diff options
author | Stephen Farrell <stephen.farrell@cs.tcd.ie> | 2023-10-16 21:04:06 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-11-03 09:10:50 +0100 |
commit | 2a4f8da45c73cff771ae45de46ef73095a6ca29e (patch) | |
tree | 11529a01d3586f9fda24f189ddc1ede71f35f1ab /include | |
parent | 96e58e32ffd7deaf5184d5e502b476554d39216b (diff) |
Add additional internal HPKE hardening checks resulting from code audit.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22493)
(cherry picked from commit a1c0306895bf6cf28056aaf9cd22cb3b65d4bb0a)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/evp.h | 1 | ||||
-rw-r--r-- | include/openssl/hpke.h | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/include/openssl/evp.h b/include/openssl/evp.h index dbe6c72969..ea7620d631 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -35,6 +35,7 @@ # define EVP_MAX_KEY_LENGTH 64 # define EVP_MAX_IV_LENGTH 16 # define EVP_MAX_BLOCK_LENGTH 32 +# define EVP_MAX_AEAD_TAG_LENGTH 16 # define PKCS5_SALT_LEN 8 /* Default PKCS#5 iteration count */ diff --git a/include/openssl/hpke.h b/include/openssl/hpke.h index 1bb9ada3c4..af637ac61a 100644 --- a/include/openssl/hpke.h +++ b/include/openssl/hpke.h @@ -26,6 +26,7 @@ * Appendix A.6.1 with a 66 octet IKM so we'll allow that. */ # define OSSL_HPKE_MAX_PARMLEN 66 +# define OSSL_HPKE_MIN_PSKLEN 32 # define OSSL_HPKE_MAX_INFOLEN 1024 /* |