summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/kdf (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Adjust EVP_PKEY_CTRL_HKDF_KEY to OpenSSL's semanticstb2023-06-261-2/+9
| | | | | | | | | | | | For some reason there is no NULL check on setting the HKDF key for p2 like in the other cases in the switch, instead OpenSSL fail in memdup, nulling out the key but leaving he key_len at the old value. This looks accidental but our behavior makes some haproxy regress tests segfault. So mimic weird OpenSSL semantics but in addition set the key_len to 0. Reported by Ilya Shipitsin ok jsing
* Make internal header file names consistenttb2022-11-261-2/+2
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Remove mkerr.pl remnants from LibreSSLkn2022-07-122-10/+2
| | | | | | | This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb
* Simplify: freezero() is NULL safe; assign + test in one go, as usual.tb2022-05-051-11/+5
| | | | ok jsing
* Avoid malloc(0) in EVP_PKEY_CTX_set1_hkdf_key()tb2022-05-051-2/+2
| | | | ok jsing
* Securely wipe the entire HKDF_PKEY_CTX instead of only taking care oftb2022-05-051-5/+3
| | | | | | a piece of the embedded info array. ok jsing
* Fix argument order in HKDF and HKDF_extract().tb2022-05-051-5/+5
|
* Ditch #defines for tls1_prf and scrypt. Drop unused errors and massagetb2022-05-052-95/+8
| | | | | | some const. ok beck jsing
* Translate from OpenSSL's HKDF API to BoringSSL API.tb2022-05-051-8/+7
| | | | ok beck jsing
* Remove function codes from errors, i.e., KDFerr(A, B) -> KDFerror(B)tb2022-05-051-5/+5
| | | | ok beck jsing
* Fix typo in previous.tb2022-05-051-2/+2
|
* Inline OPENSSL_memdup() using malloc() + memcpy()tb2022-05-051-3/+5
| | | | ok beck jsing
* Translate OPENSSL_{cleanse,clear_free,free,zalloc}() to libc API.tb2022-05-051-11/+11
| | | | ok beck jsing
* Adjust includes for LibreSSLtb2022-05-051-4/+7
| | | | ok beck jsing
* Use C99 initializres for hkdf_pkey_methtb2022-05-051-26/+10
| | | | ok beck jsing
* Remove OpenSSL versions of HKDF*().tb2022-05-051-117/+1
| | | | ok beck jsing
* Fix includes of the removed kdferr.htb2022-05-052-4/+3
|
* remove accidentally duplicated linetb2022-05-041-2/+1
|
* Whitespace nit (knfmt(1) agrees after inserting an empty line after thetb2022-05-041-4/+5
| | | | variable declaration)
* KNF according to knfmt(1)tb2022-05-042-275/+288
|
* Add RCS tagstb2022-05-043-0/+3
|
* Restore copyright years to 2016-2018 as they were before the previoustb2022-05-042-2/+2
| | | | commit.
* Reinstate the licenses that were replaced with license stubs intb2022-05-042-12/+100
| | | | | OpenSSL commits d2e9e320186f0917cc940f46bdf1a7e4120da9b0 and b6cff313cbb1d0381b329fe4f6a8f009cdb270e4
* Bump copyright years to 2016-2018 as it was before the previous commit.tb2022-05-041-1/+1
|
* Reinstate the license that was replaced with a stub in OpenSSL committb2022-05-041-5/+49
| | | | 21dcbebc6e35419f1842f39a125374ea1ba45693
* Inline kdferr.h at the end of kdf.htb2022-05-042-55/+37
|
* Rename hkdf.c to hkdf_evp.c to avoid a name clash with hkdf/hkdf.ctb2022-05-041-0/+0
|
* Import HKDF code from OpenSSL 1.1.1otb2022-05-044-0/+571
This imports verbatim copies as of the OpenSSL_1_1_1o tag of crypto/kdf/hkdf.c crypto/kdf/hkdf_err.c include/openssl/kdf.h include/openssl/kdferr.h from https://www.github.com/openssl/openssl.git into lib/libcrypto/kdf. We only want the EVP interface to HKDF since some ports need them. Not yet linked to the build since it will not compile. Follow-on commits will add KNF, clean up and make this compile. Tests of an early draft version by abieber and Caspar Schutijser ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-26 23:14:51 +0000