From: Frank Lichtenheld Date: Mon, 16 Feb 2026 15:07:05 +0000 (+0100) Subject: crypto_backend: Improve signature of md_full to avoid conversions X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=74e88cf06685bd2834d2e7c392e4914c90f2034e;p=thirdparty%2Fopenvpn.git crypto_backend: Improve signature of md_full to avoid conversions Change-Id: I201abb9ef013c061fb568823098edcca32cb2df3 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1512 Message-Id: <20260216150711.16130-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg35657.html Signed-off-by: Gert Doering --- diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 52486146b..7f5507a9f 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -557,9 +557,9 @@ unsigned char md_kt_size(const char *mdname); * @param src_len The length of the incoming buffer. * @param dst Buffer to write the message digest to. May not be NULL. * - * @return \c 1 on success, \c 0 on failure + * @return true on success, false on failure */ -int md_full(const char *mdname, const uint8_t *src, int src_len, uint8_t *dst); +bool md_full(const char *mdname, const uint8_t *src, size_t src_len, uint8_t *dst); /* * Allocate a new message digest context diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 02735cd2a..cba6bb55f 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -696,13 +696,13 @@ md_ctx_new(void) return ctx; } -int -md_full(const char *mdname, const uint8_t *src, int src_len, uint8_t *dst) +bool +md_full(const char *mdname, const uint8_t *src, size_t src_len, uint8_t *dst) { const md_info_t *md = md_get(mdname); if (md == NULL || src_len < 0) { - return 0; + return false; } /* We depend on the caller to ensure that dst has enough room for the hash, @@ -710,12 +710,12 @@ md_full(const char *mdname, const uint8_t *src, int src_len, uint8_t *dst) size_t dst_size = PSA_HASH_LENGTH(md->psa_alg); size_t hash_length = 0; - psa_status_t status = psa_hash_compute(md->psa_alg, src, (size_t)src_len, dst, dst_size, &hash_length); + psa_status_t status = psa_hash_compute(md->psa_alg, src, src_len, dst, dst_size, &hash_length); if (status != PSA_SUCCESS || hash_length != dst_size) { - return 0; + return false; } - return 1; + return true; } void diff --git a/src/openvpn/crypto_mbedtls_legacy.c b/src/openvpn/crypto_mbedtls_legacy.c index b8e7d6ab6..00fe54244 100644 --- a/src/openvpn/crypto_mbedtls_legacy.c +++ b/src/openvpn/crypto_mbedtls_legacy.c @@ -825,8 +825,8 @@ md_kt_size(const char *mdname) * */ -int -md_full(const char *mdname, const uint8_t *src, int src_len, uint8_t *dst) +bool +md_full(const char *mdname, const uint8_t *src, size_t src_len, uint8_t *dst) { const mbedtls_md_info_t *kt = md_get(mdname); return 0 == mbedtls_md(kt, src, src_len, dst); diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index ed39efa4a..0c6de1833 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -1104,15 +1104,15 @@ md_kt_size(const char *mdname) * */ -int -md_full(const char *mdname, const uint8_t *src, int src_len, uint8_t *dst) +bool +md_full(const char *mdname, const uint8_t *src, size_t src_len, uint8_t *dst) { unsigned int in_md_len = 0; evp_md_type *kt = md_get(mdname); int ret = EVP_Digest(src, src_len, dst, &in_md_len, kt, NULL); EVP_MD_free(kt); - return ret; + return ret == 1; } EVP_MD_CTX *