diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-11-16 12:42:18 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-12-02 12:15:05 +1000 |
commit | 89cccbea51fa52a1e4784a9ece35d96e4dcbfd30 (patch) | |
tree | 89cb59183ed18f1e5dd5cb86fed810b04cce466e /providers/common | |
parent | 8018352457cf9c98ce59f1e591fcd69f2153b649 (diff) |
Add EVP_KDF-X942 to the fips module
The X942 KDF had been modified so that it supports all optional fields - not
just the fields used by CMS.
As there are 2 types of KDF for X942 - this has been made a bit clearer
by adding an X942KDF-ASN1 alias. X942KDF-CONCAT has also been added as an
alias of X963KDF.
This work was instigated as a result of the ACVP tests optionally being
able to use keybits for the supp_pubinfo field.
Setting the parameter OSSL_KDF_PARAM_X942_USE_KEYBITS to 0 allows this
to be disabled.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13418)
Diffstat (limited to 'providers/common')
-rw-r--r-- | providers/common/include/prov/providercommonerr.h | 2 | ||||
-rw-r--r-- | providers/common/provider_err.c | 3 |
2 files changed, 5 insertions, 0 deletions
diff --git a/providers/common/include/prov/providercommonerr.h b/providers/common/include/prov/providercommonerr.h index 289a7c6857..ad1bd20c53 100644 --- a/providers/common/include/prov/providercommonerr.h +++ b/providers/common/include/prov/providercommonerr.h @@ -105,6 +105,7 @@ int err_load_PROV_strings_int(void); # define PROV_R_INVALID_MODE_INT 126 # define PROV_R_INVALID_PADDING_MODE 168 # define PROV_R_INVALID_PSS_SALTLEN 169 +# define PROV_R_INVALID_PUBINFO 198 # define PROV_R_INVALID_RSA_KEY 217 # define PROV_R_INVALID_SALT_LENGTH 112 # define PROV_R_INVALID_SEED_LENGTH 154 @@ -112,6 +113,7 @@ int err_load_PROV_strings_int(void); # define PROV_R_INVALID_STATE 212 # define PROV_R_INVALID_TAG 110 # define PROV_R_INVALID_TAGLEN 118 +# define PROV_R_INVALID_UKM_LENGTH 200 # define PROV_R_INVALID_X931_DIGEST 170 # define PROV_R_IN_ERROR_STATE 192 # define PROV_R_KEY_SIZE_TOO_SMALL 171 diff --git a/providers/common/provider_err.c b/providers/common/provider_err.c index 7bf2a55d99..fed6018387 100644 --- a/providers/common/provider_err.c +++ b/providers/common/provider_err.c @@ -104,6 +104,7 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { "invalid padding mode"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PSS_SALTLEN), "invalid pss saltlen"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_PUBINFO), "invalid pubinfo"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_RSA_KEY), "invalid rsa key"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_SALT_LENGTH), "invalid salt length"}, @@ -114,6 +115,8 @@ static const ERR_STRING_DATA PROV_str_reasons[] = { {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_STATE), "invalid state"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAG), "invalid tag"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_TAGLEN), "invalid taglen"}, + {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_UKM_LENGTH), + "invalid ukm length"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_INVALID_X931_DIGEST), "invalid x931 digest"}, {ERR_PACK(ERR_LIB_PROV, 0, PROV_R_IN_ERROR_STATE), "in error state"}, |