summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apps/speed.c8
-rw-r--r--crypto/ecdh/ecdh.h4
-rw-r--r--crypto/ecdh/ecdhtest.c6
-rw-r--r--crypto/ecdh/ech_key.c5
-rw-r--r--crypto/ecdh/ech_ossl.c12
-rw-r--r--ssl/s3_clnt.c6
-rw-r--r--ssl/s3_srvr.c6
7 files changed, 29 insertions, 18 deletions
diff --git a/apps/speed.c b/apps/speed.c
index 451a92ecd6..19b08ce9a1 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -449,11 +449,13 @@ static double Time_F(int s)
static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
{
#ifndef OPENSSL_NO_SHA
- if (outlen != SHA_DIGEST_LENGTH)
+ if (*outlen < SHA_DIGEST_LENGTH)
return NULL;
+ else
+ *outlen = SHA_DIGEST_LENGTH;
return SHA1(in, inlen, out);
#else
return NULL;
@@ -2189,7 +2191,7 @@ int MAIN(int argc, char **argv)
* otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt).
*/
int field_size, outlen;
- void *(*kdf)(void *in, size_t inlen, void *out, size_t xoutlen);
+ void *(*kdf)(const void *in, size_t inlen, void *out, size_t *xoutlen);
field_size = EC_GROUP_get_degree(ecdh_a[j]->group);
if (field_size <= 24 * 8)
{
diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h
index f9189e09ca..28aa853fc8 100644
--- a/crypto/ecdh/ecdh.h
+++ b/crypto/ecdh/ecdh.h
@@ -92,7 +92,7 @@ struct ecdh_method
{
const char *name;
int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen));
+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
#if 0
int (*init)(EC_KEY *eckey);
int (*finish)(EC_KEY *eckey);
@@ -127,7 +127,7 @@ const ECDH_METHOD *ECDH_get_default_method(void);
int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen));
+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c
index f9162b7e8b..2a6baf4804 100644
--- a/crypto/ecdh/ecdhtest.c
+++ b/crypto/ecdh/ecdhtest.c
@@ -105,11 +105,13 @@ static const char rnd_seed[] = "string to make the random number generator think
static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
{
#ifndef OPENSSL_NO_SHA
- if (outlen != SHA_DIGEST_LENGTH)
+ if (*outlen < SHA_DIGEST_LENGTH)
return NULL;
+ else
+ *outlen = SHA_DIGEST_LENGTH;
return SHA1(in, inlen, out);
#else
return NULL;
diff --git a/crypto/ecdh/ech_key.c b/crypto/ecdh/ech_key.c
index 7d1bb32ae0..ea23a0d261 100644
--- a/crypto/ecdh/ech_key.c
+++ b/crypto/ecdh/ech_key.c
@@ -72,8 +72,9 @@
#include <openssl/engine.h>
#endif
-int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *eckey,
- void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen))
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+ EC_KEY *eckey,
+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
{
ECDH_DATA *ecdh = ecdh_check(eckey);
if (ecdh == NULL)
diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c
index d61e54f184..b1c634b462 100644
--- a/crypto/ecdh/ech_ossl.c
+++ b/crypto/ecdh/ech_ossl.c
@@ -79,8 +79,9 @@
#include <openssl/obj_mac.h>
#include <openssl/bn.h>
-static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen));
+static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
+ EC_KEY *ecdh,
+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
static ECDH_METHOD openssl_ecdh_meth = {
"OpenSSL ECDH method",
@@ -104,8 +105,9 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
* - ECSVDP-DH
* Finally an optional KDF is applied.
*/
-static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh,
- void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen))
+static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+ EC_KEY *ecdh,
+ void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
{
BN_CTX *ctx;
EC_POINT *tmp=NULL;
@@ -182,7 +184,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, E
if (KDF != 0)
{
- if (KDF(buf, buflen, out, outlen) == NULL)
+ if (KDF(buf, buflen, out, &outlen) == NULL)
{
ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
goto err;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 54598f0f8b..e6a83fb5b6 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1579,11 +1579,13 @@ static int ssl3_get_server_done(SSL *s)
static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
{
#ifndef OPENSSL_NO_SHA
- if (outlen != SHA_DIGEST_LENGTH)
+ if (*outlen < SHA_DIGEST_LENGTH)
return NULL;
+ else
+ *outlen = SHA_DIGEST_LENGTH;
return SHA1(in, inlen, out);
#else
return NULL;
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 4d196371ec..62a6cf7f96 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1588,11 +1588,13 @@ err:
static const int KDF1_SHA1_len = 20;
-static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen)
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen)
{
#ifndef OPENSSL_NO_SHA
- if (outlen != SHA_DIGEST_LENGTH)
+ if (*outlen < SHA_DIGEST_LENGTH)
return NULL;
+ else
+ *outlen = SHA_DIGEST_LENGTH;
return SHA1(in, inlen, out);
#else
return NULL;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-10 11:37:42 +0000