diff options
| author | Jack Lloyd <[email protected]> | 2017-09-06 14:08:39 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2017-09-06 14:08:39 -0400 |
| commit | 8a9722d234eef597353afa3c819335d5aec64875 (patch) | |
| tree | a8cdeb2b972637b813868f269599185631527387 | |
| parent | 9972e0fc2b407ea831f4cf90c5196b8b343e5e3a (diff) | |
Correct return value of botan_pk_op_verify_finish
This function changed behavior in 0d403a3 see also GH #1187
Add new return code BOTAN_FFI_INVALID_VERIFIER and use it for
both signature and bcrypt verification functions.
| -rw-r--r-- | src/lib/ffi/ffi.h | 2 | ||||
| -rw-r--r-- | src/lib/ffi/ffi_kdf.cpp | 2 | ||||
| -rw-r--r-- | src/lib/ffi/ffi_pk_op.cpp | 2 | ||||
| -rw-r--r-- | src/tests/test_ffi.cpp | 18 |
4 files changed, 13 insertions, 11 deletions
diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h index 565d5ce7b..fecb10978 100644 --- a/src/lib/ffi/ffi.h +++ b/src/lib/ffi/ffi.h @@ -136,6 +136,8 @@ doesn't exactly work well either! */ #define BOTAN_FFI_SUCCESS (0) +#define BOTAN_FFI_INVALID_VERIFIER (1) + #define BOTAN_FFI_ERROR_INVALID_INPUT (-1) #define BOTAN_FFI_ERROR_BAD_MAC (-2) diff --git a/src/lib/ffi/ffi_kdf.cpp b/src/lib/ffi/ffi_kdf.cpp index 1a4c40893..7aaf2dbe8 100644 --- a/src/lib/ffi/ffi_kdf.cpp +++ b/src/lib/ffi/ffi_kdf.cpp @@ -88,7 +88,7 @@ int botan_bcrypt_is_valid(const char* pass, const char* hash) { #if defined(BOTAN_HAS_BCRYPT) return ffi_guard_thunk(BOTAN_CURRENT_FUNCTION, [=]() { - return Botan::check_bcrypt(pass, hash) ? 0 : 1; + return Botan::check_bcrypt(pass, hash) ? BOTAN_FFI_SUCCESS : BOTAN_FFI_INVALID_VERIFIER; }); #else return BOTAN_FFI_ERROR_NOT_IMPLEMENTED; diff --git a/src/lib/ffi/ffi_pk_op.cpp b/src/lib/ffi/ffi_pk_op.cpp index d0ac8e3c7..fa3b32725 100644 --- a/src/lib/ffi/ffi_pk_op.cpp +++ b/src/lib/ffi/ffi_pk_op.cpp @@ -164,7 +164,7 @@ int botan_pk_op_verify_finish(botan_pk_op_verify_t op, const uint8_t sig[], size if(legit) return BOTAN_FFI_SUCCESS; else - return BOTAN_FFI_ERROR_INVALID_INPUT; + return BOTAN_FFI_INVALID_VERIFIER; }); } diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index 41fa3a044..1ed4bee1b 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -1282,15 +1282,15 @@ class FFI_Unit_Tests : public Test // TODO: randomize this signature[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); message[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); signature[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); message[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); @@ -1366,15 +1366,15 @@ class FFI_Unit_Tests : public Test // TODO: randomize this signature[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); message[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); signature[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); message[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); @@ -1454,15 +1454,15 @@ class FFI_Unit_Tests : public Test // TODO: randomize this signature[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); message[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); signature[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); - TEST_FFI_FAIL("bad signature", botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); + TEST_FFI_RC(BOTAN_FFI_INVALID_VERIFIER, botan_pk_op_verify_finish, (verifier, signature.data(), signature.size())); message[0] ^= 1; TEST_FFI_OK(botan_pk_op_verify_update, (verifier, message.data(), message.size())); |