diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2019-01-04 18:41:21 +1000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-03-19 11:03:45 +0000 |
commit | 9537fe5757bb07761fa275d779bbd40bcf5530e4 (patch) | |
tree | cb748da879a7b00b758b710daed725113b839844 /include/openssl | |
parent | 6098b69e5817068c49e63487d3424b4122a1796d (diff) | |
download | openssl-new-9537fe5757bb07761fa275d779bbd40bcf5530e4.tar.gz |
Single step kdf implementation
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8230)
Diffstat (limited to 'include/openssl')
-rw-r--r-- | include/openssl/kdf.h | 4 | ||||
-rw-r--r-- | include/openssl/kdferr.h | 7 | ||||
-rw-r--r-- | include/openssl/obj_mac.h | 4 |
3 files changed, 15 insertions, 0 deletions
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h index acd94491b3..3a14662800 100644 --- a/include/openssl/kdf.h +++ b/include/openssl/kdf.h @@ -23,6 +23,7 @@ extern "C" { # define EVP_KDF_TLS1_PRF NID_tls1_prf # define EVP_KDF_HKDF NID_hkdf # define EVP_KDF_SSHKDF NID_sshkdf +# define EVP_KDF_SS NID_sskdf EVP_KDF_CTX *EVP_KDF_CTX_new_id(int id); void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); @@ -53,6 +54,9 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); # define EVP_KDF_CTRL_SET_SSHKDF_XCGHASH 0x10 /* unsigned char *, size_t */ # define EVP_KDF_CTRL_SET_SSHKDF_SESSION_ID 0x11 /* unsigned char *, size_t */ # define EVP_KDF_CTRL_SET_SSHKDF_TYPE 0x12 /* int */ +# define EVP_KDF_CTRL_SET_MAC 0x13 /* EVP_MAC * */ +# define EVP_KDF_CTRL_SET_MAC_SIZE 0x14 /* size_t */ +# define EVP_KDF_CTRL_SET_SSKDF_INFO 0x15 /* unsigned char *, size_t */ # define EVP_KDF_HKDF_MODE_EXTRACT_AND_EXPAND 0 # define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1 diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h index 9a1d980dac..bad8f13c42 100644 --- a/include/openssl/kdferr.h +++ b/include/openssl/kdferr.h @@ -56,12 +56,18 @@ int ERR_load_KDF_strings(void); # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 # define KDF_F_PKEY_TLS1_PRF_INIT 110 # define KDF_F_SCRYPT_SET_MEMBUF 129 +# define KDF_F_SSKDF_CTRL_STR 134 +# define KDF_F_SSKDF_DERIVE 135 +# define KDF_F_SSKDF_MAC2CTRL 136 +# define KDF_F_SSKDF_NEW 137 +# define KDF_F_SSKDF_SIZE 138 # define KDF_F_TLS1_PRF_ALG 111 /* * KDF reason codes. */ # define KDF_R_INVALID_DIGEST 100 +# define KDF_R_INVALID_MAC_TYPE 116 # define KDF_R_MISSING_ITERATION_COUNT 109 # define KDF_R_MISSING_KEY 104 # define KDF_R_MISSING_MESSAGE_DIGEST 105 @@ -74,6 +80,7 @@ int ERR_load_KDF_strings(void); # define KDF_R_MISSING_TYPE 114 # define KDF_R_MISSING_XCGHASH 115 # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 +# define KDF_R_UNSUPPORTED_MAC_TYPE 117 # define KDF_R_VALUE_ERROR 108 # define KDF_R_VALUE_MISSING 102 # define KDF_R_WRONG_OUTPUT_BUFFER_SIZE 112 diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index c8cb5ce92d..a0d4eed358 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -5000,6 +5000,10 @@ #define LN_sshkdf "sshkdf" #define NID_sshkdf 1203 +#define SN_sskdf "SSKDF" +#define LN_sskdf "sskdf" +#define NID_sskdf 1205 + #define SN_id_pkinit "id-pkinit" #define NID_id_pkinit 1031 #define OBJ_id_pkinit 1L,3L,6L,1L,5L,2L,3L |