1 files changed, 19 insertions, 13 deletions

diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c
index e3f7c608ec..d43ecaca63 100644
--- a/src/lib/libcrypto/rsa/rsa_oaep.c
+++ b/src/lib/libcrypto/rsa/rsa_oaep.c
@@ -28,9 +28,6 @@
 #include <openssl/rand.h>
 #include <openssl/sha.h>
 
-int MGF1(unsigned char *mask, long len,
-        const unsigned char *seed, long seedlen);
-
 int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
         const unsigned char *from, int flen,
         const unsigned char *param, int plen)
@@ -76,11 +73,13 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
            20);
 #endif
 
-        MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH);
+        PKCS1_MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH,
+                                                                EVP_sha1());
         for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++)
                 db[i] ^= dbmask[i];
 
-        MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH);
+        PKCS1_MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH,
+                                                                EVP_sha1());
         for (i = 0; i < SHA_DIGEST_LENGTH; i++)
                 seed[i] ^= seedmask[i];
 
@@ -126,11 +125,11 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
                 return -1;
                 }
 
-        MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen);
+        PKCS1_MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen, EVP_sha1());
         for (i = lzero; i < SHA_DIGEST_LENGTH; i++)
                 seed[i] ^= from[i - lzero];
   
-        MGF1(db, dblen, seed, SHA_DIGEST_LENGTH);
+        PKCS1_MGF1(db, dblen, seed, SHA_DIGEST_LENGTH, EVP_sha1());
         for (i = 0; i < dblen; i++)
                 db[i] ^= maskeddb[i];
 
@@ -170,28 +169,30 @@ decoding_err:
         return -1;
         }
 
-int MGF1(unsigned char *mask, long len,
-        const unsigned char *seed, long seedlen)
+int PKCS1_MGF1(unsigned char *mask, long len,
+        const unsigned char *seed, long seedlen, const EVP_MD *dgst)
         {
         long i, outlen = 0;
         unsigned char cnt[4];
         EVP_MD_CTX c;
-        unsigned char md[SHA_DIGEST_LENGTH];
+        unsigned char md[EVP_MAX_MD_SIZE];
+        int mdlen;
 
         EVP_MD_CTX_init(&c);
+        mdlen = EVP_MD_size(dgst);
         for (i = 0; outlen < len; i++)
                 {
                 cnt[0] = (unsigned char)((i >> 24) & 255);
                 cnt[1] = (unsigned char)((i >> 16) & 255);
                 cnt[2] = (unsigned char)((i >> 8)) & 255;
                 cnt[3] = (unsigned char)(i & 255);
-                EVP_DigestInit_ex(&c,EVP_sha1(), NULL);
+                EVP_DigestInit_ex(&c,dgst, NULL);
                 EVP_DigestUpdate(&c, seed, seedlen);
                 EVP_DigestUpdate(&c, cnt, 4);
-                if (outlen + SHA_DIGEST_LENGTH <= len)
+                if (outlen + mdlen <= len)
                         {
                         EVP_DigestFinal_ex(&c, mask + outlen, NULL);
-                        outlen += SHA_DIGEST_LENGTH;
+                        outlen += mdlen;
                         }
                 else
                         {
@@ -203,4 +204,9 @@ int MGF1(unsigned char *mask, long len,
         EVP_MD_CTX_cleanup(&c);
         return 0;
         }
+
+int MGF1(unsigned char *mask, long len, const unsigned char *seed, long seedlen)
+        {
+        return PKCS1_MGF1(mask, len, seed, seedlen, EVP_sha1());
+        }
 #endif