From 96567a222b43298b88e94da77907b25097b1c3e8 Mon Sep 17 00:00:00 2001
From: Theo Buehler <tb@openbsd.org>
Date: Sat, 21 Oct 2023 01:27:47 +0200
Subject: [PATCH] Enable HKDF support for LibreSSL >= 3.6.0

---
 openssl-sys/src/evp.rs     | 28 ++++++++++++++--------------
 openssl-sys/src/obj_mac.rs |  2 ++
 openssl/src/pkey.rs        |  2 +-
 openssl/src/pkey_ctx.rs    | 20 ++++++++++----------
 systest/build.rs           |  5 ++++-
 5 files changed, 31 insertions(+), 26 deletions(-)

diff --git a/openssl-sys/src/evp.rs b/openssl-sys/src/evp.rs
index fcbee00ec6..e317fea35c 100644
--- a/openssl-sys/src/evp.rs
+++ b/openssl-sys/src/evp.rs
@@ -28,7 +28,7 @@ pub const EVP_PKEY_HMAC: c_int = NID_hmac;
 pub const EVP_PKEY_CMAC: c_int = NID_cmac;
 #[cfg(ossl111)]
 pub const EVP_PKEY_POLY1305: c_int = NID_poly1305;
-#[cfg(ossl110)]
+#[cfg(any(ossl110, libressl360))]
 pub const EVP_PKEY_HKDF: c_int = NID_hkdf;
 
 #[cfg(ossl102)]
@@ -201,31 +201,31 @@ pub const EVP_PKEY_CTRL_CIPHER: c_int = 12;
 
 pub const EVP_PKEY_ALG_CTRL: c_int = 0x1000;
 
-#[cfg(ossl111)]
+#[cfg(any(ossl111, libressl360))]
 pub const EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND: c_int = 0;
 
-#[cfg(ossl111)]
+#[cfg(any(ossl111, libressl360))]
 pub const EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY: c_int = 1;
 
-#[cfg(ossl111)]
+#[cfg(any(ossl111, libressl360))]
 pub const EVP_PKEY_HKDEF_MODE_EXPAND_ONLY: c_int = 2;
 
-#[cfg(ossl110)]
+#[cfg(any(ossl110, libressl360))]
 pub const EVP_PKEY_CTRL_HKDF_MD: c_int = EVP_PKEY_ALG_CTRL + 3;
 
-#[cfg(ossl110)]
+#[cfg(any(ossl110, libressl360))]
 pub const EVP_PKEY_CTRL_HKDF_SALT: c_int = EVP_PKEY_ALG_CTRL + 4;
 
-#[cfg(ossl110)]
+#[cfg(any(ossl110, libressl360))]
 pub const EVP_PKEY_CTRL_HKDF_KEY: c_int = EVP_PKEY_ALG_CTRL + 5;
 
-#[cfg(ossl110)]
+#[cfg(any(ossl110, libressl360))]
 pub const EVP_PKEY_CTRL_HKDF_INFO: c_int = EVP_PKEY_ALG_CTRL + 6;
 
-#[cfg(ossl111)]
+#[cfg(any(ossl111, libressl360))]
 pub const EVP_PKEY_CTRL_HKDF_MODE: c_int = EVP_PKEY_ALG_CTRL + 7;
 
-#[cfg(all(ossl111, not(ossl300)))]
+#[cfg(any(all(ossl111, not(ossl300)), libressl360))]
 pub unsafe fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) -> c_int {
     EVP_PKEY_CTX_ctrl(
         ctx,
@@ -237,7 +237,7 @@ pub unsafe fn EVP_PKEY_CTX_set_hkdf_mode(ctx: *mut EVP_PKEY_CTX, mode: c_int) ->
     )
 }
 
-#[cfg(all(ossl110, not(ossl300)))]
+#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
 pub unsafe fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD) -> c_int {
     EVP_PKEY_CTX_ctrl(
         ctx,
@@ -249,7 +249,7 @@ pub unsafe fn EVP_PKEY_CTX_set_hkdf_md(ctx: *mut EVP_PKEY_CTX, md: *const EVP_MD
     )
 }
 
-#[cfg(all(ossl110, not(ossl300)))]
+#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
 pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt(
     ctx: *mut EVP_PKEY_CTX,
     salt: *const u8,
@@ -265,7 +265,7 @@ pub unsafe fn EVP_PKEY_CTX_set1_hkdf_salt(
     )
 }
 
-#[cfg(all(ossl110, not(ossl300)))]
+#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
 pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key(
     ctx: *mut EVP_PKEY_CTX,
     key: *const u8,
@@ -281,7 +281,7 @@ pub unsafe fn EVP_PKEY_CTX_set1_hkdf_key(
     )
 }
 
-#[cfg(all(ossl110, not(ossl300)))]
+#[cfg(any(all(ossl110, not(ossl300)), libressl360))]
 pub unsafe fn EVP_PKEY_CTX_add1_hkdf_info(
     ctx: *mut EVP_PKEY_CTX,
     info: *const u8,
diff --git a/openssl-sys/src/obj_mac.rs b/openssl-sys/src/obj_mac.rs
index 93aa5cdff9..9f4c7c12dd 100644
--- a/openssl-sys/src/obj_mac.rs
+++ b/openssl-sys/src/obj_mac.rs
@@ -928,6 +928,8 @@ pub const NID_X25519: c_int = 950;
 pub const NID_X448: c_int = 1035;
 #[cfg(ossl110)]
 pub const NID_hkdf: c_int = 1036;
+#[cfg(libressl360)]
+pub const NID_hkdf: c_int = 1022;
 #[cfg(ossl111)]
 pub const NID_poly1305: c_int = 1061;
 #[cfg(ossl111)]
diff --git a/openssl/src/pkey.rs b/openssl/src/pkey.rs
index fab4f5d118..ac5989c572 100644
--- a/openssl/src/pkey.rs
+++ b/openssl/src/pkey.rs
@@ -92,7 +92,7 @@ impl Id {
     #[cfg(ossl111)]
     pub const SM2: Id = Id(ffi::EVP_PKEY_SM2);
 
-    #[cfg(any(ossl110, boringssl))]
+    #[cfg(any(ossl110, boringssl, libressl360))]
     pub const HKDF: Id = Id(ffi::EVP_PKEY_HKDF);
 
     #[cfg(any(ossl111, boringssl, libressl370))]
diff --git a/openssl/src/pkey_ctx.rs b/openssl/src/pkey_ctx.rs
index 4ac32a8517..85778e2166 100644
--- a/openssl/src/pkey_ctx.rs
+++ b/openssl/src/pkey_ctx.rs
@@ -80,10 +80,10 @@ use std::convert::TryFrom;
 use std::ptr;
 
 /// HKDF modes of operation.
-#[cfg(ossl111)]
+#[cfg(any(ossl111, libressl360))]
 pub struct HkdfMode(c_int);
 
-#[cfg(ossl111)]
+#[cfg(any(ossl111, libressl360))]
 impl HkdfMode {
     /// This is the default mode. Calling [`derive`][PkeyCtxRef::derive] on a [`PkeyCtxRef`] set up
     /// for HKDF will perform an extract followed by an expand operation in one go. The derived key
@@ -566,7 +566,7 @@ impl<T> PkeyCtxRef<T> {
     ///
     /// Requires OpenSSL 1.1.0 or newer.
     #[corresponds(EVP_PKEY_CTX_set_hkdf_md)]
-    #[cfg(any(ossl110, boringssl))]
+    #[cfg(any(ossl110, boringssl, libressl360))]
     #[inline]
     pub fn set_hkdf_md(&mut self, digest: &MdRef) -> Result<(), ErrorStack> {
         unsafe {
@@ -589,7 +589,7 @@ impl<T> PkeyCtxRef<T> {
     ///
     /// Requires OpenSSL 1.1.1 or newer.
     #[corresponds(EVP_PKEY_CTX_set_hkdf_mode)]
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl360))]
     #[inline]
     pub fn set_hkdf_mode(&mut self, mode: HkdfMode) -> Result<(), ErrorStack> {
         unsafe {
@@ -608,7 +608,7 @@ impl<T> PkeyCtxRef<T> {
     ///
     /// Requires OpenSSL 1.1.0 or newer.
     #[corresponds(EVP_PKEY_CTX_set1_hkdf_key)]
-    #[cfg(any(ossl110, boringssl))]
+    #[cfg(any(ossl110, boringssl, libressl360))]
     #[inline]
     pub fn set_hkdf_key(&mut self, key: &[u8]) -> Result<(), ErrorStack> {
         #[cfg(not(boringssl))]
@@ -633,7 +633,7 @@ impl<T> PkeyCtxRef<T> {
     ///
     /// Requires OpenSSL 1.1.0 or newer.
     #[corresponds(EVP_PKEY_CTX_set1_hkdf_salt)]
-    #[cfg(any(ossl110, boringssl))]
+    #[cfg(any(ossl110, boringssl, libressl360))]
     #[inline]
     pub fn set_hkdf_salt(&mut self, salt: &[u8]) -> Result<(), ErrorStack> {
         #[cfg(not(boringssl))]
@@ -658,7 +658,7 @@ impl<T> PkeyCtxRef<T> {
     ///
     /// Requires OpenSSL 1.1.0 or newer.
     #[corresponds(EVP_PKEY_CTX_add1_hkdf_info)]
-    #[cfg(any(ossl110, boringssl))]
+    #[cfg(any(ossl110, boringssl, libressl360))]
     #[inline]
     pub fn add_hkdf_info(&mut self, info: &[u8]) -> Result<(), ErrorStack> {
         #[cfg(not(boringssl))]
@@ -855,7 +855,7 @@ mod test {
     }
 
     #[test]
-    #[cfg(any(ossl110, boringssl))]
+    #[cfg(any(ossl110, boringssl, libressl360))]
     fn hkdf() {
         let mut ctx = PkeyCtx::new_id(Id::HKDF).unwrap();
         ctx.derive_init().unwrap();
@@ -877,7 +877,7 @@ mod test {
     }
 
     #[test]
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl360))]
     fn hkdf_expand() {
         let mut ctx = PkeyCtx::new_id(Id::HKDF).unwrap();
         ctx.derive_init().unwrap();
@@ -901,7 +901,7 @@ mod test {
     }
 
     #[test]
-    #[cfg(ossl111)]
+    #[cfg(any(ossl111, libressl360))]
     fn hkdf_extract() {
         let mut ctx = PkeyCtx::new_id(Id::HKDF).unwrap();
         ctx.derive_init().unwrap();
diff --git a/systest/build.rs b/systest/build.rs
index 53407eafad..833e09fb5c 100644
--- a/systest/build.rs
+++ b/systest/build.rs
@@ -69,8 +69,11 @@ fn main() {
         .header("openssl/evp.h")
         .header("openssl/x509_vfy.h");
 
-    if libressl_version.is_some() {
+    if let Some(version) = libressl_version {
         cfg.header("openssl/poly1305.h");
+        if version >= 0x30600000 {
+            cfg.header("openssl/kdf.h");
+        }
     }
 
     if let Some(version) = openssl_version {