Add support for openssl3 KDF methods

openssl-sys/src/evp.rs

@@ -52,6 +52,13 @@ cfg_if! {
         }
     }
 }
+cfg_if! {
+    if #[cfg(ossl300)] {
+        extern "C" {
+            pub fn EVP_MD_name(md: *const EVP_MD) -> *const c_char;
+        }
+    }
+}
 
 extern "C" {
     pub fn EVP_DigestInit_ex(ctx: *mut EVP_MD_CTX, typ: *const EVP_MD, imple: *mut ENGINE)
@@ -211,6 +218,22 @@ const_ptr_api! {
     }
 }
 
+cfg_if! {
+    if #[cfg(ossl300)] {
+        extern "C" {
+            pub fn EVP_KDF_fetch(ctx: *mut OSSL_LIB_CTX, name: *const c_char, properties: *const c_char) -> *mut EVP_KDF;
+
+            pub fn EVP_KDF_CTX_new(kdf: *mut EVP_KDF) -> *mut EVP_KDF_CTX;
+            pub fn EVP_KDF_CTX_free(ctx: *mut EVP_KDF_CTX);
+
+            pub fn EVP_KDF_CTX_reset(ctx: *mut EVP_KDF_CTX);
+            pub fn EVP_KDF_CTX_get_kdf_size(ctx: *mut EVP_KDF_CTX) -> size_t;
+            pub fn EVP_KDF_CTX_kdf(ctx: *mut EVP_KDF_CTX) -> *const EVP_KDF;
+            pub fn EVP_KDF_derive(ctx: *mut EVP_KDF_CTX, out: *mut u8, n: size_t, params: *const OSSL_PARAM) -> c_int;
+        }
+    }
+}
+
 extern "C" {
     pub fn EVP_CIPHER_CTX_new() -> *mut EVP_CIPHER_CTX;
     pub fn EVP_CIPHER_CTX_free(ctx: *mut EVP_CIPHER_CTX);

openssl-sys/src/kdf.rs

@@ -0,0 +1,49 @@
+use *;
+
+/* KDF / PRF parameters */
+pub const OSSL_KDF_PARAM_SECRET: *const u8 = b"secret\0" as *const u8;
+pub const OSSL_KDF_PARAM_KEY: *const u8 = b"key\0" as *const u8;
+pub const OSSL_KDF_PARAM_SALT: *const u8 = b"salt\0" as *const u8;
+pub const OSSL_KDF_PARAM_PASSWORD: *const u8 = b"pass\0" as *const u8;
+pub const OSSL_KDF_PARAM_DIGEST: *const u8 = OSSL_ALG_PARAM_DIGEST;
+pub const OSSL_KDF_PARAM_CIPHER: *const u8 = OSSL_ALG_PARAM_CIPHER;
+pub const OSSL_KDF_PARAM_MAC: *const u8 = OSSL_ALG_PARAM_MAC;
+pub const OSSL_KDF_PARAM_MAC_SIZE: *const u8 = b"maclen\0" as *const u8;
+pub const OSSL_KDF_PARAM_PROPERTIES: *const u8 = OSSL_ALG_PARAM_PROPERTIES;
+pub const OSSL_KDF_PARAM_ITER: *const u8 = b"iter\0" as *const u8;
+pub const OSSL_KDF_PARAM_MODE: *const u8 = b"mode\0" as *const u8;
+pub const OSSL_KDF_PARAM_PKCS5: *const u8 = b"pkcs5\0" as *const u8;
+pub const OSSL_KDF_PARAM_UKM: *const u8 = b"ukm\0" as *const u8;
+pub const OSSL_KDF_PARAM_CEK_ALG: *const u8 = b"cekalg\0" as *const u8;
+pub const OSSL_KDF_PARAM_SCRYPT_N: *const u8 = b"n\0" as *const u8;
+pub const OSSL_KDF_PARAM_SCRYPT_R: *const u8 = b"r\0" as *const u8;
+pub const OSSL_KDF_PARAM_SCRYPT_P: *const u8 = b"p\0" as *const u8;
+pub const OSSL_KDF_PARAM_SCRYPT_MAXMEM: *const u8 = b"maxmem_bytes\0" as *const u8;
+pub const OSSL_KDF_PARAM_INFO: *const u8 = b"info\0" as *const u8;
+pub const OSSL_KDF_PARAM_SEED: *const u8 = b"seed\0" as *const u8;
+pub const OSSL_KDF_PARAM_SSHKDF_XCGHASH: *const u8 = b"xcghash\0" as *const u8;
+pub const OSSL_KDF_PARAM_SSHKDF_SESSION_ID: *const u8 = b"session_id\0" as *const u8;
+pub const OSSL_KDF_PARAM_SSHKDF_TYPE: *const u8 = b"type\0" as *const u8;
+pub const OSSL_KDF_PARAM_SIZE: *const u8 = b"size\0" as *const u8;
+pub const OSSL_KDF_PARAM_CONSTANT: *const u8 = b"constant\0" as *const u8;
+pub const OSSL_KDF_PARAM_PKCS12_ID: *const u8 = b"id\0" as *const u8;
+pub const OSSL_KDF_PARAM_KBKDF_USE_L: *const u8 = b"use-l\0" as *const u8;
+pub const OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR: *const u8 = b"use-separator\0" as *const u8;
+pub const OSSL_KDF_PARAM_X942_PARTYUINFO: *const u8 = b"partyu-info\0" as *const u8;
+pub const OSSL_KDF_PARAM_X942_PARTYVINFO: *const u8 = b"partyv-info\0" as *const u8;
+pub const OSSL_KDF_PARAM_X942_SUPP_PUBINFO: *const u8 = b"supp-pubinfo\0" as *const u8;
+pub const OSSL_KDF_PARAM_X942_SUPP_PRIVINFO: *const u8 = b"supp-privinfo\0" as *const u8;
+pub const OSSL_KDF_PARAM_X942_USE_KEYBITS: *const u8 = b"use-keybits\0" as *const u8;
+
+/* Known KDF names */
+pub const OSSL_KDF_NAME_HKDF: *const u8 = b"HKDF\0" as *const u8;
+pub const OSSL_KDF_NAME_PBKDF2: *const u8 = b"PBKDF2\0" as *const u8;
+pub const OSSL_KDF_NAME_SCRYPT: *const u8 = b"SCRYPT\0" as *const u8;
+pub const OSSL_KDF_NAME_SSHKDF: *const u8 = b"SSHKDF\0" as *const u8;
+pub const OSSL_KDF_NAME_SSKDF: *const u8 = b"SSKDF\0" as *const u8;
+pub const OSSL_KDF_NAME_TLS1_PRF: *const u8 = b"TLS1-PRF\0" as *const u8;
+pub const OSSL_KDF_NAME_X942KDF_ASN1: *const u8 = b"X942KDF-ASN1\0" as *const u8;
+pub const OSSL_KDF_NAME_X942KDF_CONCAT: *const u8 = b"X942KDF-CONCAT\0" as *const u8;
+pub const OSSL_KDF_NAME_X963KDF: *const u8 = b"X963KDF\0" as *const u8;
+pub const OSSL_KDF_NAME_KBKDF: *const u8 = b"KBKDF\0" as *const u8;
+pub const OSSL_KDF_NAME_KRB5KDF: *const u8 = b"KRB5KDF\0" as *const u8;

openssl-sys/src/lib.rs

@@ -30,10 +30,14 @@ pub use ec::*;
 pub use err::*;
 pub use evp::*;
 pub use hmac::*;
+#[cfg(ossl300)]
+pub use kdf::*;
 pub use obj_mac::*;
 pub use object::*;
 pub use ocsp::*;
 pub use ossl_typ::*;
+#[cfg(ossl300)]
+pub use params::*;
 pub use pem::*;
 pub use pkcs12::*;
 pub use pkcs7::*;
@@ -67,10 +71,14 @@ mod ec;
 mod err;
 mod evp;
 mod hmac;
+#[cfg(ossl300)]
+mod kdf;
 mod obj_mac;
 mod object;
 mod ocsp;
 mod ossl_typ;
+#[cfg(ossl300)]
+mod params;
 mod pem;
 mod pkcs12;
 mod pkcs7;

openssl-sys/src/ossl_typ.rs

@@ -1,3 +1,5 @@
+use std::ptr;
+
 use libc::*;
 
 #[allow(unused_imports)]
@@ -123,6 +125,17 @@ cfg_if! {
     }
 }
 
+cfg_if! {
+    if #[cfg(ossl300)] {
+        pub enum EVP_KDF {}
+        #[repr(C)]
+        pub struct EVP_KDF_CTX {
+            pub ameth: *const EVP_KDF,
+            pub data: *mut c_void,
+        }
+    }
+}
+
 pub enum PKCS8_PRIV_KEY_INFO {}
 
 pub enum EVP_PKEY_ASN1_METHOD {}
@@ -1032,3 +1045,23 @@ cfg_if! {
 }
 
 pub enum OCSP_RESPONSE {}
+
+cfg_if! {
+    if #[cfg(ossl300)] {
+        #[repr(C)]
+        pub struct OSSL_PARAM {
+            pub key: *const c_char,
+            pub data_type: c_uint,
+            pub data: *mut c_void,
+            pub data_size: size_t,
+            pub return_size: size_t,
+        }
+        pub const OSSL_PARAM_END: ossl_typ::OSSL_PARAM = OSSL_PARAM { key: ptr::null(), data_type: 0, data: ptr::null_mut(), data_size: 0, return_size: 0};
+    }
+}
+
+cfg_if! {
+    if #[cfg(ossl300)] {
+        pub enum OSSL_LIB_CTX {}
+    }
+}

openssl-sys/src/params.rs

@@ -0,0 +1,109 @@
+use libc::*;
+use *;
+
+extern "C" {
+    pub fn OSSL_PARAM_get_int(p: *const OSSL_PARAM, val: *mut c_int) -> c_int;
+    pub fn OSSL_PARAM_get_uint(p: *const OSSL_PARAM, val: *mut c_uint) -> c_int;
+    pub fn OSSL_PARAM_get_long(p: *const OSSL_PARAM, val: *mut c_long) -> c_int;
+    pub fn OSSL_PARAM_get_ulong(p: *const OSSL_PARAM, val: *mut c_ulong) -> c_int;
+    pub fn OSSL_PARAM_get_int32(p: *const OSSL_PARAM, val: *mut i32) -> c_int;
+    pub fn OSSL_PARAM_get_uint32(p: *const OSSL_PARAM, val: *mut u32) -> c_int;
+    pub fn OSSL_PARAM_get_int64(p: *const OSSL_PARAM, val: *mut i64) -> c_int;
+    pub fn OSSL_PARAM_get_uint64(p: *const OSSL_PARAM, val: *mut u64) -> c_int;
+    pub fn OSSL_PARAM_get_size_t(p: *const OSSL_PARAM, val: *mut size_t) -> c_int;
+    pub fn OSSL_PARAM_get_time_t(p: *const OSSL_PARAM, val: *mut time_t) -> c_int;
+
+    pub fn OSSL_PARAM_set_int(p: *mut OSSL_PARAM, val: c_int) -> c_int;
+    pub fn OSSL_PARAM_set_uint(p: *mut OSSL_PARAM, val: c_uint) -> c_int;
+    pub fn OSSL_PARAM_set_long(p: *mut OSSL_PARAM, val: c_long) -> c_int;
+    pub fn OSSL_PARAM_set_ulong(p: *mut OSSL_PARAM, val: c_ulong) -> c_int;
+    pub fn OSSL_PARAM_set_int32(p: *mut OSSL_PARAM, val: i32) -> c_int;
+    pub fn OSSL_PARAM_set_uint32(p: *mut OSSL_PARAM, val: u32) -> c_int;
+    pub fn OSSL_PARAM_set_int64(p: *mut OSSL_PARAM, val: i64) -> c_int;
+    pub fn OSSL_PARAM_set_uint64(p: *mut OSSL_PARAM, val: u64) -> c_int;
+    pub fn OSSL_PARAM_set_size_t(p: *mut OSSL_PARAM, val: size_t) -> c_int;
+    pub fn OSSL_PARAM_set_time_t(p: *mut OSSL_PARAM, val: time_t) -> c_int;
+
+    pub fn OSSL_PARAM_get_BN(p: *const OSSL_PARAM, val: *mut *mut BIGNUM) -> c_int;
+    pub fn OSSL_PARAM_set_BN(p: *mut OSSL_PARAM, val: *const *mut BIGNUM) -> c_int;
+
+    pub fn OSSL_PARAM_get_utf8_string(
+        p: *const OSSL_PARAM,
+        val: *mut *mut c_char,
+        max_len: size_t,
+    ) -> c_int;
+    pub fn OSSL_PARAM_set_utf8_string(p: *mut OSSL_PARAM, val: *const c_char) -> c_int;
+
+    pub fn OSSL_PARAM_get_octet_string(
+        p: *const OSSL_PARAM,
+        val: *mut *mut c_void,
+        max_len: size_t,
+        used_len: *mut size_t,
+    ) -> c_int;
+    pub fn OSSL_PARAM_set_octet_string(
+        p: *mut OSSL_PARAM,
+        val: *const c_void,
+        len: size_t,
+    ) -> c_int;
+
+    pub fn OSSL_PARAM_get_utf8_ptr(p: *const OSSL_PARAM, val: *mut *const c_char) -> c_int;
+    pub fn OSSL_PARAM_set_utf8_ptr(p: *mut OSSL_PARAM, val: *const c_char) -> c_int;
+
+    pub fn OSSL_PARAM_get_octet_ptr(
+        p: *const OSSL_PARAM,
+        val: *mut *const c_void,
+        used_len: *const size_t,
+    ) -> c_int;
+    pub fn OSSL_PARAM_set_octet_ptr(
+        p: *mut OSSL_PARAM,
+        val: *const c_void,
+        used_len: size_t,
+    ) -> c_int;
+
+    pub fn OSSL_PARAM_get_utf8_string_ptr(p: *const OSSL_PARAM, val: *mut *const c_char) -> c_int;
+    pub fn OSSL_PARAM_get_octet_string_ptr(
+        p: *const OSSL_PARAM,
+        val: *mut *const c_void,
+        used_len: *mut size_t,
+    ) -> c_int;
+
+    pub fn OSSL_PARAM_construct_int(key: *const c_char, buf: *mut c_int) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_uint(key: *const c_char, buf: *mut c_uint) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_long(key: *const c_char, buf: *mut c_long) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_ulong(key: *const c_char, buf: *mut c_ulong) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_int32(key: *const c_char, buf: *mut i32) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_uint32(key: *const c_char, buf: *mut u32) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_int64(key: *const c_char, buf: *mut i64) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_uint64(key: *const c_char, buf: *mut u64) -> OSSL_PARAM;
+
+    pub fn OSSL_PARAM_construct_size_t(key: *const c_char, buf: *mut size_t) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_time_t(key: *const c_char, buf: *mut time_t) -> OSSL_PARAM;
+
+    pub fn OSSL_PARAM_construct_utf8_string(
+        key: *const c_char,
+        buf: *mut c_char,
+        bsize: size_t,
+    ) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_utf8_ptr(
+        key: *const c_char,
+        buf: *mut *mut c_char,
+        bsize: size_t,
+    ) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_octet_string(
+        key: *const c_char,
+        buf: *mut c_void,
+        bsize: size_t,
+    ) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_octet_ptr(
+        key: *const c_char,
+        buf: *mut *mut c_void,
+        bsize: size_t,
+    ) -> OSSL_PARAM;
+    pub fn OSSL_PARAM_construct_end() -> OSSL_PARAM;
+}
+
+pub const OSSL_ALG_PARAM_DIGEST: *const u8 = b"digest\0" as *const u8;
+pub const OSSL_ALG_PARAM_CIPHER: *const u8 = b"cipher\0" as *const u8;
+pub const OSSL_ALG_PARAM_ENGINE: *const u8 = b"engine\0" as *const u8;
+pub const OSSL_ALG_PARAM_MAC: *const u8 = b"mac\0" as *const u8;
+pub const OSSL_ALG_PARAM_PROPERTIES: *const u8 = b"properties\0" as *const u8;