Use TLS_ERROR_INVALID_ARGUMENT for "too large" and "too small" errors

ok beck tb
author: joshua <> 2024-03-28 06:55:02 +0000
committer: joshua <> 2024-03-28 06:55:02 +0000
commit: e27c8bbf715dff2f2e9f026a1084fa8597e4061c (patch)
tree: 25976626a856952211e9b3036677a6db54eb83d8 /src/lib/libtls/tls_signer.c
parent: 0e0ddc48259d4ab0736d20e72cc1404040b049a4 (diff)
download: openbsd-e27c8bbf715dff2f2e9f026a1084fa8597e4061c.tar.gz
openbsd-e27c8bbf715dff2f2e9f026a1084fa8597e4061c.tar.bz2
openbsd-e27c8bbf715dff2f2e9f026a1084fa8597e4061c.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libtls/tls_signer.c b/src/lib/libtls/tls_signer.c
index 95a3640d7a..d423b3b1c8 100644
--- a/src/lib/libtls/tls_signer.c
+++ b/src/lib/libtls/tls_signer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_signer.c,v 1.11 2024/03/28 02:08:24 joshua Exp $ */
+/* $OpenBSD: tls_signer.c,v 1.12 2024/03/28 06:55:02 joshua Exp $ */
 /*
 * Copyright (c) 2021 Eric Faurot <eric@openbsd.org>
 *
@@ -204,7 +204,7 @@ tls_sign_rsa(struct tls_signer *signer, struct tls_signer_key *skey,
        }
        if (input_len > INT_MAX) {
-                tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN,
+                tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT,
                    "input too large");
                return (-1);
        }
@@ -252,7 +252,7 @@ tls_sign_ecdsa(struct tls_signer *signer, struct tls_signer_key *skey,
        }
        if (input_len > INT_MAX) {
-                tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN,
+                tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT,
                    "digest too large");
                return (-1);
        }
author	joshua <>	2024-03-28 06:55:02 +0000
committer	joshua <>	2024-03-28 06:55:02 +0000
commit	e27c8bbf715dff2f2e9f026a1084fa8597e4061c (patch)
tree	25976626a856952211e9b3036677a6db54eb83d8 /src/lib/libtls/tls_signer.c
parent	0e0ddc48259d4ab0736d20e72cc1404040b049a4 (diff)
download	openbsd-e27c8bbf715dff2f2e9f026a1084fa8597e4061c.tar.gz openbsd-e27c8bbf715dff2f2e9f026a1084fa8597e4061c.tar.bz2 openbsd-e27c8bbf715dff2f2e9f026a1084fa8597e4061c.zip

diff --git a/src/lib/libtls/tls_signer.c b/src/lib/libtls/tls_signer.c index 95a3640d7a..d423b3b1c8 100644 --- a/src/lib/libtls/tls_signer.c +++ b/src/lib/libtls/tls_signer.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: tls_signer.c,v 1.11 2024/03/28 02:08:24 joshua Exp $ */	1	/* $OpenBSD: tls_signer.c,v 1.12 2024/03/28 06:55:02 joshua Exp $ */
2	/*	2	/*
3	* Copyright (c) 2021 Eric Faurot <eric@openbsd.org>	3	* Copyright (c) 2021 Eric Faurot <eric@openbsd.org>
4	*	4	*
@@ -204,7 +204,7 @@ tls_sign_rsa(struct tls_signer signer, struct tls_signer_key skey,
204	}	204	}
205		205
206	if (input_len > INT_MAX) {	206	if (input_len > INT_MAX) {
207	tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN,	207	tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT,
208	"input too large");	208	"input too large");
209	return (-1);	209	return (-1);
210	}	210	}
@@ -252,7 +252,7 @@ tls_sign_ecdsa(struct tls_signer signer, struct tls_signer_key skey,
252	}	252	}
253		253
254	if (input_len > INT_MAX) {	254	if (input_len > INT_MAX) {
255	tls_error_setx(&signer->error, TLS_ERROR_UNKNOWN,	255	tls_error_setx(&signer->error, TLS_ERROR_INVALID_ARGUMENT,
256	"digest too large");	256	"digest too large");
257	return (-1);	257	return (-1);
258	}	258	}