diff options
| author | Johannes Bauer <joe@johannes-bauer.com> | 2017-08-01 18:32:45 +0200 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2017-08-03 01:07:52 +0100 |
| commit | 5b277519236c17a9968623b1f038fe6b34e89899 (patch) | |
| tree | a26658d0b4036d8cecca37b357cb6c3fa83b80b7 | |
| parent | f55129c73920a060e813c883d864222482e067c8 (diff) | |
Added differentiation between missing secret and missing seed
This was previously mistakenly handled as a single error code.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3989)
| -rw-r--r-- | crypto/err/openssl.txt | 1 | ||||
| -rw-r--r-- | crypto/kdf/kdf_err.c | 1 | ||||
| -rw-r--r-- | crypto/kdf/tls1_prf.c | 6 | ||||
| -rw-r--r-- | include/openssl/kdferr.h | 1 |
4 files changed, 8 insertions, 1 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 3bd1e4c62d..58eb3219c6 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1968,6 +1968,7 @@ KDF_R_INVALID_DIGEST:100:invalid digest KDF_R_MISSING_KEY:104:missing key KDF_R_MISSING_MESSAGE_DIGEST:105:missing message digest KDF_R_MISSING_PARAMETER:101:missing parameter +KDF_R_MISSING_SECRET:107:missing secret KDF_R_MISSING_SEED:106:missing seed KDF_R_UNKNOWN_PARAMETER_TYPE:103:unknown parameter type KDF_R_VALUE_MISSING:102:value missing diff --git a/crypto/kdf/kdf_err.c b/crypto/kdf/kdf_err.c index 3b185c8ee5..8d2727217d 100644 --- a/crypto/kdf/kdf_err.c +++ b/crypto/kdf/kdf_err.c @@ -29,6 +29,7 @@ static const ERR_STRING_DATA KDF_str_reasons[] = { {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_MESSAGE_DIGEST), "missing message digest"}, {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_PARAMETER), "missing parameter"}, + {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SECRET), "missing secret"}, {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_MISSING_SEED), "missing seed"}, {ERR_PACK(ERR_LIB_KDF, 0, KDF_R_UNKNOWN_PARAMETER_TYPE), "unknown parameter type"}, diff --git a/crypto/kdf/tls1_prf.c b/crypto/kdf/tls1_prf.c index f5e1063461..063ea0390a 100644 --- a/crypto/kdf/tls1_prf.c +++ b/crypto/kdf/tls1_prf.c @@ -128,7 +128,11 @@ static int pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key, KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_MESSAGE_DIGEST); return 0; } - if (kctx->sec == NULL || kctx->seedlen == 0) { + if (kctx->sec == NULL) { + KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SECRET); + return 0; + } + if (kctx->seedlen == 0) { KDFerr(KDF_F_PKEY_TLS1_PRF_DERIVE, KDF_R_MISSING_SEED); return 0; } diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h index 67bd3a3622..c01b735c24 100644 --- a/include/openssl/kdferr.h +++ b/include/openssl/kdferr.h @@ -34,6 +34,7 @@ int ERR_load_KDF_strings(void); # define KDF_R_MISSING_KEY 104 # define KDF_R_MISSING_MESSAGE_DIGEST 105 # define KDF_R_MISSING_PARAMETER 101 +# define KDF_R_MISSING_SECRET 107 # define KDF_R_MISSING_SEED 106 # define KDF_R_UNKNOWN_PARAMETER_TYPE 103 # define KDF_R_VALUE_MISSING 102 |