Loading crypto/kdf/tls1_prf.c +26 −1 Original line number Diff line number Diff line Loading @@ -138,6 +138,31 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) } } static int pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) { if (value == NULL) return 0; if (strcmp(type, "md") == 0) { TLS1_PRF_PKEY_CTX *kctx = ctx->data; const EVP_MD *md = EVP_get_digestbyname(value); if (md == NULL) return 0; kctx->md = md; return 1; } if (strcmp(type, "secret") == 0) return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); if (strcmp(type, "hexsecret") == 0) return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); if (strcmp(type, "seed") == 0) return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); if (strcmp(type, "hexseed") == 0) return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); return -2; } static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) { Loading Loading @@ -176,7 +201,7 @@ const EVP_PKEY_METHOD tls1_prf_pkey_meth = { 0, pkey_tls1_prf_derive, pkey_tls1_prf_ctrl, 0 pkey_tls1_prf_ctrl_str }; static int tls1_prf_P_hash(const EVP_MD *md, Loading doc/crypto/EVP_PKEY_TLS1_PRF.pod +10 −1 Original line number Diff line number Diff line Loading @@ -33,6 +33,14 @@ and any seed is reset. EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to B<seedlen> bytes of B<seed>. If a seed is already set it is appended to the existing value. =head1 STRING CTRLS The TLS PRF also supports string based control operations using EVP_PKEY_CTX_ctrl_str(). The B<type> parameters "secret" and "seed" use the supplied B<value> parameter as a secret or seed value. The names "hexsecret" and "hexseed" are similar except they take a hex string which is converted to binary. =head1 NOTES All these functions are implemented as macros. Loading Loading @@ -82,6 +90,7 @@ and seed value "seed": =head1 SEE ALSO L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_derive(3)>, L<EVP_PKEY_CTX_ctrl(3)>, L<EVP_PKEY_derive(3)> =cut Loading
crypto/kdf/tls1_prf.c +26 −1 Original line number Diff line number Diff line Loading @@ -138,6 +138,31 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) } } static int pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, const char *value) { if (value == NULL) return 0; if (strcmp(type, "md") == 0) { TLS1_PRF_PKEY_CTX *kctx = ctx->data; const EVP_MD *md = EVP_get_digestbyname(value); if (md == NULL) return 0; kctx->md = md; return 1; } if (strcmp(type, "secret") == 0) return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); if (strcmp(type, "hexsecret") == 0) return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value); if (strcmp(type, "seed") == 0) return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); if (strcmp(type, "hexseed") == 0) return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value); return -2; } static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen) { Loading Loading @@ -176,7 +201,7 @@ const EVP_PKEY_METHOD tls1_prf_pkey_meth = { 0, pkey_tls1_prf_derive, pkey_tls1_prf_ctrl, 0 pkey_tls1_prf_ctrl_str }; static int tls1_prf_P_hash(const EVP_MD *md, Loading
doc/crypto/EVP_PKEY_TLS1_PRF.pod +10 −1 Original line number Diff line number Diff line Loading @@ -33,6 +33,14 @@ and any seed is reset. EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to B<seedlen> bytes of B<seed>. If a seed is already set it is appended to the existing value. =head1 STRING CTRLS The TLS PRF also supports string based control operations using EVP_PKEY_CTX_ctrl_str(). The B<type> parameters "secret" and "seed" use the supplied B<value> parameter as a secret or seed value. The names "hexsecret" and "hexseed" are similar except they take a hex string which is converted to binary. =head1 NOTES All these functions are implemented as macros. Loading Loading @@ -82,6 +90,7 @@ and seed value "seed": =head1 SEE ALSO L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_derive(3)>, L<EVP_PKEY_CTX_ctrl(3)>, L<EVP_PKEY_derive(3)> =cut
Rich Salz <rsalz@openssl.org>Rich Salz <rsalz@openssl.org>