The various MACs were all over the place with respects to what they did with
the output length in the final call. Now they all unconditionally set the
output length and the EVP layer handles the possibility of a NULL pointer.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12582)
int EVP_MAC_final(EVP_MAC_CTX *ctx,
unsigned char *out, size_t *outl, size_t outsize)
{
- size_t l = EVP_MAC_size(ctx);
+ size_t l;
int res = 1;
if (out != NULL)
res = ctx->meth->final(ctx->data, out, &l, outsize);
+ else
+ l = EVP_MAC_size(ctx);
if (outl != NULL)
*outl = l;
return res;
{
struct blake2_mac_data_st *macctx = vmacctx;
+ *outl = blake2_mac_size(macctx);
return BLAKE2_FINAL(out, &macctx->ctx);
}
if (!HMAC_Final(macctx->ctx, out, &hlen))
return 0;
- if (outl != NULL)
- *outl = hlen;
+ *outl = hlen;
return 1;
}
ok = right_encode(encoded_outlen, &len, lbits)
&& EVP_DigestUpdate(ctx, encoded_outlen, len)
&& EVP_DigestFinalXOF(ctx, out, kctx->out_len);
- if (ok && outl != NULL)
- *outl = kctx->out_len;
+ *outl = kctx->out_len;
return ok;
}
struct poly1305_data_st *ctx = vmacctx;
Poly1305_Final(&ctx->poly1305, out);
+ *outl = poly1305_size();
return 1;
}