generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add KDF support to pkeyutl. Update documentation.

Browse Source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2016-03-01 16:29:47 +00:00
parent 8185e649f8
commit 924ec89a24
2 changed files with 63 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
apps/pkeyutl.c
View File

@@ -62,11 +62,12 @@
#include <openssl/pem.h> #include <openssl/pem.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#define KEY_NONE 0
#define KEY_PRIVKEY 1 #define KEY_PRIVKEY 1
#define KEY_PUBKEY 2 #define KEY_PUBKEY 2
#define KEY_CERT 3 #define KEY_CERT 3
static EVP_PKEY_CTX *init_ctx(int *pkeysize, static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize,
const char *keyfile, int keyform, int key_type, const char *keyfile, int keyform, int key_type,
char *passinarg, int pkey_op, ENGINE *e, char *passinarg, int pkey_op, ENGINE *e,
const int impl); const int impl);
@@ -84,7 +85,7 @@ typedef enum OPTION_choice {
OPT_PUBIN, OPT_CERTIN, OPT_ASN1PARSE, OPT_HEXDUMP, OPT_SIGN, OPT_PUBIN, OPT_CERTIN, OPT_ASN1PARSE, OPT_HEXDUMP, OPT_SIGN,
OPT_VERIFY, OPT_VERIFYRECOVER, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT, OPT_VERIFY, OPT_VERIFYRECOVER, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT,
OPT_DERIVE, OPT_SIGFILE, OPT_INKEY, OPT_PEERKEY, OPT_PASSIN, OPT_DERIVE, OPT_SIGFILE, OPT_INKEY, OPT_PEERKEY, OPT_PASSIN,
OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT, OPT_KDF, OPT_KDFLEN
} OPTION_CHOICE; } OPTION_CHOICE;
OPTIONS pkeyutl_options[] = { OPTIONS pkeyutl_options[] = {
@@ -103,6 +104,8 @@ OPTIONS pkeyutl_options[] = {
{"encrypt", OPT_ENCRYPT, '-', "Encrypt input data with public key"}, {"encrypt", OPT_ENCRYPT, '-', "Encrypt input data with public key"},
{"decrypt", OPT_DECRYPT, '-', "Decrypt input data with private key"}, {"decrypt", OPT_DECRYPT, '-', "Decrypt input data with private key"},
{"derive", OPT_DERIVE, '-', "Derive shared secret"}, {"derive", OPT_DERIVE, '-', "Derive shared secret"},
{"kdf", OPT_KDF, 's', "Use KDF algorithm"},
{"kdflen", OPT_KDFLEN, 'p', "KDF algorithm output length"},
{"sigfile", OPT_SIGFILE, '<', "Signature file (verify operation only)"}, {"sigfile", OPT_SIGFILE, '<', "Signature file (verify operation only)"},
{"inkey", OPT_INKEY, 's', "Input private key file"}, {"inkey", OPT_INKEY, 's', "Input private key file"},
{"peerkey", OPT_PEERKEY, 's', "Peer key file used in key derivation"}, {"peerkey", OPT_PEERKEY, 's', "Peer key file used in key derivation"},
@@ -135,6 +138,8 @@ int pkeyutl_main(int argc, char **argv)
size_t buf_outlen; size_t buf_outlen;
const char *inkey = NULL; const char *inkey = NULL;
const char *peerkey = NULL; const char *peerkey = NULL;
const char *kdfalg = NULL;
int kdflen = 0;
STACK_OF(OPENSSL_STRING) *pkeyopts = NULL; STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
prog = opt_init(argc, argv, pkeyutl_options); prog = opt_init(argc, argv, pkeyutl_options);
@@ -211,6 +216,14 @@ int pkeyutl_main(int argc, char **argv)
case OPT_DERIVE: case OPT_DERIVE:
pkey_op = EVP_PKEY_OP_DERIVE; pkey_op = EVP_PKEY_OP_DERIVE;
break; break;
case OPT_KDF:
pkey_op = EVP_PKEY_OP_DERIVE;
key_type = KEY_NONE;
kdfalg = opt_arg();
break;
case OPT_KDFLEN:
kdflen = atoi(opt_arg());
break;
case OPT_REV: case OPT_REV:
rev = 1; rev = 1;
break; break;
@@ -228,11 +241,14 @@ int pkeyutl_main(int argc, char **argv)
if (argc != 0) if (argc != 0)
goto opthelp; goto opthelp;
if (inkey == NULL || if (kdfalg != NULL) {
(peerkey != NULL && pkey_op != EVP_PKEY_OP_DERIVE)) if (kdflen == 0)
goto opthelp;
} else if ((inkey == NULL)
|| (peerkey != NULL && pkey_op != EVP_PKEY_OP_DERIVE)) {
goto opthelp; goto opthelp;
}
ctx = init_ctx(&keysize, inkey, keyform, key_type, ctx = init_ctx(kdfalg, &keysize, inkey, keyform, key_type,
passinarg, pkey_op, e, engine_impl); passinarg, pkey_op, e, engine_impl);
if (ctx == NULL) { if (ctx == NULL) {
BIO_printf(bio_err, "%s: Error initializing context\n", prog); BIO_printf(bio_err, "%s: Error initializing context\n", prog);
@@ -326,8 +342,13 @@ int pkeyutl_main(int argc, char **argv)
BIO_puts(out, "Signature Verification Failure\n"); BIO_puts(out, "Signature Verification Failure\n");
goto end; goto end;
} }
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen, if (kdflen != 0) {
buf_in, (size_t)buf_inlen); buf_outlen = kdflen;
rv = 1;
} else {
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
}
if (rv > 0 && buf_outlen != 0) { if (rv > 0 && buf_outlen != 0) {
buf_out = app_malloc(buf_outlen, "buffer output"); buf_out = app_malloc(buf_outlen, "buffer output");
rv = do_keyop(ctx, pkey_op, rv = do_keyop(ctx, pkey_op,
@@ -360,7 +381,7 @@ int pkeyutl_main(int argc, char **argv)
return ret; return ret;
} }
static EVP_PKEY_CTX *init_ctx(int *pkeysize, static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize,
const char *keyfile, int keyform, int key_type, const char *keyfile, int keyform, int key_type,
char *passinarg, int pkey_op, ENGINE *e, char *passinarg, int pkey_op, ENGINE *e,
const int engine_impl) const int engine_impl)
@@ -373,7 +394,7 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
X509 *x; X509 *x;
if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT) if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
|| (pkey_op == EVP_PKEY_OP_DERIVE)) || (pkey_op == EVP_PKEY_OP_DERIVE))
&& (key_type != KEY_PRIVKEY)) { && (key_type != KEY_PRIVKEY && kdfalg == NULL)) {
BIO_printf(bio_err, "A private key is needed for this operation\n"); BIO_printf(bio_err, "A private key is needed for this operation\n");
goto end; goto end;
} }
@@ -398,21 +419,28 @@ static EVP_PKEY_CTX *init_ctx(int *pkeysize,
} }
break; break;
case KEY_NONE:
break;
} }
*pkeysize = EVP_PKEY_size(pkey);
if (!pkey)
goto end;
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
if (engine_impl) if (engine_impl)
impl = e; impl = e;
#endif #endif
ctx = EVP_PKEY_CTX_new(pkey, impl);
EVP_PKEY_free(pkey); if (kdfalg) {
int kdfnid = OBJ_sn2nid(kdfalg);
if (kdfnid == NID_undef)
goto end;
ctx = EVP_PKEY_CTX_new_id(kdfnid, impl);
} else {
if (pkey == NULL)
goto end;
*pkeysize = EVP_PKEY_size(pkey);
ctx = EVP_PKEY_CTX_new(pkey, impl);
EVP_PKEY_free(pkey);
}
if (ctx == NULL) if (ctx == NULL)
goto end; goto end;

17
doc/apps/pkeyutl.pod
View File

@@ -25,6 +25,8 @@ B<openssl> B<pkeyutl>
[B<-encrypt>] [B<-encrypt>]
[B<-decrypt>] [B<-decrypt>]
[B<-derive>] [B<-derive>]
[B<-kdf algorithm>]
[B<-kdflen length>]
[B<-pkeyopt opt:value>] [B<-pkeyopt opt:value>]
[B<-hexdump>] [B<-hexdump>]
[B<-asn1parse>] [B<-asn1parse>]
@@ -119,6 +121,15 @@ decrypt the input data using a private key.
derive a shared secret using the peer key. derive a shared secret using the peer key.
=item B<-kdf algorithm>
Use key derivation function B<algorithm>. Note: additional paramers
will normally have to be set and the KDF output length for this to work.
=item B<-kdflen length>
Set the ouput length for KDF.
=item B<-pkeyopt opt:value> =item B<-pkeyopt opt:value>
Public key options specified as opt:value. See NOTES below for more details. Public key options specified as opt:value. See NOTES below for more details.
@@ -249,6 +260,12 @@ Derive a shared secret value:
openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
Hexdump 48 bytes of TLS1 PRF using digest B<SHA256> and shared secret and
seed consisting of the single byte 0xFF.
openssl pkeyutl -kdf TLS1-PRF -kdflen 48 -pkeyopt md:SHA256 \
-pkeyopt hexsecret:ff -pkeyopt hexseed:ff -hexdump
=head1 SEE ALSO =head1 SEE ALSO
L<genpkey(1)>, L<pkey(1)>, L<rsautl(1)> L<genpkey(1)>, L<pkey(1)>, L<rsautl(1)>