diff options
| author | Alessandro Ghedini <alessandro@ghedini.me> | 2016-03-02 23:58:27 +0000 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2016-03-03 18:21:20 -0500 |
| commit | aacfb134be2a88211b79dc53bb5bd0e422dbb60d (patch) | |
| tree | 5b247240da2fcc6e55e00a6296e0cc0ad3eb8fc5 /crypto/objects | |
| parent | b894054e3f7de6c64b505006395aa24b30928e97 (diff) | |
GH355: Implement HKDF
This patch implements the HMAC-based Extract-and-Expand Key Derivation
Function (HKDF) as defined in RFC 5869.
It is required to implement the QUIC and TLS 1.3 protocols (among others).
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Diffstat (limited to 'crypto/objects')
| -rw-r--r-- | crypto/objects/obj_dat.h | 9 | ||||
| -rw-r--r-- | crypto/objects/obj_mac.num | 1 | ||||
| -rw-r--r-- | crypto/objects/objects.txt | 3 |
3 files changed, 10 insertions, 3 deletions
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index e5c5963d8b..0528dfb9cb 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -60,9 +60,9 @@ * [including the GNU Public Licence.] */ -#define NUM_NID 1036 -#define NUM_SN 1029 -#define NUM_LN 1029 +#define NUM_NID 1037 +#define NUM_SN 1030 +#define NUM_LN 1030 #define NUM_OBJ 951 static const unsigned char lvalues[6722]={ @@ -2704,6 +2704,7 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={ {"pkInitKDC","Signing KDC Response",NID_pkInitKDC,7,&(lvalues[6696]),0}, {"X25519","X25519",NID_X25519,9,&(lvalues[6703]),0}, {"X448","X448",NID_X448,9,&(lvalues[6712]),0}, +{"HKDF","hkdf",NID_hkdf,0,NULL,0}, }; static const unsigned int sn_objs[NUM_SN]={ @@ -2813,6 +2814,7 @@ static const unsigned int sn_objs[NUM_SN]={ 67, /* "DSA-old" */ 297, /* "DVCS" */ 99, /* "GN" */ +1036, /* "HKDF" */ 855, /* "HMAC" */ 780, /* "HMAC-MD5" */ 781, /* "HMAC-SHA1" */ @@ -4152,6 +4154,7 @@ static const unsigned int ln_objs[NUM_LN]={ 1012, /* "grasshopper-ecb" */ 1017, /* "grasshopper-mac" */ 1014, /* "grasshopper-ofb" */ +1036, /* "hkdf" */ 855, /* "hmac" */ 780, /* "hmac-md5" */ 781, /* "hmac-sha1" */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index e981a057ce..ce8e8ec28a 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1033,3 +1033,4 @@ pkInitClientAuth 1032 pkInitKDC 1033 X25519 1034 X448 1035 +hkdf 1036 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 14e68e384c..9d04a63431 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1444,6 +1444,9 @@ secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme # NID for TLS1 PRF : TLS1-PRF : tls1-prf +# NID for HKDF + : HKDF : hkdf + # RFC 4556 1 3 6 1 5 2 3 : id-pkinit id-pkinit 4 : pkInitClientAuth : PKINIT Client Auth |