Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)
--- /dev/null
+$COMMON=tls1_prf.c hkdf.c scrypt.c pbkdf2.c sskdf.c
+
+LIBS=../../../libcrypto
+SOURCE[../../../libcrypto]=$COMMON sshkdf.c x942kdf.c
+INCLUDE[../../../libcrypto]=. ../../../crypto
+
+IF[{- !$disabled{fips} -}]
+ MODULES=../../fips
+ SOURCE[../../fips]=$COMMON
+ INCLUDE[../../fips]=. ../../../crypto
+ENDIF
+
+
impl->seclen = len;
return 1;
impl->seclen = len;
return 1;
+ /* TODO: This is only ever called from pkey_kdf and only as part of setting the TLS secret
+ consider merging the twe two?? */
case EVP_KDF_CTRL_RESET_TLS_SEED:
OPENSSL_cleanse(impl->seed, impl->seedlen);
impl->seedlen = 0;
case EVP_KDF_CTRL_RESET_TLS_SEED:
OPENSSL_cleanse(impl->seed, impl->seedlen);
impl->seedlen = 0;