diff options
author | Johannes Bauer <joe@johannes-bauer.com> | 2017-07-22 17:43:05 +0200 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2017-08-03 01:07:52 +0100 |
commit | a24a5b8cc4103ddd69f21c91c7d7372abc270157 (patch) | |
tree | b2c5c51e26c9750efd6578624d4d43f4d603431b /include | |
parent | e65f650922f5aa9b8970a5ff935938ec46281c1a (diff) |
More error handling to HKDF and one more case in TLS1-PRF
HKDF now handles an invalid digest like TLS1-PRF does (i.e., returns
KDF_R_INVALID_DIGEST if the passed digest is not known). Both KDFs now
set the error code KDF_R_UNKNOWN_PARAMETER_TYPE if a type was passed
that is not recognized. This will have the effect of improving debugging
output in case a user uses "openssl pkeyutl -kdf ..." in a wrong way and
result in an actual error code (instead of just "failure" and an empty
error stack).
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3989)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/kdferr.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h index aefdbff105..9c09991bfd 100644 --- a/include/openssl/kdferr.h +++ b/include/openssl/kdferr.h @@ -22,6 +22,7 @@ int ERR_load_KDF_strings(void); /* * KDF function codes. */ +# define KDF_F_PKEY_HKDF_CTRL_STR 103 # define KDF_F_PKEY_HKDF_DERIVE 102 # define KDF_F_PKEY_TLS1_PRF_CTRL_STR 100 # define KDF_F_PKEY_TLS1_PRF_DERIVE 101 @@ -31,6 +32,7 @@ int ERR_load_KDF_strings(void); */ # define KDF_R_INVALID_DIGEST 100 # define KDF_R_MISSING_PARAMETER 101 +# define KDF_R_UNKNOWN_PARAMETER_TYPE 103 # define KDF_R_VALUE_MISSING 102 #endif |