Implement EVP_KDF_derive_SKEY

beldmit · Jan 17, 2025 · 5d8bc33 · 5d8bc33
1 parent 78fad07
commit 5d8bc33
Show file tree

Hide file tree

Showing 8 changed files with 67 additions and 7 deletions.
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
@@ -144,6 +144,36 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
     return ctx->meth->derive(ctx->algctx, key, keylen, params);
 }
 
+EVP_SKEY *EVP_KDF_derive_SKEY(EVP_KDF_CTX *ctx, EVP_SKEYMGMT *skeymgmt,
+                              const OSSL_PARAM params[])
+{
+    if (ctx == NULL || skey == NULL)
+        return 0;
+
+    if (ctx->meth->derive_opaque == NULL) {
+        ERR_raise(ERR_R_EVP_LIB, ERR_R_UNSUPPORTED);
+        return NULL;
+    }
+    if (ctx->meth->derive_skey == NULL) {
+        ERR_raise(ERR_R_EVP_LIB, ERR_R_UNSUPPORTED);
+        return NULL;
+    }
+
+    ret = evp_skey_int();
+    if (ret == NULL)
+        return NULL;
+
+    ret->skeymgmt = skeymgmt;
+
+    ret->keydata = ctx->meth->derive_skey(ctx->algctx, params);
+    if (ret->keydata == NULL) {
+        EVP_SKEY_free(ret);
+        return NULL;
+    }
+
+    return ret;
+}
+
 /*
  * The {get,set}_params functions return 1 if there is no corresponding
  * function in the implementation.  This is the same as if there was one,

diff --git a/crypto/evp/kdf_meth.c b/crypto/evp/kdf_meth.c
@@ -137,6 +137,11 @@ static void *evp_kdf_from_algorithm(int name_id,
                 break;
             kdf->set_ctx_params = OSSL_FUNC_kdf_set_ctx_params(fns);
             break;
+        case OSSL_FUNC_KDF_DERIVE_SKEY:
+            if (kdf->derive_skey != NULL)
+                break;
+            kdf->derive_skey = OSSL_FUNC_kdf_derive_skey(fns);
+            break;
         }
     }
     if (fnkdfcnt != 1 || fnctxcnt != 2) {

diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod
@@ -4,7 +4,7 @@
 
 EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref,
 EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup,
-EVP_KDF_CTX_reset, EVP_KDF_derive,
+EVP_KDF_CTX_reset, EVP_KDF_derive, EVP_KDF_derive_SKEY,
 EVP_KDF_CTX_get_kdf_size,
 EVP_KDF_get0_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a,
 EVP_KDF_get0_name, EVP_KDF_names_do_all, EVP_KDF_get0_description,
@@ -28,6 +28,8 @@ EVP_KDF_CTX_gettable_params, EVP_KDF_CTX_settable_params - EVP KDF routines
  size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx);
  int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
                     const OSSL_PARAM params[]);
+ EVP_SKEY *EVP_KDF_derive_SKEY(EVP_KDF_CTX *ctx, EVP_SKEYMGMT *skeymgmt,
+                               const OSSL_PARAM params[]);
  int EVP_KDF_up_ref(EVP_KDF *kdf);
  void EVP_KDF_free(EVP_KDF *kdf);
  EVP_KDF *EVP_KDF_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
@@ -58,10 +60,10 @@ The EVP KDF routines are a high-level interface to Key Derivation Function
 algorithms and should be used instead of algorithm-specific functions.
 
 After creating a B<EVP_KDF_CTX> for the required algorithm using
-EVP_KDF_CTX_new(), inputs to the algorithm are supplied either by
-passing them as part of the EVP_KDF_derive() call or using calls
-to EVP_KDF_CTX_set_params() before calling EVP_KDF_derive() to derive
-the key.
+EVP_KDF_CTX_new(), inputs to the algorithm are supplied either by passing them
+as part of the EVP_KDF_derive() or EVP_KDF_derive_SKEY() call or using calls to
+EVP_KDF_CTX_set_params() before calling EVP_KDF_derive() or
+EVP_KDF_derive_SKEY() to derive the key.
 
 =head2 Types
 
@@ -108,6 +110,11 @@ If the algorithm produces a fixed amount of output then an error will
 occur unless the I<keylen> parameter is equal to that output size,
 as returned by EVP_KDF_CTX_get_kdf_size().
 
+EVP_KDF_derive_SKEY() behaves similar except it returns an B<EVP_SKEY> object.
+If the KDF doesn't support dealing with opaque keys or the passed
+B<EVP_SKEYMGMT> is from a different provider than KDF method, the operation
+will fail.
+
 EVP_KDF_get_params() retrieves details about the implementation
 I<kdf>.
 The set of parameters given with I<params> determine exactly what
@@ -283,6 +290,8 @@ EVP_KDF_get0_name() returns the name of the KDF, or NULL on error.
 EVP_KDF_names_do_all() returns 1 if the callback was called for all names. A
 return value of 0 means that the callback was not called for any names.
 
+EVP_KDF_derive_SKEY() returns the B<EVP_SKEY> object on success or NULL on failure.
+
 The remaining functions return 1 for success and 0 for failure.
 
 =head1 NOTES
@@ -300,6 +309,8 @@ L<life_cycle-kdf(7)>.
 
 This functionality was added in OpenSSL 3.0.
 
+EVP_KDF_derive_SKEY() function was introduced in OpenSSL 3.5.
+
 =head1 COPYRIGHT
 
 Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.

diff --git a/doc/man7/provider-kdf.pod b/doc/man7/provider-kdf.pod
@@ -26,6 +26,7 @@ provider-kdf - The KDF library E<lt>-E<gt> provider functions
  int OSSL_FUNC_kdf_reset(void *kctx);
  int OSSL_FUNC_kdf_derive(void *kctx, unsigned char *key, size_t keylen,
                           const OSSL_PARAM params[]);
+ int OSSL_FUNC_kdf_derive_skey(void *kctx, void *key, const OSSL_PARAM params[]);
 
  /* KDF parameter descriptors */
  const OSSL_PARAM *OSSL_FUNC_kdf_gettable_params(void *provctx);
@@ -71,6 +72,7 @@ macros in L<openssl-core_dispatch.h(7)>, as follows:
 
  OSSL_FUNC_kdf_reset                OSSL_FUNC_KDF_RESET
  OSSL_FUNC_kdf_derive               OSSL_FUNC_KDF_DERIVE
+ OSSL_FUNC_kdf_derive_skey          OSSL_FUNC_KDF_DERIVE_SKEY
 
  OSSL_FUNC_kdf_get_params           OSSL_FUNC_KDF_GET_PARAMS
  OSSL_FUNC_kdf_get_ctx_params       OSSL_FUNC_KDF_GET_CTX_PARAMS
@@ -83,7 +85,8 @@ macros in L<openssl-core_dispatch.h(7)>, as follows:
 A KDF algorithm implementation may not implement all of these functions.
 In order to be a consistent set of functions, at least the following functions
 must be implemented: OSSL_FUNC_kdf_newctx(), OSSL_FUNC_kdf_freectx(),
-OSSL_FUNC_kdf_set_ctx_params(), OSSL_FUNC_kdf_derive().
+OSSL_FUNC_kdf_set_ctx_params(), and at least one of
+OSSL_FUNC_kdf_derive() or OSSL_FUNC_kdf_derive_skey().
 All other functions are optional.
 
 =head2 Context Management Functions
@@ -116,6 +119,9 @@ The resulting key of the desired I<keylen> should be written to I<key>.
 If the algorithm does not support the requested I<keylen> the function must
 return error.
 
+OSSL_FUNC_kdf_derive_skey() is similar to OSSL_FUNC_kdf_derive() but uses an
+opaque object for storing the derived key.
+
 =head2 KDF Parameters
 
 See L<OSSL_PARAM(3)> for further details on the parameters structure used by
@@ -325,7 +331,7 @@ It is defined as per RFC 7292 section B.3.
 OSSL_FUNC_kdf_newctx() and OSSL_FUNC_kdf_dupctx() should return the newly created
 provider side KDF context, or NULL on failure.
 
-OSSL_FUNC_kdf_derive(), OSSL_FUNC_kdf_get_params(),
+OSSL_FUNC_kdf_derive(), OSSL_FUNC_kdf_derive_skey(), OSSL_FUNC_kdf_get_params(),
 OSSL_FUNC_kdf_get_ctx_params() and OSSL_FUNC_kdf_set_ctx_params() should return 1 for
 success or 0 on error.
 
@@ -347,6 +353,8 @@ L<provider(7)>, L<life_cycle-kdf(7)>, L<EVP_KDF(3)>.
 
 The provider KDF interface was introduced in OpenSSL 3.0.
 
+OSSL_FUNC_kdf_derive_skey() was added in OpenSSL 3.5.
+
 =head1 COPYRIGHT
 
 Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.

diff --git a/include/crypto/evp.h b/include/crypto/evp.h
@@ -246,6 +246,7 @@ struct evp_kdf_st {
     OSSL_FUNC_kdf_get_params_fn *get_params;
     OSSL_FUNC_kdf_get_ctx_params_fn *get_ctx_params;
     OSSL_FUNC_kdf_set_ctx_params_fn *set_ctx_params;
+    OSSL_FUNC_kdf_derive_skey_fn *derive_skey;
 };
 
 #define EVP_ORIG_DYNAMIC    0

diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
@@ -475,6 +475,7 @@ OSSL_CORE_MAKE_FUNC(int, mac_set_ctx_params,
 # define OSSL_FUNC_KDF_GET_PARAMS                    9
 # define OSSL_FUNC_KDF_GET_CTX_PARAMS               10
 # define OSSL_FUNC_KDF_SET_CTX_PARAMS               11
+# define OSSL_FUNC_KDF_DERIVE_SKEY                  12
 
 OSSL_CORE_MAKE_FUNC(void *, kdf_newctx, (void *provctx))
 OSSL_CORE_MAKE_FUNC(void *, kdf_dupctx, (void *src))
@@ -492,6 +493,7 @@ OSSL_CORE_MAKE_FUNC(int, kdf_get_ctx_params,
                     (void *kctx, OSSL_PARAM params[]))
 OSSL_CORE_MAKE_FUNC(int, kdf_set_ctx_params,
                     (void *kctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(void *, kdf_derive_skey, (void *kctx, const OSSL_PARAM params[]))
 
 /* RAND */
 

diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
@@ -43,6 +43,8 @@ void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx);
 size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx);
 int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
                    const OSSL_PARAM params[]);
+EVP_SKEY *EVP_KDF_derive_SKEY(EVP_KDF_CTX *ctx, EVP_SKEYMGMT *skeymgmt,
+                              const OSSL_PARAM params[]);
 int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]);
 int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]);
 int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[]);

diff --git a/util/libcrypto.num b/util/libcrypto.num
@@ -5892,3 +5892,4 @@ EVP_SKEYMGMT_get0_description           ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEYMGMT_is_a                       ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEYMGMT_do_all_provided            ?	3_5_0	EXIST::FUNCTION:
 EVP_SKEYMGMT_names_do_all               ?	3_5_0	EXIST::FUNCTION:
+EVP_KDF_derive_SKEY                     ?	3_5_0	EXIST::FUNCTION: