]> git.ipfire.org Git - thirdparty/openssl.git/blob - providers/common/kdfs/sskdf.c
projects / thirdparty / openssl.git / blob
? search:


61e4607bee88512c5dd4ab15adb24c55fe9b0c15
[thirdparty/openssl.git] / providers / common / kdfs / sskdf.c
1 /*
2 * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
4 *
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
9 */
10
11 /*
12 * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final
13 * Section 4.1.
14 *
15 * The Single Step KDF algorithm is given by:
16 *
17 * Result(0) = empty bit string (i.e., the null string).
18 * For i = 1 to reps, do the following:
19 * Increment counter by 1.
20 * Result(i) = Result(i - 1) || H(counter || Z || FixedInfo).
21 * DKM = LeftmostBits(Result(reps), L))
22 *
23 * NOTES:
24 * Z is a shared secret required to produce the derived key material.
25 * counter is a 4 byte buffer.
26 * FixedInfo is a bit string containing context specific data.
27 * DKM is the output derived key material.
28 * L is the required size of the DKM.
29 * reps = [L / H_outputBits]
30 * H(x) is the auxiliary function that can be either a hash, HMAC or KMAC.
31 * H_outputBits is the length of the output of the auxiliary function H(x).
32 *
33 * Currently there is not a comprehensive list of test vectors for this
34 * algorithm, especially for H(x) = HMAC and H(x) = KMAC.
35 * Test vectors for H(x) = Hash are indirectly used by CAVS KAS tests.
36 */
37 #include <stdlib.h>
38 #include <stdarg.h>
39 #include <string.h>
40 #include <openssl/hmac.h>
41 #include <openssl/evp.h>
42 #include <openssl/kdf.h>
43 #include <openssl/core_names.h>
44 #include <openssl/params.h>
45 #include "internal/cryptlib.h"
46 #include "internal/numbers.h"
47 #include "internal/evp_int.h"
48 #include "internal/provider_ctx.h"
49 #include "internal/providercommonerr.h"
50 #include "internal/provider_algs.h"
51
52 typedef struct {
53 void *provctx;
54 EVP_MAC *mac; /* H(x) = HMAC_hash OR H(x) = KMAC */
55 EVP_MD *md; /* H(x) = hash OR when H(x) = HMAC_hash */
56 unsigned char *secret;
57 size_t secret_len;
58 unsigned char *info;
59 size_t info_len;
60 unsigned char *salt;
61 size_t salt_len;
62 size_t out_len; /* optional KMAC parameter */
63 } KDF_SSKDF;
64
65 #define SSKDF_MAX_INLEN (1<<30)
66 #define SSKDF_KMAC128_DEFAULT_SALT_SIZE (168 - 4)
67 #define SSKDF_KMAC256_DEFAULT_SALT_SIZE (136 - 4)
68
69 /* KMAC uses a Customisation string of 'KDF' */
70 static const unsigned char kmac_custom_str[] = { 0x4B, 0x44, 0x46 };
71
72 static OSSL_OP_kdf_newctx_fn sskdf_new;
73 static OSSL_OP_kdf_freectx_fn sskdf_free;
74 static OSSL_OP_kdf_reset_fn sskdf_reset;
75 static OSSL_OP_kdf_derive_fn sskdf_derive;
76 static OSSL_OP_kdf_derive_fn x963kdf_derive;
77 static OSSL_OP_kdf_settable_ctx_params_fn sskdf_settable_ctx_params;
78 static OSSL_OP_kdf_set_ctx_params_fn sskdf_set_ctx_params;
79 static OSSL_OP_kdf_gettable_ctx_params_fn sskdf_gettable_ctx_params;
80 static OSSL_OP_kdf_get_ctx_params_fn sskdf_get_ctx_params;
81
82 /*
83 * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final
84 * Section 4. One-Step Key Derivation using H(x) = hash(x)
85 * Note: X9.63 also uses this code with the only difference being that the
86 * counter is appended to the secret 'z'.
87 * i.e.
88 * result[i] = Hash(counter || z || info) for One Step OR
89 * result[i] = Hash(z || counter || info) for X9.63.
90 */
91 static int SSKDF_hash_kdm(const EVP_MD *kdf_md,
92 const unsigned char *z, size_t z_len,
93 const unsigned char *info, size_t info_len,
94 unsigned int append_ctr,
95 unsigned char *derived_key, size_t derived_key_len)
96 {
97 int ret = 0, hlen;
98 size_t counter, out_len, len = derived_key_len;
99 unsigned char c[4];
100 unsigned char mac[EVP_MAX_MD_SIZE];
101 unsigned char *out = derived_key;
102 EVP_MD_CTX *ctx = NULL, *ctx_init = NULL;
103
104 if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN
105 || derived_key_len > SSKDF_MAX_INLEN
106 || derived_key_len == 0)
107 return 0;
108
109 hlen = EVP_MD_size(kdf_md);
110 if (hlen <= 0)
111 return 0;
112 out_len = (size_t)hlen;
113
114 ctx = EVP_MD_CTX_create();
115 ctx_init = EVP_MD_CTX_create();
116 if (ctx == NULL || ctx_init == NULL)
117 goto end;
118
119 if (!EVP_DigestInit(ctx_init, kdf_md))
120 goto end;
121
122 for (counter = 1;; counter++) {
123 c[0] = (unsigned char)((counter >> 24) & 0xff);
124 c[1] = (unsigned char)((counter >> 16) & 0xff);
125 c[2] = (unsigned char)((counter >> 8) & 0xff);
126 c[3] = (unsigned char)(counter & 0xff);
127
128 if (!(EVP_MD_CTX_copy_ex(ctx, ctx_init)
129 && (append_ctr || EVP_DigestUpdate(ctx, c, sizeof(c)))
130 && EVP_DigestUpdate(ctx, z, z_len)
131 && (!append_ctr || EVP_DigestUpdate(ctx, c, sizeof(c)))
132 && EVP_DigestUpdate(ctx, info, info_len)))
133 goto end;
134 if (len >= out_len) {
135 if (!EVP_DigestFinal_ex(ctx, out, NULL))
136 goto end;
137 out += out_len;
138 len -= out_len;
139 if (len == 0)
140 break;
141 } else {
142 if (!EVP_DigestFinal_ex(ctx, mac, NULL))
143 goto end;
144 memcpy(out, mac, len);
145 break;
146 }
147 }
148 ret = 1;
149 end:
150 EVP_MD_CTX_destroy(ctx);
151 EVP_MD_CTX_destroy(ctx_init);
152 OPENSSL_cleanse(mac, sizeof(mac));
153 return ret;
154 }
155
156 static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom,
157 size_t custom_len, size_t kmac_out_len,
158 size_t derived_key_len, unsigned char **out)
159 {
160 OSSL_PARAM params[2];
161
162 /* Only KMAC has custom data - so return if not KMAC */
163 if (custom == NULL)
164 return 1;
165
166 params[0] = OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_CUSTOM,
167 (void *)custom, custom_len);
168 params[1] = OSSL_PARAM_construct_end();
169
170 if (!EVP_MAC_CTX_set_params(ctx, params))
171 return 0;
172
173 /* By default only do one iteration if kmac_out_len is not specified */
174 if (kmac_out_len == 0)
175 kmac_out_len = derived_key_len;
176 /* otherwise check the size is valid */
177 else if (!(kmac_out_len == derived_key_len
178 || kmac_out_len == 20
179 || kmac_out_len == 28
180 || kmac_out_len == 32
181 || kmac_out_len == 48
182 || kmac_out_len == 64))
183 return 0;
184
185 params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE,
186 &kmac_out_len);
187
188 if (EVP_MAC_CTX_set_params(ctx, params) <= 0)
189 return 0;
190
191 /*
192 * For kmac the output buffer can be larger than EVP_MAX_MD_SIZE: so
193 * alloc a buffer for this case.
194 */
195 if (kmac_out_len > EVP_MAX_MD_SIZE) {
196 *out = OPENSSL_zalloc(kmac_out_len);
197 if (*out == NULL)
198 return 0;
199 }
200 return 1;
201 }
202
203 /*
204 * Refer to https://csrc.nist.gov/publications/detail/sp/800-56c/rev-1/final
205 * Section 4. One-Step Key Derivation using MAC: i.e either
206 * H(x) = HMAC-hash(salt, x) OR
207 * H(x) = KMAC#(salt, x, outbits, CustomString='KDF')
208 */
209 static int SSKDF_mac_kdm(EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
210 const unsigned char *kmac_custom,
211 size_t kmac_custom_len, size_t kmac_out_len,
212 const unsigned char *salt, size_t salt_len,
213 const unsigned char *z, size_t z_len,
214 const unsigned char *info, size_t info_len,
215 unsigned char *derived_key, size_t derived_key_len)
216 {
217 int ret = 0;
218 size_t counter, out_len, len;
219 unsigned char c[4];
220 unsigned char mac_buf[EVP_MAX_MD_SIZE];
221 unsigned char *out = derived_key;
222 EVP_MAC_CTX *ctx = NULL, *ctx_init = NULL;
223 unsigned char *mac = mac_buf, *kmac_buffer = NULL;
224 OSSL_PARAM params[3];
225 size_t params_n = 0;
226
227 if (z_len > SSKDF_MAX_INLEN || info_len > SSKDF_MAX_INLEN
228 || derived_key_len > SSKDF_MAX_INLEN
229 || derived_key_len == 0)
230 return 0;
231
232 ctx_init = EVP_MAC_CTX_new(kdf_mac);
233 if (ctx_init == NULL)
234 goto end;
235
236 if (hmac_md != NULL) {
237 const char *mdname = EVP_MD_name(hmac_md);
238 params[params_n++] =
239 OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
240 (char *)mdname, 0);
241 }
242 params[params_n++] =
243 OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, (void *)salt,
244 salt_len);
245 params[params_n] = OSSL_PARAM_construct_end();
246
247 if (!EVP_MAC_CTX_set_params(ctx_init, params))
248 goto end;
249
250 if (!kmac_init(ctx_init, kmac_custom, kmac_custom_len, kmac_out_len,
251 derived_key_len, &kmac_buffer))
252 goto end;
253 if (kmac_buffer != NULL)
254 mac = kmac_buffer;
255
256 if (!EVP_MAC_init(ctx_init))
257 goto end;
258
259 out_len = EVP_MAC_size(ctx_init); /* output size */
260 if (out_len <= 0)
261 goto end;
262 len = derived_key_len;
263
264 for (counter = 1;; counter++) {
265 c[0] = (unsigned char)((counter >> 24) & 0xff);
266 c[1] = (unsigned char)((counter >> 16) & 0xff);
267 c[2] = (unsigned char)((counter >> 8) & 0xff);
268 c[3] = (unsigned char)(counter & 0xff);
269
270 ctx = EVP_MAC_CTX_dup(ctx_init);
271 if (!(ctx != NULL
272 && EVP_MAC_update(ctx, c, sizeof(c))
273 && EVP_MAC_update(ctx, z, z_len)
274 && EVP_MAC_update(ctx, info, info_len)))
275 goto end;
276 if (len >= out_len) {
277 if (!EVP_MAC_final(ctx, out, NULL, len))
278 goto end;
279 out += out_len;
280 len -= out_len;
281 if (len == 0)
282 break;
283 } else {
284 if (!EVP_MAC_final(ctx, mac, NULL, len))
285 goto end;
286 memcpy(out, mac, len);
287 break;
288 }
289 EVP_MAC_CTX_free(ctx);
290 ctx = NULL;
291 }
292 ret = 1;
293 end:
294 if (kmac_buffer != NULL)
295 OPENSSL_clear_free(kmac_buffer, kmac_out_len);
296 else
297 OPENSSL_cleanse(mac_buf, sizeof(mac_buf));
298
299 EVP_MAC_CTX_free(ctx);
300 EVP_MAC_CTX_free(ctx_init);
301 return ret;
302 }
303
304 static void *sskdf_new(void *provctx)
305 {
306 KDF_SSKDF *ctx;
307
308 if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL)
309 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
310 ctx->provctx = provctx;
311 return ctx;
312 }
313
314 static void sskdf_reset(void *vctx)
315 {
316 KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
317
318 OPENSSL_clear_free(ctx->secret, ctx->secret_len);
319 OPENSSL_clear_free(ctx->info, ctx->info_len);
320 OPENSSL_clear_free(ctx->salt, ctx->salt_len);
321 EVP_MAC_free(ctx->mac);
322 memset(ctx, 0, sizeof(*ctx));
323 }
324
325 static void sskdf_free(void *vctx)
326 {
327 KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
328
329 sskdf_reset(ctx);
330 EVP_MD_meth_free(ctx->md);
331 EVP_MAC_free(ctx->mac);
332 OPENSSL_free(ctx);
333 }
334
335 static int sskdf_set_buffer(unsigned char **out, size_t *out_len,
336 const OSSL_PARAM *p)
337 {
338 if (p->data == NULL || p->data_size == 0)
339 return 1;
340 OPENSSL_free(*out);
341 *out = NULL;
342 return OSSL_PARAM_get_octet_string(p, (void **)out, 0, out_len);
343 }
344
345 static size_t sskdf_size(KDF_SSKDF *ctx)
346 {
347 int len;
348
349 if (ctx->md == NULL) {
350 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
351 return 0;
352 }
353 len = EVP_MD_size(ctx->md);
354 return (len <= 0) ? 0 : (size_t)len;
355 }
356
357 static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen)
358 {
359 KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
360
361 if (ctx->secret == NULL) {
362 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_SECRET);
363 return 0;
364 }
365
366 if (ctx->mac != NULL) {
367 /* H(x) = KMAC or H(x) = HMAC */
368 int ret;
369 const unsigned char *custom = NULL;
370 size_t custom_len = 0;
371 const char *macname;
372 int default_salt_len;
373
374 /*
375 * TODO(3.0) investigate the necessity to have all these controls.
376 * Why does KMAC require a salt length that's shorter than the MD
377 * block size?
378 */
379 macname = EVP_MAC_name(ctx->mac);
380 if (strcmp(macname, OSSL_MAC_NAME_HMAC) == 0) {
381 /* H(x) = HMAC(x, salt, hash) */
382 if (ctx->md == NULL) {
383 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
384 return 0;
385 }
386 default_salt_len = EVP_MD_block_size(ctx->md);
387 if (default_salt_len <= 0)
388 return 0;
389 } else if (strcmp(macname, OSSL_MAC_NAME_KMAC128) == 0
390 || strcmp(macname, OSSL_MAC_NAME_KMAC256) == 0) {
391 /* H(x) = KMACzzz(x, salt, custom) */
392 custom = kmac_custom_str;
393 custom_len = sizeof(kmac_custom_str);
394 if (strcmp(macname, OSSL_MAC_NAME_KMAC128) == 0)
395 default_salt_len = SSKDF_KMAC128_DEFAULT_SALT_SIZE;
396 else
397 default_salt_len = SSKDF_KMAC256_DEFAULT_SALT_SIZE;
398 } else {
399 ERR_raise(ERR_LIB_PROV, PROV_R_UNSUPPORTED_MAC_TYPE);
400 return 0;
401 }
402 /* If no salt is set then use a default_salt of zeros */
403 if (ctx->salt == NULL || ctx->salt_len <= 0) {
404 ctx->salt = OPENSSL_zalloc(default_salt_len);
405 if (ctx->salt == NULL) {
406 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
407 return 0;
408 }
409 ctx->salt_len = default_salt_len;
410 }
411 ret = SSKDF_mac_kdm(ctx->mac, ctx->md,
412 custom, custom_len, ctx->out_len,
413 ctx->salt, ctx->salt_len,
414 ctx->secret, ctx->secret_len,
415 ctx->info, ctx->info_len, key, keylen);
416 return ret;
417 } else {
418 /* H(x) = hash */
419 if (ctx->md == NULL) {
420 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
421 return 0;
422 }
423 return SSKDF_hash_kdm(ctx->md, ctx->secret, ctx->secret_len,
424 ctx->info, ctx->info_len, 0, key, keylen);
425 }
426 }
427
428 static int x963kdf_derive(void *vctx, unsigned char *key, size_t keylen)
429 {
430 KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
431
432 if (ctx->secret == NULL) {
433 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_SECRET);
434 return 0;
435 }
436
437 if (ctx->mac != NULL) {
438 ERR_raise(ERR_LIB_PROV, PROV_R_NOT_SUPPORTED);
439 return 0;
440 } else {
441 /* H(x) = hash */
442 if (ctx->md == NULL) {
443 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_MESSAGE_DIGEST);
444 return 0;
445 }
446 return SSKDF_hash_kdm(ctx->md, ctx->secret, ctx->secret_len,
447 ctx->info, ctx->info_len, 1, key, keylen);
448 }
449 }
450
451 static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[])
452 {
453 const OSSL_PARAM *p;
454 KDF_SSKDF *ctx = vctx;
455 EVP_MD *md;
456 EVP_MAC *mac;
457 size_t sz;
458 const char *properties = NULL;
459
460 /* Grab search properties, should be before the digest and mac lookups */
461 if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_PROPERTIES))
462 != NULL) {
463 if (p->data_type != OSSL_PARAM_UTF8_STRING)
464 return 0;
465 properties = p->data;
466 }
467 /* Handle aliasing of digest parameter names */
468 if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_DIGEST)) != NULL) {
469 if (p->data_type != OSSL_PARAM_UTF8_STRING)
470 return 0;
471 md = EVP_MD_fetch(PROV_LIBRARY_CONTEXT_OF(ctx->provctx), p->data,
472 properties);
473 if (md == NULL) {
474 ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST);
475 return 0;
476 }
477 EVP_MD_meth_free(ctx->md);
478 ctx->md = md;
479 }
480
481 if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_MAC)) != NULL) {
482 EVP_MAC_free(ctx->mac);
483 ctx->mac = NULL;
484
485 mac = EVP_MAC_fetch(PROV_LIBRARY_CONTEXT_OF(ctx->provctx), p->data,
486 properties);
487 if (mac == NULL)
488 return 0;
489 EVP_MAC_free(ctx->mac);
490 ctx->mac = mac;
491 }
492
493 if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SECRET)) != NULL
494 || (p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_KEY)) != NULL)
495 if (!sskdf_set_buffer(&ctx->secret, &ctx->secret_len, p))
496 return 0;
497
498 if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_INFO)) != NULL)
499 if (!sskdf_set_buffer(&ctx->info, &ctx->info_len, p))
500 return 0;
501
502 if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_SALT)) != NULL)
503 if (!sskdf_set_buffer(&ctx->salt, &ctx->salt_len, p))
504 return 0;
505
506 if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_MAC_SIZE))
507 != NULL) {
508 if (!OSSL_PARAM_get_size_t(p, &sz) || sz == 0)
509 return 0;
510 ctx->out_len = sz;
511 }
512 return 1;
513 }
514
515 static const OSSL_PARAM *sskdf_settable_ctx_params(void)
516 {
517 static const OSSL_PARAM known_settable_ctx_params[] = {
518 OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SECRET, NULL, 0),
519 OSSL_PARAM_octet_string(OSSL_KDF_PARAM_KEY, NULL, 0),
520 OSSL_PARAM_octet_string(OSSL_KDF_PARAM_INFO, NULL, 0),
521 OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_PROPERTIES, NULL, 0),
522 OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_DIGEST, NULL, 0),
523 OSSL_PARAM_utf8_string(OSSL_KDF_PARAM_MAC, NULL, 0),
524 OSSL_PARAM_octet_string(OSSL_KDF_PARAM_SALT, NULL, 0),
525 OSSL_PARAM_size_t(OSSL_KDF_PARAM_MAC_SIZE, NULL),
526 OSSL_PARAM_END
527 };
528 return known_settable_ctx_params;
529 }
530
531 static int sskdf_get_ctx_params(void *vctx, OSSL_PARAM params[])
532 {
533 KDF_SSKDF *ctx = (KDF_SSKDF *)vctx;
534 OSSL_PARAM *p;
535
536 if ((p = OSSL_PARAM_locate(params, OSSL_KDF_PARAM_SIZE)) != NULL)
537 return OSSL_PARAM_set_size_t(p, sskdf_size(ctx));
538 return -2;
539 }
540
541 static const OSSL_PARAM *sskdf_gettable_ctx_params(void)
542 {
543 static const OSSL_PARAM known_gettable_ctx_params[] = {
544 OSSL_PARAM_size_t(OSSL_KDF_PARAM_SIZE, NULL),
545 OSSL_PARAM_END
546 };
547 return known_gettable_ctx_params;
548 }
549
550 const OSSL_DISPATCH kdf_sskdf_functions[] = {
551 { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))sskdf_new },
552 { OSSL_FUNC_KDF_FREECTX, (void(*)(void))sskdf_free },
553 { OSSL_FUNC_KDF_RESET, (void(*)(void))sskdf_reset },
554 { OSSL_FUNC_KDF_DERIVE, (void(*)(void))sskdf_derive },
555 { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS,
556 (void(*)(void))sskdf_settable_ctx_params },
557 { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))sskdf_set_ctx_params },
558 { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS,
559 (void(*)(void))sskdf_gettable_ctx_params },
560 { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))sskdf_get_ctx_params },
561 { 0, NULL }
562 };
563
564 const OSSL_DISPATCH kdf_x963_kdf_functions[] = {
565 { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))sskdf_new },
566 { OSSL_FUNC_KDF_FREECTX, (void(*)(void))sskdf_free },
567 { OSSL_FUNC_KDF_RESET, (void(*)(void))sskdf_reset },
568 { OSSL_FUNC_KDF_DERIVE, (void(*)(void))x963kdf_derive },
569 { OSSL_FUNC_KDF_SETTABLE_CTX_PARAMS,
570 (void(*)(void))sskdf_settable_ctx_params },
571 { OSSL_FUNC_KDF_SET_CTX_PARAMS, (void(*)(void))sskdf_set_ctx_params },
572 { OSSL_FUNC_KDF_GETTABLE_CTX_PARAMS,
573 (void(*)(void))sskdf_gettable_ctx_params },
574 { OSSL_FUNC_KDF_GET_CTX_PARAMS, (void(*)(void))sskdf_get_ctx_params },
575 { 0, NULL }
576 };
A mirror of the official openssl repository