3 files changed, 13 insertions, 4 deletions

diff --git a/lib/accelerated/x86/aes-padlock.c b/lib/accelerated/x86/aes-padlock.c
index f10b5c555d..018764bc67 100644
--- a/lib/accelerated/x86/aes-padlock.c
+++ b/lib/accelerated/x86/aes-padlock.c
@@ -119,13 +119,14 @@ padlock_aes_cbc_encrypt(void *_ctx, const void *src, size_t src_size,
 {
 	struct padlock_ctx *ctx = _ctx;
 	struct padlock_cipher_data *pce;
+	int ret = 1;
 
 	pce = ALIGN16(&ctx->expanded_key);
 
 	if (src_size > 0)
-		padlock_cbc_encrypt(dst, src, pce, src_size);
+		ret = padlock_cbc_encrypt(dst, src, pce, src_size);
 
-	return 0;
+	return ret ? 0 : GNUTLS_E_ENCRYPTION_FAILED;
 }
 
 
@@ -135,13 +136,14 @@ padlock_aes_cbc_decrypt(void *_ctx, const void *src, size_t src_size,
 {
 	struct padlock_ctx *ctx = _ctx;
 	struct padlock_cipher_data *pcd;
+	int ret = 1;
 
 	pcd = ALIGN16(&ctx->expanded_key);
 
 	if (src_size > 0)
 		padlock_cbc_encrypt(dst, src, pcd, src_size);
 
-	return 0;
+	return ret ? 0 : GNUTLS_E_ENCRYPTION_FAILED;
 }
 
 static void aes_deinit(void *_ctx)
diff --git a/lib/accelerated/x86/sha-padlock.c b/lib/accelerated/x86/sha-padlock.c
index e878ebe310..1030d4f63e 100644
--- a/lib/accelerated/x86/sha-padlock.c
+++ b/lib/accelerated/x86/sha-padlock.c
@@ -331,6 +331,8 @@ int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo,
 			   const void *text, size_t text_size,
 			   void *digest)
 {
+	if (text_size == 0 && text == NULL)
+		text = digest;
 	if (algo == GNUTLS_DIG_SHA1) {
 		uint32_t iv[5] = {
 			0x67452301UL,
@@ -362,7 +364,6 @@ int wrap_padlock_hash_fast(gnutls_digest_algorithm_t algo,
 		wrap_padlock_hash_update(&ctx, text, text_size);
 
 		wrap_padlock_hash_output(&ctx, digest, ctx.length);
-		wrap_padlock_hash_deinit(&ctx);
 	}
 
 	return 0;
diff --git a/lib/psk.c b/lib/psk.c
index aa5220c27c..6ea3adb63c 100644
--- a/lib/psk.c
+++ b/lib/psk.c
@@ -294,6 +294,9 @@ static int call_server_callback_legacy(gnutls_session_t session,
 	gnutls_psk_server_credentials_t cred =
 			(gnutls_psk_server_credentials_t)
 				_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (unlikely(cred == NULL))
+	  return gnutls_assert_val(-1);
+
 	return cred->pwd_callback_legacy(session, (const char *) username->data, key);
 }
 
@@ -367,6 +370,9 @@ static int call_client_callback_legacy(gnutls_session_t session,
 	gnutls_psk_client_credentials_t cred =
 			(gnutls_psk_client_credentials_t)
 				_gnutls_get_cred(session, GNUTLS_CRD_PSK);
+	if (unlikely(cred == NULL))
+	  return gnutls_assert_val(-1);
+
 
 	ret = cred->get_function_legacy(session, &user_p, key);