prevent HPKE sender setting seq unwisely

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19840)
author: Stephen Farrell <stephen.farrell@cs.tcd.ie> 2022-12-07 21:36:46 +0000
committer: Tomas Mraz <tomas@openssl.org> 2022-12-08 10:59:03 +0100
commit: cae72eefc3fbdd2f7a1a065f237bf3943619bca2 (patch)
tree: cba00a2de71c008076d5ed7f3afaecd370422444 /include
parent: fc93335760686ad7cf3633d457caf18b0ac83ea2 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/include/openssl/hpke.h b/include/openssl/hpke.h
index d38c3e3703..7b1419e66c 100644
--- a/include/openssl/hpke.h
+++ b/include/openssl/hpke.h
@@ -65,6 +65,13 @@
 # define OSSL_HPKE_AEADSTR_CP         "chacha20-poly1305"  /* AEAD id 3 */
 # define OSSL_HPKE_AEADSTR_EXP        "exporter"           /* AEAD id 0xff */
 
+/*
+ * Roles for use in creating an OSSL_HPKE_CTX, most
+ * important use of this is to control nonce re-use.
+ */
+# define OSSL_HPKE_ROLE_SENDER 0
+# define OSSL_HPKE_ROLE_RECEIVER 1
+
 typedef struct {
     uint16_t    kem_id; /* Key Encapsulation Method id */
     uint16_t    kdf_id; /* Key Derivation Function id */
@@ -84,7 +91,7 @@ typedef struct {
 
 typedef struct ossl_hpke_ctx_st OSSL_HPKE_CTX;
 
-OSSL_HPKE_CTX *OSSL_HPKE_CTX_new(int mode, OSSL_HPKE_SUITE suite,
+OSSL_HPKE_CTX *OSSL_HPKE_CTX_new(int mode, OSSL_HPKE_SUITE suite, int role,
                                  OSSL_LIB_CTX *libctx, const char *propq);
 void OSSL_HPKE_CTX_free(OSSL_HPKE_CTX *ctx);
author	Stephen Farrell <stephen.farrell@cs.tcd.ie>	2022-12-07 21:36:46 +0000
committer	Tomas Mraz <tomas@openssl.org>	2022-12-08 10:59:03 +0100
commit	cae72eefc3fbdd2f7a1a065f237bf3943619bca2 (patch)
tree	cba00a2de71c008076d5ed7f3afaecd370422444 /include
parent	fc93335760686ad7cf3633d457caf18b0ac83ea2 (diff)