From: Nils Larsch Date: Sat, 23 Apr 2005 10:11:16 +0000 (+0000) Subject: change prototype of the ecdh KDF: make input parameter const and the outlen argument... X-Git-Tag: OpenSSL_0_9_8-beta1~13^2~151 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=965a1cb92e4774ca2f74dad9e060aa7b2d80c77d;ds=sidebyside change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible --- diff --git a/apps/speed.c b/apps/speed.c index 451a92ecd6..19b08ce9a1 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -449,11 +449,13 @@ static double Time_F(int s) static const int KDF1_SHA1_len = 20; -static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) +static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { #ifndef OPENSSL_NO_SHA - if (outlen != SHA_DIGEST_LENGTH) + if (*outlen < SHA_DIGEST_LENGTH) return NULL; + else + *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); #else return NULL; @@ -2189,7 +2191,7 @@ int MAIN(int argc, char **argv) * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt). */ int field_size, outlen; - void *(*kdf)(void *in, size_t inlen, void *out, size_t xoutlen); + void *(*kdf)(const void *in, size_t inlen, void *out, size_t *xoutlen); field_size = EC_GROUP_get_degree(ecdh_a[j]->group); if (field_size <= 24 * 8) { diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h index f9189e09ca..28aa853fc8 100644 --- a/crypto/ecdh/ecdh.h +++ b/crypto/ecdh/ecdh.h @@ -92,7 +92,7 @@ struct ecdh_method { const char *name; int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)); + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); #if 0 int (*init)(EC_KEY *eckey); int (*finish)(EC_KEY *eckey); @@ -127,7 +127,7 @@ const ECDH_METHOD *ECDH_get_default_method(void); int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)); + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index f9162b7e8b..2a6baf4804 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -105,11 +105,13 @@ static const char rnd_seed[] = "string to make the random number generator think static const int KDF1_SHA1_len = 20; -static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) +static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { #ifndef OPENSSL_NO_SHA - if (outlen != SHA_DIGEST_LENGTH) + if (*outlen < SHA_DIGEST_LENGTH) return NULL; + else + *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); #else return NULL; diff --git a/crypto/ecdh/ech_key.c b/crypto/ecdh/ech_key.c index 7d1bb32ae0..ea23a0d261 100644 --- a/crypto/ecdh/ech_key.c +++ b/crypto/ecdh/ech_key.c @@ -72,8 +72,9 @@ #include #endif -int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *eckey, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)) +int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, + EC_KEY *eckey, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) { ECDH_DATA *ecdh = ecdh_check(eckey); if (ecdh == NULL) diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c index d61e54f184..b1c634b462 100644 --- a/crypto/ecdh/ech_ossl.c +++ b/crypto/ecdh/ech_ossl.c @@ -79,8 +79,9 @@ #include #include -static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)); +static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, + EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); static ECDH_METHOD openssl_ecdh_meth = { "OpenSSL ECDH method", @@ -104,8 +105,9 @@ const ECDH_METHOD *ECDH_OpenSSL(void) * - ECSVDP-DH * Finally an optional KDF is applied. */ -static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(void *in, size_t inlen, void *out, size_t outlen)) +static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, + EC_KEY *ecdh, + void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) { BN_CTX *ctx; EC_POINT *tmp=NULL; @@ -182,7 +184,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, E if (KDF != 0) { - if (KDF(buf, buflen, out, outlen) == NULL) + if (KDF(buf, buflen, out, &outlen) == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED); goto err; diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 54598f0f8b..e6a83fb5b6 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1579,11 +1579,13 @@ static int ssl3_get_server_done(SSL *s) static const int KDF1_SHA1_len = 20; -static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) +static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { #ifndef OPENSSL_NO_SHA - if (outlen != SHA_DIGEST_LENGTH) + if (*outlen < SHA_DIGEST_LENGTH) return NULL; + else + *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); #else return NULL; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 4d196371ec..62a6cf7f96 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1588,11 +1588,13 @@ err: static const int KDF1_SHA1_len = 20; -static void *KDF1_SHA1(void *in, size_t inlen, void *out, size_t outlen) +static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) { #ifndef OPENSSL_NO_SHA - if (outlen != SHA_DIGEST_LENGTH) + if (*outlen < SHA_DIGEST_LENGTH) return NULL; + else + *outlen = SHA_DIGEST_LENGTH; return SHA1(in, inlen, out); #else return NULL;