From 8bdd854aefadaf9e7d12abb7b622e86df70f4551 Mon Sep 17 00:00:00 2001
From: Felipe Ventura <felipe.ventura@entrust.com>
Date: Fri, 13 Oct 2023 12:26:22 -0500
Subject: [PATCH] set up SHAKE256 size to 512bits

Signed-off-by: Felipe Ventura <felipe.ventura@entrust.com>
---
 oqsprov/oqs_sig.c | 34 +++++++++++++++++++++++-----------
 1 file changed, 23 insertions(+), 11 deletions(-)

diff --git a/oqsprov/oqs_sig.c b/oqsprov/oqs_sig.c
index 141016d2..c84922d2 100644
--- a/oqsprov/oqs_sig.c
+++ b/oqsprov/oqs_sig.c
@@ -397,15 +397,22 @@ static int oqs_sig_sign(void *vpoqs_sigctx, unsigned char *sig, size_t *siglen,
             SHA512(tbs, tbslen, tbs_hash);
             final_tbslen += SHA512_DIGEST_LENGTH;
           }else{//ed4448
-            unsigned int tbs_hash_len;
-            tbs_hash = OPENSSL_malloc(64);
-            if ((EVP_Digest(tbs, tbslen, tbs_hash, &tbs_hash_len, EVP_shake256(), NULL) <= 0)){
+            EVP_MD_CTX *shake = EVP_MD_CTX_new();
+            unsigned int tbs_hash_len = EVP_MAX_MD_SIZE;
+            tbs_hash = OPENSSL_malloc(tbs_hash_len);
+            
+            if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0)
+                  || (EVP_DigestUpdate(shake, tbs, tbslen)  <= 0) 
+                  || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len)  <= 0 )){
               ERR_raise(ERR_LIB_USER, ERR_R_FATAL);
               goto endsign;
            }
             final_tbslen += tbs_hash_len;
+            EVP_MD_CTX_free(shake);
           }
-        }else if (name[0] == 'p' || name[0] == 'b' || name[0] == 'r'){ //p256 or p384 or bp256 or bp384 or pss or rsa3072
+        }else if ((name[0] == 'p') 
+                  || (name[0] == 'b')
+                  || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072
             int aux;
             if (name[0] == 'b')
               aux = 2;
@@ -695,17 +702,22 @@ static int oqs_sig_verify(void *vpoqs_sigctx, const unsigned char *sig,
             SHA512(tbs, tbslen, tbs_hash);
             final_tbslen += SHA512_DIGEST_LENGTH;
           }else{//ed4448
-            unsigned int tbs_hash_len;
-            tbs_hash = OPENSSL_malloc(64);
-            if ((EVP_Digest(tbs, tbslen, tbs_hash, &tbs_hash_len, EVP_shake256(), NULL) <= 0)){
-              ERR_raise(ERR_LIB_USER, ERR_R_FATAL);
+            EVP_MD_CTX *shake = EVP_MD_CTX_new();
+            unsigned int tbs_hash_len = EVP_MAX_MD_SIZE;
+            tbs_hash = OPENSSL_malloc(tbs_hash_len);
+            
+            if ((EVP_DigestInit_ex(shake, EVP_shake256(), NULL) <= 0)
+                  || (EVP_DigestUpdate(shake, tbs, tbslen)  <= 0) 
+                  || (EVP_DigestFinalXOF(shake, tbs_hash, tbs_hash_len)  <= 0 )){
+              ERR_raise(ERR_LIB_USER, OQSPROV_R_VERIFY_ERROR);
               goto endverify;
            }
             final_tbslen += tbs_hash_len;
+            EVP_MD_CTX_free(shake);
           }
-        }else if (name[0] == 'p' 
-                  || name[0] == 'b' 
-                  || name[0] == 'r'){ //p256 or p384 or bp256 or bp384 or pss or rsa3072
+        }else if ((name[0] == 'p') 
+                  || (name[0] == 'b') 
+                  || (name[0] == 'r')){ //p256 or p384 or bp256 or bp384 or pss or rsa3072
             int aux;
             if (name[0] == 'b')
               aux = 2;