diff --git a/cert.go b/cert.go index 0d4a1bef..93684b97 100644 --- a/cert.go +++ b/cert.go @@ -90,7 +90,7 @@ func (n *Name) AddTextEntry(field, value string) error { defer C.free(unsafe.Pointer(cvalue)) ret := C.X509_NAME_add_entry_by_txt( n.name, cfield, C.MBSTRING_ASC, cvalue, -1, -1, 0) - if ret == 0 { + if ret <= 0 { return errors.New("failed to add x509 name text entry") } return nil @@ -162,7 +162,7 @@ func (c *Certificate) GetIssuerName() (*Name, error) { } func (c *Certificate) SetSubjectName(name *Name) error { - if C.X509_set_subject_name(c.x, name.name) == 0 { + if C.X509_set_subject_name(c.x, name.name) <= 0 { return errors.New("failed to set subject name") } return nil @@ -186,7 +186,7 @@ func (c *Certificate) SetIssuer(issuer *Certificate) error { // SetIssuerName populates the issuer name of a certificate. // Use SetIssuer instead, if possible. func (c *Certificate) SetIssuerName(name *Name) error { - if C.X509_set_issuer_name(c.x, name.name) == 0 { + if C.X509_set_issuer_name(c.x, name.name) <= 0 { return errors.New("failed to set subject name") } return nil @@ -194,7 +194,7 @@ func (c *Certificate) SetIssuerName(name *Name) error { // SetSerial sets the serial of a certificate. func (c *Certificate) SetSerial(serial int) error { - if C.ASN1_INTEGER_set(C.X509_get_serialNumber(c.x), C.long(serial)) == 0 { + if C.ASN1_INTEGER_set(C.X509_get_serialNumber(c.x), C.long(serial)) <= 0 { return errors.New("failed to set serial") } return nil @@ -223,7 +223,7 @@ func (c *Certificate) SetExpireDate(when time.Duration) error { // SetPubKey assigns a new public key to a certificate. func (c *Certificate) SetPubKey(pubKey PublicKey) error { c.pubKey = pubKey - if C.X509_set_pubkey(c.x, pubKey.evpPKey()) == 0 { + if C.X509_set_pubkey(c.x, pubKey.evpPKey()) <= 0 { return errors.New("failed to set public key") } return nil @@ -271,7 +271,7 @@ func (c *Certificate) insecureSign(privKey PrivateKey, digest EVP_MD) error { case EVP_SHA512: md = C.EVP_sha512() } - if C.X509_sign(c.x, privKey.evpPKey(), md) == 0 { + if C.X509_sign(c.x, privKey.evpPKey(), md) <= 0 { return errors.New("failed to sign certificate") } return nil @@ -291,7 +291,7 @@ func (c *Certificate) AddExtension(nid NID, value string) error { return errors.New("failed to create x509v3 extension") } defer C.X509_EXTENSION_free(ex) - if C.X509_add_ext(c.x, ex, -1) == 0 { + if C.X509_add_ext(c.x, ex, -1) <= 0 { return errors.New("failed to add x509v3 extension") } return nil @@ -310,7 +310,7 @@ func (c *Certificate) AddExtensions(extensions map[NID]string) error { // LoadCertificateFromPEM loads an X509 certificate from a PEM-encoded block. func LoadCertificateFromPEM(pem_block []byte) (*Certificate, error) { - if len(pem_block) == 0 { + if len(pem_block) <= 0 { return nil, errors.New("empty pem block") } runtime.LockOSThread() @@ -336,7 +336,7 @@ func (c *Certificate) MarshalPEM() (pem_block []byte, err error) { return nil, errors.New("failed to allocate memory BIO") } defer C.BIO_free(bio) - if int(C.PEM_write_bio_X509(bio, c.x)) != 1 { + if int(C.PEM_write_bio_X509(bio, c.x)) <= 0 { return nil, errors.New("failed dumping certificate") } return ioutil.ReadAll(asAnyBio(bio)) diff --git a/ciphers.go b/ciphers.go index 17d48e84..47e1325e 100644 --- a/ciphers.go +++ b/ciphers.go @@ -153,7 +153,7 @@ func (ctx *cipherCtx) applyKeyAndIV(key, iv []byte) error { iptr = (*C.uchar)(&iv[0]) } if kptr != nil || iptr != nil { - if 1 != C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, kptr, iptr) { + if 0 >= C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, kptr, iptr) { return errors.New("failed to apply key/IV") } } @@ -178,9 +178,8 @@ func (ctx *cipherCtx) IVSize() int { func (ctx *cipherCtx) setCtrl(code, arg int) error { res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg), nil) - if res != 1 { - return fmt.Errorf("failed to set code %d to %d [result %d]", - code, arg, res) + if res <= 0 { + return fmt.Errorf("failed to set code %d to %d", code, arg) } return nil } @@ -188,9 +187,9 @@ func (ctx *cipherCtx) setCtrl(code, arg int) error { func (ctx *cipherCtx) setCtrlBytes(code, arg int, value []byte) error { res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg), unsafe.Pointer(&value[0])) - if res != 1 { - return fmt.Errorf("failed to set code %d with arg %d to %x [result %d]", - code, arg, value, res) + if res <= 0 { + return fmt.Errorf("failed to set code %d with arg %d to %x", + code, arg, value) } return nil } @@ -199,9 +198,8 @@ func (ctx *cipherCtx) getCtrlInt(code, arg int) (int, error) { var returnVal C.int res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg), unsafe.Pointer(&returnVal)) - if res != 1 { - return 0, fmt.Errorf("failed to get code %d with arg %d [result %d]", - code, arg, res) + if res <= 0 { + return 0, fmt.Errorf("failed to get code %d with arg %d", code, arg) } return int(returnVal), nil } @@ -210,9 +208,8 @@ func (ctx *cipherCtx) getCtrlBytes(code, arg, expectsize int) ([]byte, error) { returnVal := make([]byte, expectsize) res := C.EVP_CIPHER_CTX_ctrl(ctx.ctx, C.int(code), C.int(arg), unsafe.Pointer(&returnVal[0])) - if res != 1 { - return nil, fmt.Errorf("failed to get code %d with arg %d [result %d]", - code, arg, res) + if res <= 0 { + return nil, fmt.Errorf("failed to get code %d with arg %d", code, arg) } return returnVal, nil } @@ -263,7 +260,7 @@ func newEncryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) ( if e != nil { eptr = e.e } - if 1 != C.EVP_EncryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) { + if 0 >= C.EVP_EncryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) { return nil, errors.New("failed to initialize cipher context") } err = ctx.applyKeyAndIV(key, iv) @@ -286,7 +283,7 @@ func newDecryptionCipherCtx(c *Cipher, e *Engine, key, iv []byte) ( if e != nil { eptr = e.e } - if 1 != C.EVP_DecryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) { + if 0 >= C.EVP_DecryptInit_ex(ctx.ctx, c.ptr, eptr, nil, nil) { return nil, errors.New("failed to initialize cipher context") } err = ctx.applyKeyAndIV(key, iv) @@ -311,8 +308,8 @@ func (ctx *encryptionCipherCtx) EncryptUpdate(input []byte) ([]byte, error) { outlen := C.int(len(outbuf)) res := C.EVP_EncryptUpdate(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen, (*C.uchar)(&input[0]), C.int(len(input))) - if res != 1 { - return nil, fmt.Errorf("failed to encrypt [result %d]", res) + if res <= 0 { + return nil, fmt.Errorf("failed to encrypt") } return outbuf[:outlen], nil } @@ -322,8 +319,8 @@ func (ctx *decryptionCipherCtx) DecryptUpdate(input []byte) ([]byte, error) { outlen := C.int(len(outbuf)) res := C.EVP_DecryptUpdate(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen, (*C.uchar)(&input[0]), C.int(len(input))) - if res != 1 { - return nil, fmt.Errorf("failed to decrypt [result %d]", res) + if res <= 0 { + return nil, fmt.Errorf("failed to decrypt") } return outbuf[:outlen], nil } @@ -331,7 +328,7 @@ func (ctx *decryptionCipherCtx) DecryptUpdate(input []byte) ([]byte, error) { func (ctx *encryptionCipherCtx) EncryptFinal() ([]byte, error) { outbuf := make([]byte, ctx.BlockSize()) var outlen C.int - if 1 != C.EVP_EncryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) { + if 0 >= C.EVP_EncryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) { return nil, errors.New("encryption failed") } return outbuf[:outlen], nil @@ -340,7 +337,7 @@ func (ctx *encryptionCipherCtx) EncryptFinal() ([]byte, error) { func (ctx *decryptionCipherCtx) DecryptFinal() ([]byte, error) { outbuf := make([]byte, ctx.BlockSize()) var outlen C.int - if 1 != C.EVP_DecryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) { + if 0 >= C.EVP_DecryptFinal_ex(ctx.ctx, (*C.uchar)(&outbuf[0]), &outlen) { // this may mean the tag failed to verify- all previous plaintext // returned must be considered faked and invalid return nil, errors.New("decryption failed") diff --git a/ciphers_gcm.go b/ciphers_gcm.go index e21b2e5f..64daf3e7 100644 --- a/ciphers_gcm.go +++ b/ciphers_gcm.go @@ -88,7 +88,7 @@ func NewGCMEncryptionCipherCtx(blocksize int, e *Engine, key, iv []byte) ( return nil, fmt.Errorf("could not set IV len to %d: %s", len(iv), err) } - if 1 != C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, nil, + if 0 >= C.EVP_EncryptInit_ex(ctx.ctx, nil, nil, nil, (*C.uchar)(&iv[0])) { return nil, errors.New("failed to apply IV") } @@ -112,7 +112,7 @@ func NewGCMDecryptionCipherCtx(blocksize int, e *Engine, key, iv []byte) ( return nil, fmt.Errorf("could not set IV len to %d: %s", len(iv), err) } - if 1 != C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, nil, + if 0 >= C.EVP_DecryptInit_ex(ctx.ctx, nil, nil, nil, (*C.uchar)(&iv[0])) { return nil, errors.New("failed to apply IV") } @@ -125,7 +125,7 @@ func (ctx *authEncryptionCipherCtx) ExtraData(aad []byte) error { return nil } var outlen C.int - if 1 != C.EVP_EncryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]), + if 0 >= C.EVP_EncryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]), C.int(len(aad))) { return errors.New("failed to add additional authenticated data") } @@ -137,7 +137,7 @@ func (ctx *authDecryptionCipherCtx) ExtraData(aad []byte) error { return nil } var outlen C.int - if 1 != C.EVP_DecryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]), + if 0 >= C.EVP_DecryptUpdate(ctx.ctx, nil, &outlen, (*C.uchar)(&aad[0]), C.int(len(aad))) { return errors.New("failed to add additional authenticated data") } diff --git a/ctx.go b/ctx.go index 538679f5..e2830840 100644 --- a/ctx.go +++ b/ctx.go @@ -235,7 +235,7 @@ func (c *Ctx) SetEllipticCurve(curve EllipticCurve) error { } defer C.EC_KEY_free(k) - if int(C.SSL_CTX_set_tmp_ecdh_not_a_macro(c.ctx, k)) != 1 { + if int(C.SSL_CTX_set_tmp_ecdh_not_a_macro(c.ctx, k)) <= 0 { return errorFromErrorQueue() } @@ -248,7 +248,7 @@ func (c *Ctx) UseCertificate(cert *Certificate) error { runtime.LockOSThread() defer runtime.UnlockOSThread() c.cert = cert - if int(C.SSL_CTX_use_certificate(c.ctx, cert.x)) != 1 { + if int(C.SSL_CTX_use_certificate(c.ctx, cert.x)) <= 0 { return errorFromErrorQueue() } return nil @@ -260,7 +260,7 @@ func (c *Ctx) AddChainCertificate(cert *Certificate) error { runtime.LockOSThread() defer runtime.UnlockOSThread() c.chain = append(c.chain, cert) - if int(C.SSL_CTX_add_extra_chain_cert_not_a_macro(c.ctx, cert.x)) != 1 { + if int(C.SSL_CTX_add_extra_chain_cert_not_a_macro(c.ctx, cert.x)) <= 0 { return errorFromErrorQueue() } return nil @@ -272,7 +272,7 @@ func (c *Ctx) UsePrivateKey(key PrivateKey) error { runtime.LockOSThread() defer runtime.UnlockOSThread() c.key = key - if int(C.SSL_CTX_use_PrivateKey(c.ctx, key.evpPKey())) != 1 { + if int(C.SSL_CTX_use_PrivateKey(c.ctx, key.evpPKey())) <= 0 { return errorFromErrorQueue() } return nil @@ -301,7 +301,7 @@ func (s *CertificateStore) AddCertificate(cert *Certificate) error { runtime.LockOSThread() defer runtime.UnlockOSThread() s.certs = append(s.certs, cert) - if int(C.X509_STORE_add_cert(s.store, cert.x)) != 1 { + if int(C.X509_STORE_add_cert(s.store, cert.x)) <= 0 { return errorFromErrorQueue() } return nil @@ -359,7 +359,7 @@ func (c *Ctx) LoadVerifyLocations(ca_file string, ca_path string) error { c_ca_path = C.CString(ca_path) defer C.free(unsafe.Pointer(c_ca_path)) } - if C.SSL_CTX_load_verify_locations(c.ctx, c_ca_file, c_ca_path) != 1 { + if C.SSL_CTX_load_verify_locations(c.ctx, c_ca_file, c_ca_path) <= 0 { return errorFromErrorQueue() } return nil @@ -479,7 +479,7 @@ func (c *Ctx) SetSessionId(session_id []byte) error { ptr = (*C.uchar)(unsafe.Pointer(&session_id[0])) } if int(C.SSL_CTX_set_session_id_context(c.ctx, ptr, - C.uint(len(session_id)))) == 0 { + C.uint(len(session_id)))) <= 0 { return errorFromErrorQueue() } return nil @@ -493,7 +493,7 @@ func (c *Ctx) SetCipherList(list string) error { defer runtime.UnlockOSThread() clist := C.CString(list) defer C.free(unsafe.Pointer(clist)) - if int(C.SSL_CTX_set_cipher_list(c.ctx, clist)) == 0 { + if int(C.SSL_CTX_set_cipher_list(c.ctx, clist)) <= 0 { return errorFromErrorQueue() } return nil diff --git a/engine.go b/engine.go index 7a175b70..bad179c6 100644 --- a/engine.go +++ b/engine.go @@ -40,7 +40,7 @@ func EngineById(name string) (*Engine, error) { if e.e == nil { return nil, fmt.Errorf("engine %s missing", name) } - if C.ENGINE_init(e.e) == 0 { + if C.ENGINE_init(e.e) <= 0 { C.ENGINE_free(e.e) return nil, fmt.Errorf("engine %s not initialized", name) } diff --git a/hostname.go b/hostname.go index 4f56d640..222cd0f3 100644 --- a/hostname.go +++ b/hostname.go @@ -65,7 +65,7 @@ func (c *Certificate) CheckHost(host string, flags CheckFlags) error { if rv > 0 { return nil } - if rv == 0 { + if rv <= 0 { return ValidationError } return errors.New("hostname validation had an internal failure") @@ -84,7 +84,7 @@ func (c *Certificate) CheckEmail(email string, flags CheckFlags) error { if rv > 0 { return nil } - if rv == 0 { + if rv <= 0 { return ValidationError } return errors.New("email validation had an internal failure") @@ -102,7 +102,7 @@ func (c *Certificate) CheckIP(ip net.IP, flags CheckFlags) error { if rv > 0 { return nil } - if rv == 0 { + if rv <= 0 { return ValidationError } return errors.New("ip validation had an internal failure") diff --git a/key.go b/key.go index 2f8fc7e1..82a98378 100644 --- a/key.go +++ b/key.go @@ -93,18 +93,18 @@ func (key *pKey) SignPKCS1v15(method Method, data []byte) ([]byte, error) { C.EVP_MD_CTX_init(&ctx) defer C.EVP_MD_CTX_cleanup(&ctx) - if 1 != C.EVP_SignInit_not_a_macro(&ctx, method) { + if 0 >= C.EVP_SignInit_not_a_macro(&ctx, method) { return nil, errors.New("signpkcs1v15: failed to init signature") } if len(data) > 0 { - if 1 != C.EVP_SignUpdate_not_a_macro( + if 0 >= C.EVP_SignUpdate_not_a_macro( &ctx, unsafe.Pointer(&data[0]), C.uint(len(data))) { return nil, errors.New("signpkcs1v15: failed to update signature") } } sig := make([]byte, C.EVP_PKEY_size(key.key)) var sigblen C.uint - if 1 != C.EVP_SignFinal(&ctx, + if 0 >= C.EVP_SignFinal(&ctx, ((*C.uchar)(unsafe.Pointer(&sig[0]))), &sigblen, key.key) { return nil, errors.New("signpkcs1v15: failed to finalize signature") } @@ -116,16 +116,16 @@ func (key *pKey) VerifyPKCS1v15(method Method, data, sig []byte) error { C.EVP_MD_CTX_init(&ctx) defer C.EVP_MD_CTX_cleanup(&ctx) - if 1 != C.EVP_VerifyInit_not_a_macro(&ctx, method) { + if 0 >= C.EVP_VerifyInit_not_a_macro(&ctx, method) { return errors.New("verifypkcs1v15: failed to init verify") } if len(data) > 0 { - if 1 != C.EVP_VerifyUpdate_not_a_macro( + if 0 >= C.EVP_VerifyUpdate_not_a_macro( &ctx, unsafe.Pointer(&data[0]), C.uint(len(data))) { return errors.New("verifypkcs1v15: failed to update verify") } } - if 1 != C.EVP_VerifyFinal(&ctx, + if 0 >= C.EVP_VerifyFinal(&ctx, ((*C.uchar)(unsafe.Pointer(&sig[0]))), C.uint(len(sig)), key.key) { return errors.New("verifypkcs1v15: failed to finalize verify") } @@ -145,7 +145,7 @@ func (key *pKey) MarshalPKCS1PrivateKeyPEM() (pem_block []byte, } defer C.RSA_free(rsa) if int(C.PEM_write_bio_RSAPrivateKey(bio, rsa, nil, nil, C.int(0), nil, - nil)) != 1 { + nil)) <= 0 { return nil, errors.New("failed dumping private key") } return ioutil.ReadAll(asAnyBio(bio)) @@ -163,7 +163,7 @@ func (key *pKey) MarshalPKCS1PrivateKeyDER() (der_block []byte, return nil, errors.New("failed getting rsa key") } defer C.RSA_free(rsa) - if int(C.i2d_RSAPrivateKey_bio(bio, rsa)) != 1 { + if int(C.i2d_RSAPrivateKey_bio(bio, rsa)) <= 0 { return nil, errors.New("failed dumping private key der") } return ioutil.ReadAll(asAnyBio(bio)) @@ -181,7 +181,7 @@ func (key *pKey) MarshalPKIXPublicKeyPEM() (pem_block []byte, return nil, errors.New("failed getting rsa key") } defer C.RSA_free(rsa) - if int(C.PEM_write_bio_RSA_PUBKEY(bio, rsa)) != 1 { + if int(C.PEM_write_bio_RSA_PUBKEY(bio, rsa)) <= 0 { return nil, errors.New("failed dumping public key pem") } return ioutil.ReadAll(asAnyBio(bio)) @@ -199,7 +199,7 @@ func (key *pKey) MarshalPKIXPublicKeyDER() (der_block []byte, return nil, errors.New("failed getting rsa key") } defer C.RSA_free(rsa) - if int(C.i2d_RSA_PUBKEY_bio(bio, rsa)) != 1 { + if int(C.i2d_RSA_PUBKEY_bio(bio, rsa)) <= 0 { return nil, errors.New("failed dumping public key der") } return ioutil.ReadAll(asAnyBio(bio)) @@ -228,7 +228,7 @@ func LoadPrivateKeyFromPEM(pem_block []byte) (PrivateKey, error) { if key == nil { return nil, errors.New("failed converting to evp_pkey") } - if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) != 1 { + if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) <= 0 { C.EVP_PKEY_free(key) return nil, errors.New("failed converting to evp_pkey") } @@ -242,7 +242,7 @@ func LoadPrivateKeyFromPEM(pem_block []byte) (PrivateKey, error) { // LoadPublicKeyFromPEM loads a public key from a PEM-encoded block. func LoadPublicKeyFromPEM(pem_block []byte) (PublicKey, error) { - if len(pem_block) == 0 { + if len(pem_block) <= 0 { return nil, errors.New("empty pem block") } bio := C.BIO_new_mem_buf(unsafe.Pointer(&pem_block[0]), @@ -263,7 +263,7 @@ func LoadPublicKeyFromPEM(pem_block []byte) (PublicKey, error) { if key == nil { return nil, errors.New("failed converting to evp_pkey") } - if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) != 1 { + if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) <= 0 { C.EVP_PKEY_free(key) return nil, errors.New("failed converting to evp_pkey") } @@ -298,7 +298,7 @@ func LoadPublicKeyFromDER(der_block []byte) (PublicKey, error) { if key == nil { return nil, errors.New("failed converting to evp_pkey") } - if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) != 1 { + if C.EVP_PKEY_set1_RSA(key, (*C.struct_rsa_st)(rsakey)) <= 0 { C.EVP_PKEY_free(key) return nil, errors.New("failed converting to evp_pkey") } @@ -321,7 +321,7 @@ func GenerateRSAKey(bits int) (PrivateKey, error) { if key == nil { return nil, errors.New("failed to allocate EVP_PKEY") } - if C.EVP_PKEY_assign(key, C.EVP_PKEY_RSA, unsafe.Pointer(rsa)) == 0 { + if C.EVP_PKEY_assign(key, C.EVP_PKEY_RSA, unsafe.Pointer(rsa)) <= 0 { C.EVP_PKEY_free(key) return nil, errors.New("failed to assign RSA key") } diff --git a/sha1.go b/sha1.go index 2592b662..4387ec4a 100644 --- a/sha1.go +++ b/sha1.go @@ -61,7 +61,7 @@ func engineRef(e *Engine) *C.ENGINE { } func (s *SHA1Hash) Reset() error { - if 1 != C.EVP_DigestInit_ex(&s.ctx, C.EVP_sha1(), engineRef(s.engine)) { + if 0 >= C.EVP_DigestInit_ex(&s.ctx, C.EVP_sha1(), engineRef(s.engine)) { return errors.New("openssl: sha1: cannot init digest ctx") } return nil @@ -71,7 +71,7 @@ func (s *SHA1Hash) Write(p []byte) (n int, err error) { if len(p) == 0 { return 0, nil } - if 1 != C.EVP_DigestUpdate(&s.ctx, unsafe.Pointer(&p[0]), + if 0 >= C.EVP_DigestUpdate(&s.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) { return 0, errors.New("openssl: sha1: cannot update digest") } @@ -79,7 +79,7 @@ func (s *SHA1Hash) Write(p []byte) (n int, err error) { } func (s *SHA1Hash) Sum() (result [20]byte, err error) { - if 1 != C.EVP_DigestFinal_ex(&s.ctx, + if 0 >= C.EVP_DigestFinal_ex(&s.ctx, (*C.uchar)(unsafe.Pointer(&result[0])), nil) { return result, errors.New("openssl: sha1: cannot finalize ctx") } diff --git a/sha256.go b/sha256.go index 6785b32f..87f124fc 100644 --- a/sha256.go +++ b/sha256.go @@ -54,7 +54,7 @@ func (s *SHA256Hash) Close() { } func (s *SHA256Hash) Reset() error { - if 1 != C.EVP_DigestInit_ex(&s.ctx, C.EVP_sha256(), engineRef(s.engine)) { + if 0 >= C.EVP_DigestInit_ex(&s.ctx, C.EVP_sha256(), engineRef(s.engine)) { return errors.New("openssl: sha256: cannot init digest ctx") } return nil @@ -64,7 +64,7 @@ func (s *SHA256Hash) Write(p []byte) (n int, err error) { if len(p) == 0 { return 0, nil } - if 1 != C.EVP_DigestUpdate(&s.ctx, unsafe.Pointer(&p[0]), + if 0 >= C.EVP_DigestUpdate(&s.ctx, unsafe.Pointer(&p[0]), C.size_t(len(p))) { return 0, errors.New("openssl: sha256: cannot update digest") } @@ -72,7 +72,7 @@ func (s *SHA256Hash) Write(p []byte) (n int, err error) { } func (s *SHA256Hash) Sum() (result [32]byte, err error) { - if 1 != C.EVP_DigestFinal_ex(&s.ctx, + if 0 >= C.EVP_DigestFinal_ex(&s.ctx, (*C.uchar)(unsafe.Pointer(&result[0])), nil) { return result, errors.New("openssl: sha256: cannot finalize ctx") }