X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fopenssl%2Fprf.c;h=37af2ef574b4f49bc54179ef39fb02d26e46e162;hb=5f76bc06fba1d4ab1cfa460fff5c2695e21cabae;hp=943bd6207fed171b751533a6ba584841c20ff3c6;hpb=9b9230a0a79c670b86f54fadd2807b864ff9d91f;p=tinc

diff --git a/src/openssl/prf.c b/src/openssl/prf.c
index 943bd620..37af2ef5 100644
--- a/src/openssl/prf.c
+++ b/src/openssl/prf.c
@@ -29,11 +29,12 @@
    We use SHA512 instead of MD5 and SHA1.
  */
 
-static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, ssize_t outlen) {
+static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
 	digest_t *digest = digest_open_by_nid(nid, -1);
 
-	if(!digest)
+	if(!digest) {
 		return false;
+	}
 
 	if(!digest_set_key(digest, secret, secretlen)) {
 		digest_close(digest);
@@ -54,14 +55,21 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s
 
 	while(outlen > 0) {
 		/* Inner HMAC */
-		digest_create(digest, data, len + seedlen, data);
+		if(!digest_create(digest, data, len + seedlen, data)) {
+			digest_close(digest);
+			return false;
+		}
 
 		/* Outer HMAC */
-		digest_create(digest, data, len + seedlen, hash);
+		if(!digest_create(digest, data, len + seedlen, hash)) {
+			digest_close(digest);
+			return false;
+		}
 
 		/* XOR the results of the outer HMAC into the out buffer */
-		for(int i = 0; i < len && i < outlen; i++)
+		for(size_t i = 0; i < len && i < outlen; i++) {
 			*out++ ^= hash[i];
+		}
 
 		outlen -= len;
 	}