olen parameter shall contain the length of the buffer.
For SHA-3 families, it must be at least 28, 32, 48 or 64, depending on the family.
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
diff --git a/include/mbedtls/sha3.h b/include/mbedtls/sha3.h
index 36942db..7d673bc 100644
--- a/include/mbedtls/sha3.h
+++ b/include/mbedtls/sha3.h
@@ -145,9 +145,9 @@
* and have a hash operation started.
* \param output The SHA-3 checksum result.
* This must be a writable buffer of length \c olen bytes.
- * \param olen Defines a variable output length (in bytes). \c output must be
- * \c olen bytes length. For SHA-3 224, SHA-3 256, SHA-3 384 and
- * SHA-3 512 must equal to 28, 32, 48 and 64, respectively.
+ * \param olen Defines the length of output buffer (in bytes). For SHA-3 224, SHA-3 256,
+ * SHA-3 384 and SHA-3 512 \c olen must equal to 28, 32, 48 and 64,
+ * respectively.
*
* \return \c 0 on success.
* \return A negative error code on failure.
@@ -171,8 +171,9 @@
* \param ilen The length of the input data in Bytes.
* \param output The SHA-3 checksum result.
* This must be a writable buffer of length \c olen bytes.
- * \param olen Determines the length (in bytes) of the output. \c output
- * must be \c olen bytes length.
+ * \param olen Defines the length of output buffer (in bytes). For SHA-3 224, SHA-3 256,
+ * SHA-3 384 and SHA-3 512 \c olen must equal to 28, 32, 48 and 64,
+ * respectively.
*
* \return \c 0 on success.
* \return A negative error code on failure.
diff --git a/library/sha3.c b/library/sha3.c
index f5af2b7..9aadf9d 100644
--- a/library/sha3.c
+++ b/library/sha3.c
@@ -244,8 +244,13 @@
if( ctx == NULL || output == NULL )
return( MBEDTLS_ERR_SHA3_BAD_INPUT_DATA );
- if( ctx->olen > 0 && ctx->olen != olen )
- return( MBEDTLS_ERR_SHA3_BAD_INPUT_DATA );
+ /* Catch SHA-3 families, with fixed output length */
+ if( ctx->olen > 0 )
+ {
+ if ( ctx->olen > olen )
+ return( MBEDTLS_ERR_SHA3_BAD_INPUT_DATA );
+ olen = ctx->olen;
+ }
ABSORB( ctx, ctx->index, ctx->xor_byte );
ABSORB( ctx, ctx->max_block_size - 1, 0x80 );