Support HMAC with truncated SHA-2 as a PBE PRF

ok jsing

diff --git a/lib/libcrypto/evp/evp_pbe.c b/lib/libcrypto/evp/evp_pbe.c
index 8553478..ed5f97b 100644 (file)
--- a/lib/libcrypto/evp/evp_pbe.c
+++ b/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_pbe.c,v 1.34 2023/12/18 13:12:43 tb Exp $ */
+/* $OpenBSD: evp_pbe.c,v 1.35 2024/01/27 16:17:32 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -216,6 +216,16 @@ static const struct pbe_config pbe_prf[] = {
                .cipher_nid = -1,
                .md_nid = NID_id_tc26_gost3411_2012_512,
        },
+       {
+               .pbe_nid = NID_hmacWithSHA512_224,
+               .cipher_nid = -1,
+               .md_nid = NID_sha512_224,
+       },
+       {
+               .pbe_nid = NID_hmacWithSHA512_256,
+               .cipher_nid = -1,
+               .md_nid = NID_sha512_256,
+       },
 };
 
 #define N_PBE_PRF (sizeof(pbe_prf) / sizeof(pbe_prf[0]))