From: Matt Caswell <matt@openssl.org>
Date: Fri, 7 Aug 2020 11:22:29 +0000 (+0100)
Subject: Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider
X-Git-Tag: openssl-3.0.0-alpha7~609
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cd0a4998a006f00d1e5c271cfcd8e1fd1f0b3c41;p=thirdparty%2Fopenssl.git

Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12573)
---

diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index e39c306e481..4711a99b016 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -421,6 +421,8 @@ static const OSSL_ALGORITHM fips_keyexch[] = {
     { "X25519", FIPS_DEFAULT_PROPERTIES, x25519_keyexch_functions },
     { "X448", FIPS_DEFAULT_PROPERTIES, x448_keyexch_functions },
 #endif
+    { "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, kdf_tls1_prf_keyexch_functions },
+    { "HKDF", FIPS_DEFAULT_PROPERTIES, kdf_hkdf_keyexch_functions },
     { NULL, NULL, NULL }
 };
 
@@ -459,6 +461,8 @@ static const OSSL_ALGORITHM fips_keymgmt[] = {
     { "ED25519", FIPS_DEFAULT_PROPERTIES, ed25519_keymgmt_functions },
     { "ED448", FIPS_DEFAULT_PROPERTIES, ed448_keymgmt_functions },
 #endif
+    { "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
+    { "HKDF", FIPS_DEFAULT_PROPERTIES, kdf_keymgmt_functions },
     { NULL, NULL, NULL }
 };