Skip to content

Commit 664e9a0

Browse files
philljjdanielinux
authored andcommitted
esp: fix error return in esp_check_icv_hmac.
1 parent eb6e86f commit 664e9a0

1 file changed

Lines changed: 4 additions & 2 deletions

File tree

src/wolfesp.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1160,6 +1160,9 @@ esp_check_icv_hmac(const wolfIP_esp_sa * esp_sa, uint8_t * esp_data,
11601160

11611161
/* compare the first N bits depending on truncation type. */
11621162
rc = esp_const_memcmp(icv, hash, esp_sa->icv_len);
1163+
if (rc) {
1164+
rc = -1;
1165+
}
11631166
return rc;
11641167
}
11651168

@@ -1649,7 +1652,7 @@ esp_transport_wrap(struct wolfIP_ip_packet *ip, uint16_t * ip_len)
16491652
}
16501653

16511654
if (esp_sa->icv_len) {
1652-
int err = 0;
1655+
int err = 0;
16531656

16541657
switch (esp_sa->auth) {
16551658
case ESP_AUTH_MD5_RFC2403:
@@ -1664,7 +1667,6 @@ esp_transport_wrap(struct wolfIP_ip_packet *ip, uint16_t * ip_len)
16641667
if (err == 0) {
16651668
memcpy(icv, hash, esp_sa->icv_len);
16661669
}
1667-
16681670
}
16691671
break;
16701672
#if defined(WOLFSSL_AESGCM_STREAM)

0 commit comments

Comments
 (0)