summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/rsa/rsa_oaep.c23
1 files changed, 14 insertions, 9 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
index 4927673898..d1e138c299 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_oaep.c,v 1.38 2024/02/18 15:45:42 tb Exp $ */ 1/* $OpenBSD: rsa_oaep.c,v 1.39 2024/03/26 05:37:28 joshua Exp $ */
2/* 2/*
3 * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * 4 *
@@ -326,12 +326,14 @@ PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
326{ 326{
327 long i, outlen = 0; 327 long i, outlen = 0;
328 unsigned char cnt[4]; 328 unsigned char cnt[4];
329 EVP_MD_CTX c; 329 EVP_MD_CTX *md_ctx;
330 unsigned char md[EVP_MAX_MD_SIZE]; 330 unsigned char md[EVP_MAX_MD_SIZE];
331 int mdlen; 331 int mdlen;
332 int rv = -1; 332 int rv = -1;
333 333
334 EVP_MD_CTX_legacy_clear(&c); 334 if ((md_ctx = EVP_MD_CTX_new()) == NULL)
335 goto err;
336
335 mdlen = EVP_MD_size(dgst); 337 mdlen = EVP_MD_size(dgst);
336 if (mdlen < 0) 338 if (mdlen < 0)
337 goto err; 339 goto err;
@@ -340,24 +342,27 @@ PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
340 cnt[1] = (unsigned char)((i >> 16) & 255); 342 cnt[1] = (unsigned char)((i >> 16) & 255);
341 cnt[2] = (unsigned char)((i >> 8)) & 255; 343 cnt[2] = (unsigned char)((i >> 8)) & 255;
342 cnt[3] = (unsigned char)(i & 255); 344 cnt[3] = (unsigned char)(i & 255);
343 if (!EVP_DigestInit_ex(&c, dgst, NULL) || 345 if (!EVP_DigestInit_ex(md_ctx, dgst, NULL) ||
344 !EVP_DigestUpdate(&c, seed, seedlen) || 346 !EVP_DigestUpdate(md_ctx, seed, seedlen) ||
345 !EVP_DigestUpdate(&c, cnt, 4)) 347 !EVP_DigestUpdate(md_ctx, cnt, 4))
346 goto err; 348 goto err;
347 if (outlen + mdlen <= len) { 349 if (outlen + mdlen <= len) {
348 if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL)) 350 if (!EVP_DigestFinal_ex(md_ctx, mask + outlen, NULL))
349 goto err; 351 goto err;
350 outlen += mdlen; 352 outlen += mdlen;
351 } else { 353 } else {
352 if (!EVP_DigestFinal_ex(&c, md, NULL)) 354 if (!EVP_DigestFinal_ex(md_ctx, md, NULL))
353 goto err; 355 goto err;
354 memcpy(mask + outlen, md, len - outlen); 356 memcpy(mask + outlen, md, len - outlen);
355 outlen = len; 357 outlen = len;
356 } 358 }
357 } 359 }
360
358 rv = 0; 361 rv = 0;
362
359 err: 363 err:
360 EVP_MD_CTX_cleanup(&c); 364 EVP_MD_CTX_free(md_ctx);
365
361 return rv; 366 return rv;
362} 367}
363LCRYPTO_ALIAS(PKCS1_MGF1); 368LCRYPTO_ALIAS(PKCS1_MGF1);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 18:05:02 +0000