* The feature that stopped alpine from saving passwords in the password

file prevented users from actually saving their passwords in Windows and MAC OS. Fix the code so that passwords will be saved. Also, update the documentation of this feature. * Fix a buffer overflow bug in the XOAUTH2 code (off by one error). * Update PC-Alpine to work with Libressl version 3.0.2 instead of version 2.5.5 (update build.bat and lib files from the LibreSSL build). * Erase SSLXXXXXX file. * ssl_nt.c actually directs the code to ssl_libressl.c or ssl_win.c. The file ssl_libressl.c is the file ssl_unix.c from the unix osdep directory. The file ssl_win.c is the native SSL windows code. The Unix side provides S/MIME support for Alpine and the latest encryption protocols support for Alpine when connecting to a secure server, while the windows side provide TLSv1_3 support for Alpine, but not S/MIME support. In order to provide unix code for TLSv1_3 (once LibreSSL supports it) edit the file os_nt.c and remove the comments on the #ifdef section. This would provide both TLSv1_3 and S/MIME support with unix code. On the other hand, when we provide TLSv1_3 with the Windows code we need to undefine DF_ENCRYPTION_RANGE, and this is done in the file include/config.wnt.h. The way this is done as of this moment is by commenting an #else directive that preceedes this #undefine. * Update makefile.nt and friends in the windows side to account for the addition of XOAUTH2, and the use of only ssl_nt.c when dealing with Alpine. * Define SMIME_SSLCERTS as c:\libressl\ssl\certs, so that these certificates be considered while checking a digital S/MIME signature. * Improvements to the SMARTTIME24 token to account for changes in year.
author: Eduardo Chappa <chappa@washington.edu> 2020-01-04 20:08:32 -0700
committer: Eduardo Chappa <chappa@washington.edu> 2020-01-04 20:08:32 -0700
commit: f398f615b6df385aec2b3553310cc237b29e068a (patch)
tree: 5af79c6a9a180c72c58a9d9cd2d79a1d7657d152 /libressl/include/openssl/hkdf.h
parent: 77191bf3e4e049603fb6a0547876259c29c71dbd (diff)
download: alpine-f398f615b6df385aec2b3553310cc237b29e068a.tar.xz
1 files changed, 65 insertions, 0 deletions
diff --git a/libressl/include/openssl/hkdf.h b/libressl/include/openssl/hkdf.h
new file mode 100644
index 00000000..34450f9d
--- /dev/null
+++ b/libressl/include/openssl/hkdf.h
@@ -0,0 +1,65 @@
+/* $OpenBSD: hkdf.h,v 1.2 2018/04/03 13:33:53 tb Exp $ */
+/* Copyright (c) 2014, Google Inc.
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+
+#ifndef OPENSSL_HEADER_HKDF_H
+#define OPENSSL_HEADER_HKDF_H
+
+#include <openssl/evp.h>
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+/*
+ * HKDF computes HKDF (as specified by RFC 5869) of initial keying
+ * material |secret| with |salt| and |info| using |digest|, and
+ * outputs |out_len| bytes to |out_key|. It returns one on success and
+ * zero on error.
+ *
+ * HKDF is an Extract-and-Expand algorithm. It does not do any key
+ * stretching, and as such, is not suited to be used alone to generate
+ * a key from a password.
+ */
+
+int HKDF(uint8_t *out_key, size_t out_len, const struct env_md_st *digest,
+    const uint8_t *secret, size_t secret_len, const uint8_t *salt,
+    size_t salt_len, const uint8_t *info, size_t info_len);
+
+/*
+ * HKDF_extract computes a HKDF PRK (as specified by RFC 5869) from
+ * initial keying material |secret| and salt |salt| using |digest|,
+ * and outputs |out_len| bytes to |out_key|. The maximum output size
+ * is |EVP_MAX_MD_SIZE|.  It returns one on success and zero on error.
+ */
+int HKDF_extract(uint8_t *out_key, size_t *out_len,
+    const struct env_md_st *digest, const uint8_t *secret,
+    size_t secret_len, const uint8_t *salt, size_t salt_len);
+
+/*
+ * HKDF_expand computes a HKDF OKM (as specified by RFC 5869) of
+ * length |out_len| from the PRK |prk| and info |info| using |digest|,
+ * and outputs the result to |out_key|. It returns one on success and
+ * zero on error.
+ */
+int HKDF_expand(uint8_t *out_key, size_t out_len,
+    const EVP_MD *digest, const uint8_t *prk, size_t prk_len,
+    const uint8_t *info,  size_t info_len);
+
+
+#if defined(__cplusplus)
+}  /* extern C */
+#endif
+
+#endif  /* OPENSSL_HEADER_HKDF_H */
author	Eduardo Chappa <chappa@washington.edu>	2020-01-04 20:08:32 -0700
committer	Eduardo Chappa <chappa@washington.edu>	2020-01-04 20:08:32 -0700
commit	f398f615b6df385aec2b3553310cc237b29e068a (patch)
tree	5af79c6a9a180c72c58a9d9cd2d79a1d7657d152 /libressl/include/openssl/hkdf.h
parent	77191bf3e4e049603fb6a0547876259c29c71dbd (diff)
download	alpine-f398f615b6df385aec2b3553310cc237b29e068a.tar.xz