Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: ad062480f7490197b174edad8625ce40d74f6e68
https://github.com/openssl/openssl/commit/ad062480f7490197b174edad8625ce40d74f6e68
Author: Stephen Farrell <stephen.farr...@cs.tcd.ie>
Date: 2022-11-25 (Fri, 25 Nov 2022)
Changed paths:
M CHANGES.md
M crypto/err/openssl.txt
M crypto/hpke/build.info
A crypto/hpke/hpke.c
M crypto/hpke/hpke_util.c
M doc/build.info
A doc/man3/OSSL_HPKE_CTX_new.pod
R include/crypto/hpke.h
A include/internal/hpke_util.h
A include/openssl/hpke.h
M include/openssl/proverr.h
M providers/common/include/prov/proverr.h
M providers/common/provider_err.c
M providers/implementations/kem/ec_kem.c
M providers/implementations/kem/eckem.h
M providers/implementations/kem/ecx_kem.c
M providers/implementations/kem/kem_util.c
M test/build.info
A test/hpke_test.c
A test/recipes/30-test_hpke.t
M util/libcrypto.num
Log Message:
-----------
Implements Hybrid Public Key Encryption (HPKE) as per RFC9180.
This supports all the modes, suites and export mechanisms defined
in RFC9180 and should be relatively easily extensible if/as new
suites are added. The APIs are based on the pseudo-code from the
RFC, e.g. OSS_HPKE_encap() roughly maps to SetupBaseS(). External
APIs are defined in include/openssl/hpke.h and documented in
doc/man3/OSSL_HPKE_CTX_new.pod. Tests (test/hpke_test.c) include
verifying a number of the test vectors from the RFC as well as
round-tripping for all the modes and suites. We have demonstrated
interoperability with other HPKE implementations via a fork [1]
that implements TLS Encrypted ClientHello (ECH) which uses HPKE.
@slontis provided huge help in getting this done and this makes
extensive use of the KEM handling code from his PR#19068.
[1] https://github.com/sftcd/openssl/tree/ECH-draft-13c
Reviewed-by: Tomas Mraz <to...@openssl.org>
Reviewed-by: Shane Lontis <shane.lon...@oracle.com>
Reviewed-by: Matt Caswell <m...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17172)
