This allows the provider digest_final operation to check that it
doesn't over-run the output buffer.
The EVP_DigestFinal_ex function doesn't take that same parameter, so
it will have to assume that the user provided a properly sized buffer,
but this leaves better room for future enhancements of the public API.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8747)
{
int ret;
size_t size = 0;
{
int ret;
size_t size = 0;
+ size_t mdsize = EVP_MD_size(ctx->digest);
if (ctx->digest == NULL || ctx->digest->prov == NULL)
goto legacy;
if (ctx->digest == NULL || ctx->digest->prov == NULL)
goto legacy;
- ret = ctx->digest->dfinal(ctx->provctx, md, &size);
+ ret = ctx->digest->dfinal(ctx->provctx, md, &size, mdsize);
if (isize != NULL) {
if (size <= UINT_MAX) {
if (isize != NULL) {
if (size <= UINT_MAX) {
/* TODO(3.0): Remove legacy code below */
legacy:
/* TODO(3.0): Remove legacy code below */
legacy:
- OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
+ OPENSSL_assert(mdsize <= EVP_MAX_MD_SIZE);
ret = ctx->digest->final(ctx, md);
if (isize != NULL)
ret = ctx->digest->final(ctx, md);
if (isize != NULL)
- *isize = ctx->digest->md_size;
if (ctx->digest->cleanup) {
ctx->digest->cleanup(ctx);
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
if (ctx->digest->cleanup) {
ctx->digest->cleanup(ctx);
EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
OSSL_CORE_MAKE_FUNC(int, OP_digest_update,
(void *, const unsigned char *in, size_t inl))
OSSL_CORE_MAKE_FUNC(int, OP_digest_final,
OSSL_CORE_MAKE_FUNC(int, OP_digest_update,
(void *, const unsigned char *in, size_t inl))
OSSL_CORE_MAKE_FUNC(int, OP_digest_final,
- (void *, unsigned char *out, size_t *outl))
+ (void *, unsigned char *out, size_t *outl, size_t outsz))
OSSL_CORE_MAKE_FUNC(int, OP_digest_digest,
(const unsigned char *in, size_t inl, unsigned char *out,
OSSL_CORE_MAKE_FUNC(int, OP_digest_digest,
(const unsigned char *in, size_t inl, unsigned char *out,
+ size_t *out_l, size_t outsz))
OSSL_CORE_MAKE_FUNC(void, OP_digest_cleanctx, (void *vctx))
OSSL_CORE_MAKE_FUNC(void, OP_digest_freectx, (void *vctx))
OSSL_CORE_MAKE_FUNC(void *, OP_digest_dupctx, (void *vctx))
OSSL_CORE_MAKE_FUNC(void, OP_digest_cleanctx, (void *vctx))
OSSL_CORE_MAKE_FUNC(void, OP_digest_freectx, (void *vctx))
OSSL_CORE_MAKE_FUNC(void *, OP_digest_dupctx, (void *vctx))
#include <openssl/crypto.h>
#include <openssl/core_numbers.h>
#include <openssl/crypto.h>
#include <openssl/core_numbers.h>
-static int sha256_final(void *ctx, unsigned char *md, size_t *size)
+static int sha256_final(void *ctx,
+ unsigned char *md, size_t *mdl, size_t mdsz)
- if (SHA256_Final(md, ctx)) {
- *size = SHA256_DIGEST_LENGTH;
+ if (mdsz >= SHA256_DIGEST_LENGTH
+ && SHA256_Final(md, ctx)) {
+ *mdl = SHA256_DIGEST_LENGTH;