diff options
| author | robot-contrib <robot-contrib@yandex-team.com> | 2023-10-23 21:53:30 +0300 |
|---|---|---|
| committer | robot-contrib <robot-contrib@yandex-team.com> | 2023-10-23 22:17:19 +0300 |
| commit | 185aad3f5de6274260a161e58d92312d91813770 (patch) | |
| tree | 39b2a93a9a649bffaaea9e405b00ceeea0d13c11 /contrib/restricted/aws/s2n/crypto/s2n_hkdf.h | |
| parent | a14514f8c6ab647d334ae41253e65f69ee9b5fa6 (diff) | |
| download | ydb-185aad3f5de6274260a161e58d92312d91813770.tar.gz | |
Update contrib/restricted/aws/s2n to 1.3.54
Diffstat (limited to 'contrib/restricted/aws/s2n/crypto/s2n_hkdf.h')
| -rw-r--r-- | contrib/restricted/aws/s2n/crypto/s2n_hkdf.h | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/contrib/restricted/aws/s2n/crypto/s2n_hkdf.h b/contrib/restricted/aws/s2n/crypto/s2n_hkdf.h index cb9424e7d7..8dc53636e7 100644 --- a/contrib/restricted/aws/s2n/crypto/s2n_hkdf.h +++ b/contrib/restricted/aws/s2n/crypto/s2n_hkdf.h @@ -20,6 +20,16 @@ #include "crypto/s2n_hmac.h" #include "utils/s2n_blob.h" +/* + * Label structure is `opaque label<7..255> = "tls13 " + Label` per RFC8446. + * So, we have 255-sizeof("tls13 ") = 249, the maximum label length. + * + * Note that all labels defined by RFC 8446 are <12 characters, which + * avoids an extra hash iteration. However, the exporter functionality + * (s2n_connection_tls_exporter) allows for longer labels. + */ +#define S2N_MAX_HKDF_EXPAND_LABEL_LENGTH 249 + int s2n_hkdf(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *salt, const struct s2n_blob *key, const struct s2n_blob *info, struct s2n_blob *output); @@ -28,3 +38,5 @@ int s2n_hkdf_extract(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const int s2n_hkdf_expand_label(struct s2n_hmac_state *hmac, s2n_hmac_algorithm alg, const struct s2n_blob *secret, const struct s2n_blob *label, const struct s2n_blob *context, struct s2n_blob *output); + +bool s2n_libcrypto_supports_hkdf(); |