From fee12ec914cce805cc704a4c2804d75b4933ad2f Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 2 Mar 2026 11:55:30 +0100
Subject: [PATCH] cmac+hash: add support for Nettle 4.0

Support for truncated digests was removed in Nettle 4.0. The digest
functions no longer accept the output length. Provide a full-length
buffer and copy the requested length of the digest, same as with the
other crypto providers.
---
 cmac_nettle.c | 20 ++++++++++++++++++--
 configure     |  2 +-
 hash_nettle.c | 13 ++++++++++++-
 3 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/cmac_nettle.c b/cmac_nettle.c
index 5b2c0d4c..cbbf9ddb 100644
--- a/cmac_nettle.c
+++ b/cmac_nettle.c
@@ -30,8 +30,10 @@
 #include "sysincl.h"
 
 #include <nettle/cmac.h>
+#include <nettle/version.h>
 
 #include "cmac.h"
+#include "hash.h"
 #include "memory.h"
 
 struct CMC_Instance_Record {
@@ -86,25 +88,39 @@ CMC_CreateInstance(CMC_Algorithm algorithm, const unsigned char *key, int length
 int
 CMC_Hash(CMC_Instance inst, const void *in, int in_len, unsigned char *out, int out_len)
 {
+  unsigned char buf[MAX_HASH_LENGTH];
+
   if (in_len < 0 || out_len < 0)
     return 0;
 
   if (out_len > CMAC128_DIGEST_SIZE)
     out_len = CMAC128_DIGEST_SIZE;
 
+  assert(CMAC128_DIGEST_SIZE <= sizeof (buf));
+
   switch (inst->key_length) {
     case AES128_KEY_SIZE:
       cmac_aes128_update(&inst->context.aes128, in_len, in);
-      cmac_aes128_digest(&inst->context.aes128, out_len, out);
+      cmac_aes128_digest(&inst->context.aes128,
+#if NETTLE_VERSION_MAJOR < 4
+                         CMAC128_DIGEST_SIZE,
+#endif
+                         buf);
       break;
     case AES256_KEY_SIZE:
       cmac_aes256_update(&inst->context.aes256, in_len, in);
-      cmac_aes256_digest(&inst->context.aes256, out_len, out);
+      cmac_aes256_digest(&inst->context.aes256,
+#if NETTLE_VERSION_MAJOR < 4
+                         CMAC128_DIGEST_SIZE,
+#endif
+                         buf);
       break;
     default:
       assert(0);
   }
 
+  memcpy(out, buf, out_len);
+
   return out_len;
 }
 
diff --git a/configure b/configure
index 1c254435..a98e2e98 100755
--- a/configure
+++ b/configure
@@ -911,7 +911,7 @@ HASH_LINK=""
 if [ $feat_sechash = "1" ] && [ "x$HASH_LINK" = "x" ]  && [ $try_nettle = "1" ]; then
   test_cflags="`pkg_config --cflags nettle`"
   test_link="`pkg_config --libs nettle`"
-  if test_code 'nettle' 'nettle/nettle-meta.h nettle/sha2.h' \
+  if test_code 'nettle' 'nettle/nettle-meta.h nettle/sha2.h nettle/version.h' \
     "$test_cflags" "$test_link" \
     'return nettle_hashes[0]->context_size;'
   then
diff --git a/hash_nettle.c b/hash_nettle.c
index 4a214f6e..d6dee58b 100644
--- a/hash_nettle.c
+++ b/hash_nettle.c
@@ -30,6 +30,7 @@
 #include "sysincl.h"
 
 #include <nettle/nettle-meta.h>
+#include <nettle/version.h>
 
 #include "hash.h"
 #include "memory.h"
@@ -91,6 +92,7 @@ int
 HSH_Hash(int id, const void *in1, int in1_len, const void *in2, int in2_len,
          unsigned char *out, int out_len)
 {
+  unsigned char buf[MAX_HASH_LENGTH];
   const struct nettle_hash *hash;
   void *context;
 
@@ -103,11 +105,20 @@ HSH_Hash(int id, const void *in1, int in1_len, const void *in2, int in2_len,
   if (out_len > hash->digest_size)
     out_len = hash->digest_size;
 
+  if (hash->digest_size > sizeof (buf))
+    return 0;
+
   hash->init(context);
   hash->update(context, in1_len, in1);
   if (in2)
     hash->update(context, in2_len, in2);
-  hash->digest(context, out_len, out);
+  hash->digest(context,
+#if NETTLE_VERSION_MAJOR < 4
+               hash->digest_size,
+#endif
+               buf);
+
+  memcpy(out, buf, out_len);
 
   return out_len;
 }
-- 
GitLab