/* * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html *//* An OpenSSL-based HPKE implementation of RFC9180 */#include<string.h>#include<openssl/rand.h>#include<openssl/kdf.h>#include<openssl/core_names.h>#include<openssl/hpke.h>#include<openssl/sha.h>#include<openssl/evp.h>#include<openssl/err.h>#include"internal/hpke_util.h"#include"internal/nelem.h"/** default buffer size for keys and internal buffers we use */#define OSSL_HPKE_MAXSIZE 512/* Define HPKE labels from RFC9180 in hex for EBCDIC compatibility *//* "HPKE" - "suite_id" label for section 5.1 */staticconstcharOSSL_HPKE_SEC51LABEL[]="\x48\x50\x4b\x45";/* "psk_id_hash" - in key_schedule_context */staticconstcharOSSL_HPKE_PSKIDHASH_LABEL[]="\x70\x73\x6b\x5f\x69\x64\x5f\x68\x61\x73\x68";/* "info_hash" - in key_schedule_context */staticconstcharOSSL_HPKE_INFOHASH_LABEL[]="\x69\x6e\x66\x6f\x5f\x68\x61\x73\x68";/* "base_nonce" - base nonce calc label */staticconstcharOSSL_HPKE_NONCE_LABEL[]="\x62\x61\x73\x65\x5f\x6e\x6f\x6e\x63\x65";/* "exp" - internal exporter secret generation label */staticconstcharOSSL_HPKE_EXP_LABEL[]="\x65\x78\x70";/* "sec" - external label for exporting secret */staticconstcharOSSL_HPKE_EXP_SEC_LABEL[]="\x73\x65\x63";/* "key" - label for use when generating key from shared secret */staticconstchar