diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-10-28 15:33:05 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-11-11 12:15:18 +1000 |
| commit | 4757a3475191b84954f8fa15202de44c8dbb5ea3 (patch) | |
| tree | 98160f98ca1a238f90f7f7a30da3f3668a512945 /doc | |
| parent | 2c90e80dec299c3307a968ec21838aeabd7bb2c9 (diff) | |
Add support for making all of KBKDF FixedInput fields optional.
Added settable integer parameters OSSL_KDF_PARAM_KBKDF_USE_L, OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR.
This is required for CAVS tests that only use a combined blob of
inputdata. A test showing this use case has been added.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13258)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man7/EVP_KDF-KB.pod | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/doc/man7/EVP_KDF-KB.pod b/doc/man7/EVP_KDF-KB.pod index fdaa483e77..c69a717a3c 100644 --- a/doc/man7/EVP_KDF-KB.pod +++ b/doc/man7/EVP_KDF-KB.pod @@ -21,15 +21,21 @@ The supported parameters are: =over 4 -=item "properties" (B<OSSL_KDF_PARAM_PROPERTIES>) <UTF8 string> - =item "mode" (B<OSSL_KDF_PARAM_MODE>) <UTF8 string> +The mode parameter determines which flavor of KBKDF to use - currently the +choices are "counter" and "feedback". "counter" is the default, and will be +used if unspecified. + =item "mac" (B<OSSL_KDF_PARAM_MAC>) <UTF8 string> +The value is either CMAC or HMAC. + =item "digest" (B<OSSL_KDF_PARAM_DIGEST>) <UTF8 string> -=item "cipher" (B<OSSL_KDF_PARAM_DIGEST>) <UTF8 string> +=item "cipher" (B<OSSL_KDF_PARAM_CIPHER>) <UTF8 string> + +=item "properties" (B<OSSL_KDF_PARAM_PROPERTIES>) <UTF8 string> =item "key" (B<OSSL_KDF_PARAM_KEY>) <octet string> @@ -39,18 +45,30 @@ The supported parameters are: =item "seed" (B<OSSL_KDF_PARAM_SEED>) <octet string> +The seed parameter is unused in counter mode. + +=item "use-l" (B<OSSL_KDF_PARAM_KBKDF_USE_L>) <int> + +Set to B<0> to disable use of the optional Fixed Input data 'L' (see SP800-108). +The default value of B<1> will be used if unspecified. + +=item "use-separator" (B<OSSL_KDF_PARAM_KBKDF_USE_SEPARATOR>) <int> + +Set to B<0> to disable use of the optional Fixed Input data 'zero separator' +(see SP800-108) that is placed between the Label and Context. +The default value of B<1> will be used if unspecified. + =back -The mode parameter determines which flavor of KBKDF to use - currently the -choices are "counter" and "feedback". Counter is the default, and will be -used if unspecified. The seed parameter is unused in counter mode. +Depending on whether mac is CMAC or HMAC, either digest or cipher is required +(respectively) and the other is unused. The parameters key, salt, info, and seed correspond to KI, Label, Context, and IV (respectively) in SP800-108. As in that document, salt, info, and seed are optional and may be omitted. -Depending on whether mac is CMAC or HMAC, either digest or cipher is required -(respectively) and the other is unused. +"mac", "digest", cipher" and "properties" are described in +L<EVP_KDF(3)/PARAMETERS>. =head1 NOTES |