The branch master has been updated
via 12df11bdf11fb6a3410483b0097f032e329b4623 (commit)
via 35aca9eccbaf0abbd0d7f350e199a7c97274845a (commit)
via 94b40fb77c4e345526c2aff1d8f8b9186fb4a179 (commit)
via 89e291742f8db5920cc7938407d07c8f77c18293 (commit)
via ff64702b3d83d4c77756e0fd7b624e2165dbbdf0 (commit)
from cbfa5b03989ee6b8f5c13c4284d5bae02c562f20 (commit)
- Log -----------------------------------------------------------------
commit 12df11bdf11fb6a3410483b0097f032e329b4623
Author: Matt Caswell <m...@openssl.org>
Date: Fri Jun 28 09:50:56 2019 +0100
Document the new EVP_KEYEXCH type and related functions
Previous commits added the EVP_KEYEXCH type for representing key exchange
algorithms. They also added various functions for fetching and using them,
so we document all of those functions.
Reviewed-by: Paul Dale <paul.d...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
commit 35aca9eccbaf0abbd0d7f350e199a7c97274845a
Author: Matt Caswell <m...@openssl.org>
Date: Thu Jun 27 16:37:44 2019 +0100
Add the ability to set PKCS#3 DH padding in providers
This also adds the ability to set arbitrary parameters on key exchange
algorithms. The ability to pad the output is one such parameter for DH.
Reviewed-by: Paul Dale <paul.d...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
commit 94b40fb77c4e345526c2aff1d8f8b9186fb4a179
Author: Matt Caswell <m...@openssl.org>
Date: Thu Jun 27 15:03:55 2019 +0100
Enable PKCS#3 DH in the providers
The default provider now has support for PKCS#3 Diffie-Hellman so we
switch libcrypto to using providers for that algorithm.
Reviewed-by: Paul Dale <paul.d...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
commit 89e291742f8db5920cc7938407d07c8f77c18293
Author: Matt Caswell <m...@openssl.org>
Date: Thu Jun 27 12:36:30 2019 +0100
Implement PKCS#3 DH Key Exchange in the default provider
We add the capability for the default provider to perform PKCS#3
Diffie-Hellman key exchange. At this point the implementation is not used
because libcrypto still uses legacy handling for Diffie-Hellman.
Note X9.42 DH is not touched by this commit.
Reviewed-by: Paul Dale <paul.d...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
commit ff64702b3d83d4c77756e0fd7b624e2165dbbdf0
Author: Matt Caswell <m...@openssl.org>
Date: Thu Jun 27 10:48:17 2019 +0100
Make the EVP Key Exchange code provider aware
We introduce a new EVP_KEYEXCH type to represent key exchange algorithms
and refactor the existing code to use it where available.
Reviewed-by: Paul Dale <paul.d...@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9266)
-----------------------------------------------------------------------
Summary of changes:
CHANGES | 11 +
crypto/err/openssl.txt | 2 +
crypto/evp/build.info | 2 +-
crypto/evp/evp_lib.c | 131 ++++++++
crypto/evp/evp_locl.h | 37 +++
crypto/evp/exchange.c | 358 ++++++++++++++++++++++
crypto/evp/pmeth_fn.c | 116 +------
crypto/evp/pmeth_lib.c | 111 ++++++-
crypto/include/internal/evp_int.h | 5 +
crypto/params.c | 8 -
doc/man3/EVP_KEYEXCH_free.pod | 46 +++
doc/man3/EVP_MD_fetch.pod | 14 +-
doc/man3/EVP_PKEY_CTX_ctrl.pod | 30 +-
doc/man3/EVP_PKEY_derive.pod | 36 ++-
include/openssl/core_names.h | 13 +
include/openssl/core_numbers.h | 24 ++
include/openssl/dh.h | 4 +-
include/openssl/evp.h | 8 +
include/openssl/ossl_typ.h | 2 +
providers/common/build.info | 2 +-
providers/common/exchange/build.info | 5 +
providers/common/exchange/dh.c | 194 ++++++++++++
providers/common/include/internal/provider_algs.h | 3 +
providers/default/defltprov.c | 7 +
util/libcrypto.num | 6 +
25 files changed, 1021 insertions(+), 154 deletions(-)
create mode 100644 crypto/evp/exchange.c
create mode 100644 doc/man3/EVP_KEYEXCH_free.pod
create mode 100644 providers/common/exchange/build.info
create mode 100644 providers/common/exchange/dh.c
diff --git a/CHANGES b/CHANGES
index d826308..f6062af 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,17 @@
Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
+ *) A new type, EVP_KEYEXCH, has been introduced to represent key exchange
+ algorithms. An implementation of a key exchange algorithm can be obtained
+ by using the function EVP_KEYEXCH_fetch(). An EVP_KEYEXCH algorithm can be
+ used in a call to EVP_PKEY_derive_init_ex() which works in a similar way
to
+ the older EVP_PKEY_derive_init() function. See the man pages for the new
+ functions for further details.
+ [Matt Caswell]
+
+ *) The EVP_PKEY_CTX_set_dh_pad() macro has now been converted to a function.
+ [Matt Caswell]
+
*) Removed the function names from error messages and deprecated the
xxx_F_xxx define's.
[Rich Salz]
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index a8f28dc..4608938 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -807,6 +807,7 @@ EVP_F_EVP_DIGESTUPDATE:231:EVP_DigestUpdate
EVP_F_EVP_ENCRYPTDECRYPTUPDATE:219:evp_EncryptDecryptUpdate
EVP_F_EVP_ENCRYPTFINAL_EX:127:EVP_EncryptFinal_ex
EVP_F_EVP_ENCRYPTUPDATE:167:EVP_EncryptUpdate
+EVP_F_EVP_KEYEXCH_FROM_DISPATCH:244:evp_keyexch_from_dispatch
EVP_F_EVP_KDF_CTRL:224:EVP_KDF_ctrl
EVP_F_EVP_KDF_CTRL_STR:225:EVP_KDF_ctrl_str
EVP_F_EVP_KDF_CTX_NEW:240:EVP_KDF_CTX_new
@@ -838,6 +839,7 @@ EVP_F_EVP_PKEY_DECRYPT_INIT:138:EVP_PKEY_decrypt_init
EVP_F_EVP_PKEY_DECRYPT_OLD:151:EVP_PKEY_decrypt_old
EVP_F_EVP_PKEY_DERIVE:153:EVP_PKEY_derive
EVP_F_EVP_PKEY_DERIVE_INIT:154:EVP_PKEY_derive_init
+EVP_F_EVP_PKEY_DERIVE_INIT_EX:243:EVP_PKEY_derive_init_ex
EVP_F_EVP_PKEY_DERIVE_SET_PEER:155:EVP_PKEY_derive_set_peer
EVP_F_EVP_PKEY_ENCRYPT:105:EVP_PKEY_encrypt
EVP_F_EVP_PKEY_ENCRYPT_INIT:139:EVP_PKEY_encrypt_init
diff --git a/crypto/evp/build.info b/crypto/evp/build.info
index fa49f2e..5030f3f 100644
--- a/crypto/evp/build.info
+++ b/crypto/evp/build.info
@@ -15,7 +15,7 @@ SOURCE[../../libcrypto]=$COMMON\
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c \
e_chacha20_poly1305.c \
- mac_lib.c c_allm.c pkey_mac.c
+ mac_lib.c c_allm.c pkey_mac.c exchange.c
SOURCE[../../providers/fips]=$COMMON
INCLUDE[e_aes.o]=.. ../modes
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 615206b..3e64a1f 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -13,6 +13,7 @@
#include <openssl/objects.h>
#include <openssl/params.h>
#include <openssl/core_names.h>
+#include <openssl/dh.h>
#include "internal/evp_int.h"
#include "internal/provider.h"
#include "evp_locl.h"
@@ -726,3 +727,133 @@ int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf,
size_t buflen),
OPENSSL_free(bin);
return rv;
}
+
+#ifndef FIPS_MODE
+/*
+ * TODO(3.0): Temporarily unavailable in FIPS mode. This will need to be added
+ * in later.
+ */
+
+#define MAX_PARAMS 10
+typedef struct {
+ /* Number of the current param */
+ size_t curr;
+ struct {
+ /* Key for the current param */
+ const char *key;
+ /* Value for the current param */
+ const BIGNUM *bnparam;
+ /* Size of the buffer required for the BN */
+ size_t bufsz;
+ } params[MAX_PARAMS];
+ /* Running count of the total size required */
+ size_t totsz;
+ int ispublic;
+} PARAMS_TEMPLATE;
+
+static int push_param_bn(PARAMS_TEMPLATE *tmpl, const char *key,
+ const BIGNUM *bn)
+{
+ int sz;
+
+ sz = BN_num_bytes(bn);
+ if (sz <= 0)
+ return 0;
+ tmpl->params[tmpl->curr].key = key;
+ tmpl->params[tmpl->curr].bnparam = bn;
+ tmpl->params[tmpl->curr++].bufsz = (size_t)sz;
+ tmpl->totsz += sizeof(OSSL_PARAM) + (size_t)sz;
+
+ return 1;
+}
+
+static OSSL_PARAM *param_template_to_param(PARAMS_TEMPLATE *tmpl, size_t *sz)
+{
+ size_t i;
+ void *buf;
+ OSSL_PARAM *param = NULL;
+ unsigned char *currbuf = NULL;
+
+ if (tmpl->totsz == 0)
+ return NULL;
+
+ /* Add some space for the end of OSSL_PARAM marker */
+ tmpl->totsz += sizeof(*param);
+
+ if (tmpl->ispublic)
+ buf = OPENSSL_zalloc(tmpl->totsz);
+ else
+ buf = OPENSSL_secure_zalloc(tmpl->totsz);
+ if (buf == NULL)
+ return NULL;
+ param = buf;
+
+ currbuf = (unsigned char *)buf + (sizeof(*param) * (tmpl->curr + 1));
+
+ for (i = 0; i < tmpl->curr; i++) {
+ if (!ossl_assert((currbuf - (unsigned char *)buf )
+ + tmpl->params[i].bufsz <= tmpl->totsz))
+ goto err;
+ if (BN_bn2nativepad(tmpl->params[i].bnparam, currbuf,
+ tmpl->params[i].bufsz) < 0)
+ goto err;
+ param[i] = OSSL_PARAM_construct_BN(tmpl->params[i].key, currbuf,
+ tmpl->params[i].bufsz);
+ currbuf += tmpl->params[i].bufsz;
+ }
+ param[i] = OSSL_PARAM_construct_end();
+
+ if (sz != NULL)
+ *sz = tmpl->totsz;
+ return param;
+
+ err:
+ if (tmpl->ispublic)
+ OPENSSL_free(param);
+ else
+ OPENSSL_clear_free(param, tmpl->totsz);
+ return NULL;
+}
+
+static OSSL_PARAM *evp_pkey_dh_to_param(EVP_PKEY *pkey, size_t *sz)
+{
+ DH *dh = pkey->pkey.dh;
+ PARAMS_TEMPLATE tmpl = {0};
+ const BIGNUM *p = DH_get0_p(dh), *g = DH_get0_g(dh), *q = DH_get0_q(dh);
+ const BIGNUM *pub_key = DH_get0_pub_key(dh);
+ const BIGNUM *priv_key = DH_get0_priv_key(dh);
+
+ if (p == NULL || g == NULL || pub_key == NULL)
+ return NULL;
+
+ if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_P, p)
+ || !push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_G, g)
+ || !push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_PUB_KEY, pub_key))
+ return NULL;
+
+ if (q != NULL) {
+ if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_Q, q))
+ return NULL;
+ }
+
+ if (priv_key != NULL) {
+ if (!push_param_bn(&tmpl, OSSL_PKEY_PARAM_DH_PRIV_KEY, priv_key))
+ return NULL;
+ } else {
+ tmpl.ispublic = 1;
+ }
+
+ return param_template_to_param(&tmpl, sz);
+}
+
+OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz)
+{
+ switch (pkey->type) {
+ case EVP_PKEY_DH:
+ return evp_pkey_dh_to_param(pkey, sz);
+ default:
+ return NULL;
+ }
+}
+
+#endif /* FIPS_MODE */
diff --git a/crypto/evp/evp_locl.h b/crypto/evp/evp_locl.h
index b62f1e3..8aeb5d4 100644
--- a/crypto/evp/evp_locl.h
+++ b/crypto/evp/evp_locl.h
@@ -9,6 +9,8 @@
/* EVP_MD_CTX related stuff */
+#include <openssl/core_numbers.h>
+
struct evp_md_ctx_st {
const EVP_MD *reqdigest; /* The original requested digest */
const EVP_MD *digest;
@@ -60,6 +62,21 @@ struct evp_kdf_ctx_st {
EVP_KDF_IMPL *impl; /* Algorithm-specific data */
} /* EVP_KDF_CTX */ ;
+struct evp_keyexch_st {
+ OSSL_PROVIDER *prov;
+ CRYPTO_REF_COUNT refcnt;
+ CRYPTO_RWLOCK *lock;
+
+ OSSL_OP_keyexch_newctx_fn *newctx;
+ OSSL_OP_keyexch_init_fn *init;
+ OSSL_OP_keyexch_set_peer_fn *set_peer;
+ OSSL_OP_keyexch_derive_fn *derive;
+ OSSL_OP_keyexch_freectx_fn *freectx;
+ OSSL_OP_keyexch_dupctx_fn *dupctx;
+ OSSL_OP_keyexch_set_params_fn *set_params;
+} /* EVP_KEYEXCH */;
+
+
int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
int passlen, ASN1_TYPE *param,
const EVP_CIPHER *c, const EVP_MD *md,
@@ -114,3 +131,23 @@ int evp_do_ciph_ctx_getparams(const EVP_CIPHER *ciph, void
*provctx,
OSSL_PARAM params[]);
int evp_do_ciph_ctx_setparams(const EVP_CIPHER *ciph, void *provctx,
OSSL_PARAM params[]);
+
+OSSL_PARAM *evp_pkey_to_param(EVP_PKEY *pkey, size_t *sz);
+
+#define M_check_autoarg(ctx, arg, arglen, err) \
+ if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
+ size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
+ \
+ if (pksize == 0) { \
+ EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ if (arg == NULL) { \
+ *arglen = pksize; \
+ return 1; \
+ } \
+ if (*arglen < pksize) { \
+ EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
+ return 0; \
+ } \
+ }
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
new file mode 100644
index 0000000..208bb98
--- /dev/null
+++ b/crypto/evp/exchange.c
@@ -0,0 +1,358 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include "internal/refcount.h"
+#include "internal/evp_int.h"
+#include "internal/provider.h"
+#include "evp_locl.h"
+
+static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
+{
+ EVP_KEYEXCH *exchange = OPENSSL_zalloc(sizeof(EVP_KEYEXCH));
+
+ exchange->lock = CRYPTO_THREAD_lock_new();
+ if (exchange->lock == NULL) {
+ OPENSSL_free(exchange);
+ return NULL;
+ }
+ exchange->prov = prov;
+ ossl_provider_up_ref(prov);
+ exchange->refcnt = 1;
+
+ return exchange;
+}
+
+static void *evp_keyexch_from_dispatch(const OSSL_DISPATCH *fns,
+ OSSL_PROVIDER *prov)
+{
+ EVP_KEYEXCH *exchange = NULL;
+ int fncnt = 0;
+
+ if ((exchange = evp_keyexch_new(prov)) == NULL)
+ return NULL;
+
+ for (; fns->function_id != 0; fns++) {
+ switch (fns->function_id) {
+ case OSSL_FUNC_KEYEXCH_NEWCTX:
+ if (exchange->newctx != NULL)
+ break;
+ exchange->newctx = OSSL_get_OP_keyexch_newctx(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_INIT:
+ if (exchange->init != NULL)
+ break;
+ exchange->init = OSSL_get_OP_keyexch_init(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_SET_PEER:
+ if (exchange->set_peer != NULL)
+ break;
+ exchange->set_peer = OSSL_get_OP_keyexch_set_peer(fns);
+ break;
+ case OSSL_FUNC_KEYEXCH_DERIVE:
+ if (exchange->derive != NULL)
+ break;
+ exchange->derive = OSSL_get_OP_keyexch_derive(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_FREECTX:
+ if (exchange->freectx != NULL)
+ break;
+ exchange->freectx = OSSL_get_OP_keyexch_freectx(fns);
+ fncnt++;
+ break;
+ case OSSL_FUNC_KEYEXCH_DUPCTX:
+ if (exchange->dupctx != NULL)
+ break;
+ exchange->dupctx = OSSL_get_OP_keyexch_dupctx(fns);
+ break;
+ case OSSL_FUNC_KEYEXCH_SET_PARAMS:
+ if (exchange->set_params != NULL)
+ break;
+ exchange->set_params = OSSL_get_OP_keyexch_set_params(fns);
+ break;
+ }
+ }
+ if (fncnt != 4) {
+ /*
+ * In order to be a consistent set of functions we must have at least
+ * a complete set of "exchange" functions: init, derive, newctx,
+ * and freectx. The dupctx, set_peer and set_params functions are
+ * optional.
+ */
+ EVP_KEYEXCH_free(exchange);
+ EVPerr(EVP_F_EVP_KEYEXCH_FROM_DISPATCH,
+ EVP_R_INVALID_PROVIDER_FUNCTIONS);
+ return NULL;
+ }
+
+ return exchange;
+}
+
+void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange)
+{
+ if (exchange != NULL) {
+ int i;
+
+ CRYPTO_DOWN_REF(&exchange->refcnt, &i, exchange->lock);
+ if (i > 0)
+ return;
+ ossl_provider_free(exchange->prov);
+ CRYPTO_THREAD_lock_free(exchange->lock);
+ OPENSSL_free(exchange);
+ }
+}
+
+int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange)
+{
+ int ref = 0;
+
+ CRYPTO_UP_REF(&exchange->refcnt, &ref, exchange->lock);
+ return 1;
+}
+
+EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties)
+{
+ return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties,
+ evp_keyexch_from_dispatch,
+ (int (*)(void *))EVP_KEYEXCH_up_ref,
+ (void (*)(void *))EVP_KEYEXCH_free);
+}
+
+int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, EVP_KEYEXCH *exchange)
+{
+ int ret;
+ OSSL_PARAM *param = NULL;
+ size_t paramsz = 0;
+
+ ctx->operation = EVP_PKEY_OP_DERIVE;
+
+ if (ctx->engine != NULL)
+ goto legacy;
+
+ if (exchange != NULL) {
+ if (!EVP_KEYEXCH_up_ref(exchange))
+ goto err;
+ } else {
+ int nid = ctx->pkey != NULL ? ctx->pkey->type : ctx->pmeth->pkey_id;
+
+ /*
+ * TODO(3.0): Check for legacy handling. Remove this once all all
+ * algorithms are moved to providers.
+ */
+ if (ctx->pkey != NULL) {
+ switch (ctx->pkey->type) {
+ case EVP_PKEY_DH:
+ break;
+ default:
+ goto legacy;
+ }
+ exchange = EVP_KEYEXCH_fetch(NULL, OBJ_nid2sn(nid), NULL);
+ } else {
+ goto legacy;
+ }
+
+ if (exchange == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX, EVP_R_INITIALIZATION_ERROR);
+ goto err;
+ }
+ }
+
+ if (ctx->exchprovctx != NULL && ctx->exchange != NULL)
+ ctx->exchange->freectx(ctx->exchprovctx);
+ EVP_KEYEXCH_free(ctx->exchange);
+ ctx->exchange = exchange;
+ if (ctx->pkey != NULL) {
+ param = evp_pkey_to_param(ctx->pkey, ¶msz);
+ if (param == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX, EVP_R_INITIALIZATION_ERROR);
+ goto err;
+ }
+ }
+ ctx->exchprovctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
+ if (ctx->exchprovctx == NULL) {
+ OPENSSL_secure_clear_free(param, paramsz);
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX, EVP_R_INITIALIZATION_ERROR);
+ goto err;
+ }
+ ret = exchange->init(ctx->exchprovctx, param);
+ /*
+ * TODO(3.0): Really we should detect whether to call OPENSSL_free or
+ * OPENSSL_secure_clear_free based on the presence of a private key or not.
+ * Since we always expect a private key to be present we just call
+ * OPENSSL_secure_clear_free for now.
+ */
+ OPENSSL_secure_clear_free(param, paramsz);
+
+ return ret ? 1 : 0;
+ err:
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return 0;
+
+ legacy:
+ if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT_EX,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ctx->pmeth->derive_init == NULL)
+ return 1;
+ ret = ctx->pmeth->derive_init(ctx);
+ if (ret <= 0)
+ ctx->operation = EVP_PKEY_OP_UNDEFINED;
+ return ret;
+}
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
+{
+ return EVP_PKEY_derive_init_ex(ctx, NULL);
+}
+
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
+{
+ int ret;
+ OSSL_PARAM *param = NULL;
+
+ if (ctx == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ctx->exchprovctx == NULL)
+ goto legacy;
+
+ if (ctx->operation != EVP_PKEY_OP_DERIVE) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ if (ctx->exchange->set_peer == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ param = evp_pkey_to_param(peer, NULL);
+ if (param == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ ret = ctx->exchange->set_peer(ctx->exchprovctx, param);
+ /*
+ * TODO(3.0): Really we should detect whether to call OPENSSL_free or
+ * OPENSSL_secure_clear_free based on the presence of a private key or not.
+ * Since we always expect a public key to be present we just call
+ * OPENSSL_free for now.
+ */
+ OPENSSL_free(param);
+
+ return ret;
+
+ legacy:
+ if (ctx->pmeth == NULL
+ || !(ctx->pmeth->derive != NULL
+ || ctx->pmeth->encrypt != NULL
+ || ctx->pmeth->decrypt != NULL)
+ || ctx->pmeth->ctrl == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+ if (ctx->operation != EVP_PKEY_OP_DERIVE
+ && ctx->operation != EVP_PKEY_OP_ENCRYPT
+ && ctx->operation != EVP_PKEY_OP_DECRYPT) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+ EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
+
+ if (ret <= 0)
+ return ret;
+
+ if (ret == 2)
+ return 1;
+
+ if (ctx->pkey == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
+ return -1;
+ }
+
+ if (ctx->pkey->type != peer->type) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
+ return -1;
+ }
+
+ /*
+ * For clarity. The error is if parameters in peer are
+ * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
+ * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
+ * (different key types) is impossible here because it is checked earlier.
+ * -2 is OK for us here, as well as 1, so we can check for 0 only.
+ */
+ if (!EVP_PKEY_missing_parameters(peer) &&
+ !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
+ return -1;
+ }
+
+ EVP_PKEY_free(ctx->peerkey);
+ ctx->peerkey = peer;
+
+ ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
+
+ if (ret <= 0) {
+ ctx->peerkey = NULL;
+ return ret;
+ }
+
+ EVP_PKEY_up_ref(peer);
+ return 1;
+}
+
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
+{
+ int ret;
+
+ if (ctx == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ if (ctx->operation != EVP_PKEY_OP_DERIVE) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
+ return -1;
+ }
+
+ if (ctx->exchprovctx == NULL)
+ goto legacy;
+
+ ret = ctx->exchange->derive(ctx->exchprovctx, key, pkeylen, SIZE_MAX);
+
+ return ret;
+ legacy:
+ if (ctx == NULL || ctx->pmeth == NULL || ctx->pmeth->derive == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_DERIVE,
+ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+ return -2;
+ }
+
+ M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
+ return ctx->pmeth->derive(ctx, key, pkeylen);
+}
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index 187f7a6..51df2be 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -9,28 +9,11 @@
#include <stdio.h>
#include <stdlib.h>
-#include "internal/cryptlib.h"
#include <openssl/objects.h>
#include <openssl/evp.h>
+#include "internal/cryptlib.h"
#include "internal/evp_int.h"
-
-#define M_check_autoarg(ctx, arg, arglen, err) \
- if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) { \
- size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
- \
- if (pksize == 0) { \
- EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/ \
- return 0; \
- } \
- if (!arg) { \
- *arglen = pksize; \
- return 1; \
- } \
- if (*arglen < pksize) { \
- EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/ \
- return 0; \
- } \
- }
+#include "evp_locl.h"
int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
{
@@ -200,98 +183,3 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
}
-
-int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
-{
- int ret;
- if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
- ctx->operation = EVP_PKEY_OP_DERIVE;
- if (!ctx->pmeth->derive_init)
- return 1;
- ret = ctx->pmeth->derive_init(ctx);
- if (ret <= 0)
- ctx->operation = EVP_PKEY_OP_UNDEFINED;
- return ret;
-}
-
-int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
-{
- int ret;
- if (!ctx || !ctx->pmeth
- || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt)
- || !ctx->pmeth->ctrl) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
- if (ctx->operation != EVP_PKEY_OP_DERIVE
- && ctx->operation != EVP_PKEY_OP_ENCRYPT
- && ctx->operation != EVP_PKEY_OP_DECRYPT) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
- EVP_R_OPERATON_NOT_INITIALIZED);
- return -1;
- }
-
- ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
-
- if (ret <= 0)
- return ret;
-
- if (ret == 2)
- return 1;
-
- if (!ctx->pkey) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
- return -1;
- }
-
- if (ctx->pkey->type != peer->type) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
- return -1;
- }
-
- /*
- * For clarity. The error is if parameters in peer are
- * present (!missing) but don't match. EVP_PKEY_cmp_parameters may return
- * 1 (match), 0 (don't match) and -2 (comparison is not defined). -1
- * (different key types) is impossible here because it is checked earlier.
- * -2 is OK for us here, as well as 1, so we can check for 0 only.
- */
- if (!EVP_PKEY_missing_parameters(peer) &&
- !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
- return -1;
- }
-
- EVP_PKEY_free(ctx->peerkey);
- ctx->peerkey = peer;
-
- ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
-
- if (ret <= 0) {
- ctx->peerkey = NULL;
- return ret;
- }
-
- EVP_PKEY_up_ref(peer);
- return 1;
-}
-
-int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
-{
- if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE,
- EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
- return -2;
- }
- if (ctx->operation != EVP_PKEY_OP_DERIVE) {
- EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
- return -1;
- }
- M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
- return ctx->pmeth->derive(ctx, key, pkeylen);
-}
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 28fa047..d444e71 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -9,13 +9,16 @@
#include <stdio.h>
#include <stdlib.h>
-#include "internal/cryptlib.h"
#include <openssl/engine.h>
#include <openssl/evp.h>
#include <openssl/x509v3.h>
+#include <openssl/core_names.h>
+#include <openssl/dh.h>
+#include "internal/cryptlib.h"
#include "internal/asn1_int.h"
#include "internal/evp_int.h"
#include "internal/numbers.h"
+#include "evp_locl.h"
typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
@@ -253,7 +256,9 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
{
EVP_PKEY_CTX *rctx;
- if (!pctx->pmeth || !pctx->pmeth->copy)
+
+ if (((pctx->pmeth == NULL) || (pctx->pmeth->copy == NULL))
+ && pctx->exchprovctx == NULL)
return NULL;
#ifndef OPENSSL_NO_ENGINE
/* Make sure it's safe to copy a pkey context using an ENGINE */
@@ -262,31 +267,43 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
return 0;
}
#endif
- rctx = OPENSSL_malloc(sizeof(*rctx));
+ rctx = OPENSSL_zalloc(sizeof(*rctx));
if (rctx == NULL) {
EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_MALLOC_FAILURE);
return NULL;
}
+ if (pctx->pkey != NULL)
+ EVP_PKEY_up_ref(pctx->pkey);
+ rctx->pkey = pctx->pkey;
+ rctx->operation = pctx->operation;
+
+ if (pctx->exchprovctx != NULL) {
+ if (!ossl_assert(pctx->exchange != NULL))
+ return NULL;
+ rctx->exchange = pctx->exchange;
+ if (!EVP_KEYEXCH_up_ref(rctx->exchange)) {
+ OPENSSL_free(rctx);
+ return NULL;
+ }
+ rctx->exchprovctx = pctx->exchange->dupctx(pctx->exchprovctx);
+ if (rctx->exchprovctx == NULL) {
+ EVP_KEYEXCH_free(rctx->exchange);
+ OPENSSL_free(rctx);
+ return NULL;
+ }
+ return rctx;
+ }
+
rctx->pmeth = pctx->pmeth;
#ifndef OPENSSL_NO_ENGINE
rctx->engine = pctx->engine;
#endif
- if (pctx->pkey)
- EVP_PKEY_up_ref(pctx->pkey);
-
- rctx->pkey = pctx->pkey;
-
if (pctx->peerkey)
EVP_PKEY_up_ref(pctx->peerkey);
-
rctx->peerkey = pctx->peerkey;
- rctx->data = NULL;
- rctx->app_data = NULL;
- rctx->operation = pctx->operation;
-
if (pctx->pmeth->copy(rctx, pctx) > 0)
return rctx;
@@ -355,6 +372,12 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
return;
if (ctx->pmeth && ctx->pmeth->cleanup)
ctx->pmeth->cleanup(ctx);
+
+ if (ctx->exchprovctx != NULL && ctx->exchange != NULL)
+ ctx->exchange->freectx(ctx->exchprovctx);
+
+ EVP_KEYEXCH_free(ctx->exchange);
+
EVP_PKEY_free(ctx->pkey);
EVP_PKEY_free(ctx->peerkey);
#ifndef OPENSSL_NO_ENGINE
@@ -363,12 +386,52 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
OPENSSL_free(ctx);
}
+int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
+{
+ if (ctx->exchprovctx != NULL && ctx->exchange != NULL)
+ return ctx->exchange->set_params(ctx->exchprovctx, params);
+ return 0;
+}
+
+int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad)
+{
+ OSSL_PARAM dh_pad_params[2];
+
+ /* TODO(3.0): Remove this eventually when no more legacy */
+ if (ctx->exchprovctx == NULL)
+ return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE,
+ EVP_PKEY_CTRL_DH_PAD, pad, NULL);
+
+ dh_pad_params[0] = OSSL_PARAM_construct_int(OSSL_EXCHANGE_PARAM_PAD, &pad);
+ dh_pad_params[1] = OSSL_PARAM_construct_end();
+
+ return EVP_PKEY_CTX_set_params(ctx, dh_pad_params);
+}
+
+static int legacy_ctrl_to_param(EVP_PKEY_CTX *ctx, int keytype, int optype,
+ int cmd, int p1, void *p2)
+{
+ switch (cmd) {
+ case EVP_PKEY_CTRL_DH_PAD:
+ return EVP_PKEY_CTX_set_dh_pad(ctx, p1);
+ }
+ return 0;
+}
+
int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2)
{
int ret;
- if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
+ if (ctx == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+ return -2;
+ }
+
+ if (ctx->exchprovctx != NULL)
+ return legacy_ctrl_to_param(ctx, keytype, optype, cmd, p1, p2);
+
+ if (ctx->pmeth == NULL || ctx->pmeth->ctrl == NULL) {
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
return -2;
}
@@ -404,9 +467,29 @@ int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int
keytype, int optype,
return EVP_PKEY_CTX_ctrl(ctx, keytype, optype, cmd, 0, &value);
}
+static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name,
+ const char *value)
+{
+ if (strcmp(name, "dh_pad") == 0) {
+ int pad;
+
+ pad = atoi(value);
+ return EVP_PKEY_CTX_set_dh_pad(ctx, pad);
+ }
+ return 0;
+}
+
int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
const char *name, const char *value)
{
+ if (ctx == NULL) {
+ EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
+ return -2;
+ }
+
+ if (ctx->exchprovctx != NULL)
+ return legacy_ctrl_str_to_param(ctx, name, value);
+
if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
return -2;
diff --git a/crypto/include/internal/evp_int.h
b/crypto/include/internal/evp_int.h
index da4ae0f..71833fa 100644
--- a/crypto/include/internal/evp_int.h
+++ b/crypto/include/internal/evp_int.h
@@ -18,6 +18,11 @@
#define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400
struct evp_pkey_ctx_st {
+ EVP_KEYEXCH *exchange;
+ void *exchprovctx;
+
+ /* Legacy fields below */
+
/* Method associated with this operation */
const EVP_PKEY_METHOD *pmeth;
/* Engine that implements this method or NULL if builtin */
diff --git a/crypto/params.c b/crypto/params.c
index 0c9e6f3..87a6682 100644
--- a/crypto/params.c
+++ b/crypto/params.c
@@ -582,13 +582,6 @@ OSSL_PARAM OSSL_PARAM_construct_size_t(const char *key,
size_t *buf)
sizeof(size_t));
}
-#ifndef FIPS_MODE
-/*
- * TODO(3.0): Make this available in FIPS mode.
- *
- * Temporarily we don't include these functions in FIPS mode to avoid pulling
- * in the entire BN sub-library into the module at this point.
- */
int OSSL_PARAM_get_BN(const OSSL_PARAM *p, BIGNUM **val)
{
BIGNUM *b;
@@ -632,7 +625,6 @@ OSSL_PARAM OSSL_PARAM_construct_BN(const char *key,
unsigned char *buf,
return ossl_param_construct(key, OSSL_PARAM_UNSIGNED_INTEGER,
buf, bsize);
}
-#endif
int OSSL_PARAM_get_double(const OSSL_PARAM *p, double *val)
{
diff --git a/doc/man3/EVP_KEYEXCH_free.pod b/doc/man3/EVP_KEYEXCH_free.pod
new file mode 100644
index 0000000..d10d768
--- /dev/null
+++ b/doc/man3/EVP_KEYEXCH_free.pod
@@ -0,0 +1,46 @@
+=pod
+
+=head1 NAME
+
+EVP_KEYEXCH_free, EVP_KEYEXCH_up_ref
+- Functions to manage EVP_KEYEXCH algorithm objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange);
+ int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange);
+
+=head1 DESCRIPTION
+
+EVP_KEYEXCH_free() decrements the reference count for the B<EVP_KEYEXCH>
+structure. Typically this structure will have been obtained from an earlier
call
+to L<EVP_KEYEXCH_fetch(3)>. If the reference count drops to 0 then the
+structure is freed.
+
+EVP_KEYEXCH_up_ref() increments the reference count for an B<EVP_KEYEXCH>
+structure.
+
+=head1 RETURN VALUES
+
+EVP_KEYEXCH_up_ref() returns 1 for success or 0 otherwise.
+
+=head1 SEE ALSO
+
+L<EVP_KEYEXCH_fetch(3)>
+
+=head1 HISTORY
+
+The functions described here were added in OpenSSL 3.0.
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man3/EVP_MD_fetch.pod b/doc/man3/EVP_MD_fetch.pod
index 1e43b4f..11390d0 100644
--- a/doc/man3/EVP_MD_fetch.pod
+++ b/doc/man3/EVP_MD_fetch.pod
@@ -2,7 +2,7 @@
=head1 NAME
-EVP_MD_fetch, EVP_CIPHER_fetch
+EVP_MD_fetch, EVP_CIPHER_fetch, EVP_KEYEXCH_fetch
- Functions to explicitly fetch algorithm implementations
=head1 SYNOPSIS
@@ -13,6 +13,8 @@ EVP_MD_fetch, EVP_CIPHER_fetch
const char *properties);
EVP_CIPHER *EVP_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm,
const char *properties);
+ EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
=head1 DESCRIPTION
@@ -38,6 +40,10 @@ Represents a Message Authentication Code algorithm.
Represents a Key Derivation Function algorithm.
+=item B<EVP_KEYEXCH>
+
+Represents a Key Exchange algorithm.
+
=back
The algorithm objects may or may not have an associated algorithm
@@ -62,6 +68,12 @@ Typically, this will return an implementation of the
appropriate algorithm from
the default provider unless the default search criteria have been changed
and/or
different providers have been loaded.
+Implicit fetching can also occur with functions such as
+L<EVP_PKEY_CTX_derive_init_ex(3)> where a NULL algorithm parameter is supplied.
+In this case an algorithm implementation is implicitly fetched using default
+search criteria and an algorithm name that is consistent with the type of
+EVP_PKEY being used.
+
=item Explicit Fetch
With explicit fetch an application uses one of the "fetch" functions to obtain
diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod
index 1bab6d1..369fc0f 100644
--- a/doc/man3/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod
@@ -2,6 +2,7 @@
=head1 NAME
+EVP_PKEY_CTX_set_params,
EVP_PKEY_CTX_ctrl,
EVP_PKEY_CTX_ctrl_str,
EVP_PKEY_CTX_ctrl_uint64,
@@ -62,6 +63,8 @@ EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id,
EVP_PKEY_CTX_get1_id_len
#include <openssl/evp.h>
+ int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
+
int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2);
int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype,
@@ -141,6 +144,25 @@ EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id,
EVP_PKEY_CTX_get1_id_len
=head1 DESCRIPTION
+The EVP_PKEY_CTX_set_params() function sends arbitrary parameters to the
+algorithm implementation.
+Not all parameters may be supported by all providers.
+See L<OSSL_PROVIDER(3)> for more information on providers.
+See L<OSSL_PARAM(3)> for more information on parameters.
+The parameters currently supported by the default provider are:
+
+=over 4
+
+=item OSSL_EXCHANGE_PARAM_PAD (int type)
+
+Sets the DH padding mode.
+If B<OSSL_EXCHANGE_PARAM_PAD> is 1 then the shared secret is padded with
zeroes
+up to the size of the DH prime B<p>.
+If B<OSSL_EXCHANGE_PARAM_PAD> is zero (the default) then no padding is
+performed.
+
+=back
+
The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
B<optype> is a mask indicating which operations the control can be applied to.
@@ -290,8 +312,9 @@ The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key
type for DH
parameter generation. Use 0 for PKCS#3 DH and 1 for X9.42 DH.
The default is 0.
-The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If B<pad> is
-1 the shared secret is padded with zeroes up to the size of the DH prime B<p>.
+The EVP_PKEY_CTX_set_dh_pad() function sets the DH padding mode.
+If B<pad> is 1 the shared secret is padded with zeroes up to the size of the DH
+prime B<p>.
If B<pad> is zero (the default) then no padding is performed.
EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to
@@ -458,6 +481,9 @@ The
EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len()
macros were added in 1.1.1, other functions were added in OpenSSL 1.0.0.
+EVP_PKEY_CTX_set_dh_pad() was a macro in OpenSSL 1.1.1 and below.
+From OpenSSL 3.0 it is a function.
+
=head1 COPYRIGHT
Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/doc/man3/EVP_PKEY_derive.pod b/doc/man3/EVP_PKEY_derive.pod
index a6747f4..8d54326 100644
--- a/doc/man3/EVP_PKEY_derive.pod
+++ b/doc/man3/EVP_PKEY_derive.pod
@@ -2,20 +2,33 @@
=head1 NAME
-EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive
public key algorithm shared secret
+EVP_PKEY_derive_init, EVP_PKEY_derive_init_ex, EVP_PKEY_derive_set_peer,
+EVP_PKEY_derive - derive public key algorithm shared secret
=head1 SYNOPSIS
#include <openssl/evp.h>
+ int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, EVP_KEYEXCH *exchange);
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
=head1 DESCRIPTION
-The EVP_PKEY_derive_init() function initializes a public key algorithm
-context using key B<pkey> for shared secret derivation.
+The EVP_PKEY_derive_init_ex() function initializes a public key algorithm
+context for shared secret derivation using the key exchange algorithm
+B<exchange>.
+The key exchange algorithm B<exchange> should be fetched using a call to
+L<EVP_KEYEXCH_fetch(3)>.
+The EVP_PKEY object associated with B<ctx> must be compatible with that
+algorithm.
+B<exchange> may be NULL in which case the EVP_KEYEXCH algorithm is fetched
+implicitly based on the type of EVP_PKEY associated with B<ctx>.
+See L<EVP_KEYEXCH_fetch(3)> for more information about implict fetches.
+
+The EVP_PKEY_derive_init() function is the same as EVP_PKEY_derive() except
that
+the EVP_KEYEXCH algorithm is always implicitly fetched.
The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
be a public key.
@@ -29,18 +42,19 @@ written to B<keylen>.
=head1 NOTES
-After the call to EVP_PKEY_derive_init() algorithm specific control
-operations can be performed to set any appropriate parameters for the
-operation.
+After the call to EVP_PKEY_derive_init() or EVP_PKEY_derive_init_ex() algorithm
+specific control operations can be performed to set any appropriate parameters
+for the operation.
The function EVP_PKEY_derive() can be called more than once on the same
context if several operations are performed using the same parameters.
=head1 RETURN VALUES
-EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
-or a negative value for failure. In particular a return value of -2
-indicates the operation is not supported by the public key algorithm.
+EVP_PKEY_derive_init_ex(), EVP_PKEY_derive_init() and EVP_PKEY_derive() return
1
+for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
=head1 EXAMPLE
@@ -86,10 +100,12 @@ L<EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)>,
+L<EVP_KEYEXCH_fetch(3)>
=head1 HISTORY
-These functions were added in OpenSSL 1.0.0.
+These functions were added in OpenSSL 1.0.0. The EVP_PKEY_derive_init_ex()
+function was added in OpenSSL 3.0.
=head1 COPYRIGHT
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 4addcea..d1ba624 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -56,6 +56,19 @@ extern "C" {
#define OSSL_DIGEST_PARAM_PAD_TYPE "pad_type"
#define OSSL_DIGEST_PARAM_MICALG "micalg"
+/* PKEY parameters */
+/* Diffie-Hellman Parameters */
+#define OSSL_PKEY_PARAM_DH_P "dh-p"
+#define OSSL_PKEY_PARAM_DH_G "dh-g"
+#define OSSL_PKEY_PARAM_DH_Q "dh-q"
+/* Diffie-Hellman Keys */
+#define OSSL_PKEY_PARAM_DH_PUB_KEY "dh-pub"
+#define OSSL_PKEY_PARAM_DH_PRIV_KEY "dh-priv"
+
+/* Key Exchange parameters */
+
+#define OSSL_EXCHANGE_PARAM_PAD "exchange-pad"
+
# ifdef __cplusplus
}
# endif
diff --git a/include/openssl/core_numbers.h b/include/openssl/core_numbers.h
index 37a3170..c589243 100644
--- a/include/openssl/core_numbers.h
+++ b/include/openssl/core_numbers.h
@@ -229,6 +229,30 @@ OSSL_CORE_MAKE_FUNC(int, OP_cipher_ctx_get_params, (void
*cctx,
OSSL_CORE_MAKE_FUNC(int, OP_cipher_ctx_set_params, (void *cctx,
const OSSL_PARAM params[]))
+/* Key Exchange */
+
+# define OSSL_OP_KEYEXCH 3
+
+# define OSSL_FUNC_KEYEXCH_NEWCTX 1
+# define OSSL_FUNC_KEYEXCH_INIT 2
+# define OSSL_FUNC_KEYEXCH_DERIVE 3
+# define OSSL_FUNC_KEYEXCH_SET_PEER 4
+# define OSSL_FUNC_KEYEXCH_FREECTX 5
+# define OSSL_FUNC_KEYEXCH_DUPCTX 6
+# define OSSL_FUNC_KEYEXCH_SET_PARAMS 7
+
+OSSL_CORE_MAKE_FUNC(void *, OP_keyexch_newctx, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, OP_keyexch_init, (void *ctx,
+ OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, OP_keyexch_derive, (void *ctx, unsigned char *key,
+ size_t *keylen, size_t outlen))
+OSSL_CORE_MAKE_FUNC(int, OP_keyexch_set_peer, (void *ctx,
+ OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(void, OP_keyexch_freectx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(void *, OP_keyexch_dupctx, (void *ctx))
+OSSL_CORE_MAKE_FUNC(int, OP_keyexch_set_params, (void *ctx,
+ OSSL_PARAM params[]))
+
# ifdef __cplusplus
}
# endif
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 18858eb..e96c811 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -253,9 +253,7 @@ int DH_meth_set_generate_params(DH_METHOD *dhm,
EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, \
EVP_PKEY_CTRL_DH_NID, nid, NULL)
-# define EVP_PKEY_CTX_set_dh_pad(ctx, pad) \
- EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, \
- EVP_PKEY_CTRL_DH_PAD, pad, NULL)
+int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index e781ebe..377b4b1 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1416,6 +1416,7 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
int cmd, int p1, void *p2);
int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
@@ -1477,6 +1478,7 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
+int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, EVP_KEYEXCH *exchange);
int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
@@ -1705,6 +1707,12 @@ void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD
*pmeth,
void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
EVP_MD_CTX
*mctx));
+
+void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange);
+int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange);
+EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm,
+ const char *properties);
+
void EVP_add_alg_module(void);
/*
diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h
index 202e366..76a9bee 100644
--- a/include/openssl/ossl_typ.h
+++ b/include/openssl/ossl_typ.h
@@ -104,6 +104,8 @@ typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
typedef struct evp_kdf_st EVP_KDF;
typedef struct evp_kdf_ctx_st EVP_KDF_CTX;
+typedef struct evp_keyexch_st EVP_KEYEXCH;
+
typedef struct evp_Encode_Ctx_st EVP_ENCODE_CTX;
typedef struct hmac_ctx_st HMAC_CTX;
diff --git a/providers/common/build.info b/providers/common/build.info
index 500ef64..c77606a 100644
--- a/providers/common/build.info
+++ b/providers/common/build.info
@@ -1,4 +1,4 @@
-SUBDIRS=digests ciphers
+SUBDIRS=digests ciphers exchange
SOURCE[../../libcrypto]=\
provider_err.c provlib.c
diff --git a/providers/common/exchange/build.info
b/providers/common/exchange/build.info
new file mode 100644
index 0000000..1039075
--- /dev/null
+++ b/providers/common/exchange/build.info
@@ -0,0 +1,5 @@
+LIBS=../../../libcrypto
+SOURCE[../../../libcrypto]=\
+ dh.c
+
+
diff --git a/providers/common/exchange/dh.c b/providers/common/exchange/dh.c
new file mode 100644
index 0000000..ca6f0fc
--- /dev/null
+++ b/providers/common/exchange/dh.c
@@ -0,0 +1,194 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/core_numbers.h>
+#include <openssl/core_names.h>
+#include <openssl/dh.h>
+#include <openssl/params.h>
+#include "internal/provider_algs.h"
+
+static OSSL_OP_keyexch_newctx_fn dh_newctx;
+static OSSL_OP_keyexch_init_fn dh_init;
+static OSSL_OP_keyexch_set_peer_fn dh_set_peer;
+static OSSL_OP_keyexch_derive_fn dh_derive;
+static OSSL_OP_keyexch_freectx_fn dh_freectx;
+static OSSL_OP_keyexch_dupctx_fn dh_dupctx;
+
+
+typedef struct {
+ DH *dh;
+ DH *dhpeer;
+ int pad;
+} PROV_DH_CTX;
+
+static void *dh_newctx(void *provctx)
+{
+ return OPENSSL_zalloc(sizeof(PROV_DH_CTX));
+}
+
+static DH *param_to_dh(OSSL_PARAM params[], int priv)
+{
+ DH *dh = DH_new();
+ OSSL_PARAM *paramptr;
+ BIGNUM *p = NULL, *g = NULL, *pub_key = NULL, *priv_key = NULL;
+
+ if (dh == NULL)
+ return NULL;
+
+ paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_P);
+ if (paramptr == NULL
+ || !OSSL_PARAM_get_BN(paramptr, &p))
+ goto err;
+
+ paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_G);
+ if (paramptr == NULL || !OSSL_PARAM_get_BN(paramptr, &g))
+ goto err;
+
+ if (!DH_set0_pqg(dh, p, NULL, g))
+ goto err;
+ p = g = NULL;
+
+ paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_PUB_KEY);
+ if (paramptr == NULL || !OSSL_PARAM_get_BN(paramptr, &pub_key))
+ goto err;
+
+ /* Private key is optional */
+ if (priv) {
+ paramptr = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DH_PRIV_KEY);
+ if (paramptr == NULL
+ || (priv_key = BN_secure_new()) == NULL
+ || !OSSL_PARAM_get_BN(paramptr, &priv_key))
+ goto err;
+ }
+
+ if (!DH_set0_key(dh, pub_key, priv_key))
+ goto err;
+
+ return dh;
+
+ err:
+ BN_free(p);
+ BN_free(g);
+ BN_free(pub_key);
+ BN_free(priv_key);
+ DH_free(dh);
+ return NULL;
+}
+
+static int dh_init(void *vpdhctx, OSSL_PARAM params[])
+{
+ PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+
+ DH_free(pdhctx->dh);
+ pdhctx->dh = param_to_dh(params, 1);
+
+ return pdhctx->dh != NULL;
+}
+
+static int dh_set_peer(void *vpdhctx, OSSL_PARAM params[])
+{
+ PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+
+ DH_free(pdhctx->dhpeer);
+ pdhctx->dhpeer = param_to_dh(params, 0);
+
+ return pdhctx->dhpeer != NULL;
+}
+
+static int dh_derive(void *vpdhctx, unsigned char *key, size_t *keylen,
+ size_t outlen)
+{
+ PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+ int ret;
+ size_t dhsize;
+ const BIGNUM *pub_key = NULL;
+
+ /* TODO(3.0): Add errors to stack */
+ if (pdhctx->dh == NULL || pdhctx->dhpeer == NULL)
+ return 0;
+
+ dhsize = (size_t)DH_size(pdhctx->dh);
+ if (key == NULL) {
+ *keylen = dhsize;
+ return 1;
+ }
+ if (outlen < dhsize)
+ return 0;
+
+ DH_get0_key(pdhctx->dhpeer, &pub_key, NULL);
+ ret = (pdhctx->pad) ? DH_compute_key_padded(key, pub_key, pdhctx->dh)
+ : DH_compute_key(key, pub_key, pdhctx->dh);
+ if (ret <= 0)
+ return 0;
+
+ *keylen = ret;
+ return 1;
+}
+
+static void dh_freectx(void *vpdhctx)
+{
+ PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+
+ DH_free(pdhctx->dh);
+ DH_free(pdhctx->dhpeer);
+
+ OPENSSL_free(pdhctx);
+}
+
+static void *dh_dupctx(void *vpdhctx)
+{
+ PROV_DH_CTX *srcctx = (PROV_DH_CTX *)vpdhctx;
+ PROV_DH_CTX *dstctx;
+
+ dstctx = OPENSSL_zalloc(sizeof(*srcctx));
+
+ *dstctx = *srcctx;
+ if (dstctx->dh != NULL && !DH_up_ref(dstctx->dh)) {
+ OPENSSL_free(dstctx);
+ return NULL;
+ }
+
+ if (dstctx->dhpeer != NULL && !DH_up_ref(dstctx->dhpeer)) {
+ DH_free(dstctx->dh);
+ OPENSSL_free(dstctx);
+ return NULL;
+ }
+
+ return dstctx;
+}
+
+static int dh_set_params(void *vpdhctx, OSSL_PARAM params[])
+{
+ PROV_DH_CTX *pdhctx = (PROV_DH_CTX *)vpdhctx;
+ const OSSL_PARAM *p;
+ int pad;
+
+ if (pdhctx == NULL || params == NULL)
+ return 0;
+
+ p = OSSL_PARAM_locate(params, OSSL_EXCHANGE_PARAM_PAD);
+ if (p == NULL || !OSSL_PARAM_get_int(p, &pad))
+ return 0;
+
+ pdhctx->pad = pad;
+
+ return 1;
+}
+
+const OSSL_DISPATCH dh_functions[] = {
+ { OSSL_FUNC_KEYEXCH_NEWCTX, (void (*)(void))dh_newctx },
+ { OSSL_FUNC_KEYEXCH_INIT, (void (*)(void))dh_init },
+ { OSSL_FUNC_KEYEXCH_DERIVE, (void (*)(void))dh_derive },
+ { OSSL_FUNC_KEYEXCH_SET_PEER, (void (*)(void))dh_set_peer },
+ { OSSL_FUNC_KEYEXCH_FREECTX, (void (*)(void))dh_freectx },
+ { OSSL_FUNC_KEYEXCH_DUPCTX, (void (*)(void))dh_dupctx },
+ { OSSL_FUNC_KEYEXCH_SET_PARAMS, (void (*)(void))dh_set_params },
+ { 0, NULL }
+};
diff --git a/providers/common/include/internal/provider_algs.h
b/providers/common/include/internal/provider_algs.h
index 0e26da0..dbc79a5 100644
--- a/providers/common/include/internal/provider_algs.h
+++ b/providers/common/include/internal/provider_algs.h
@@ -57,3 +57,6 @@ extern const OSSL_DISPATCH aes128cfb8_functions[];
extern const OSSL_DISPATCH aes256ctr_functions[];
extern const OSSL_DISPATCH aes192ctr_functions[];
extern const OSSL_DISPATCH aes128ctr_functions[];
+
+/* Key Exchange */
+extern const OSSL_DISPATCH dh_functions[];
diff --git a/providers/default/defltprov.c b/providers/default/defltprov.c
index 76ef2bc..6ac2bdb 100644
--- a/providers/default/defltprov.c
+++ b/providers/default/defltprov.c
@@ -114,6 +114,11 @@ static const OSSL_ALGORITHM deflt_ciphers[] = {
{ NULL, NULL, NULL }
};
+static const OSSL_ALGORITHM deflt_keyexch[] = {
+ { "dhKeyAgreement", "default=yes", dh_functions },
+ { NULL, NULL, NULL }
+};
+
static const OSSL_ALGORITHM *deflt_query(OSSL_PROVIDER *prov,
int operation_id,
int *no_cache)
@@ -124,6 +129,8 @@ static const OSSL_ALGORITHM *deflt_query(OSSL_PROVIDER
*prov,
return deflt_digests;
case OSSL_OP_CIPHER:
return deflt_ciphers;
+ case OSSL_OP_KEYEXCH:
+ return deflt_keyexch;
}
return NULL;
}
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 0ce8800..d036249 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4679,3 +4679,9 @@ BN_priv_rand_ex 4784 3_0_0
EXIST::FUNCTION:
BN_rand_range_ex 4785 3_0_0 EXIST::FUNCTION:
BN_priv_rand_range_ex 4786 3_0_0 EXIST::FUNCTION:
BN_generate_prime_ex2 4787 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_derive_init_ex 4788 3_0_0 EXIST::FUNCTION:
+EVP_KEYEXCH_free 4789 3_0_0 EXIST::FUNCTION:
+EVP_KEYEXCH_up_ref 4790 3_0_0 EXIST::FUNCTION:
+EVP_KEYEXCH_fetch 4791 3_0_0 EXIST::FUNCTION:
+EVP_PKEY_CTX_set_dh_pad 4792 3_0_0 EXIST::FUNCTION:DH
+EVP_PKEY_CTX_set_params 4793 3_0_0 EXIST::FUNCTION:
