Export the HPKE implementation.
Bug: 410
Change-Id: I633eab7f2d148c9158a5bb29d73e07f1f18b7105
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47331
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/hpke/hpke.c b/crypto/hpke/hpke.c
index 7656119..6840e83 100644
--- a/crypto/hpke/hpke.c
+++ b/crypto/hpke/hpke.c
@@ -12,6 +12,8 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+#include <openssl/hpke.h>
+
#include <assert.h>
#include <string.h>
@@ -26,7 +28,6 @@
#include <openssl/sha.h>
#include "../internal.h"
-#include "internal.h"
// This file implements draft-irtf-cfrg-hpke-08.
diff --git a/crypto/hpke/hpke_test.cc b/crypto/hpke/hpke_test.cc
index a22e844..1b4ccdd 100644
--- a/crypto/hpke/hpke_test.cc
+++ b/crypto/hpke/hpke_test.cc
@@ -12,6 +12,8 @@
* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
+#include <openssl/hpke.h>
+
#include <cstdint>
#include <limits>
#include <string>
@@ -30,7 +32,6 @@
#include "../test/file_test.h"
#include "../test/test_util.h"
-#include "internal.h"
namespace bssl {
diff --git a/include/openssl/base.h b/include/openssl/base.h
index 598f4dd..29087d0 100644
--- a/include/openssl/base.h
+++ b/include/openssl/base.h
@@ -405,6 +405,11 @@
typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
typedef struct evp_cipher_st EVP_CIPHER;
typedef struct evp_encode_ctx_st EVP_ENCODE_CTX;
+typedef struct evp_hpke_aead_st EVP_HPKE_AEAD;
+typedef struct evp_hpke_ctx_st EVP_HPKE_CTX;
+typedef struct evp_hpke_kdf_st EVP_HPKE_KDF;
+typedef struct evp_hpke_kem_st EVP_HPKE_KEM;
+typedef struct evp_hpke_key_st EVP_HPKE_KEY;
typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
diff --git a/crypto/hpke/internal.h b/include/openssl/hpke.h
similarity index 96%
rename from crypto/hpke/internal.h
rename to include/openssl/hpke.h
index 6ce2a4f..358ca23 100644
--- a/crypto/hpke/internal.h
+++ b/include/openssl/hpke.h
@@ -35,11 +35,9 @@
// Parameters.
//
-// An HPKE context is parameterized by KEM, KDF, and AEAD algorithms.
-
-typedef struct evp_hpke_kem_st EVP_HPKE_KEM;
-typedef struct evp_hpke_kdf_st EVP_HPKE_KDF;
-typedef struct evp_hpke_aead_st EVP_HPKE_AEAD;
+// An HPKE context is parameterized by KEM, KDF, and AEAD algorithms,
+// represented by |EVP_HPKE_KEM|, |EVP_HPKE_KDF|, and |EVP_HPKE_AEAD| types,
+// respectively.
// The following constants are KEM identifiers.
#define EVP_HPKE_DHKEM_X25519_HKDF_SHA256 0x0020
@@ -81,8 +79,6 @@
// An HPKE recipient maintains a long-term KEM key. This library represents keys
// with the |EVP_HPKE_KEY| type.
-typedef struct evp_hpke_key_st EVP_HPKE_KEY;
-
// EVP_HPKE_KEY_zero sets an uninitialized |EVP_HPKE_KEY| to the zero state. The
// caller should then use |EVP_HPKE_KEY_init| to finish initializing |key|.
//
@@ -117,9 +113,8 @@
// Encryption contexts.
-
-// An |EVP_HPKE_CTX| is an HPKE encryption context.
-typedef struct evp_hpke_ctx_st EVP_HPKE_CTX;
+//
+// An HPKE encryption context is represented by the |EVP_HPKE_CTX| type.
// EVP_HPKE_CTX_zero sets an uninitialized |EVP_HPKE_CTX| to the zero state. The
// caller should then use one of the |EVP_HPKE_CTX_setup_*| functions to finish
diff --git a/ssl/encrypted_client_hello.cc b/ssl/encrypted_client_hello.cc
index a0a88a3..9417976 100644
--- a/ssl/encrypted_client_hello.cc
+++ b/ssl/encrypted_client_hello.cc
@@ -20,9 +20,9 @@
#include <openssl/curve25519.h>
#include <openssl/err.h>
#include <openssl/hkdf.h>
+#include <openssl/hpke.h>
#include "internal.h"
-#include "../crypto/hpke/internal.h"
#if defined(OPENSSL_MSAN)
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index 10897e0..02603a1 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@@ -169,7 +169,6 @@
#include "internal.h"
#include "../crypto/internal.h"
-#include "../crypto/hpke/internal.h"
BSSL_NAMESPACE_BEGIN
diff --git a/ssl/internal.h b/ssl/internal.h
index fde8f88..7a960a1 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -154,6 +154,7 @@
#include <openssl/aead.h>
#include <openssl/curve25519.h>
#include <openssl/err.h>
+#include <openssl/hpke.h>
#include <openssl/lhash.h>
#include <openssl/mem.h>
#include <openssl/span.h>
@@ -162,7 +163,6 @@
#include "../crypto/err/internal.h"
#include "../crypto/internal.h"
-#include "../crypto/hpke/internal.h"
#if defined(OPENSSL_WINDOWS)
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 45495b6..689d75b 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -124,11 +124,11 @@
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/hmac.h>
+#include <openssl/hpke.h>
#include <openssl/mem.h>
#include <openssl/nid.h>
#include <openssl/rand.h>
-#include "../crypto/hpke/internal.h"
#include "../crypto/internal.h"
#include "internal.h"
diff --git a/ssl/tls13_server.cc b/ssl/tls13_server.cc
index dc4e65d..8a24d6f 100644
--- a/ssl/tls13_server.cc
+++ b/ssl/tls13_server.cc
@@ -23,12 +23,12 @@
#include <openssl/bytestring.h>
#include <openssl/digest.h>
#include <openssl/err.h>
+#include <openssl/hpke.h>
#include <openssl/mem.h>
#include <openssl/rand.h>
#include <openssl/stack.h>
#include "../crypto/internal.h"
-#include "../crypto/hpke/internal.h"
#include "internal.h"
diff --git a/util/doc.config b/util/doc.config
index d96e0fa..aacedea 100644
--- a/util/doc.config
+++ b/util/doc.config
@@ -48,7 +48,8 @@
"include/openssl/digest.h",
"include/openssl/cipher.h",
"include/openssl/aead.h",
- "include/openssl/evp.h"
+ "include/openssl/evp.h",
+ "include/openssl/hpke.h"
]
},{
"Name": "SSL implementation",
