diff options
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ecdh/ecdh.h | 4 | ||||
-rw-r--r-- | crypto/ecdh/ecdhtest.c | 6 | ||||
-rw-r--r-- | crypto/ecdh/ech_key.c | 5 | ||||
-rw-r--r-- | crypto/ecdh/ech_ossl.c | 12 |
4 files changed, 16 insertions, 11 deletions
diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h index f9189e09ca..28aa853fc8 100644 --- a/crypto/ecdh/ecdh.h +++ b/crypto/ecdh/ecdh.h @@ -92,7 +92,7 @@ struct ecdh_method { const char *name; int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)); + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); #if 0 int (*init)(EC_KEY *eckey); int (*finish)(EC_KEY *eckey); @@ -127,7 +127,7 @@ const ECDH_METHOD *ECDH_get_default_method(void); int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)); + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index f9162b7e8b..2a6baf4804 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -105,11 +105,13 @@ static const char rnd_seed[] = "string to make the random number generator think static const int KDF1_SHA1_len = 20; -static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) +static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { #ifndef OPENSSL_NO_SHA - if (outlen != SHA_DIGEST_LENGTH) + if (*outlen < SHA_DIGEST_LENGTH) return NULL; + else + *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); #else return NULL; diff --git a/crypto/ecdh/ech_key.c b/crypto/ecdh/ech_key.c index 7d1bb32ae0..ea23a0d261 100644 --- a/crypto/ecdh/ech_key.c +++ b/crypto/ecdh/ech_key.c @@ -72,8 +72,9 @@ #include <openssl/engine.h> #endif -int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *eckey, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)) +int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, + EC_KEY *eckey, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) { ECDH_DATA *ecdh = ecdh_check(eckey); if (ecdh == NULL) diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c index d61e54f184..b1c634b462 100644 --- a/crypto/ecdh/ech_ossl.c +++ b/crypto/ecdh/ech_ossl.c @@ -79,8 +79,9 @@ #include <openssl/obj_mac.h> #include <openssl/bn.h> -static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)); +static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, + EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); static ECDH_METHOD openssl_ecdh_meth = { "OpenSSL ECDH method", @@ -104,8 +105,9 @@ const ECDH_METHOD *ECDH_OpenSSL(void) * - ECSVDP-DH * Finally an optional KDF is applied. */ -static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)) +static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, + EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) { BN_CTX *ctx; EC_POINT *tmp=NULL; @@ -182,7 +184,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, E if (KDF != 0) { - if (KDF(buf, buflen, out, outlen) == NULL) + if (KDF(buf, buflen, out, &outlen) == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED); goto err; |