X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fopenssl%2Fprf.c;h=62770859593559859ae934b61679b47c89e61e38;hb=2c6b2d70e6640f39563ad7bb0aa0ba87f883848c;hp=37af2ef574b4f49bc54179ef39fb02d26e46e162;hpb=1c475ecb575367a6b3f9328b0f643ad636155341;p=tinc

diff --git a/src/openssl/prf.c b/src/openssl/prf.c
index 37af2ef5..62770859 100644
--- a/src/openssl/prf.c
+++ b/src/openssl/prf.c
@@ -29,8 +29,8 @@
    We use SHA512 instead of MD5 and SHA1.
  */
 
-static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
-	digest_t *digest = digest_open_by_nid(nid, -1);
+static bool prf_xor(int nid, const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
+	digest_t *digest = digest_open_by_nid(nid, DIGEST_ALGO_SIZE);
 
 	if(!digest) {
 		return false;
@@ -51,7 +51,7 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s
 	memset(data, 0, len);
 	memcpy(data + len, seed, seedlen);
 
-	char hash[len];
+	uint8_t hash[len];
 
 	while(outlen > 0) {
 		/* Inner HMAC */
@@ -67,18 +67,20 @@ static bool prf_xor(int nid, const char *secret, size_t secretlen, char *seed, s
 		}
 
 		/* XOR the results of the outer HMAC into the out buffer */
-		for(size_t i = 0; i < len && i < outlen; i++) {
+		size_t i;
+
+		for(i = 0; i < len && i < outlen; i++) {
 			*out++ ^= hash[i];
 		}
 
-		outlen -= len;
+		outlen -= i;
 	}
 
 	digest_close(digest);
 	return true;
 }
 
-bool prf(const char *secret, size_t secretlen, char *seed, size_t seedlen, char *out, size_t outlen) {
+bool prf(const uint8_t *secret, size_t secretlen, uint8_t *seed, size_t seedlen, uint8_t *out, size_t outlen) {
 	/* This construction allows us to easily switch back to a scheme where the PRF is calculated using two different digest algorithms. */
 	memset(out, 0, outlen);