X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fopenssl%2Fprf.c;h=5d597d9ad793ea51070d719da2247eafc41860eb;hb=344c632c7a9f8047a412239dcd22ba1531bdfda5;hp=f1f3d172a5d7f2801716cd33cb2adacf73e63763;hpb=fffec0d63e08dc57688b78b0c6bf98db252a1aa8;p=tinc

diff --git a/src/openssl/prf.c b/src/openssl/prf.c
index f1f3d172..5d597d9a 100644
--- a/src/openssl/prf.c
+++ b/src/openssl/prf.c
@@ -29,19 +29,20 @@
    We use SHA512 instead of MD5 and SHA1.
  */
 
-static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
-	digest_t *digest = digest_open_by_nid(nid, -1);
+static bool prf_xor(int nid, const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
+	digest_t digest = {0};
 
-	if(!digest) {
+	if(!digest_open_by_nid(&digest, nid, DIGEST_ALGO_SIZE)) {
+		digest_close(&digest);
 		return false;
 	}
 
-	if(!digest_set_key(digest, secret, secretlen)) {
-		digest_close(digest);
+	if(!digest_set_key(&digest, secret, secretlen)) {
+		digest_close(&digest);
 		return false;
 	}
 
-	size_t len = digest_length(digest);
+	size_t len = digest_length(&digest);
 
 	/* Data is what the "inner" HMAC function processes.
 	   It consists of the previous HMAC result plus the seed.
@@ -51,18 +52,18 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s
 	memset(data, 0, len);
 	memcpy(data + len, seed, seedlen);
 
-	char hash[len];
+	uint8_t hash[len];
 
 	while(outlen > 0) {
 		/* Inner HMAC */
-		if(!digest_create(digest, data, len + seedlen, data)) {
-			digest_close(digest);
+		if(!digest_create(&digest, data, len + seedlen, data)) {
+			digest_close(&digest);
 			return false;
 		}
 
 		/* Outer HMAC */
-		if(!digest_create(digest, data, len + seedlen, hash)) {
-			digest_close(digest);
+		if(!digest_create(&digest, data, len + seedlen, hash)) {
+			digest_close(&digest);
 			return false;
 		}
 
@@ -76,11 +77,11 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s
 		outlen -= i;
 	}
 
-	digest_close(digest);
+	digest_close(&digest);
 	return true;
 }
 
-bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
 	/* This construction allows us to easily switch back to a scheme where the PRF is calculated using two different digest algorithms. */
 	memset(out, 0, outlen);