More error handling to HKDF and one more case in TLS1-PRF (a24a5b8c) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit a24a5b8c authored Jul 22, 2017 by

Johannes Bauer Committed by Dr. Stephen Henson Aug 03, 2017

More error handling to HKDF and one more case in TLS1-PRF



HKDF now handles an invalid digest like TLS1-PRF does (i.e., returns
KDF_R_INVALID_DIGEST if the passed digest is not known). Both KDFs now
set the error code KDF_R_UNKNOWN_PARAMETER_TYPE if a type was passed
that is not recognized. This will have the effect of improving debugging
output in case a user uses "openssl pkeyutl -kdf ..." in a wrong way and
result in an actual error code (instead of just "failure" and an empty
error stack).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3989)

parent e65f6509

Hide whitespace changes

Inline Side-by-side

Please register or to comment