1 files changed, 10 insertions, 4 deletions

diff --git a/src/crypto/fipsmodule/sha/sha256.c b/src/crypto/fipsmodule/sha/sha256.c
index 92a52956..0e424461 100644
--- a/src/crypto/fipsmodule/sha/sha256.c
+++ b/src/crypto/fipsmodule/sha/sha256.c
@@ -92,7 +92,8 @@ int SHA256_Init(SHA256_CTX *sha) {
   return 1;
 }
 
-uint8_t *SHA224(const uint8_t *data, size_t len, uint8_t *out) {
+uint8_t *SHA224(const uint8_t *data, size_t len,
+                uint8_t out[SHA224_DIGEST_LENGTH]) {
   SHA256_CTX ctx;
   SHA224_Init(&ctx);
   SHA224_Update(&ctx, data, len);
@@ -101,7 +102,8 @@ uint8_t *SHA224(const uint8_t *data, size_t len, uint8_t *out) {
   return out;
 }
 
-uint8_t *SHA256(const uint8_t *data, size_t len, uint8_t *out) {
+uint8_t *SHA256(const uint8_t *data, size_t len,
+                uint8_t out[SHA256_DIGEST_LENGTH]) {
   SHA256_CTX ctx;
   SHA256_Init(&ctx);
   SHA256_Update(&ctx, data, len);
@@ -114,14 +116,17 @@ int SHA224_Update(SHA256_CTX *ctx, const void *data, size_t len) {
   return SHA256_Update(ctx, data, len);
 }
 
-int SHA224_Final(uint8_t *md, SHA256_CTX *ctx) {
-  return SHA256_Final(md, ctx);
+int SHA224_Final(uint8_t out[SHA224_DIGEST_LENGTH], SHA256_CTX *ctx) {
+  // SHA224_Init sets |ctx->md_len| to |SHA224_DIGEST_LENGTH|, so this has a
+  // smaller output.
+  return SHA256_Final(out, ctx);
 }
 
 #define DATA_ORDER_IS_BIG_ENDIAN
 
 #define HASH_CTX SHA256_CTX
 #define HASH_CBLOCK 64
+#define HASH_DIGEST_LENGTH 32
 
 // Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
 // default: case below covers for it. It's not clear however if it's permitted
@@ -319,6 +324,7 @@ void SHA256_TransformBlocks(uint32_t state[8], const uint8_t *data,
 #undef DATA_ORDER_IS_BIG_ENDIAN
 #undef HASH_CTX
 #undef HASH_CBLOCK
+#undef HASH_DIGEST_LENGTH
 #undef HASH_MAKE_STRING
 #undef HASH_UPDATE
 #undef HASH_TRANSFORM