diff options
author | Hubert Kario <hkario@redhat.com> | 2021-08-05 22:41:11 +0200 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2022-05-18 17:08:48 +0200 |
commit | c73ba81899c291d60851321e6de8913d4800c456 (patch) | |
tree | 5a23cb746d7b4b20fe0cc70541c757f9af75373e /crypto/evp | |
parent | 8b97bfcccc4328c65156bff6886db8733df39fde (diff) |
add support for SHA-3 based PRF to PBES2
As there are no limitations for HMACs used in PBKDF2 inside PBES2,
as more specifically the SHA-3 hashes are drop-in replacements for
SHA-2 hashes, we can easily add support for SHA-3 here.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16237)
Diffstat (limited to 'crypto/evp')
-rw-r--r-- | crypto/evp/evp_pbe.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index e19b781645..991ae2bd6c 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -77,6 +77,10 @@ static const EVP_PBE_CTL builtin_pbe[] = { NID_id_GostR3411_2012_256, 0}, {EVP_PBE_TYPE_PRF, NID_id_tc26_hmac_gost_3411_2012_512, -1, NID_id_GostR3411_2012_512, 0}, + {EVP_PBE_TYPE_PRF, NID_hmac_sha3_224, -1, NID_sha3_224, 0}, + {EVP_PBE_TYPE_PRF, NID_hmac_sha3_256, -1, NID_sha3_256, 0}, + {EVP_PBE_TYPE_PRF, NID_hmac_sha3_384, -1, NID_sha3_384, 0}, + {EVP_PBE_TYPE_PRF, NID_hmac_sha3_512, -1, NID_sha3_512, 0}, {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512_224, -1, NID_sha512_224, 0}, {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512_256, -1, NID_sha512_256, 0}, {EVP_PBE_TYPE_KDF, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen, &PKCS5_v2_PBKDF2_keyivgen_ex}, |