EVP_KDF-SSHKDF man page error?
Kory Hamzeh
kory at avatarci.com
Fri Mar 25 23:43:41 UTC 2022
Thanks, Paul. I noticed the type values matched the RFC, but thought maybe it should be a string if that was the case.
I did find another issue:
if (EVP_KDF_derive(kctx, out, &outlen, params) <= 0)
The actual value of ‘outlen’ should be passed, not the address.
Kory
> On Mar 25, 2022, at 4:01 PM, pauli at openssl.org wrote:
>
> It is correct, the KDF is expecting the characters 'A' through 'F' here. This is what is specified in the RFC: https://datatracker.ietf.org/doc/html/rfc4253#section-7.2
>
> That line of code ought to have cast to (char *) or type defined simply as char, but it is essentially correct.
>
>
> Pauli
>
> On 26/3/22 5:11 am, Kory Hamzeh wrote:
>> Hi All,
>>
>> If you look at the example SSH KDF code here:
>>
>> https://www.openssl.org/docs/manmaster/man7/EVP_KDF-SSHKDF.html
>>
>> Specifically, these lines:
>>
>> *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
>> &type, sizeof(type));
>> The variable ‘type’ is defined as a “const char”, so an 8 bit integer. The compiler spits out a warning on that line. Is the example code correct?
>>
>> I wonder if it should be calling OSSL_PARAM_construct_int() and ‘type’ changed to ‘int’?
>>
>> Thanks,
>> Kory
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220325/8a01ba6d/attachment.htm>
More information about the openssl-users
mailing list