projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fff6d59)
Correct the return value on match and mismatch for MAC pkeys
authorTomas Mraz <tomas@openssl.org>
Thu, 22 Apr 2021 10:45:39 +0000 (12:45 +0200)
committerTomas Mraz <tomas@openssl.org>
Fri, 23 Apr 2021 14:12:22 +0000 (16:12 +0200)
Fixes #14147

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14982)

crypto/hmac/hm_ameth.c patch | blob | history
crypto/poly1305/poly1305_ameth.c patch | blob | history
crypto/siphash/siphash_ameth.c patch | blob | history

diff --git a/crypto/hmac/hm_ameth.c b/crypto/hmac/hm_ameth.c
index 638f61b5863aef658fc5bb6757d93d578f525bfb..2477bd2e6a372d6050ab76b4f01c368cb0c03f0a 100644 (file)
--- a/crypto/hmac/hm_ameth.c
+++ b/crypto/hmac/hm_ameth.c
@@ -47,7 +47,8 @@ static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 
 static int hmac_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
 {
-    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
+    /* the ameth pub_cmp must return 1 on match, 0 on mismatch */
+    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
 }
 
 static int hmac_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
diff --git a/crypto/poly1305/poly1305_ameth.c b/crypto/poly1305/poly1305_ameth.c
index 0c8a91dc79dcc56682d76890415c6728520324db..37369593550379a7c522b2e030ef32475c059b37 100644 (file)
--- a/crypto/poly1305/poly1305_ameth.c
+++ b/crypto/poly1305/poly1305_ameth.c
@@ -43,7 +43,7 @@ static int poly1305_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 
 static int poly1305_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
 {
-    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
+    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
 }
 
 static int poly1305_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
diff --git a/crypto/siphash/siphash_ameth.c b/crypto/siphash/siphash_ameth.c
index 2da6dfec8025d33d7cdb9e9b12bf70e04aafc65f..68331ab4c4982f451df211348a41ecc5d7f4a85a 100644 (file)
--- a/crypto/siphash/siphash_ameth.c
+++ b/crypto/siphash/siphash_ameth.c
@@ -44,7 +44,7 @@ static int siphash_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 
 static int siphash_pkey_public_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
 {
-    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b));
+    return ASN1_OCTET_STRING_cmp(EVP_PKEY_get0(a), EVP_PKEY_get0(b)) == 0;
 }
 
 static int siphash_set_priv_key(EVP_PKEY *pkey, const unsigned char *priv,
Unnamed repository; edit this file 'description' to name the repository.