diff options
author | Pauli <paul.dale@oracle.com> | 2018-09-12 09:25:20 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2018-09-12 09:25:20 +1000 |
commit | d6b345708f8f8a04fdb5ca2e58a953b7fec461e1 (patch) | |
tree | d79bb30287965724938fceeaaea0323cd33715d6 /include | |
parent | f88b9b79152b48541b780dfd30bb34e1c7a91e1b (diff) |
Limit the number of AES-GCM keys allowed in TLS. A new error is raised if this
limit is ever reached.
This is a FIPS 140-2 requirement from IG A.5 "Key/IV Pair Uniqueness
Requirements from SP 800-38D".
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7129)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/evperr.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h index 3484fa841d..d2d44c2434 100644 --- a/include/openssl/evperr.h +++ b/include/openssl/evperr.h @@ -21,6 +21,7 @@ int ERR_load_EVP_strings(void); */ # define EVP_F_AESNI_INIT_KEY 165 # define EVP_F_AES_GCM_CTRL 196 +# define EVP_F_AES_GCM_TLS_CIPHER 207 # define EVP_F_AES_INIT_KEY 133 # define EVP_F_AES_OCB_CIPHER 169 # define EVP_F_AES_T4_INIT_KEY 178 @@ -115,6 +116,7 @@ int ERR_load_EVP_strings(void); # define EVP_F_RC2_MAGIC_TO_METH 109 # define EVP_F_RC5_CTRL 125 # define EVP_F_S390X_AES_GCM_CTRL 201 +# define EVP_F_S390X_AES_GCM_TLS_CIPHER 208 # define EVP_F_UPDATE 173 /* @@ -174,6 +176,7 @@ int ERR_load_EVP_strings(void); # define EVP_R_PRIVATE_KEY_DECODE_ERROR 145 # define EVP_R_PRIVATE_KEY_ENCODE_ERROR 146 # define EVP_R_PUBLIC_KEY_NOT_RSA 106 +# define EVP_R_TOO_MANY_RECORDS 183 # define EVP_R_UNKNOWN_CIPHER 160 # define EVP_R_UNKNOWN_DIGEST 161 # define EVP_R_UNKNOWN_OPTION 169 |