diff options
author | Pauli <paul.dale@oracle.com> | 2019-11-01 21:07:08 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2019-11-02 15:10:54 +1000 |
commit | 5d0cf102e038013d6d89ea406562b52f73a67bdd (patch) | |
tree | 25cf473c85bb1aeed96276a5c22e874e7019002f /crypto/rand/drbg_hash.c | |
parent | 9fff0a4b0d6f3b7499f85cbd30e599db7f1b723b (diff) | |
download | openssl-5d0cf102e038013d6d89ea406562b52f73a67bdd.zip openssl-5d0cf102e038013d6d89ea406562b52f73a67bdd.tar.gz openssl-5d0cf102e038013d6d89ea406562b52f73a67bdd.tar.bz2 |
DRBG: add check for XOF so these can be disallowed by the DRBGs
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10321)
Diffstat (limited to 'crypto/rand/drbg_hash.c')
-rw-r--r-- | crypto/rand/drbg_hash.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/crypto/rand/drbg_hash.c b/crypto/rand/drbg_hash.c index 5ff1d11..f087d88 100644 --- a/crypto/rand/drbg_hash.c +++ b/crypto/rand/drbg_hash.c @@ -317,6 +317,8 @@ int drbg_hash_init(RAND_DRBG *drbg) if (md == NULL) return 0; + if ((EVP_MD_flags(md) & EVP_MD_FLAG_XOF) != 0) + return 0; drbg->meth = &drbg_hash_meth; |