Implement HKDF for transport encryption security.

This is to hash the results of the DH key agreement, since the generated key size rarely matches the size of our bulk encryption key size. * Add PKCS#11 algorithm CKM_G_HKDF_SHA256_DERIVE * Change DH code so it always generates keys of prime size. * Change CKM_DH_PKCS11_DERIVE mechanism to support truncating or expanding keys on its own (without help from underlying implementation) in accordance with PKCS#11. Although we no longer use this. * Add support for CKK_GENERIC_SECRET keys. * Update prompt code to use HKDF in key negotiation. * Add secret service dh-ietf1024-sha256-aes128-cbc-pkcs7 algo which replaces the previous.
author: Stef Walter <stefw@collabora.co.uk> 2011-02-24 10:35:58 +0100
committer: Stef Walter <stefw@collabora.co.uk> 2011-02-27 07:43:43 +0100
commit: 54d4781a415b6e12d882667e373be851a435c5a3 (patch)
tree: 9bd4ca55f10531261949367f8457add228603c5a /egg/egg-dh.h
parent: b6c94d5f4560d672f355366a7144056aaf764e8e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/egg/egg-dh.h b/egg/egg-dh.h
index cfdb3d01..ee315e27 100644
--- a/egg/egg-dh.h
+++ b/egg/egg-dh.h
@@ -45,6 +45,6 @@ gboolean   egg_dh_gen_pair                                    (gcry_mpi_t prime,
 gpointer   egg_dh_gen_secret                                  (gcry_mpi_t peer,
                                                                gcry_mpi_t priv,
                                                                gcry_mpi_t prime,
-                                                               gsize bytes);
+                                                               gsize *bytes);
 
 #endif /* EGG_DH_H_ */
author	Stef Walter <stefw@collabora.co.uk>	2011-02-24 10:35:58 +0100
committer	Stef Walter <stefw@collabora.co.uk>	2011-02-27 07:43:43 +0100
commit	54d4781a415b6e12d882667e373be851a435c5a3 (patch)
tree	9bd4ca55f10531261949367f8457add228603c5a /egg/egg-dh.h
parent	b6c94d5f4560d672f355366a7144056aaf764e8e (diff)