From b5501fa0cd9316aa0b1055df36aa320fa6fda09e Mon Sep 17 00:00:00 2001 From: tb Date: Tue, 9 Jul 2024 16:20:17 +0000 Subject: [PATCH] Add various defines for TLS1-PRF ok jsing --- lib/libcrypto/kdf/kdf.h | 28 +++++++++++++++++++++++++++- lib/libcrypto/kdf/kdf_err.c | 10 +++++++++- 2 files changed, 36 insertions(+), 2 deletions(-) diff --git a/lib/libcrypto/kdf/kdf.h b/lib/libcrypto/kdf/kdf.h index f823bf99e29..578949cb5c6 100644 --- a/lib/libcrypto/kdf/kdf.h +++ b/lib/libcrypto/kdf/kdf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kdf.h,v 1.8 2022/07/12 14:42:49 kn Exp $ */ +/* $OpenBSD: kdf.h,v 1.9 2024/07/09 16:20:17 tb Exp $ */ /* * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. @@ -59,6 +59,10 @@ extern "C" { #endif +# define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL + 0) +# define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1) +# define EVP_PKEY_CTRL_TLS_SEED (EVP_PKEY_ALG_CTRL + 2) + # define EVP_PKEY_CTRL_HKDF_MD (EVP_PKEY_ALG_CTRL + 3) # define EVP_PKEY_CTRL_HKDF_SALT (EVP_PKEY_ALG_CTRL + 4) # define EVP_PKEY_CTRL_HKDF_KEY (EVP_PKEY_ALG_CTRL + 5) @@ -69,6 +73,20 @@ extern "C" { # define EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY 1 # define EVP_PKEY_HKDEF_MODE_EXPAND_ONLY 2 + +# define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_TLS_MD, 0, (void *)(md)) + +# define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)(sec)) + +# define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)(seed)) + + # define EVP_PKEY_CTX_set_hkdf_md(pctx, md) \ EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ EVP_PKEY_CTRL_HKDF_MD, 0, (void *)(md)) @@ -97,13 +115,21 @@ int ERR_load_KDF_strings(void); # define KDF_F_PKEY_HKDF_CTRL_STR 103 # define KDF_F_PKEY_HKDF_DERIVE 102 # define KDF_F_PKEY_HKDF_INIT 108 +# define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100 +# define KDF_F_PKEY_TLS1_PRF_DERIVE 101 +# define KDF_F_PKEY_TLS1_PRF_INIT 110 +# define KDF_F_TLS1_PRF_ALG 111 /* * KDF reason codes. */ +# define KDF_R_INVALID_DIGEST 100 # define KDF_R_MISSING_KEY 104 # define KDF_R_MISSING_MESSAGE_DIGEST 105 +# define KDF_R_MISSING_SECRET 107 +# define KDF_R_MISSING_SEED 106 # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 +# define KDF_R_VALUE_MISSING 102 # ifdef __cplusplus } diff --git a/lib/libcrypto/kdf/kdf_err.c b/lib/libcrypto/kdf/kdf_err.c index fc38e08136b..f0dfd212720 100644 --- a/lib/libcrypto/kdf/kdf_err.c +++ b/lib/libcrypto/kdf/kdf_err.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kdf_err.c,v 1.10 2024/06/24 06:43:22 tb Exp $ */ +/* $OpenBSD: kdf_err.c,v 1.11 2024/07/09 16:20:17 tb Exp $ */ /* ==================================================================== * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. * @@ -64,15 +64,23 @@ static const ERR_STRING_DATA KDF_str_functs[] = { {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_CTRL_STR, 0), "pkey_hkdf_ctrl_str"}, {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_DERIVE, 0), "pkey_hkdf_derive"}, {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_HKDF_INIT, 0), "pkey_hkdf_init"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0), "pkey_tls1_prf_ctrl_str"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0), "pkey_tls1_prf_derive"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_INIT, 0), "pkey_tls1_prf_init"}, + {ERR_PACK(ERR_LIB_KDF, KDF_F_TLS1_PRF_ALG, 0), "pkey_tls1_prf_alg"}, {0, NULL}, }; static const ERR_STRING_DATA KDF_str_reasons[] = { + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_INVALID_DIGEST), "invalid digest"}, {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_KEY), "missing key"}, {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), "missing message digest"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), "unknown parameter type"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_VALUE_MISSING), "value missing"}, {0, NULL}, }; -- 2.20.1