summaryrefslogtreecommitdiffstats
path: root/net/quic/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'net/quic/crypto')
-rw-r--r--net/quic/crypto/aead_base_decrypter_openssl.cc9
-rw-r--r--net/quic/crypto/aead_base_encrypter_openssl.cc20
2 files changed, 14 insertions, 15 deletions
diff --git a/net/quic/crypto/aead_base_decrypter_openssl.cc b/net/quic/crypto/aead_base_decrypter_openssl.cc
index fad0fe1..2190bf6 100644
--- a/net/quic/crypto/aead_base_decrypter_openssl.cc
+++ b/net/quic/crypto/aead_base_decrypter_openssl.cc
@@ -86,18 +86,21 @@ bool AeadBaseDecrypter::Decrypt(StringPiece nonce,
return false;
}
- if (!EVP_AEAD_CTX_open(
- ctx_.get(), output, output_length, ciphertext.size(),
+ ssize_t len = EVP_AEAD_CTX_open(
+ ctx_.get(), output, ciphertext.size(),
reinterpret_cast<const uint8_t*>(nonce.data()), nonce.size(),
reinterpret_cast<const uint8_t*>(ciphertext.data()), ciphertext.size(),
reinterpret_cast<const uint8_t*>(associated_data.data()),
- associated_data.size())) {
+ associated_data.size());
+
+ if (len < 0) {
// Because QuicFramer does trial decryption, decryption errors are expected
// when encryption level changes. So we don't log decryption errors.
ClearOpenSslErrors();
return false;
}
+ *output_length = len;
return true;
}
diff --git a/net/quic/crypto/aead_base_encrypter_openssl.cc b/net/quic/crypto/aead_base_encrypter_openssl.cc
index 7f2d3c6..9f053ab 100644
--- a/net/quic/crypto/aead_base_encrypter_openssl.cc
+++ b/net/quic/crypto/aead_base_encrypter_openssl.cc
@@ -81,18 +81,14 @@ bool AeadBaseEncrypter::Encrypt(StringPiece nonce,
return false;
}
- size_t len;
- if (!EVP_AEAD_CTX_seal(
- ctx_.get(),
- output,
- &len,
- plaintext.size() + auth_tag_size_,
- reinterpret_cast<const uint8_t*>(nonce.data()),
- nonce.size(),
- reinterpret_cast<const uint8_t*>(plaintext.data()),
- plaintext.size(),
- reinterpret_cast<const uint8_t*>(associated_data.data()),
- associated_data.size())) {
+ ssize_t len = EVP_AEAD_CTX_seal(
+ ctx_.get(), output, plaintext.size() + auth_tag_size_,
+ reinterpret_cast<const uint8_t*>(nonce.data()), nonce.size(),
+ reinterpret_cast<const uint8_t*>(plaintext.data()), plaintext.size(),
+ reinterpret_cast<const uint8_t*>(associated_data.data()),
+ associated_data.size());
+
+ if (len < 0) {
DLogOpenSslErrors();
return false;
}