-/* $OpenBSD: kdf.h,v 1.8 2022/07/12 14:42:49 kn Exp $ */
+/* $OpenBSD: kdf.h,v 1.9 2024/07/09 16:20:17 tb Exp $ */
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project.
extern "C" {
#endif
+# define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL + 0)
+# define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_TLS_SEED (EVP_PKEY_ALG_CTRL + 2)
+
# define EVP_PKEY_CTRL_HKDF_MD (EVP_PKEY_ALG_CTRL + 3)
# define EVP_PKEY_CTRL_HKDF_SALT (EVP_PKEY_ALG_CTRL + 4)
# define EVP_PKEY_CTRL_HKDF_KEY (EVP_PKEY_ALG_CTRL + 5)
# define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1
# define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2
+
+# define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_TLS_MD, 0, (void *)(md))
+
+# define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)(sec))
+
+# define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \
+ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
+ EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)(seed))
+
+
# define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \
EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md))
# define KDF_F_PKEY_HKDF_CTRL_STR 103
# define KDF_F_PKEY_HKDF_DERIVE 102
# define KDF_F_PKEY_HKDF_INIT 108
+# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100
+# define KDF_F_PKEY_TLS1_PRF_DERIVE 101
+# define KDF_F_PKEY_TLS1_PRF_INIT 110
+# define KDF_F_TLS1_PRF_ALG 111
/*
* KDF reason codes.
*/
+# define KDF_R_INVALID_DIGEST 100
# define KDF_R_MISSING_KEY 104
# define KDF_R_MISSING_MESSAGE_DIGEST 105
+# define KDF_R_MISSING_SECRET 107
+# define KDF_R_MISSING_SEED 106
# define KDF_R_UNKNOWN_PARAMETER_TYPE 103
+# define KDF_R_VALUE_MISSING 102
# ifdef __cplusplus
}
-/* $OpenBSD: kdf_err.c,v 1.10 2024/06/24 06:43:22 tb Exp $ */
+/* $OpenBSD: kdf_err.c,v 1.11 2024/07/09 16:20:17 tb Exp $ */
/* ====================================================================
* Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
{ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"},
{ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"},
{ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"},
+ {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0), "pkey_tls1_prf_ctrl_str"},
+ {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), "pkey_tls1_prf_derive"},
+ {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"},
+ {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "pkey_tls1_prf_alg"},
{0, NULL},
};
static const ERR_STRING_DATA KDF_str_reasons[] = {
+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"},
{ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"},
{ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST),
"missing message digest"},
+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"},
+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"},
{ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE),
"unknown parameter type"},
+ {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"},
{0, NULL},
};
projects / openbsd / commitdiff