krb5kdf: implement ctx dup operation

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/17572)

providers/implementations/kdfs/krb5kdf.c

@@ -34,6 +34,7 @@
 /* KRB5 KDF defined in RFC 3961, Section 5.1 */
 
 static OSSL_FUNC_kdf_newctx_fn krb5kdf_new;
+static OSSL_FUNC_kdf_dupctx_fn krb5kdf_dup;
 static OSSL_FUNC_kdf_freectx_fn krb5kdf_free;
 static OSSL_FUNC_kdf_reset_fn krb5kdf_reset;
 static OSSL_FUNC_kdf_derive_fn krb5kdf_derive;
@@ -102,6 +103,27 @@ static int krb5kdf_set_membuf(unsigned char **dst, size_t *dst_len,
     return OSSL_PARAM_get_octet_string(p, (void **)dst, 0, dst_len);
 }
 
+static void *krb5kdf_dup(void *vctx)
+{
+    const KRB5KDF_CTX *src = (const KRB5KDF_CTX *)vctx;
+    KRB5KDF_CTX *dest;
+
+    dest = krb5kdf_new(src->provctx);
+    if (dest != NULL) {
+        if (!ossl_prov_memdup(src->key, src->key_len,
+                              &dest->key, &dest->key_len)
+                || !ossl_prov_memdup(src->constant, src->constant_len,
+                                     &dest->constant , &dest->constant_len)
+                || !ossl_prov_cipher_copy(&dest->cipher, &src->cipher))
+            goto err;
+    }
+    return dest;
+
+ err:
+    krb5kdf_free(dest);
+    return NULL;
+}
+
 static int krb5kdf_derive(void *vctx, unsigned char *key, size_t keylen,
                           const OSSL_PARAM params[])
 {
@@ -198,6 +220,7 @@ static const OSSL_PARAM *krb5kdf_gettable_ctx_params(ossl_unused void *ctx,
 
 const OSSL_DISPATCH ossl_kdf_krb5kdf_functions[] = {
     { OSSL_FUNC_KDF_NEWCTX, (void(*)(void))krb5kdf_new },
+    { OSSL_FUNC_KDF_DUPCTX, (void(*)(void))krb5kdf_dup },
     { OSSL_FUNC_KDF_FREECTX, (void(*)(void))krb5kdf_free },
     { OSSL_FUNC_KDF_RESET, (void(*)(void))krb5kdf_reset },
     { OSSL_FUNC_KDF_DERIVE, (void(*)(void))krb5kdf_derive },