diff options
| author | tb <> | 2024-07-09 16:20:17 +0000 |
|---|---|---|
| committer | tb <> | 2024-07-09 16:20:17 +0000 |
| commit | 10b1fa6f30a06c3faf9686a97b5ee5a9712b4069 (patch) | |
| tree | 2513d1b499041da81e62fd3e7852d66c322a978e | |
| parent | cdffb2b4192b842aaed132678fea681a1a360716 (diff) | |
| download | openbsd-10b1fa6f30a06c3faf9686a97b5ee5a9712b4069.tar.gz openbsd-10b1fa6f30a06c3faf9686a97b5ee5a9712b4069.tar.bz2 openbsd-10b1fa6f30a06c3faf9686a97b5ee5a9712b4069.zip | |
Add various defines for TLS1-PRF
ok jsing
| -rw-r--r-- | src/lib/libcrypto/kdf/kdf.h | 28 | ||||
| -rw-r--r-- | src/lib/libcrypto/kdf/kdf_err.c | 10 |
2 files changed, 36 insertions, 2 deletions
diff --git a/src/lib/libcrypto/kdf/kdf.h b/src/lib/libcrypto/kdf/kdf.h index f823bf99e2..578949cb5c 100644 --- a/src/lib/libcrypto/kdf/kdf.h +++ b/src/lib/libcrypto/kdf/kdf.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kdf.h,v 1.8 2022/07/12 14:42:49 kn Exp $ */ | 1 | /* $OpenBSD: kdf.h,v 1.9 2024/07/09 16:20:17 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 4 | * project. | 4 | * project. |
| @@ -59,6 +59,10 @@ | |||
| 59 | extern "C" { | 59 | extern "C" { |
| 60 | #endif | 60 | #endif |
| 61 | 61 | ||
| 62 | # define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL + 0) | ||
| 63 | # define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1) | ||
| 64 | # define EVP_PKEY_CTRL_TLS_SEED (EVP_PKEY_ALG_CTRL + 2) | ||
| 65 | |||
| 62 | # define EVP_PKEY_CTRL_HKDF_MD (EVP_PKEY_ALG_CTRL + 3) | 66 | # define EVP_PKEY_CTRL_HKDF_MD (EVP_PKEY_ALG_CTRL + 3) |
| 63 | # define EVP_PKEY_CTRL_HKDF_SALT (EVP_PKEY_ALG_CTRL + 4) | 67 | # define EVP_PKEY_CTRL_HKDF_SALT (EVP_PKEY_ALG_CTRL + 4) |
| 64 | # define EVP_PKEY_CTRL_HKDF_KEY (EVP_PKEY_ALG_CTRL + 5) | 68 | # define EVP_PKEY_CTRL_HKDF_KEY (EVP_PKEY_ALG_CTRL + 5) |
| @@ -69,6 +73,20 @@ extern "C" { | |||
| 69 | # define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 | 73 | # define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 |
| 70 | # define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 | 74 | # define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 |
| 71 | 75 | ||
| 76 | |||
| 77 | # define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \ | ||
| 78 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ | ||
| 79 | EVP_PKEY_CTRL_TLS_MD, 0, (void *)(md)) | ||
| 80 | |||
| 81 | # define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \ | ||
| 82 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ | ||
| 83 | EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)(sec)) | ||
| 84 | |||
| 85 | # define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \ | ||
| 86 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ | ||
| 87 | EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)(seed)) | ||
| 88 | |||
| 89 | |||
| 72 | # define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \ | 90 | # define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \ |
| 73 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ | 91 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ |
| 74 | EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md)) | 92 | EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md)) |
| @@ -97,13 +115,21 @@ int ERR_load_KDF_strings(void); | |||
| 97 | # define KDF_F_PKEY_HKDF_CTRL_STR 103 | 115 | # define KDF_F_PKEY_HKDF_CTRL_STR 103 |
| 98 | # define KDF_F_PKEY_HKDF_DERIVE 102 | 116 | # define KDF_F_PKEY_HKDF_DERIVE 102 |
| 99 | # define KDF_F_PKEY_HKDF_INIT 108 | 117 | # define KDF_F_PKEY_HKDF_INIT 108 |
| 118 | # define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100 | ||
| 119 | # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 | ||
| 120 | # define KDF_F_PKEY_TLS1_PRF_INIT 110 | ||
| 121 | # define KDF_F_TLS1_PRF_ALG 111 | ||
| 100 | 122 | ||
| 101 | /* | 123 | /* |
| 102 | * KDF reason codes. | 124 | * KDF reason codes. |
| 103 | */ | 125 | */ |
| 126 | # define KDF_R_INVALID_DIGEST 100 | ||
| 104 | # define KDF_R_MISSING_KEY 104 | 127 | # define KDF_R_MISSING_KEY 104 |
| 105 | # define KDF_R_MISSING_MESSAGE_DIGEST 105 | 128 | # define KDF_R_MISSING_MESSAGE_DIGEST 105 |
| 129 | # define KDF_R_MISSING_SECRET 107 | ||
| 130 | # define KDF_R_MISSING_SEED 106 | ||
| 106 | # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 | 131 | # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 |
| 132 | # define KDF_R_VALUE_MISSING 102 | ||
| 107 | 133 | ||
| 108 | # ifdef __cplusplus | 134 | # ifdef __cplusplus |
| 109 | } | 135 | } |
diff --git a/src/lib/libcrypto/kdf/kdf_err.c b/src/lib/libcrypto/kdf/kdf_err.c index fc38e08136..f0dfd21272 100644 --- a/src/lib/libcrypto/kdf/kdf_err.c +++ b/src/lib/libcrypto/kdf/kdf_err.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: kdf_err.c,v 1.10 2024/06/24 06:43:22 tb Exp $ */ | 1 | /* $OpenBSD: kdf_err.c,v 1.11 2024/07/09 16:20:17 tb Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -64,15 +64,23 @@ static const ERR_STRING_DATA KDF_str_functs[] = { | |||
| 64 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, | 64 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, |
| 65 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, | 65 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, |
| 66 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, | 66 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, |
| 67 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0), "pkey_tls1_prf_ctrl_str"}, | ||
| 68 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), "pkey_tls1_prf_derive"}, | ||
| 69 | {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, | ||
| 70 | {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "pkey_tls1_prf_alg"}, | ||
| 67 | {0, NULL}, | 71 | {0, NULL}, |
| 68 | }; | 72 | }; |
| 69 | 73 | ||
| 70 | static const ERR_STRING_DATA KDF_str_reasons[] = { | 74 | static const ERR_STRING_DATA KDF_str_reasons[] = { |
| 75 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, | ||
| 71 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, | 76 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, |
| 72 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), | 77 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), |
| 73 | "missing message digest"}, | 78 | "missing message digest"}, |
| 79 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, | ||
| 80 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, | ||
| 74 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), | 81 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), |
| 75 | "unknown parameter type"}, | 82 | "unknown parameter type"}, |
| 83 | {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, | ||
| 76 | {0, NULL}, | 84 | {0, NULL}, |
| 77 | }; | 85 | }; |
| 78 | 86 | ||