diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-04-22 12:45:39 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2021-04-23 16:12:22 +0200 |
commit | ccfe5ec8fe6c36e10aea373d44dcf04f65d94ef0 (patch) | |
tree | 4e3bb5f12d68ee62d8d6505bb13dad78f5eddf85 /crypto | |
parent | fff6d5966d00a9e2cb5270e0f7e49abbfce0c9bf (diff) |
Correct the return value on match and mismatch for MAC pkeys
Fixes #14147
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14982)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/hmac/hm_ameth.c | 3 | ||||
-rw-r--r-- | crypto/poly1305/poly1305_ameth.c | 2 | ||||
-rw-r--r-- | crypto/siphash/siphash_ameth.c | 2 |
3 files changed, 4 insertions, 3 deletions
diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c index 638f61b586..2477bd2e6a 100644 --- a/crypto/hmac/hm_ameth.c +++ b/crypto/hmac/hm_ameth.c @@ -47,7 +47,8 @@ static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) static int hmac_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { - return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)); + /* the ameth pub_cmp must return 1 on match, 0 on mismatch */ + return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0; } static int hmac_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv, diff --git a/crypto/poly1305/poly1305_ameth.c b/crypto/poly1305/poly1305_ameth.c index 0c8a91dc79..3736959355 100644 --- a/crypto/poly1305/poly1305_ameth.c +++ b/crypto/poly1305/poly1305_ameth.c @@ -43,7 +43,7 @@ static int poly1305_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) static int poly1305_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { - return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)); + return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0; } static int poly1305_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv, diff --git a/crypto/siphash/siphash_ameth.c b/crypto/siphash/siphash_ameth.c index 2da6dfec80..68331ab4c4 100644 --- a/crypto/siphash/siphash_ameth.c +++ b/crypto/siphash/siphash_ameth.c @@ -44,7 +44,7 @@ static int siphash_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) static int siphash_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { - return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)); + return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0; } static int siphash_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv, |