diff options
author | Tomas Mraz <tomas@openssl.org> | 2024-04-11 10:29:23 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2024-05-15 12:10:32 +0200 |
commit | b911fef216d1386210ec24e201d54d709528abb4 (patch) | |
tree | 286d441c79a388be8d94950b8111bf2793eaebf0 /crypto | |
parent | 170620675dfd74f34bdcf8aba71dffeb07f3d533 (diff) |
Intentionally break EVP_DigestFinal for SHAKE128 and SHAKE256
It will work only if OSSL_DIGEST_PARAM_XOFLEN is set.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24105)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/evp/digest.c | 2 | ||||
-rw-r--r-- | crypto/sha/sha3.c | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index ab670a8f49..4c61ca4c42 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -454,6 +454,8 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize) if (ctx->digest->prov == NULL) goto legacy; + if (sz == 0) /* Assuming a xoflen must have been set. */ + mdsize = SIZE_MAX; if (ctx->digest->gettable_ctx_params != NULL) { OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END }; diff --git a/crypto/sha/sha3.c b/crypto/sha/sha3.c index 2411b3f1f8..4d54712168 100644 --- a/crypto/sha/sha3.c +++ b/crypto/sha/sha3.c @@ -34,12 +34,12 @@ int ossl_sha3_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen) return 0; } -int ossl_keccak_kmac_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen) +int ossl_keccak_init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bitlen, size_t mdlen) { int ret = ossl_sha3_init(ctx, pad, bitlen); if (ret) - ctx->md_size *= 2; + ctx->md_size = mdlen / 8; return ret; } |