diff options
author | Peiwei Hu <jlu.hpw@foxmail.com> | 2022-05-21 16:17:23 +0800 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-05-24 08:58:20 +0200 |
commit | 4aa3eb454e89fd78884faa168a90ccf19d0bca3a (patch) | |
tree | c7286d9a8738993b053fd792fa1d88a028525649 /ssl | |
parent | 5aa6e627953a4b3e96ea1f37b5ed71c9bb8c1e1b (diff) |
Fix check of EVP_CIPHER_CTX_ctrl
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18368)
(cherry picked from commit d649c51a5388912277dffb56d921eb720db54be1)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/t1_enc.c | 14 | ||||
-rw-r--r-- | ssl/tls13_enc.c | 6 |
2 files changed, 10 insertions, 10 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 237a19cd93..91238e6457 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -393,8 +393,8 @@ int tls1_change_cipher_state(SSL *s, int which) if (EVP_CIPHER_get_mode(c) == EVP_CIPH_GCM_MODE) { if (!EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE)) - || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, (int)k, - iv)) { + || EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, (int)k, + iv) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; } @@ -406,9 +406,9 @@ int tls1_change_cipher_state(SSL *s, int which) else taglen = EVP_CCM_TLS_TAG_LEN; if (!EVP_CipherInit_ex(dd, c, NULL, NULL, NULL, (which & SSL3_CC_WRITE)) - || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_IVLEN, 12, NULL) - || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_TAG, taglen, NULL) - || !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_CCM_SET_IV_FIXED, (int)k, iv) + || (EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_IVLEN, 12, NULL) <= 0) + || (EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_TAG, taglen, NULL) <= 0) + || (EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_CCM_SET_IV_FIXED, (int)k, iv) <= 0) || !EVP_CipherInit_ex(dd, NULL, NULL, key, NULL, -1)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; @@ -422,8 +422,8 @@ int tls1_change_cipher_state(SSL *s, int which) /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */ if ((EVP_CIPHER_get_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size - && !EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY, - (int)*mac_secret_size, mac_secret)) { + && EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY, + (int)*mac_secret_size, mac_secret) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); goto err; } diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 12388922e3..d7db82e5e2 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -385,9 +385,9 @@ static int derive_secret_key_and_iv(SSL *s, int sending, const EVP_MD *md, } if (EVP_CipherInit_ex(ciph_ctx, ciph, NULL, NULL, NULL, sending) <= 0 - || !EVP_CIPHER_CTX_ctrl(ciph_ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL) - || (taglen != 0 && !EVP_CIPHER_CTX_ctrl(ciph_ctx, EVP_CTRL_AEAD_SET_TAG, - taglen, NULL)) + || EVP_CIPHER_CTX_ctrl(ciph_ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL) <= 0 + || (taglen != 0 && EVP_CIPHER_CTX_ctrl(ciph_ctx, EVP_CTRL_AEAD_SET_TAG, + taglen, NULL) <= 0) || EVP_CipherInit_ex(ciph_ctx, NULL, NULL, key, NULL, -1) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_EVP_LIB); return 0; |