this is not a buflen, it is an outlen. refs #696

2026-05-14 20:37:55 +00:00 · 2014-02-28 11:11:18 -04:00 · 2014-02-28 11:11:18 -04:00 · cbf0e0c54b
commit cbf0e0c54b
parent 4ef63b64a9
2 changed files with 6 additions and 6 deletions
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@ -593,12 +593,12 @@ class _HMACContext(object):
    def finalize(self):
        buf = self._backend._ffi.new("unsigned char[]",
                                     self.algorithm.digest_size)
-        buflen = self._backend._ffi.new("unsigned int *",
-                                        self.algorithm.digest_size)
+        outlen = self._backend._ffi.new("unsigned int *")
        res = self._backend._lib.Cryptography_HMAC_Final(
-            self._ctx, buf, buflen
+            self._ctx, buf, outlen
        )
        assert res != 0
+        assert outlen[0] == self.algorithm.digest_size
        self._backend._lib.HMAC_CTX_cleanup(self._ctx)
        return self._backend._ffi.buffer(buf)[:]

--- a/cryptography/hazmat/bindings/openssl/hmac.py
+++ b/cryptography/hazmat/bindings/openssl/hmac.py
@ -55,11 +55,11 @@ int Cryptography_HMAC_Update(HMAC_CTX *ctx, const unsigned char *data,
 }

 int Cryptography_HMAC_Final(HMAC_CTX *ctx, unsigned char *digest,
-    unsigned int *digest_len) {
+    unsigned int *outlen) {
 #if OPENSSL_VERSION_NUMBER >= 0x010000000
-    return HMAC_Final(ctx, digest, digest_len);
+    return HMAC_Final(ctx, digest, outlen);
 #else
-    HMAC_Final(ctx, digest, digest_len);
+    HMAC_Final(ctx, digest, outlen);
    return 1;
 #endif
 }