diff options
| author | Pauli <paul.dale@oracle.com> | 2020-08-05 15:26:48 +1000 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-08-07 08:07:07 +1000 |
| commit | 5f6a0b2ff055cf3ad09a1d49a4b95b13e1106b35 (patch) | |
| tree | dcf50d5c3e37b6a2ca3a18dac9e44bab58a910ed | |
| parent | 992492f5e82e0cf9b24acc14ea90ce8afd4c447a (diff) | |
mac: add some consistency to setting the XXX_final output length.
The various MACs were all over the place with respects to what they did with
the output length in the final call. Now they all unconditionally set the
output length and the EVP layer handles the possibility of a NULL pointer.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12582)
| -rw-r--r-- | crypto/evp/mac_lib.c | 4 | ||||
| -rw-r--r-- | providers/implementations/macs/blake2_mac_impl.c | 1 | ||||
| -rw-r--r-- | providers/implementations/macs/hmac_prov.c | 3 | ||||
| -rw-r--r-- | providers/implementations/macs/kmac_prov.c | 3 | ||||
| -rw-r--r-- | providers/implementations/macs/poly1305_prov.c | 1 |
5 files changed, 7 insertions, 5 deletions
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index a5c1b44666..2198c46680 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -120,11 +120,13 @@ int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen) int EVP_MAC_final(EVP_MAC_CTX *ctx, unsigned char *out, size_t *outl, size_t outsize) { - size_t l = EVP_MAC_size(ctx); + size_t l; int res = 1; if (out != NULL) res = ctx->meth->final(ctx->data, out, &l, outsize); + else + l = EVP_MAC_size(ctx); if (outl != NULL) *outl = l; return res; diff --git a/providers/implementations/macs/blake2_mac_impl.c b/providers/implementations/macs/blake2_mac_impl.c index 586a546214..d4e61e44a4 100644 --- a/providers/implementations/macs/blake2_mac_impl.c +++ b/providers/implementations/macs/blake2_mac_impl.c @@ -101,6 +101,7 @@ static int blake2_mac_final(void *vmacctx, { struct blake2_mac_data_st *macctx = vmacctx; + *outl = blake2_mac_size(macctx); return BLAKE2_FINAL(out, &macctx->ctx); } diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index 109f93d243..af2a2098cd 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -130,8 +130,7 @@ static int hmac_final(void *vmacctx, unsigned char *out, size_t *outl, if (!HMAC_Final(macctx->ctx, out, &hlen)) return 0; - if (outl != NULL) - *outl = hlen; + *outl = hlen; return 1; } diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 46b0bd644a..792bc6c5bb 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -298,8 +298,7 @@ static int kmac_final(void *vmacctx, unsigned char *out, size_t *outl, ok = right_encode(encoded_outlen, &len, lbits) && EVP_DigestUpdate(ctx, encoded_outlen, len) && EVP_DigestFinalXOF(ctx, out, kctx->out_len); - if (ok && outl != NULL) - *outl = kctx->out_len; + *outl = kctx->out_len; return ok; } diff --git a/providers/implementations/macs/poly1305_prov.c b/providers/implementations/macs/poly1305_prov.c index eef546047f..748cafbaca 100644 --- a/providers/implementations/macs/poly1305_prov.c +++ b/providers/implementations/macs/poly1305_prov.c @@ -94,6 +94,7 @@ static int poly1305_final(void *vmacctx, unsigned char *out, size_t *outl, struct poly1305_data_st *ctx = vmacctx; Poly1305_Final(&ctx->poly1305, out); + *outl = poly1305_size(); return 1; } |