Un-const EVP_PKEY_CTX_set0_rsa_oaep_label and fix overflow check. It takes ownership of the buffer, so it's not actually const. The const-ness gets dropped once it transits through EVP_PKEY_CTX_ctrl. Also compare against INT_MAX explicitly for the overflow check. I'm not sure whether the casting version is undefined, but comparing against INT_MAX matches the rest of the codebase when transiting in and out of signed ints. Change-Id: I131165a4b5f0ebe02c6db3e7e3e0d1af5b771710 Reviewed-on: https://boringssl-review.googlesource.com/6850 Reviewed-by: Adam Langley <alangley@gmail.com>

diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c
index edc61b1..629c33a 100644
--- a/crypto/evp/p_rsa.c
+++ b/crypto/evp/p_rsa.c

@@ -646,15 +646,14 @@
                            EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void*) out_md);
 }
 
-int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, const uint8_t *label,
+int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, uint8_t *label,
                                      size_t label_len) {
-  int label_len_int = label_len;
-  if (((size_t) label_len_int) != label_len) {
+  if (label_len > INT_MAX) {
     return 0;
   }
 
   return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,
-                           EVP_PKEY_CTRL_RSA_OAEP_LABEL, label_len,
+                           EVP_PKEY_CTRL_RSA_OAEP_LABEL, (int)label_len,
                            (void *)label);
 }
 

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 2ec8861..8634953 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h

@@ -649,7 +649,7 @@
  *
  * Returns one on success or zero on error. */
 OPENSSL_EXPORT int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx,
-                                                    const uint8_t *label,
+                                                    uint8_t *label,
                                                     size_t label_len);
 
 /* EVP_PKEY_CTX_get0_rsa_oaep_label sets |*out_label| to point to the internal