diff options
| author | tb <> | 2023-12-15 13:48:59 +0000 |
|---|---|---|
| committer | tb <> | 2023-12-15 13:48:59 +0000 |
| commit | 97bbd96798da817300fbf00b33e26be7edd67163 (patch) | |
| tree | 1a7bd27a2765b812f4ef633b95f00e3b5a3f4d2f /src | |
| parent | 33938838e6871c50d612d2a8ed137a1557e9c72f (diff) | |
| download | openbsd-97bbd96798da817300fbf00b33e26be7edd67163.tar.gz openbsd-97bbd96798da817300fbf00b33e26be7edd67163.tar.bz2 openbsd-97bbd96798da817300fbf00b33e26be7edd67163.zip | |
Fix a return value confusion in chacha20_poly1305_cipher()
On overlong input, chacha20_poly1305_cipher() would return 0, which in
EVP_CipherUpdate() and EVP_CipherFinal() signals success with no data
written since EVP_CIPH_FLAG_CUSTOM_CIPHER is set. In order to signal an
error, we need to return -1. Obviously.
ok jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/evp/e_chacha20poly1305.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c index 4a393c2458..362e68dc99 100644 --- a/src/lib/libcrypto/evp/e_chacha20poly1305.c +++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_chacha20poly1305.c,v 1.32 2023/09/28 11:29:10 tb Exp $ */ | 1 | /* $OpenBSD: e_chacha20poly1305.c,v 1.33 2023/12/15 13:48:59 tb Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> | 4 | * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> |
| @@ -477,7 +477,7 @@ chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, | |||
| 477 | 477 | ||
| 478 | if (len > SIZE_MAX - cpx->in_len) { | 478 | if (len > SIZE_MAX - cpx->in_len) { |
| 479 | EVPerror(EVP_R_TOO_LARGE); | 479 | EVPerror(EVP_R_TOO_LARGE); |
| 480 | return 0; | 480 | return -1; |
| 481 | } | 481 | } |
| 482 | 482 | ||
| 483 | /* Disallow authenticated data after plaintext/ciphertext. */ | 483 | /* Disallow authenticated data after plaintext/ciphertext. */ |