Add string ctrl operations to TLS1 PRF, update documentation.

Reviewed-by: N Rich Salz <rsalz@openssl.org>

Add string ctrl operations to TLS1 PRF, update documentation.
Reviewed-by: N Rich Salz <rsalz@openssl.org>
4e8cb45c · Dr. Stephen Henson · cd8e4dec · 4e8cb45c · 4e8cb45c
隐藏空白更改
内联并排

Showing with 36 addition and 2 deletion

crypto/kdf/tls1_prf.c crypto/kdf/tls1_prf.c +26 -1

doc/crypto/EVP_PKEY_TLS1_PRF.pod doc/crypto/EVP_PKEY_TLS1_PRF.pod +10 -1

未找到文件。
--- a/crypto/kdf/tls1_prf.c
+++ b/crypto/kdf/tls1_prf.c
@@ -138,6 +138,31 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
    }
 }

+static int pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx,
+                                  const char *type, const char *value)
+{
+    if (value == NULL)
+        return 0;
+    if (strcmp(type, "md") == 0) {
+        TLS1_PRF_PKEY_CTX *kctx = ctx->data;
+
+        const EVP_MD *md = EVP_get_digestbyname(value);
+        if (md == NULL)
+            return 0;
+        kctx->md = md;
+        return 1;
+    }
+    if (strcmp(type, "secret") == 0)
+        return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value);
+    if (strcmp(type, "hexsecret") == 0)
+        return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SECRET, value);
+    if (strcmp(type, "seed") == 0)
+        return EVP_PKEY_CTX_str2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value);
+    if (strcmp(type, "hexseed") == 0)
+        return EVP_PKEY_CTX_hex2ctrl(ctx, EVP_PKEY_CTRL_TLS_SEED, value);
+    return -2;
+}
+
 static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
                                size_t *keylen)
 {
@@ -176,7 +201,7 @@ const EVP_PKEY_METHOD tls1_prf_pkey_meth = {
    0,
    pkey_tls1_prf_derive,
    pkey_tls1_prf_ctrl,
-    0
+    pkey_tls1_prf_ctrl_str
 };

 static int tls1_prf_P_hash(const EVP_MD *md,

--- a/doc/crypto/EVP_PKEY_TLS1_PRF.pod
+++ b/doc/crypto/EVP_PKEY_TLS1_PRF.pod
@@ -33,6 +33,14 @@ and any seed is reset.
 EVP_PKEY_CTX_add1_tls1_prf_seed() sets the seed to B<seedlen> bytes of B<seed>.
 If a seed is already set it is appended to the existing value.

+=head1 STRING CTRLS
+
+The TLS PRF also supports string based control operations using
+EVP_PKEY_CTX_ctrl_str(). The B<type> parameters "secret" and "seed" use
+the supplied B<value> parameter as a secret or seed value. The names
+"hexsecret" and "hexseed" are similar except they take a hex string which
+is converted to binary.
+
 =head1 NOTES

 All these functions are implemented as macros.
@@ -82,6 +90,7 @@ and seed value "seed":
 =head1 SEE ALSO

 L<EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_derive(3)>,
+L<EVP_PKEY_CTX_ctrl(3)>,
+L<EVP_PKEY_derive(3)>

 =cut