diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-01-19 13:57:19 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-01-19 14:00:32 +0000 |
commit | 1eff3485b63f84956b5f212aa4d853783bf6c8b5 (patch) | |
tree | 0514fcea64dc2d2edc7616614b257e88584a6c24 /include | |
parent | 8957728772824c1efd1c5e479d8b60fe6f88e6f5 (diff) | |
download | openssl-1eff3485b63f84956b5f212aa4d853783bf6c8b5.tar.gz |
Add TLS PRF method.
Add EVP_PKEY algorithm for TLS1 PRF.
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/evp.h | 1 | ||||
-rw-r--r-- | include/openssl/kdf.h | 81 | ||||
-rw-r--r-- | include/openssl/obj_mac.h | 4 |
3 files changed, 86 insertions, 0 deletions
diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 80011828cb..2ed9faa24f 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -108,6 +108,7 @@ # define EVP_PKEY_EC NID_X9_62_id_ecPublicKey # define EVP_PKEY_HMAC NID_hmac # define EVP_PKEY_CMAC NID_cmac +# define EVP_PKEY_TLS1_PRF NID_tls1_prf #ifdef __cplusplus extern "C" { diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h new file mode 100644 index 0000000000..96ccf92397 --- /dev/null +++ b/include/openssl/kdf.h @@ -0,0 +1,81 @@ +/* kdf.h */ +/* + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL + * project. + */ +/* ==================================================================== + * Copyright (c) 2016 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + */ + +#ifndef HEADER_KDF_H +# define HEADER_KDF_H + +#ifdef __cplusplus +extern "C" { +#endif + +# define EVP_PKEY_CTRL_TLS_MD (EVP_PKEY_ALG_CTRL) +# define EVP_PKEY_CTRL_TLS_SECRET (EVP_PKEY_ALG_CTRL + 1) +# define EVP_PKEY_CTRL_TLS_SEED (EVP_PKEY_ALG_CTRL + 2) + +# define EVP_PKEY_CTX_set_tls1_prf_md(pctx, md) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_TLS_MD, 0, (void *)md) + +# define EVP_PKEY_CTX_set1_tls1_prf_secret(pctx, sec, seclen) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_TLS_SECRET, seclen, (void *)sec) + +# define EVP_PKEY_CTX_add1_tls1_prf_seed(pctx, seed, seedlen) \ + EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DERIVE, \ + EVP_PKEY_CTRL_TLS_SEED, seedlen, (void *)seed) + +#ifdef __cplusplus +} +#endif +#endif diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 5f21fd5a32..04605e07b1 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -4463,3 +4463,7 @@ #define SN_id_scrypt "id-scrypt" #define NID_id_scrypt 973 #define OBJ_id_scrypt 1L,3L,6L,1L,4L,1L,11591L,4L,11L + +#define SN_tls1_prf "TLS1-PRF" +#define LN_tls1_prf "tls1-prf" +#define NID_tls1_prf 1021 |