS *dhparams_priv = ossl_dh_get0_params(priv); | |
117 | FFC_PARAMS *dhparams_peer = ossl_dh_get0_params(peer); | |
118 | ||
119 | ret = dhparams_priv != NULL | |
120 | && dhparams_peer != NULL | |
121 | && ossl_ffc_params_cmp(dhparams_priv, dhparams_peer, 1); | |
122 | if (!ret) | |
123 | ERR_raise(ERR_LIB_PROV, PROV_R_MISMATCHING_DOMAIN_PARAMETERS); | |
124 | return ret; | |
125 | } | |
126 | ||
8b84b075 | 127 | static int dh_set_peer(void *vpdhctx, void *vdh) |
89e29174 MC |
128 | { |
129 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
130 | ||
ca94057f P |
131 | if (!ossl_prov_is_running() |
132 | || pdhctx == NULL | |
133 | || vdh == NULL | |
46eee710 | 134 | || !dh_match_params(vdh, pdhctx->dh) |
ca94057f | 135 | || !DH_up_ref(vdh)) |
d753cc33 | 136 | return 0; |
89e29174 | 137 | DH_free(pdhctx->dhpeer); |
8b84b075 | 138 | pdhctx->dhpeer = vdh; |
d753cc33 | 139 | return 1; |
89e29174 MC |
140 | } |
141 | ||
116d2510 SL |
142 | static int dh_plain_derive(void *vpdhctx, |
143 | unsigned char *secret, size_t *secretlen, | |
01b18775 | 144 | size_t outlen, unsigned int pad) |
89e29174 MC |
145 | { |
146 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
147 | int ret; | |
148 | size_t dhsize; | |
149 | const BIGNUM *pub_key = NULL; | |
150 | ||
77b03f0e TM |
151 | if (pdhctx->dh == NULL || pdhctx->dhpeer == NULL) { |
152 | ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY); | |
89e29174 | 153 | return 0; |
77b03f0e | 154 | } |
89e29174 MC |
155 | |
156 | dhsize = (size_t)DH_size(pdhctx->dh); | |
59972370 MC |
157 | if (secret == NULL) { |
158 | *secretlen = dhsize; | |
89e29174 MC |
159 | return 1; |
160 | } | |
77b03f0e TM |
161 | if (outlen < dhsize) { |
162 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); | |
89e29174 | 163 | return 0; |
77b03f0e | 164 | } |
89e29174 MC |
165 | |
166 | DH_get0_key(pdhctx->dhpeer, &pub_key, NULL); | |
01b18775 | 167 | if (pad) |
8083fd3a | 168 | ret = DH_compute_key_padded(secret, pub_key, pdhctx->dh); |
62f49b90 | 169 | else |
8083fd3a | 170 | ret = DH_compute_key(secret, pub_key, pdhctx->dh); |
89e29174 MC |
171 | if (ret <= 0) |
172 | return 0; | |
173 | ||
59972370 | 174 | *secretlen = ret; |
89e29174 MC |
175 | return 1; |
176 | } | |
177 | ||
116d2510 SL |
178 | static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret, |
179 | size_t *secretlen, size_t outlen) | |
180 | { | |
181 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
182 | unsigned char *stmp = NULL; | |
183 | size_t stmplen; | |
184 | int ret = 0; | |
185 | ||
186 | if (secret == NULL) { | |
187 | *secretlen = pdhctx->kdf_outlen; | |
188 | return 1; | |
189 | } | |
190 | ||
77b03f0e TM |
191 | if (pdhctx->kdf_outlen > outlen) { |
192 | ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL); | |
116d2510 | 193 | return 0; |
77b03f0e | 194 | } |
01b18775 | 195 | if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0, 1)) |
116d2510 | 196 | return 0; |
e077455e | 197 | if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) |
116d2510 | 198 | return 0; |
01b18775 | 199 | if (!dh_plain_derive(pdhctx, stmp, &stmplen, stmplen, 1)) |
116d2510 SL |
200 | goto err; |
201 | ||
202 | /* Do KDF stuff */ | |
203 | if (pdhctx->kdf_type == PROV_DH_KDF_X9_42_ASN1) { | |
19dbb742 SL |
204 | if (!ossl_dh_kdf_X9_42_asn1(secret, pdhctx->kdf_outlen, |
205 | stmp, stmplen, | |
206 | pdhctx->kdf_cekalg, | |
207 | pdhctx->kdf_ukm, | |
208 | pdhctx->kdf_ukmlen, | |
209 | pdhctx->kdf_md, | |
210 | pdhctx->libctx, NULL)) | |
116d2510 SL |
211 | goto err; |
212 | } | |
213 | *secretlen = pdhctx->kdf_outlen; | |
214 | ret = 1; | |
215 | err: | |
216 | OPENSSL_secure_clear_free(stmp, stmplen); | |
217 | return ret; | |
218 | } | |
219 | ||
220 | static int dh_derive(void *vpdhctx, unsigned char *secret, | |
221 | size_t *psecretlen, size_t outlen) | |
222 | { | |
223 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
224 | ||
ca94057f P |
225 | if (!ossl_prov_is_running()) |
226 | return 0; | |
227 | ||
116d2510 SL |
228 | switch (pdhctx->kdf_type) { |
229 | case PROV_DH_KDF_NONE: | |
01b18775 TM |
230 | return dh_plain_derive(pdhctx, secret, psecretlen, outlen, |
231 | pdhctx->pad); | |
116d2510 SL |
232 | case PROV_DH_KDF_X9_42_ASN1: |
233 | return dh_X9_42_kdf_derive(pdhctx, secret, psecretlen, outlen); | |
234 | default: | |
235 | break; | |
236 | } | |
237 | return 0; | |
238 | } | |
239 | ||
89e29174 MC |
240 | static void dh_freectx(void *vpdhctx) |
241 | { | |
242 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
243 | ||
116d2510 | 244 | OPENSSL_free(pdhctx->kdf_cekalg); |
89e29174 MC |
245 | DH_free(pdhctx->dh); |
246 | DH_free(pdhctx->dhpeer); | |
116d2510 SL |
247 | EVP_MD_free(pdhctx->kdf_md); |
248 | OPENSSL_clear_free(pdhctx->kdf_ukm, pdhctx->kdf_ukmlen); | |
89e29174 MC |
249 | |
250 | OPENSSL_free(pdhctx); | |
251 | } | |
252 | ||
253 | static void *dh_dupctx(void *vpdhctx) | |
254 | { | |
255 | PROV_DH_CTX *srcctx = (PROV_DH_CTX *)vpdhctx; | |
256 | PROV_DH_CTX *dstctx; | |
257 | ||
ca94057f P |
258 | if (!ossl_prov_is_running()) |
259 | return NULL; | |
260 | ||
89e29174 | 261 | dstctx = OPENSSL_zalloc(sizeof(*srcctx)); |
02c163ea P |
262 | if (dstctx == NULL) |
263 | return NULL; | |
89e29174 MC |
264 | |
265 | *dstctx = *srcctx; | |
116d2510 SL |
266 | dstctx->dh = NULL; |
267 | dstctx->dhpeer = NULL; | |
268 | dstctx->kdf_md = NULL; | |
269 | dstctx->kdf_ukm = NULL; | |
270 | dstctx->kdf_cekalg = NULL; | |
89e29174 | 271 | |
21a0d9f3 | 272 | if (srcctx->dh != NULL && !DH_up_ref(srcctx->dh)) |
116d2510 SL |
273 | goto err; |
274 | else | |
275 | dstctx->dh = srcctx->dh; | |
276 | ||
21a0d9f3 | 277 | if (srcctx->dhpeer != NULL && !DH_up_ref(srcctx->dhpeer)) |
116d2510 SL |
278 | goto err; |
279 | else | |
280 | dstctx->dhpeer = srcctx->dhpeer; | |
281 | ||
282 | if (srcctx->kdf_md != NULL && !EVP_MD_up_ref(srcctx->kdf_md)) | |
283 | goto err; | |
284 | else | |
285 | dstctx->kdf_md = srcctx->kdf_md; | |
286 | ||
287 | /* Duplicate UKM data if present */ | |
288 | if (srcctx->kdf_ukm != NULL && srcctx->kdf_ukmlen > 0) { | |
289 | dstctx->kdf_ukm = OPENSSL_memdup(srcctx->kdf_ukm, | |
290 | srcctx->kdf_ukmlen); | |
291 | if (dstctx->kdf_ukm == NULL) | |
292 | goto err; | |
89e29174 | 293 | } |
c920020f JJ |
294 | |
295 | if (srcctx->kdf_cekalg != NULL) { | |
296 | dstctx->kdf_cekalg = OPENSSL_strdup(srcctx->kdf_cekalg); | |
297 | if (dstctx->kdf_cekalg == NULL) | |
298 | goto err; | |
299 | } | |
89e29174 MC |
300 | |
301 | return dstctx; | |
116d2510 SL |
302 | err: |
303 | dh_freectx(dstctx); | |
304 | return NULL; | |
89e29174 MC |
305 | } |
306 | ||
9c45222d | 307 | static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[]) |
35aca9ec MC |
308 | { |
309 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
310 | const OSSL_PARAM *p; | |
1c3ace68 | 311 | unsigned int pad; |
116d2510 SL |
312 | char name[80] = { '\0' }; /* should be big enough */ |
313 | char *str = NULL; | |
35aca9ec | 314 | |
2b2f4f9b | 315 | if (pdhctx == NULL) |
35aca9ec | 316 | return 0; |
2b2f4f9b P |
317 | if (params == NULL) |
318 | return 1; | |
35aca9ec | 319 | |
116d2510 SL |
320 | p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_TYPE); |
321 | if (p != NULL) { | |
322 | str = name; | |
323 | if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name))) | |
324 | return 0; | |
325 | ||
326 | if (name[0] == '\0') | |
327 | pdhctx->kdf_type = PROV_DH_KDF_NONE; | |
89cccbea | 328 | else if (strcmp(name, OSSL_KDF_NAME_X942KDF_ASN1) == 0) |
116d2510 SL |
329 | pdhctx->kdf_type = PROV_DH_KDF_X9_42_ASN1; |
330 | else | |
331 | return 0; | |
332 | } | |
333 | p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_DIGEST); | |
334 | if (p != NULL) { | |
335 | char mdprops[80] = { '\0' }; /* should be big enough */ | |
336 | ||
337 | str = name; | |
338 | if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name))) | |
339 | return 0; | |
340 | ||
341 | str = mdprops; | |
342 | p = OSSL_PARAM_locate_const(params, | |
343 | OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS); | |
344 | ||
345 | if (p != NULL) { | |
346 | if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(mdprops))) | |
347 | return 0; | |
348 | } | |
349 | ||
350 | EVP_MD_free(pdhctx->kdf_md); | |
351 | pdhctx->kdf_md = EVP_MD_fetch(pdhctx->libctx, name, mdprops); | |
04e3ab64 | 352 | if (pdhctx->kdf_md == NULL) |
353 | return 0; | |
6ce58488 | 354 | if (!ossl_digest_is_allowed(pdhctx->libctx, pdhctx->kdf_md)) { |
b8237707 SL |
355 | EVP_MD_free(pdhctx->kdf_md); |
356 | pdhctx->kdf_md = NULL; | |
116d2510 | 357 | return 0; |
04e3ab64 | 358 | } |
116d2510 SL |
359 | } |
360 | ||
361 | p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_OUTLEN); | |
362 | if (p != NULL) { | |
363 | size_t outlen; | |
364 | ||
365 | if (!OSSL_PARAM_get_size_t(p, &outlen)) | |
366 | return 0; | |
367 | pdhctx->kdf_outlen = outlen; | |
368 | } | |
369 | ||
370 | p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_KDF_UKM); | |
371 | if (p != NULL) { | |
372 | void *tmp_ukm = NULL; | |
373 | size_t tmp_ukmlen; | |
374 | ||
375 | OPENSSL_free(pdhctx->kdf_ukm); | |
376 | pdhctx->kdf_ukm = NULL; | |
377 | pdhctx->kdf_ukmlen = 0; | |
378 | /* ukm is an optional field so it can be NULL */ | |
379 | if (p->data != NULL && p->data_size != 0) { | |
380 | if (!OSSL_PARAM_get_octet_string(p, &tmp_ukm, 0, &tmp_ukmlen)) | |
381 | return 0; | |
382 | pdhctx->kdf_ukm = tmp_ukm; | |
383 | pdhctx->kdf_ukmlen = tmp_ukmlen; | |
384 | } | |
385 | } | |
386 | ||
8b84b075 | 387 | p = OSSL_PARAM_locate_const(params, OSSL_EXCHANGE_PARAM_PAD); |
116d2510 SL |
388 | if (p != NULL) { |
389 | if (!OSSL_PARAM_get_uint(p, &pad)) | |
390 | return 0; | |
391 | pdhctx->pad = pad ? 1 : 0; | |
392 | } | |
393 | ||
394 | p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_CEK_ALG); | |
395 | if (p != NULL) { | |
396 | str = name; | |
c920020f JJ |
397 | |
398 | OPENSSL_free(pdhctx->kdf_cekalg); | |
399 | pdhctx->kdf_cekalg = NULL; | |
400 | if (p->data != NULL && p->data_size != 0) { | |
401 | if (!OSSL_PARAM_get_utf8_string(p, &str, sizeof(name))) | |
402 | return 0; | |
403 | pdhctx->kdf_cekalg = OPENSSL_strdup(name); | |
404 | if (pdhctx->kdf_cekalg == NULL) | |
405 | return 0; | |
406 | } | |
116d2510 | 407 | } |
35aca9ec MC |
408 | return 1; |
409 | } | |
410 | ||
9c45222d MC |
411 | static const OSSL_PARAM known_settable_ctx_params[] = { |
412 | OSSL_PARAM_int(OSSL_EXCHANGE_PARAM_PAD, NULL), | |
116d2510 SL |
413 | OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, NULL, 0), |
414 | OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, NULL, 0), | |
415 | OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS, NULL, 0), | |
416 | OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, NULL), | |
417 | OSSL_PARAM_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM, NULL, 0), | |
418 | OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CEK_ALG, NULL, 0), | |
9c45222d MC |
419 | OSSL_PARAM_END |
420 | }; | |
421 | ||
fb67126e TM |
422 | static const OSSL_PARAM *dh_settable_ctx_params(ossl_unused void *vpdhctx, |
423 | ossl_unused void *provctx) | |
9c45222d MC |
424 | { |
425 | return known_settable_ctx_params; | |
426 | } | |
427 | ||
116d2510 | 428 | static const OSSL_PARAM known_gettable_ctx_params[] = { |
116d2510 SL |
429 | OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE, NULL, 0), |
430 | OSSL_PARAM_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST, NULL, 0), | |
431 | OSSL_PARAM_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN, NULL), | |
432 | OSSL_PARAM_DEFN(OSSL_EXCHANGE_PARAM_KDF_UKM, OSSL_PARAM_OCTET_PTR, | |
433 | NULL, 0), | |
c1167f09 | 434 | OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_CEK_ALG, NULL, 0), |
116d2510 SL |
435 | OSSL_PARAM_END |
436 | }; | |
437 | ||
fb67126e TM |
438 | static const OSSL_PARAM *dh_gettable_ctx_params(ossl_unused void *vpdhctx, |
439 | ossl_unused void *provctx) | |
116d2510 SL |
440 | { |
441 | return known_gettable_ctx_params; | |
442 | } | |
443 | ||
444 | static int dh_get_ctx_params(void *vpdhctx, OSSL_PARAM params[]) | |
445 | { | |
446 | PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx; | |
447 | OSSL_PARAM *p; | |
448 | ||
2b2f4f9b | 449 | if (pdhctx == NULL) |
116d2510 SL |
450 | return 0; |
451 | ||
452 | p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_TYPE); | |
453 | if (p != NULL) { | |
454 | const char *kdf_type = NULL; | |
455 | ||
456 | switch (pdhctx->kdf_type) { | |
457 | case PROV_DH_KDF_NONE: | |
458 | kdf_type = ""; | |
459 | break; | |
460 | case PROV_DH_KDF_X9_42_ASN1: | |
89cccbea | 461 | kdf_type = OSSL_KDF_NAME_X942KDF_ASN1; |
116d2510 SL |
462 | break; |
463 | default: | |
464 | return 0; | |
465 | } | |
466 | ||
467 | if (!OSSL_PARAM_set_utf8_string(p, kdf_type)) | |
468 | return 0; | |
469 | } | |
470 | ||
471 | p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_DIGEST); | |
472 | if (p != NULL | |
473 | && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_md == NULL | |
474 | ? "" | |
1287dabd | 475 | : EVP_MD_get0_name(pdhctx->kdf_md))) { |
116d2510 SL |
476 | return 0; |
477 | } | |
478 | ||
479 | p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_OUTLEN); | |
480 | if (p != NULL && !OSSL_PARAM_set_size_t(p, pdhctx->kdf_outlen)) | |
481 | return 0; | |
482 | ||
483 | p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_KDF_UKM); | |
ba0a6d1d RL |
484 | if (p != NULL |
485 | && !OSSL_PARAM_set_octet_ptr(p, pdhctx->kdf_ukm, pdhctx->kdf_ukmlen)) | |
116d2510 SL |
486 | return 0; |
487 | ||
488 | p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_CEK_ALG); | |
489 | if (p != NULL | |
490 | && !OSSL_PARAM_set_utf8_string(p, pdhctx->kdf_cekalg == NULL | |
491 | ? "" : pdhctx->kdf_cekalg)) | |
492 | return 0; | |
493 | ||
494 | return 1; | |
495 | } | |
496 | ||
1be63951 | 497 | const OSSL_DISPATCH ossl_dh_keyexch_functions[] = { |
89e29174 MC |
498 | { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))dh_newctx }, |
499 | { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))dh_init }, | |
500 | { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))dh_derive }, | |
501 | { OSSL_FUNC_KEYEXCH_SET_PEER, (void (*)(void))dh_set_peer }, | |
502 | { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))dh_freectx }, | |
503 | { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))dh_dupctx }, | |
9c45222d MC |
504 | { OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS, (void (*)(void))dh_set_ctx_params }, |
505 | { OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS, | |
506 | (void (*)(void))dh_settable_ctx_params }, | |
116d2510 SL |
507 | { OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS, (void (*)(void))dh_get_ctx_params }, |
508 | { OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS, | |
509 | (void (*)(void))dh_gettable_ctx_params }, | |
1e6bd31e | 510 | OSSL_DISPATCH_END |
89e29174 | 511 | }; |