EVP_KDF-SSHKDF man page error?
Dr Paul Dale
pauli at openssl.org
Sat Mar 26 00:08:45 UTC 2022
The UTF8 type is a string and if its length is known, it doesn't need to
be '\0' terminated. So passing the address of a char works (it's a char
* after all).
Thanks for the other fix.
Pauli
On 26/3/22 10:43 am, Kory Hamzeh wrote:
> Thanks, Paul. I noticed the type values matched the RFC, but thought
> maybe it should be a string if that was the case.
>
> I did find another issue:
>
> |if (EVP_KDF_derive(kctx, out, &outlen, params) <= 0) |
> |
> |
> The actual value of ‘outlen’ should be passed, not the address.
>
> Kory
>
>> On Mar 25, 2022, at 4:01 PM, pauli at openssl.org wrote:
>>
>> It is correct, the KDF is expecting the characters 'A' through 'F'
>> here. This is what is specified in the RFC:
>> https://datatracker.ietf.org/doc/html/rfc4253#section-7.2
>>
>> That line of code ought to have cast to (char *) or type defined
>> simply as char, but it is essentially correct.
>>
>>
>> Pauli
>>
>> On 26/3/22 5:11 am, Kory Hamzeh wrote:
>>> Hi All,
>>>
>>> If you look at the example SSH KDF code here:
>>>
>>> https://www.openssl.org/docs/manmaster/man7/EVP_KDF-SSHKDF.html
>>>
>>> Specifically, these lines:
>>>
>>> *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
>>> &type, sizeof(type));
>>> The variable ‘type’ is defined as a “const char”, so an 8 bit
>>> integer. The compiler spits out a warning on that line. Is the
>>> example code correct?
>>>
>>> I wonder if it should be calling OSSL_PARAM_construct_int() and
>>> ‘type’ changed to ‘int’?
>>>
>>> Thanks,
>>> Kory
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220326/c1890424/attachment.htm>
More information about the openssl-users
mailing list