Export the HPKE implementation.

Bug: 410 Change-Id: I633eab7f2d148c9158a5bb29d73e07f1f18b7105 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47331 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>
4 years ago · 070a6c3e02
parent 1eb7769e11
commit 070a6c3e02
10 changed files with 20 additions and 18 deletions
--- a/crypto/hpke/hpke.c
+++ b/crypto/hpke/hpke.c
@ -12,6 +12,8 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

+#include <openssl/hpke.h>
+
 #include <assert.h>
 #include <string.h>

@ -26,7 +28,6 @@
 #include <openssl/sha.h>

 #include "../internal.h"
-#include "internal.h"


 // This file implements draft-irtf-cfrg-hpke-08.
--- a/crypto/hpke/hpke_test.cc
+++ b/crypto/hpke/hpke_test.cc
@ -12,6 +12,8 @@
 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

+#include <openssl/hpke.h>
+
 #include <cstdint>
 #include <limits>
 #include <string>
@ -30,7 +32,6 @@

 #include "../test/file_test.h"
 #include "../test/test_util.h"
-#include "internal.h"


 namespace bssl {
--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@ -405,6 +405,11 @@ typedef struct evp_aead_st EVP_AEAD;
 typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
 typedef struct evp_cipher_st EVP_CIPHER;
 typedef struct evp_encode_ctx_st EVP_ENCODE_CTX;
+typedef struct evp_hpke_aead_st EVP_HPKE_AEAD;
+typedef struct evp_hpke_ctx_st EVP_HPKE_CTX;
+typedef struct evp_hpke_kdf_st EVP_HPKE_KDF;
+typedef struct evp_hpke_kem_st EVP_HPKE_KEM;
+typedef struct evp_hpke_key_st EVP_HPKE_KEY;
 typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
 typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
 typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
--- a/include/openssl/hpke.h
+++ b/include/openssl/hpke.h
@ -35,11 +35,9 @@ extern "C" {

 // Parameters.
 //
-// An HPKE context is parameterized by KEM, KDF, and AEAD algorithms.
-
-typedef struct evp_hpke_kem_st EVP_HPKE_KEM;
-typedef struct evp_hpke_kdf_st EVP_HPKE_KDF;
-typedef struct evp_hpke_aead_st EVP_HPKE_AEAD;
+// An HPKE context is parameterized by KEM, KDF, and AEAD algorithms,
+// represented by |EVP_HPKE_KEM|, |EVP_HPKE_KDF|, and |EVP_HPKE_AEAD| types,
+// respectively.

 // The following constants are KEM identifiers.
 #define EVP_HPKE_DHKEM_X25519_HKDF_SHA256 0x0020
@ -81,8 +79,6 @@ OPENSSL_EXPORT uint16_t EVP_HPKE_AEAD_id(const EVP_HPKE_AEAD *aead);
 // An HPKE recipient maintains a long-term KEM key. This library represents keys
 // with the |EVP_HPKE_KEY| type.

-typedef struct evp_hpke_key_st EVP_HPKE_KEY;
-
 // EVP_HPKE_KEY_zero sets an uninitialized |EVP_HPKE_KEY| to the zero state. The
 // caller should then use |EVP_HPKE_KEY_init| to finish initializing |key|.
 //
@ -117,9 +113,8 @@ OPENSSL_EXPORT int EVP_HPKE_KEY_public_key(const EVP_HPKE_KEY *key,


 // Encryption contexts.
-
-// An |EVP_HPKE_CTX| is an HPKE encryption context.
-typedef struct evp_hpke_ctx_st EVP_HPKE_CTX;
+//
+// An HPKE encryption context is represented by the |EVP_HPKE_CTX| type.

 // EVP_HPKE_CTX_zero sets an uninitialized |EVP_HPKE_CTX| to the zero state. The
 // caller should then use one of the |EVP_HPKE_CTX_setup_*| functions to finish
--- a/ssl/encrypted_client_hello.cc
+++ b/ssl/encrypted_client_hello.cc
@ -20,9 +20,9 @@
 #include <openssl/curve25519.h>
 #include <openssl/err.h>
 #include <openssl/hkdf.h>
+#include <openssl/hpke.h>

 #include "internal.h"
-#include "../crypto/hpke/internal.h"


 #if defined(OPENSSL_MSAN)
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@ -169,7 +169,6 @@

 #include "internal.h"
 #include "../crypto/internal.h"
-#include "../crypto/hpke/internal.h"


 BSSL_NAMESPACE_BEGIN
--- a/ssl/internal.h
+++ b/ssl/internal.h
@ -154,6 +154,7 @@
 #include <openssl/aead.h>
 #include <openssl/curve25519.h>
 #include <openssl/err.h>
+#include <openssl/hpke.h>
 #include <openssl/lhash.h>
 #include <openssl/mem.h>
 #include <openssl/span.h>
@ -162,7 +163,6 @@

 #include "../crypto/err/internal.h"
 #include "../crypto/internal.h"
-#include "../crypto/hpke/internal.h"


 #if defined(OPENSSL_WINDOWS)
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@ -124,11 +124,11 @@
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
+#include <openssl/hpke.h>
 #include <openssl/mem.h>
 #include <openssl/nid.h>
 #include <openssl/rand.h>

-#include "../crypto/hpke/internal.h"
 #include "../crypto/internal.h"
 #include "internal.h"

--- a/ssl/tls13_server.cc
+++ b/ssl/tls13_server.cc
@ -23,12 +23,12 @@
 #include <openssl/bytestring.h>
 #include <openssl/digest.h>
 #include <openssl/err.h>
+#include <openssl/hpke.h>
 #include <openssl/mem.h>
 #include <openssl/rand.h>
 #include <openssl/stack.h>

 #include "../crypto/internal.h"
-#include "../crypto/hpke/internal.h"
 #include "internal.h"


--- a/util/doc.config
+++ b/util/doc.config
@ -48,7 +48,8 @@
      "include/openssl/digest.h",
      "include/openssl/cipher.h",
      "include/openssl/aead.h",
-      "include/openssl/evp.h"
+      "include/openssl/evp.h",
+      "include/openssl/hpke.h"
    ]
  },{
    "Name": "SSL implementation",