=item EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV
The Initial IV from client to server.
-Char array initializer of value {65, 0}, i.e., ASCII string "A".
+A single char of value 65 (ASCII char 'A').
=item EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI
The Initial IV from server to client
-Char array initializer of value {66, 0}, i.e., ASCII string "B".
+A single char of value 66 (ASCII char 'B').
=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV
The Encryption Key from client to server
-Char array initializer of value {67, 0}, i.e., ASCII string "C".
+A single char of value 67 (ASCII char 'C').
=item EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI
The Encryption Key from server to client
-Char array initializer of value {68, 0}, i.e., ASCII string "D".
+A single char of value 68 (ASCII char 'D').
=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV
The Integrity Key from client to server
-Char array initializer of value {69, 0}, i.e., ASCII string "E".
+A single char of value 69 (ASCII char 'E').
=item EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI
The Integrity Key from client to server
-Char array initializer of value {70, 0}, i.e., ASCII string "F".
+A single char of value 70 (ASCII char 'F').
=back
EVP_KDF *kdf;
EVP_KDF_CTX *kctx;
- const char type[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
+ const char type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
unsigned char key[1024] = "01234...";
unsigned char xcghash[32] = "012345...";
unsigned char session_id[32] = "012345...";
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
session_id, (size_t)32);
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
- type, sizeof(type) - 1);
+ &type, sizeof(type));
*p = OSSL_PARAM_construct_end();
if (EVP_KDF_CTX_set_params(kctx, params) <= 0)
/* Error */
# define EVP_KDF_HKDF_MODE_EXTRACT_ONLY 1
# define EVP_KDF_HKDF_MODE_EXPAND_ONLY 2
-/* SSHKDF key exchange stages.*/
-/* See https://tools.ietf.org/html/rfc4253#section-7.2 */
-#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV {65, 0}
-#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI {66, 0}
-#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV {67, 0}
-#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI {68, 0}
-#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV {69, 0}
-#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI {70, 0}
+#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV 65
+#define EVP_KDF_SSHKDF_TYPE_INITIAL_IV_SRV_TO_CLI 66
+#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_CLI_TO_SRV 67
+#define EVP_KDF_SSHKDF_TYPE_ENCRYPTION_KEY_SRV_TO_CLI 68
+#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_CLI_TO_SRV 69
+#define EVP_KDF_SSHKDF_TYPE_INTEGRITY_KEY_SRV_TO_CLI 70
/**** The legacy PKEY-based KDF API follows. ****/
*/
/* Macros to build Self test data */
-#define ITM(x) x, sizeof(x)
-#define ITM_STR(x) x, (sizeof(x) - 1)
+#define ITM(x) ((void *)&x), sizeof(x)
+#define ITM_STR(x) ((void *)&x), (sizeof(x) - 1)
#define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
#define ST_KAT_PARAM_BIGNUM(name, data) \
{ name, OSSL_PARAM_OCTET_STRING, ITM(data) }
#define ST_KAT_PARAM_UTF8STRING(name, data) \
{ name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
+#define ST_KAT_PARAM_UTF8CHAR(name, data) \
+ { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
#define ST_KAT_PARAM_INT(name, i) \
- { name, OSSL_PARAM_INTEGER, &i, sizeof(i) }
+ { name, OSSL_PARAM_INTEGER, ITM(i) }
/* used to store raw parameters for keys and algorithms */
typedef struct st_kat_param_st {
};
static const char sshkdf_digest[] = "SHA1";
-static const char sshkdf_type[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
+static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
static const unsigned char sshkdf_key[] = {
0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
};
static const ST_KAT_PARAM sshkdf_params[] = {
ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
- ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
+ ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
break;
}
case OSSL_PARAM_UTF8_STRING: {
- if (!OSSL_PARAM_BLD_push_utf8_string(bld, p->name, p->data, 0))
+ if (!OSSL_PARAM_BLD_push_utf8_string(bld, p->name, p->data,
+ p->data_len))
goto err;
break;
}
if (!OSSL_PARAM_get_utf8_string_ptr(p, &kdftype))
return 0;
- if (kdftype == NULL || kdftype[0] == '\0' || kdftype[1] != '\0')
+ /* Expect one character (byte in this case) */
+ if (kdftype == NULL || p->data_size != 1)
return 0;
if (kdftype[0] < 65 || kdftype[0] > 70) {
ERR_raise(ERR_LIB_PROV, PROV_R_VALUE_ERROR);
int ret;
EVP_KDF_CTX *kctx;
OSSL_PARAM params[6], *p = params;
- char kdftype[] = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
+ char kdftype = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
unsigned char out[8];
/* Test data from NIST CAVS 14.1 test vectors */
static unsigned char key[] = {
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SSHKDF_SESSION_ID,
sessid, sizeof(sessid));
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_SSHKDF_TYPE,
- kdftype, 0);
+ &kdftype, sizeof(kdftype));
*p = OSSL_PARAM_construct_end();
ret =