diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2023-12-15 13:49:00 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2023-12-15 13:49:00 +0000 |
| commit | 4c66820bb879f59ab2e3c735032c351835d0b3b9 (patch) | |
| tree | ac044db3df572c42246db4cbd056748c671c8025 /lib | |
| parent | bca0a1210b20beb41a864834d5bdc15bfc763f3d (diff) | |
Fix a return value confusion in chacha20_poly1305_cipher()
On overlong input, chacha20_poly1305_cipher() would return 0, which in
EVP_CipherUpdate() and EVP_CipherFinal() signals success with no data
written since EVP_CIPH_FLAG_CUSTOM_CIPHER is set. In order to signal an
error, we need to return -1. Obviously.
ok jsing
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/evp/e_chacha20poly1305.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libcrypto/evp/e_chacha20poly1305.c b/lib/libcrypto/evp/e_chacha20poly1305.c index 4a393c2458d..362e68dc99c 100644 --- a/lib/libcrypto/evp/e_chacha20poly1305.c +++ b/lib/libcrypto/evp/e_chacha20poly1305.c @@ -1,4 +1,4 @@ -/* $OpenBSD: e_chacha20poly1305.c,v 1.32 2023/09/28 11:29:10 tb Exp $ */ +/* $OpenBSD: e_chacha20poly1305.c,v 1.33 2023/12/15 13:48:59 tb Exp $ */ /* * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> @@ -477,7 +477,7 @@ chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, if (len > SIZE_MAX - cpx->in_len) { EVPerror(EVP_R_TOO_LARGE); - return 0; + return -1; } /* Disallow authenticated data after plaintext/ciphertext. */ |