New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kdf: add PIN verification key KDF to providers #15968
Conversation
a3dd7ec
to
db76dfd
Compare
Rebased to current master |
Review required. |
Was kind of hoping for a 3.0.1/3.1 decisions. Master feels fine for this change. |
Ping for review |
Rebased to master, still awaiting review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some things to consider. Also should there be a CHANGES.md entry? We have it for other KDFs.
Also, should we have some test cases in evp tests?
Good feedback @t8m, I'll address net week. |
Add PIN Verification Key key derevation function to providers.
These cases were generated using OpenSSL.
Feedback addressed, test cases added. |
This pull request is ready to merge |
Add PIN Verification Key key derevation function to providers. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
These cases were generated using OpenSSL. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #15968)
Merged to master, thanks for the reviews. |
This is in pem/pvkfmt.c currently. Since it is a KDF, it is better located in a provider -- in this case legacy since it is only used if RC4 is available.
This PR is based on #15967, will need to be rebased after that is merged.The existing test cases exercise this code sufficiently.