*/
if (!SSL_USE_ETM(s) && mac_size != 0) {
- if (s->method->ssl3_enc->mac(s, &wr,
- &(p[SSL3_RECORD_get_length(&wr) + eivlen]),
- 1) < 0)
+ if (!s->method->ssl3_enc->mac(s, &wr,
+ &(p[SSL3_RECORD_get_length(&wr) + eivlen]),
+ 1))
goto err;
SSL3_RECORD_add_length(&wr, mac_size);
}
goto err;
if (SSL_USE_ETM(s) && mac_size != 0) {
- if (s->method->ssl3_enc->mac(s, &wr,
- &(p[SSL3_RECORD_get_length(&wr)]),
- 1) < 0)
+ if (!s->method->ssl3_enc->mac(s, &wr,
+ &(p[SSL3_RECORD_get_length(&wr)]), 1))
goto err;
SSL3_RECORD_add_length(&wr, mac_size);
}
*/
if (!SSL_USE_ETM(s) && mac_size != 0) {
- if (s->method->ssl3_enc->mac(s, &wr[j],
- &(outbuf[j][wr[j].length + eivlen]),
- 1) < 0)
+ if (!s->method->ssl3_enc->mac(s, &wr[j],
+ &(outbuf[j][wr[j].length + eivlen]),
+ 1))
goto err;
SSL3_RECORD_add_length(&wr[j], mac_size);
}
for (j = 0; j < numpipes; j++) {
if (SSL_USE_ETM(s) && mac_size != 0) {
- if (s->method->ssl3_enc->mac(s, &wr[j],
- outbuf[j] + wr[j].length, 1) < 0)
+ if (!s->method->ssl3_enc->mac(s, &wr[j],
+ outbuf[j] + wr[j].length, 1))
goto err;
SSL3_RECORD_add_length(&wr[j], mac_size);
}
rr[j].length -= mac_size;
mac = rr[j].data + rr[j].length;
i = s->method->ssl3_enc->mac(s, &rr[j], md, 0 /* not send */ );
- if (i < 0 || CRYPTO_memcmp(md, mac, mac_size) != 0) {
+ if (i == 0 || CRYPTO_memcmp(md, mac, mac_size) != 0) {
al = SSL_AD_BAD_RECORD_MAC;
SSLerr(SSL_F_SSL3_GET_RECORD,
SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
}
i = s->method->ssl3_enc->mac(s, &rr[j], md, 0 /* not send */ );
- if (i < 0 || mac == NULL
+ if (i == 0 || mac == NULL
|| CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
enc_err = -1;
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
t = EVP_MD_CTX_size(hash);
if (t < 0)
- return -1;
+ return 0;
md_size = t;
npad = (48 / md_size) * md_size;
header, rec->input,
rec->length + md_size, rec->orig_len,
mac_sec, md_size, 1) <= 0)
- return -1;
+ return 0;
} else {
unsigned int md_size_u;
/* Chop the digest off the end :-) */
EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
if (md_ctx == NULL)
- return -1;
+ return 0;
rec_char = rec->type;
p = md;
|| EVP_DigestUpdate(md_ctx, md, md_size) <= 0
|| EVP_DigestFinal_ex(md_ctx, md, &md_size_u) <= 0) {
EVP_MD_CTX_reset(md_ctx);
- return -1;
+ return 0;
}
- md_size = md_size_u;
EVP_MD_CTX_free(md_ctx);
}
ssl3_record_sequence_update(seq);
- return (md_size);
+ return 1;
}
int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int send)
} else {
hmac = EVP_MD_CTX_new();
if (hmac == NULL || !EVP_MD_CTX_copy(hmac, hash))
- return -1;
+ return 0;
mac_ctx = hmac;
}
|| EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0
|| EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {
EVP_MD_CTX_free(hmac);
- return -1;
+ return 0;
}
if (!send && !SSL_USE_ETM(ssl) && FIPS_mode())
if (!tls_fips_digest_extra(ssl->enc_read_ctx,
mac_ctx, rec->input,
rec->length, rec->orig_len)) {
EVP_MD_CTX_free(hmac);
- return -1;
+ return 0;
}
}
fprintf(stderr, "\n");
}
#endif
- return (md_size);
+ return 1;
}
/*-
rr->length -= mac_size;
mac = rr->data + rr->length;
i = s->method->ssl3_enc->mac(s, rr, md, 0 /* not send */ );
- if (i < 0 || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) {
+ if (i == 0 || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) {
al = SSL_AD_BAD_RECORD_MAC;
SSLerr(SSL_F_DTLS1_PROCESS_RECORD,
SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
}
i = s->method->ssl3_enc->mac(s, rr, md, 0 /* not send */ );
- if (i < 0 || mac == NULL
+ if (i == 0 || mac == NULL
|| CRYPTO_memcmp(md, mac, mac_size) != 0)
enc_err = -1;
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
projects / oweals / openssl.git / commitdiff