mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-06 13:26:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
c20d923b46
openssl/providers/implementations/kem/kem_util.c
Stephen Farrell ad062480f7 Implements Hybrid Public Key Encryption (HPKE) as per RFC9180. 
This supports all the modes, suites and export mechanisms defined
in RFC9180 and should be relatively easily extensible if/as new
suites are added.  The APIs are based on the pseudo-code from the
RFC, e.g. OSS_HPKE_encap() roughly maps to SetupBaseS().  External
APIs are defined in include/openssl/hpke.h and documented in
doc/man3/OSSL_HPKE_CTX_new.pod.  Tests (test/hpke_test.c) include
verifying a number of the test vectors from the RFC as well as
round-tripping for all the modes and suites.  We have demonstrated
interoperability with other HPKE implementations via a fork [1]
that implements TLS Encrypted ClientHello (ECH) which uses HPKE.

@slontis provided huge help in getting this done and this makes
extensive use of the KEM handling code from his PR#19068.

[1] https://github.com/sftcd/openssl/tree/ECH-draft-13c

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17172)
2022-11-25 16:26:55 +00:00

38 lines
993 B
C
Raw Blame History

/*
* Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h> /* for memcpy() */
#include <openssl/core_names.h>
#include <openssl/crypto.h>
#include "eckem.h"
typedef struct {
unsigned int id;
const char *mode;
} KEM_MODE;
static const KEM_MODE eckem_modename_id_map[] = {
{ KEM_MODE_DHKEM, OSSL_KEM_PARAM_OPERATION_DHKEM },
{ 0, NULL }
};
int ossl_eckem_modename2id(const char *name)
{
size_t i;
if (name == NULL)
return KEM_MODE_UNDEFINED;
for (i = 0; eckem_modename_id_map[i].mode != NULL; ++i) {
if (OPENSSL_strcasecmp(name, eckem_modename_id_map[i].mode) == 0)
return eckem_modename_id_map[i].id;
}
return KEM_MODE_UNDEFINED;
}
Reference in New Issue View Git Blame Copy Permalink