diff options
author | Matt Caswell <matt@openssl.org> | 2020-05-27 11:38:39 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-06-19 11:41:23 +0100 |
commit | ce7bd71a428b0907958beb6dfa71681e751b33d1 (patch) | |
tree | 210242e99afb3dcabc2ffa793d567d18155b27d9 /crypto/cmac | |
parent | 86863f2ddc4200e5048e28c40ed6521495010699 (diff) |
Correctly handle the return value from EVP_Cipher() in the CMAC code
EVP_Cipher() is a very low level routine that directly calls the
underlying cipher function. It's return value semantics are very odd.
Depending on the type of cipher 0 or -1 is returned on error. We should
just check for <=0 for a failure.
Fixes #11957
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12107)
Diffstat (limited to 'crypto/cmac')
-rw-r--r-- | crypto/cmac/cmac.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c index dbcc436602..1a76486205 100644 --- a/crypto/cmac/cmac.c +++ b/crypto/cmac/cmac.c @@ -135,7 +135,7 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen, if (!EVP_EncryptInit_ex(ctx->cctx, NULL, NULL, key, zero_iv)) return 0; bl = EVP_CIPHER_CTX_block_size(ctx->cctx); - if (!EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl)) + if (EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl) <= 0) return 0; make_kn(ctx->k1, ctx->tbl, bl); make_kn(ctx->k2, ctx->k1, bl); @@ -173,12 +173,12 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen) return 1; data += nleft; /* Else not final block so encrypt it */ - if (!EVP_Cipher(ctx->cctx, ctx->tbl, ctx->last_block, bl)) + if (EVP_Cipher(ctx->cctx, ctx->tbl, ctx->last_block, bl) <= 0) return 0; } /* Encrypt all but one of the complete blocks left */ while (dlen > bl) { - if (!EVP_Cipher(ctx->cctx, ctx->tbl, data, bl)) + if (EVP_Cipher(ctx->cctx, ctx->tbl, data, bl) <= 0) return 0; dlen -= bl; data += bl; |