summaryrefslogtreecommitdiffstats
path: root/doc/man7
diff options
context:
space:
mode:
authorslontis <shane.lontis@oracle.com>2022-12-20 04:44:18 +0100
committerTomas Mraz <tomas@openssl.org>2023-01-12 12:13:47 +0100
commite8add4d379075a6daef2591edd830297d469b9f4 (patch)
tree0c00fa3f52019c49ec1102ab9b65cbaabc142973 /doc/man7
parentfix manpage of `d2i_X509(3)` (diff)
downloadopenssl-e8add4d379075a6daef2591edd830297d469b9f4.tar.xz
openssl-e8add4d379075a6daef2591edd830297d469b9f4.zip
SSKDF with KMAC should return SIZE_MAX when EVP_KDF_CTX_get_kdf_size()
is used. Fixes #19934 The existing code was looking for the digest size, and then returned zero. The example code in EVP_KDF-SS.pod has been corrected to not use a digest. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19935)
Diffstat (limited to 'doc/man7')
-rw-r--r--doc/man7/EVP_KDF-SS.pod6
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/man7/EVP_KDF-SS.pod b/doc/man7/EVP_KDF-SS.pod
index 7f7f992fe1..fbc4a6acec 100644
--- a/doc/man7/EVP_KDF-SS.pod
+++ b/doc/man7/EVP_KDF-SS.pod
@@ -43,6 +43,8 @@ The supported parameters are:
=item "digest" (B<OSSL_KDF_PARAM_DIGEST>) <UTF8 string>
+This parameter is ignored for KMAC.
+
=item "mac" (B<OSSL_KDF_PARAM_MAC>) <UTF8 string>
=item "maclen" (B<OSSL_KDF_PARAM_MAC_SIZE>) <unsigned integer>
@@ -133,7 +135,7 @@ fixedinfo value "label", salt of "salt" and KMAC outlen of 20:
EVP_KDF *kdf;
EVP_KDF_CTX *kctx;
unsigned char out[10];
- OSSL_PARAM params[7], *p = params;
+ OSSL_PARAM params[6], *p = params;
kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL);
kctx = EVP_KDF_CTX_new(kdf);
@@ -141,8 +143,6 @@ fixedinfo value "label", salt of "salt" and KMAC outlen of 20:
*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC,
SN_kmac128, strlen(SN_kmac128));
- *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST,
- SN_sha256, strlen(SN_sha256));
*p++ = OSSL_PARAM_construct_octet_string(EVP_KDF_CTRL_SET_KEY,
"secret", (size_t)6);
*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO,