From 5306a043d0bdb3651fe49bf24b8aac7c91e25c23 Mon Sep 17 00:00:00 2001 From: bol-van Date: Wed, 11 Feb 2026 11:26:20 +0300 Subject: [PATCH] AI fixes --- nfq2/crypto/gcm.c | 10 ++++++---- nfq2/crypto/hkdf.c | 23 +++++++++++------------ nfq2/crypto/hmac.c | 36 +++++++++++++++--------------------- 3 files changed, 32 insertions(+), 37 deletions(-) diff --git a/nfq2/crypto/gcm.c b/nfq2/crypto/gcm.c index 6565561..8180072 100644 --- a/nfq2/crypto/gcm.c +++ b/nfq2/crypto/gcm.c @@ -483,6 +483,7 @@ int gcm_auth_decrypt( uchar check_tag[16]; // the tag generated and returned by decryption int diff; // an ORed flag to detect authentication errors size_t i; // our local iterator + int ret; if (iv_len!=12 || tag_len>16) return -1; @@ -491,18 +492,19 @@ int gcm_auth_decrypt( (which is an identical XORing to reverse the previous one) and also to re-generate the matching authentication tag */ - gcm_crypt_and_tag(ctx, AES_DECRYPT, iv, iv_len, add, add_len, - input, output, length, check_tag, tag_len); + if ((ret = gcm_crypt_and_tag(ctx, AES_DECRYPT, iv, iv_len, add, add_len, input, output, length, check_tag, tag_len))) return ret; // now we verify the authentication tag in 'constant time' for (diff = 0, i = 0; i < tag_len; i++) diff |= tag[i] ^ check_tag[i]; - if (diff != 0) { // see whether any bits differed? + if (diff) + { + // see whether any bits differed? memset(output, 0, length); // if so... wipe the output data return(GCM_AUTH_FAILURE); // return GCM_AUTH_FAILURE } - return(0); + return 0; } /****************************************************************************** diff --git a/nfq2/crypto/hkdf.c b/nfq2/crypto/hkdf.c index 5e16de1..b62f682 100644 --- a/nfq2/crypto/hkdf.c +++ b/nfq2/crypto/hkdf.c @@ -60,9 +60,9 @@ int hkdf(SHAversion whichSha, uint8_t okm[], size_t okm_len) { uint8_t prk[USHAMaxHashSize]; - return hkdfExtract(whichSha, salt, salt_len, ikm, ikm_len, prk) || - hkdfExpand(whichSha, prk, USHAHashSize(whichSha), info, - info_len, okm, okm_len); + int ret; + if ((ret=hkdfExtract(whichSha, salt, salt_len, ikm, ikm_len, prk))) return ret; + return hkdfExpand(whichSha, prk, USHAHashSize(whichSha), info, info_len, okm, okm_len); } /* @@ -146,6 +146,7 @@ int hkdfExpand(SHAversion whichSha, const uint8_t prk[], size_t prk_len, size_t hash_len, N; unsigned char T[USHAMaxHashSize]; size_t Tlen, where, i; + int ret; if (info == 0) { info = (const unsigned char *)""; @@ -164,12 +165,11 @@ int hkdfExpand(SHAversion whichSha, const uint8_t prk[], size_t prk_len, for (i = 1; i <= N; i++) { HMACContext context; unsigned char c = i; - int ret = hmacReset(&context, whichSha, prk, prk_len) || - hmacInput(&context, T, Tlen) || - hmacInput(&context, info, info_len) || - hmacInput(&context, &c, 1) || - hmacResult(&context, T); - if (ret != shaSuccess) return ret; + if ((ret=hmacReset(&context, whichSha, prk, prk_len))) return ret; + if ((ret=hmacInput(&context, T, Tlen))) return ret; + if ((ret=hmacInput(&context, info, info_len))) return ret; + if ((ret=hmacInput(&context, &c, 1))) return ret; + if ((ret=hmacResult(&context, T))) return ret; memcpy(okm + where, T, (i != N) ? hash_len : (okm_len - where)); where += hash_len; @@ -321,9 +321,8 @@ int hkdfResult(HKDFContext *context, if (!okm) return context->Corrupted = shaBadParam; if (!prk) prk = prkbuf; - ret = hmacResult(&context->hmacContext, prk) || - hkdfExpand(context->whichSha, prk, context->hashSize, info, - info_len, okm, okm_len); + if (!(ret = hmacResult(&context->hmacContext, prk))) + ret = hkdfExpand(context->whichSha, prk, context->hashSize, info, info_len, okm, okm_len); context->Computed = 1; return context->Corrupted = ret; } diff --git a/nfq2/crypto/hmac.c b/nfq2/crypto/hmac.c index 9e05325..f6f218b 100644 --- a/nfq2/crypto/hmac.c +++ b/nfq2/crypto/hmac.c @@ -49,9 +49,10 @@ int hmac(SHAversion whichSha, uint8_t digest[USHAMaxHashSize]) { HMACContext context; - return hmacReset(&context, whichSha, key, key_len) || - hmacInput(&context, message_array, length) || - hmacResult(&context, digest); + int ret; + if ((ret=hmacReset(&context, whichSha, key, key_len))) return ret; + if ((ret=hmacInput(&context, message_array, length))) return ret; + return hmacResult(&context, digest); } /* @@ -101,10 +102,9 @@ int hmacReset(HMACContext *context, enum SHAversion whichSha, */ if (key_len > blocksize) { USHAContext tcontext; - int err = USHAReset(&tcontext, whichSha) || - USHAInput(&tcontext, key, key_len) || - USHAResult(&tcontext, tempkey); - if (err != shaSuccess) return err; + if (ret=USHAReset(&tcontext, whichSha)) return ret; + if (ret=USHAInput(&tcontext, key, key_len)) return ret; + if (ret=USHAResult(&tcontext, tempkey)) return ret; key = tempkey; key_len = hashsize; @@ -134,9 +134,9 @@ int hmacReset(HMACContext *context, enum SHAversion whichSha, /* perform inner hash */ /* init context for 1st pass */ - ret = USHAReset(&context->shaContext, whichSha) || + if (!(ret = USHAReset(&context->shaContext, whichSha))) /* and start with inner pad */ - USHAInput(&context->shaContext, k_ipad, blocksize); + ret = USHAInput(&context->shaContext, k_ipad, blocksize); return context->Corrupted = ret; } @@ -197,8 +197,7 @@ int hmacFinalBits(HMACContext *context, if (context->Corrupted) return context->Corrupted; if (context->Computed) return context->Corrupted = shaStateError; /* then final bits of datagram */ - return context->Corrupted = - USHAFinalBits(&context->shaContext, bits, bit_count); + return context->Corrupted = USHAFinalBits(&context->shaContext, bits, bit_count); } /* @@ -229,21 +228,16 @@ int hmacResult(HMACContext *context, uint8_t *digest) /* finish up 1st pass */ /* (Use digest here as a temporary buffer.) */ - ret = - USHAResult(&context->shaContext, digest) || - + if (!(ret=USHAResult(&context->shaContext, digest)) && /* perform outer SHA */ /* init context for 2nd pass */ - USHAReset(&context->shaContext, context->whichSha) || - + !(ret=USHAReset(&context->shaContext, context->whichSha)) && /* start with outer pad */ - USHAInput(&context->shaContext, context->k_opad, - context->blockSize) || - + !(ret=USHAInput(&context->shaContext, context->k_opad, context->blockSize)) && /* then results of 1st hash */ - USHAInput(&context->shaContext, digest, context->hashSize) || + !(ret=USHAInput(&context->shaContext, digest, context->hashSize))) /* finish up 2nd pass */ - USHAResult(&context->shaContext, digest); + ret=USHAResult(&context->shaContext, digest); context->Computed = 1; return context->Corrupted = ret;