git.openssl.org Git - openssl.git/commit

author	Juergen Christ <jchrist@linux.ibm.com>
	Mon, 14 Dec 2020 16:36:22 +0000 (17:36 +0100)
committer	Patrick Steuer <patrick.steuer@de.ibm.com>
	Thu, 28 Jan 2021 15:05:50 +0000 (16:05 +0100)
commit	270a5ce1d9ea579a2f1d45887971582b1ef2b6a1
tree	5a7d1948571240b57b30cfbf83eaae47b1ee67fc	tree \| snapshot
parent	732a4d15b0da7c04437ea828b2915a691b6e38db	commit \| diff

Fix parameter types in sshkdf

Handling of parameter OSSL_KDF_PARAM_SSHKDF_TYPE mixed integer and string
parameters.  This caused endianness problems on big-endian machines.  As a
result, it is not possible to pass FIPS tests since the parameter was stored
with an integer value but read via a cast to char pointer.  While this works
on little endian machines, big endian s390 read the most significant bits
instead of the least significant (as done by, e.g., x86).  Change the
parameter to char array and fix the usages.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/13781)

doc/man7/EVP_KDF-SSHKDF.pod		diff \| blob \| history
doc/man7/provider-kdf.pod		diff \| blob \| history
include/openssl/kdf.h		diff \| blob \| history
providers/fips/self_test_data.inc		diff \| blob \| history
providers/implementations/kdfs/sshkdf.c		diff \| blob \| history
test/evp_kdf_test.c		diff \| blob \| history