[openssl/openssl] ad0624: Implements Hybrid Public Key Encryption (HPKE) as ...

sftcd noreply at github.com
Fri Nov 25 16:37:00 UTC 2022 

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: ad062480f7490197b174edad8625ce40d74f6e68
      https://github.com/openssl/openssl/commit/ad062480f7490197b174edad8625ce40d74f6e68
  Author: Stephen Farrell <stephen.farrell at cs.tcd.ie>
  Date:   2022-11-25 (Fri, 25 Nov 2022)

  Changed paths:
    M CHANGES.md
    M crypto/err/openssl.txt
    M crypto/hpke/build.info
    A crypto/hpke/hpke.c
    M crypto/hpke/hpke_util.c
    M doc/build.info
    A doc/man3/OSSL_HPKE_CTX_new.pod
    R include/crypto/hpke.h
    A include/internal/hpke_util.h
    A include/openssl/hpke.h
    M include/openssl/proverr.h
    M providers/common/include/prov/proverr.h
    M providers/common/provider_err.c
    M providers/implementations/kem/ec_kem.c
    M providers/implementations/kem/eckem.h
    M providers/implementations/kem/ecx_kem.c
    M providers/implementations/kem/kem_util.c
    M test/build.info
    A test/hpke_test.c
    A test/recipes/30-test_hpke.t
    M util/libcrypto.num

  Log Message:
  -----------
  Implements Hybrid Public Key Encryption (HPKE) as per RFC9180.

This supports all the modes, suites and export mechanisms defined
in RFC9180 and should be relatively easily extensible if/as new
suites are added.  The APIs are based on the pseudo-code from the
RFC, e.g. OSS_HPKE_encap() roughly maps to SetupBaseS().  External
APIs are defined in include/openssl/hpke.h and documented in
doc/man3/OSSL_HPKE_CTX_new.pod.  Tests (test/hpke_test.c) include
verifying a number of the test vectors from the RFC as well as
round-tripping for all the modes and suites.  We have demonstrated
interoperability with other HPKE implementations via a fork [1]
that implements TLS Encrypted ClientHello (ECH) which uses HPKE.

@slontis provided huge help in getting this done and this makes
extensive use of the KEM handling code from his PR#19068.

[1] https://github.com/sftcd/openssl/tree/ECH-draft-13c

Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17172)

More information about the openssl-commits mailing list