From 1526cf8f2f8efd364c23d6be98b246a16c4d37d0 Mon Sep 17 00:00:00 2001
From: qmuntal <qmuntaldiaz@microsoft.com>
Date: Tue, 7 Jan 2025 18:10:33 +0100
Subject: [PATCH] set xor_len

---
 cshake.go | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/cshake.go b/cshake.go
index 8400e76..6558a52 100644
--- a/cshake.go
+++ b/cshake.go
@@ -137,10 +137,6 @@ func newSHAKE(size int) *SHAKE {
 		C.go_openssl_EVP_MD_CTX_free(ctx)
 		panic(newOpenSSLError("EVP_DigestInit_ex"))
 	}
-	//if C.go_openssl_EVP_MD_CTX_ctrl(ctx, C.EVP_MD_CTRL_XOF_LEN, C.int(alg.xofLength), nil) != 1 {
-	//	C.go_openssl_EVP_MD_CTX_free(ctx)
-	//	panic(newOpenSSLError("EVP_MD_CTX_ctrl"))
-	//}
 	s := &SHAKE{alg: alg, ctx: ctx}
 	runtime.SetFinalizer(s, (*SHAKE).finalize)
 	return s
@@ -172,6 +168,9 @@ func (s *SHAKE) Read(p []byte) (n int, err error) {
 	if len(p) == 0 {
 		return 0, nil
 	}
+	if C.go_openssl_EVP_MD_CTX_ctrl(s.ctx, C.EVP_MD_CTRL_XOF_LEN, C.int(len(p)), nil) != 1 {
+		panic(newOpenSSLError("EVP_MD_CTX_ctrl"))
+	}
 	if C.go_openssl_EVP_DigestSqueeze(s.ctx, (*C.uchar)(unsafe.Pointer(&*addr(p))), C.size_t(len(p))) != 1 {
 		panic(newOpenSSLError("EVP_DigestSqueeze"))
 	}
@@ -197,7 +196,6 @@ var cacheSHAKE sync.Map
 type shakeAlgorithm struct {
 	md        C.GO_EVP_MD_PTR
 	blockSize int
-	xofLength int
 }
 
 // loadShake converts a crypto.Hash to a EVP_MD.
@@ -211,12 +209,10 @@ func loadShake(xofLength int) *shakeAlgorithm {
 	case 128:
 		if versionAtOrAbove(1, 1, 0) {
 			shake.md = C.go_openssl_EVP_shake128()
-			shake.xofLength = 32
 		}
 	case 256:
 		if versionAtOrAbove(1, 1, 0) {
 			shake.md = C.go_openssl_EVP_shake256()
-			shake.xofLength = 64
 		}
 	}
 	if shake.md == nil {