From 8a686bdb3ac7d61b6d5f02b9132c4878ae80a7e5 Mon Sep 17 00:00:00 2001
From: Shane Lontis <shane.lontis@oracle.com>
Date: Fri, 5 Feb 2021 17:45:39 +1000
Subject: Change the ASN1 variant of x942kdf so that it can test acvp data.

This 'special' way of specifying the data should only be used for testing
purposes. It should not be used in production environments.
ACVP passes a blob of DER encoded data for some of the fields rather
than passing them as separate fields that need to be DER encoded.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14077)
---
 doc/man7/EVP_KDF-X942-ASN1.pod | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'doc/man7')

diff --git a/doc/man7/EVP_KDF-X942-ASN1.pod b/doc/man7/EVP_KDF-X942-ASN1.pod
index 3c5c3077ca..bc19b27508 100644
--- a/doc/man7/EVP_KDF-X942-ASN1.pod
+++ b/doc/man7/EVP_KDF-X942-ASN1.pod
@@ -34,6 +34,14 @@ These parameters work as described in L<EVP_KDF(3)/PARAMETERS>.
 
 The shared secret used for key derivation.  This parameter sets the secret.
 
+=item "acvp-info" (B<OSSL_KDF_PARAM_X942_ACVPINFO>) <octet string>
+
+This value should not be used in production and should only be used for ACVP
+testing. It is an optional octet string containing a combined DER encoded blob
+of any of the optional fields related to "partyu-info", "partyv-info",
+"supp-pubinfo" and "supp-privinfo". If it is specified then none of these other
+fields should be used.
+
 =item "partyu-info" (B<OSSL_KDF_PARAM_X942_PARTYUINFO>) <octet string>
 
 An optional octet string containing public info contributed by the initiator.
-- 
cgit v1.2.3