Move KDF handling to ECDH_compute_key()

In OpenSSL e2285d87, the KDF handling was moved from the compute_key() method into the public API. A consequence of this change is that the ECDH_compute_key() API no longer returns -1 for some errors. Existing checks for <= 0 are safe as are those checking for the exact length as return value, which is all what the ecosystem seems to be doing. ok jsing
author: tb <> 2023-07-28 09:28:37 +0000
committer: tb <> 2023-07-28 09:28:37 +0000
commit: c043ade63ba3d45eacfb953347c00f0988397d9a (patch)
tree: 7caeb4b66ea3545dbbf75224b3b77f6e29ea4f22 /src/lib/libcrypto/ec/ec_local.h
parent: 2d27f5ba745b8f5de6e3e827829699607f11a54f (diff)
download: openbsd-c043ade63ba3d45eacfb953347c00f0988397d9a.tar.gz
openbsd-c043ade63ba3d45eacfb953347c00f0988397d9a.tar.bz2
openbsd-c043ade63ba3d45eacfb953347c00f0988397d9a.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libcrypto/ec/ec_local.h b/src/lib/libcrypto/ec/ec_local.h
index 7a1f90886d..8153d4a96a 100644
--- a/src/lib/libcrypto/ec/ec_local.h
+++ b/src/lib/libcrypto/ec/ec_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_local.h,v 1.24 2023/07/05 08:39:40 tb Exp $ */
+/* $OpenBSD: ec_local.h,v 1.25 2023/07/28 09:28:37 tb Exp $ */
 /*
 * Originally written by Bodo Moeller for the OpenSSL project.
 */
@@ -323,8 +323,8 @@ struct ec_key_method_st {
        int (*set_private)(EC_KEY *key, const BIGNUM *priv_key);
        int (*set_public)(EC_KEY *key, const EC_POINT *pub_key);
        int (*keygen)(EC_KEY *key);
-        int (*compute_key)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
+        int (*compute_key)(unsigned char **out, size_t *out_len,
-            void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
+            const EC_POINT *pub_key, const EC_KEY *ecdh);
        int (*sign)(int type, const unsigned char *dgst, int dlen, unsigned char
            *sig, unsigned int *siglen, const BIGNUM *kinv,
            const BIGNUM *r, EC_KEY *eckey);
@@ -342,8 +342,8 @@ struct ec_key_method_st {
 #define EC_KEY_METHOD_DYNAMIC   1
 int ec_key_gen(EC_KEY *eckey);
-int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
+int ecdh_compute_key(unsigned char **out, size_t *out_len,
-    void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
+    const EC_POINT *pub_key, const EC_KEY *ecdh);
 int ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
    const unsigned char *sigbuf, int sig_len, EC_KEY *eckey);
 int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
author	tb <>	2023-07-28 09:28:37 +0000
committer	tb <>	2023-07-28 09:28:37 +0000
commit	c043ade63ba3d45eacfb953347c00f0988397d9a (patch)
tree	7caeb4b66ea3545dbbf75224b3b77f6e29ea4f22 /src/lib/libcrypto/ec/ec_local.h
parent	2d27f5ba745b8f5de6e3e827829699607f11a54f (diff)
download	openbsd-c043ade63ba3d45eacfb953347c00f0988397d9a.tar.gz openbsd-c043ade63ba3d45eacfb953347c00f0988397d9a.tar.bz2 openbsd-c043ade63ba3d45eacfb953347c00f0988397d9a.zip

diff --git a/src/lib/libcrypto/ec/ec_local.h b/src/lib/libcrypto/ec/ec_local.h index 7a1f90886d..8153d4a96a 100644 --- a/src/lib/libcrypto/ec/ec_local.h +++ b/src/lib/libcrypto/ec/ec_local.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ec_local.h,v 1.24 2023/07/05 08:39:40 tb Exp $ */	1	/* $OpenBSD: ec_local.h,v 1.25 2023/07/28 09:28:37 tb Exp $ */
2	/*	2	/*
3	* Originally written by Bodo Moeller for the OpenSSL project.	3	* Originally written by Bodo Moeller for the OpenSSL project.
4	*/	4	*/
@@ -323,8 +323,8 @@ struct ec_key_method_st {
323	int (set_private)(EC_KEY key, const BIGNUM *priv_key);	323	int (set_private)(EC_KEY key, const BIGNUM *priv_key);
324	int (set_public)(EC_KEY key, const EC_POINT *pub_key);	324	int (set_public)(EC_KEY key, const EC_POINT *pub_key);
325	int (keygen)(EC_KEY key);	325	int (keygen)(EC_KEY key);
326	int (compute_key)(void out, size_t outlen, const EC_POINT pub_key, EC_KEY ecdh,	326	int (compute_key)(unsigned char out, size_t out_len,
327	void (KDF) (const void in, size_t inlen, void out, size_t *outlen));	327	const EC_POINT pub_key, const EC_KEY ecdh);
328	int (sign)(int type, const unsigned char dgst, int dlen, unsigned char	328	int (sign)(int type, const unsigned char dgst, int dlen, unsigned char
329	sig, unsigned int siglen, const BIGNUM *kinv,	329	sig, unsigned int siglen, const BIGNUM *kinv,
330	const BIGNUM r, EC_KEY eckey);	330	const BIGNUM r, EC_KEY eckey);
@@ -342,8 +342,8 @@ struct ec_key_method_st {
342	#define EC_KEY_METHOD_DYNAMIC 1	342	#define EC_KEY_METHOD_DYNAMIC 1
343		343
344	int ec_key_gen(EC_KEY *eckey);	344	int ec_key_gen(EC_KEY *eckey);
345	int ecdh_compute_key(void out, size_t outlen, const EC_POINT pub_key, EC_KEY *ecdh,	345	int ecdh_compute_key(unsigned char *out, size_t out_len,
346	void (KDF) (const void in, size_t inlen, void out, size_t *outlen));	346	const EC_POINT pub_key, const EC_KEY ecdh);
347	int ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,	347	int ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
348	const unsigned char sigbuf, int sig_len, EC_KEY eckey);	348	const unsigned char sigbuf, int sig_len, EC_KEY eckey);
349	int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,	349	int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,