summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2017-06-14 15:33:01 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2017-07-13 09:10:19 +0200
commit09306b74543aafd29d4a6337278f156ecad98c85 (patch)
treeaba442cf18b182059a104e0a4de216ca77f8bf60
parent50592741521d1e2944fab8b5e5a9506a39187453 (diff)
downloadgnutls-09306b74543aafd29d4a6337278f156ecad98c85.tar.gz
decryption: use the same error code on all cases
This eases testing using tlsfuzzer. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r--lib/cipher.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/cipher.c b/lib/cipher.c
index 339dc4fbbb..84f30637be 100644
--- a/lib/cipher.c
+++ b/lib/cipher.c
@@ -571,11 +571,11 @@ ciphertext_to_compressed(gnutls_session_t session,
*/
if (unlikely(_gnutls_auth_cipher_is_aead(&params->read.
cipher_state) == 0))
- return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+ return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
if (unlikely(ciphertext->size < (tag_size + exp_iv_size)))
- return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+ return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
if (params->cipher->xor_nonce == 0) {
/* Values in AEAD are pretty fixed in TLS 1.2 for 128-bit block
@@ -584,7 +584,7 @@ ciphertext_to_compressed(gnutls_session_t session,
(params->read.IV.data == NULL
|| params->read.IV.size != 4))
return
- gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+ gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
memcpy(nonce, params->read.IV.data,
imp_iv_size);
@@ -596,7 +596,7 @@ ciphertext_to_compressed(gnutls_session_t session,
ciphertext->size -= exp_iv_size;
} else { /* XOR nonce with IV */
if (unlikely(params->read.IV.size != 12 || imp_iv_size != 12 || exp_iv_size != 0))
- return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+ return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
memset(nonce, 0, 4);
memcpy(&nonce[4], UINT64DATA(*sequence), 8);
@@ -803,7 +803,7 @@ ciphertext_to_compressed(gnutls_session_t session,
}
break;
default:
- return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+ return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
}
/* STREAM or BLOCK arrive here */