projects / oweals / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DRBG: add check for XOF so these can be disallowed by the DRBGs
[oweals/openssl.git] / crypto / rand / drbg_hmac.c
diff --git a/crypto/rand/drbg_hmac.c b/crypto/rand/drbg_hmac.c
index 0047d8c0946c8aee1070e93d78dfe25a4a4eb520..3bda6c0d050d68c30d5077f736e5ac10763008c1 100644 (file)
--- a/crypto/rand/drbg_hmac.c
+++ b/crypto/rand/drbg_hmac.c
@@ -211,6 +211,9 @@ int drbg_hmac_init(RAND_DRBG *drbg)
     if (md == NULL)
         return 0;
 
+    if ((EVP_MD_flags(md) & EVP_MD_FLAG_XOF) != 0)
+        return 0;
+
     drbg->meth = &drbg_hmac_meth;
 
     if (hmac->ctx == NULL) {
Unnamed repository; edit this file 'description' to name the repository.