Properly limit the variable output size for BLAKE2

The upper limit of the output size is the default output size of the respective algorithm variants. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/22659)
author: Tomas Mraz <tomas@openssl.org> 2023-11-08 10:14:08 +0100
committer: Tomas Mraz <tomas@openssl.org> 2023-11-13 12:13:17 +0100
commit: 66c27d06e0e9a1bb716c67390ad9e5ac613d45d3 (patch)
tree: f72e410408af923057e2d877297e7fab8847be2e /providers
parent: 9e75a0b911ffb2ad99190a72a3d740d100edf61f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/providers/implementations/digests/blake2_prov.c b/providers/implementations/digests/blake2_prov.c
index 4178d0554d..befdcc6a17 100644
--- a/providers/implementations/digests/blake2_prov.c
+++ b/providers/implementations/digests/blake2_prov.c
@@ -74,7 +74,7 @@ int ossl_blake##variant##_set_ctx_params(void *vctx, const OSSL_PARAM params[])
             ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_GET_PARAMETER); \
             return 0; \
         } \
-        if (size < 1 || size > UINT8_MAX) { \
+        if (size < 1 || size > BLAKE##VARIANT##_OUTBYTES) { \
             ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_SIZE); \
             return 0; \
         } \
author	Tomas Mraz <tomas@openssl.org>	2023-11-08 10:14:08 +0100
committer	Tomas Mraz <tomas@openssl.org>	2023-11-13 12:13:17 +0100
commit	66c27d06e0e9a1bb716c67390ad9e5ac613d45d3 (patch)
tree	f72e410408af923057e2d877297e7fab8847be2e /providers
parent	9e75a0b911ffb2ad99190a72a3d740d100edf61f (diff)