Merge pull request #698 from reaperhulk/hash-fix Be more pedantic in checking the written size of the hash digest

commit: 0a183a2e38c27c47cec447f211fb9f866bed583b [log] [tgz]
author: Alex Gaynor <alex.gaynor@gmail.com> Fri Feb 28 10:26:19 2014 -0800
committer: Alex Gaynor <alex.gaynor@gmail.com> Fri Feb 28 10:26:19 2014 -0800
tree: 7cf4d2a16e3a61ce026e42bacc84283e53a24195
parent: 557dc37a275dd99a4c7c7cbe79b88c9aeb750c87 [diff]
parent: 7df9094221fd7cf2a76dbc21546569322d770072 [diff]
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index d0c6488..aa6dc83 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py

@@ -535,9 +535,10 @@
     def finalize(self):
         buf = self._backend._ffi.new("unsigned char[]",
                                      self.algorithm.digest_size)
-        res = self._backend._lib.EVP_DigestFinal_ex(self._ctx, buf,
-                                                    self._backend._ffi.NULL)
+        outlen = self._backend._ffi.new("unsigned int *")
+        res = self._backend._lib.EVP_DigestFinal_ex(self._ctx, buf, outlen)
         assert res != 0
+        assert outlen[0] == self.algorithm.digest_size
         res = self._backend._lib.EVP_MD_CTX_cleanup(self._ctx)
         assert res == 1
         return self._backend._ffi.buffer(buf)[:]
commit	0a183a2e38c27c47cec447f211fb9f866bed583b	[log] [tgz]
author	Alex Gaynor <alex.gaynor@gmail.com>	Fri Feb 28 10:26:19 2014 -0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	Fri Feb 28 10:26:19 2014 -0800
tree	7cf4d2a16e3a61ce026e42bacc84283e53a24195
parent	557dc37a275dd99a4c7c7cbe79b88c9aeb750c87 [diff]
parent	7df9094221fd7cf2a76dbc21546569322d770072 [diff]