Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.
[openssl.git] / ssl / d1_enc.c
index 7b36964..ef4d880 100644 (file)
@@ -132,8 +132,8 @@ int dtls1_enc(SSL *s, int send)
 
        if (send)
                {
 
        if (send)
                {
-               if (s->write_hash != NULL)
-                       n=EVP_MD_size(s->write_hash);
+               if (EVP_MD_CTX_md(s->write_hash))
+                       n=EVP_MD_CTX_size(s->write_hash);
                ds=s->enc_write_ctx;
                rec= &(s->s3->wrec);
                if (s->enc_write_ctx == NULL)
                ds=s->enc_write_ctx;
                rec= &(s->s3->wrec);
                if (s->enc_write_ctx == NULL)
@@ -146,13 +146,16 @@ int dtls1_enc(SSL *s, int send)
                                fprintf(stderr, "%s:%d: rec->data != rec->input\n",
                                        __FILE__, __LINE__);
                        else if ( EVP_CIPHER_block_size(ds->cipher) > 1)
                                fprintf(stderr, "%s:%d: rec->data != rec->input\n",
                                        __FILE__, __LINE__);
                        else if ( EVP_CIPHER_block_size(ds->cipher) > 1)
-                               RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher));
+                               {
+                               if (!RAND_bytes(rec->input, EVP_CIPHER_block_size(ds->cipher)))
+                                       return -1;
+                               }
                        }
                }
        else
                {
                        }
                }
        else
                {
-               if (s->read_hash != NULL)
-                       n=EVP_MD_size(s->read_hash);
+               if (EVP_MD_CTX_md(s->read_hash))
+                       n=EVP_MD_CTX_size(s->read_hash);
                ds=s->enc_read_ctx;
                rec= &(s->s3->rrec);
                if (s->enc_read_ctx == NULL)
                ds=s->enc_read_ctx;
                rec= &(s->s3->rrec);
                if (s->enc_read_ctx == NULL)
@@ -217,7 +220,7 @@ int dtls1_enc(SSL *s, int send)
                        {
                        if (l == 0 || l%bs != 0)
                                {
                        {
                        if (l == 0 || l%bs != 0)
                                {
-                               SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+                               SSLerr(SSL_F_DTLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
                                return 0;
                                }
                                ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
                                return 0;
                                }