summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2009-09-24 01:43:49 +0200
committerDr. Stephen Henson <steve@openssl.org>2009-09-24 01:43:49 +0200
commitb6dcdbfc94c482f6c15ba725754fc9e827e41851 (patch)
tree9fec84d4564530bc97b42d56e01a64abb96adac3
parentAdd more return value checking attributes to evp.h and hmac.h (diff)
downloadopenssl-b6dcdbfc94c482f6c15ba725754fc9e827e41851.tar.xz
openssl-b6dcdbfc94c482f6c15ba725754fc9e827e41851.zip
Audit libcrypto for unchecked return values: fix all cases enountered
-rw-r--r--CHANGES7
-rw-r--r--crypto/asn1/a_digest.c6
-rw-r--r--crypto/asn1/a_sign.c12
-rw-r--r--crypto/asn1/a_verify.c16
-rw-r--r--crypto/asn1/n_pkey.c38
-rw-r--r--crypto/asn1/p5_pbev2.c3
-rw-r--r--crypto/asn1/t_x509.c9
-rw-r--r--crypto/cms/cms_lib.c5
-rw-r--r--crypto/cms/cms_sd.c3
-rw-r--r--crypto/dsa/dsa_gen.c10
-rw-r--r--crypto/evp/bio_enc.c33
-rw-r--r--crypto/evp/bio_md.c11
-rw-r--r--crypto/evp/bio_ok.c103
-rw-r--r--crypto/evp/e_rc2.c3
-rw-r--r--crypto/evp/evp_key.c27
-rw-r--r--crypto/evp/p5_crpt.c32
-rw-r--r--crypto/evp/p5_crpt2.c24
-rw-r--r--crypto/evp/p_open.c3
-rw-r--r--crypto/evp/p_seal.c3
-rw-r--r--crypto/evp/p_sign.c6
-rw-r--r--crypto/evp/p_verify.c6
-rw-r--r--crypto/hmac/hm_pmeth.c14
-rw-r--r--crypto/ocsp/ocsp_lib.c3
-rw-r--r--crypto/pem/pem.h6
-rw-r--r--crypto/pem/pem_lib.c27
-rw-r--r--crypto/pem/pem_seal.c15
-rw-r--r--crypto/pem/pem_sign.c8
-rw-r--r--crypto/pem/pvkfmt.c58
-rw-r--r--crypto/pkcs12/p12_decr.c10
-rw-r--r--crypto/pkcs12/p12_key.c19
-rw-r--r--crypto/pkcs12/p12_mutl.c12
-rw-r--r--crypto/pkcs7/pk7_doit.c24
-rw-r--r--crypto/rand/md_rand.c88
-rw-r--r--crypto/rand/rand.h4
-rw-r--r--crypto/rsa/rsa_oaep.c26
-rw-r--r--crypto/rsa/rsa_pss.c33
-rw-r--r--crypto/ts/ts_rsp_verify.c9
-rw-r--r--crypto/x509/x509_cmp.c22
-rw-r--r--crypto/x509v3/v3_skey.c3
39 files changed, 496 insertions, 245 deletions
diff --git a/CHANGES b/CHANGES
index 0e347a67b5..a8397f861c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,13 @@
Changes between 0.9.8k and 1.0 [xx XXX xxxx]
+ *) Extensive audit of libcrypto with DEBUG_UNUSED. Fix many cases where
+ return value is ignored. NB. The functions RAND_add(), RAND_seed(),
+ BIO_set_cipher() and some obscure PEM functions were changed so they
+ can now return an error. The RAND changes required a change to the
+ RAND_METHOD structure.
+ [Steve Henson]
+
*) New macro __owur for "OpenSSL Warn Unused Result". This makes use of
a gcc attribute to warn if the result of a function is ignored. This
is enable if DEBUG_UNUSED is set. Add to several functions in evp.h
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
index d00d9e22b1..cbdeea6ac0 100644
--- a/crypto/asn1/a_digest.c
+++ b/crypto/asn1/a_digest.c
@@ -87,7 +87,8 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
p=str;
i2d(data,&p);
- EVP_Digest(str, i, md, len, type, NULL);
+ if (!EVP_Digest(str, i, md, len, type, NULL))
+ return 0;
OPENSSL_free(str);
return(1);
}
@@ -104,7 +105,8 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
i=ASN1_item_i2d(asn,&str, it);
if (!str) return(0);
- EVP_Digest(str, i, md, len, type, NULL);
+ if (!EVP_Digest(str, i, md, len, type, NULL))
+ return 0;
OPENSSL_free(str);
return(1);
}
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
index ff63bfc7be..d96a622d83 100644
--- a/crypto/asn1/a_sign.c
+++ b/crypto/asn1/a_sign.c
@@ -184,9 +184,9 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
p=buf_in;
i2d(data,&p);
- EVP_SignInit_ex(&ctx,type, NULL);
- EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
- if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+ if (!EVP_SignInit_ex(&ctx,type, NULL)
+ || !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl)
+ || !EVP_SignFinal(&ctx,(unsigned char *)buf_out,
(unsigned int *)&outl,pkey))
{
outl=0;
@@ -270,9 +270,9 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
goto err;
}
- EVP_SignInit_ex(&ctx,type, NULL);
- EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
- if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+ if (!EVP_SignInit_ex(&ctx,type, NULL)
+ || !EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl)
+ || !EVP_SignFinal(&ctx,(unsigned char *)buf_out,
(unsigned int *)&outl,pkey))
{
outl=0;
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
index cecdb13c70..d9332ee15d 100644
--- a/crypto/asn1/a_verify.c
+++ b/crypto/asn1/a_verify.c
@@ -101,8 +101,13 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
p=buf_in;
i2d(data,&p);
- EVP_VerifyInit_ex(&ctx,type, NULL);
- EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+ if (!EVP_VerifyInit_ex(&ctx,type, NULL)
+ || !EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl))
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+ ret=0;
+ goto err;
+ }
OPENSSL_cleanse(buf_in,(unsigned int)inl);
OPENSSL_free(buf_in);
@@ -173,7 +178,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
goto err;
}
- EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+ if (!EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl))
+ {
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
+ ret=0;
+ goto err;
+ }
OPENSSL_cleanse(buf_in,(unsigned int)inl);
OPENSSL_free(buf_in);
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
index 60bc437938..9a41f29e3e 100644
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -129,6 +129,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
unsigned char buf[256],*zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
if (a == NULL) return(0);
@@ -206,24 +207,28 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
i = strlen((char *)buf);
/* If the key is used for SGC the algorithm is modified a little. */
if(sgckey) {
- EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+ goto err;
memcpy(buf + 16, "SGCKEYSALT", 10);
i = 26;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
+ if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL))
+ goto err;
OPENSSL_cleanse(buf,256);
/* Encrypt private key in place */
zz = enckey->enckey->digest->data;
- EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL);
- EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
- EVP_EncryptFinal_ex(&ctx,zz + i,&j);
- EVP_CIPHER_CTX_cleanup(&ctx);
+ if (!EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL))
+ goto err;
+ if (!EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen))
+ goto err;
+ if (!EVP_EncryptFinal_ex(&ctx,zz + i,&j))
+ goto err;
ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
NETSCAPE_ENCRYPTED_PKEY_free(enckey);
NETSCAPE_PKEY_free(pkey);
return(ret);
@@ -289,6 +294,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
const unsigned char *zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
+ EVP_CIPHER_CTX_init(&ctx);
i=cb((char *)buf,256,"Enter Private Key password:",0);
if (i != 0)
@@ -299,19 +305,22 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
i = strlen((char *)buf);
if(sgckey){
- EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
+ if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+ goto err;
memcpy(buf + 16, "SGCKEYSALT", 10);
i = 26;
}
- EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
+ if (!EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL))
+ goto err;
OPENSSL_cleanse(buf,256);
- EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);
- EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
- EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j);
- EVP_CIPHER_CTX_cleanup(&ctx);
+ if (!EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL))
+ goto err;
+ if (!EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j))
+ goto err;
os->length=i+j;
zz=os->data;
@@ -329,6 +338,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
goto err;
}
err:
+ EVP_CIPHER_CTX_cleanup(&ctx);
NETSCAPE_PKEY_free(pkey);
return(ret);
}
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
index cb49b6651d..377edaffc9 100644
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -127,7 +127,8 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
EVP_CIPHER_CTX_init(&ctx);
/* Dummy cipherinit to just setup the IV, and PRF */
- EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
+ if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
+ goto err;
if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index e061f2ffad..01cf9e427a 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -255,7 +255,8 @@ int X509_ocspid_print (BIO *bp, X509 *x)
goto err;
i2d_X509_NAME(x->cert_info->subject, &dertmp);
- EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
for (i=0; i < SHA_DIGEST_LENGTH; i++)
{
if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
@@ -268,8 +269,10 @@ int X509_ocspid_print (BIO *bp, X509 *x)
if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
goto err;
- EVP_Digest(x->cert_info->key->public_key->data,
- x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest(x->cert_info->key->public_key->data,
+ x->cert_info->key->public_key->length,
+ SHA1md, NULL, EVP_sha1(), NULL))
+ goto err;
for (i=0; i < SHA_DIGEST_LENGTH; i++)
{
if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c
index 6c0d5c097c..714b1d9b1c 100644
--- a/crypto/cms/cms_lib.c
+++ b/crypto/cms/cms_lib.c
@@ -407,10 +407,7 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
}
BIO_get_md_ctx(chain, &mtmp);
if (EVP_MD_CTX_type(mtmp) == nid)
- {
- EVP_MD_CTX_copy_ex(mctx, mtmp);
- return 1;
- }
+ return EVP_MD_CTX_copy_ex(mctx, mtmp);
chain = BIO_next(chain);
}
}
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index e862872f39..83711d8af4 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -641,7 +641,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
cms->d.signedData->encapContentInfo->eContentType;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int mdlen;
- EVP_DigestFinal_ex(&mctx, md, &mdlen);
+ if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+ goto err;
if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
V_ASN1_OCTET_STRING,
md, mdlen))
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index 0fcd25f8b0..cd6bba3682 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -201,8 +201,10 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
}
/* step 2 */
- EVP_Digest(seed, qsize, md, NULL, evpmd, NULL);
- EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL);
+ if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL))
+ goto err;
+ if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
+ goto err;
for (i = 0; i < qsize; i++)
md[i]^=buf2[i];
@@ -252,7 +254,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
break;
}
- EVP_Digest(buf, qsize, md ,NULL, evpmd, NULL);
+ if (!EVP_Digest(buf, qsize, md ,NULL, evpmd,
+ NULL))
+ goto err;
/* step 8 */
if (!BN_bin2bn(md, qsize, r0))
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
index f6ac94c6e1..afb4d319ce 100644
--- a/crypto/evp/bio_enc.c
+++ b/crypto/evp/bio_enc.c
@@ -198,9 +198,13 @@ static int enc_read(BIO *b, char *out, int outl)
}
else
{
- EVP_CipherUpdate(&(ctx->cipher),
+ if (!EVP_CipherUpdate(&(ctx->cipher),
(unsigned char *)ctx->buf,&ctx->buf_len,
- (unsigned char *)&(ctx->buf[BUF_OFFSET]),i);
+ (unsigned char *)&(ctx->buf[BUF_OFFSET]),i))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
ctx->cont=1;
/* Note: it is possible for EVP_CipherUpdate to
* decrypt zero bytes because this is or looks like
@@ -257,9 +261,13 @@ static int enc_write(BIO *b, const char *in, int inl)
while (inl > 0)
{
n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
- EVP_CipherUpdate(&(ctx->cipher),
+ if (!EVP_CipherUpdate(&(ctx->cipher),
(unsigned char *)ctx->buf,&ctx->buf_len,
- (unsigned char *)in,n);
+ (unsigned char *)in,n))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
inl-=n;
in+=n;
@@ -298,8 +306,9 @@ static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_RESET:
ctx->ok=1;
ctx->finished=0;
- EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
- ctx->cipher.encrypt);
+ if (!EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
+ ctx->cipher.encrypt))
+ return 0;
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
break;
case BIO_CTRL_EOF: /* More to read */
@@ -405,22 +414,24 @@ EVP_CIPHER_ctx *c;
}
*/
-void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
+int BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
const unsigned char *i, int e)
{
BIO_ENC_CTX *ctx;
- if (b == NULL) return;
+ if (b == NULL) return 0;
if ((b->callback != NULL) &&
(b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0))
- return;
+ return 0;
b->init=1;
ctx=(BIO_ENC_CTX *)b->ptr;
- EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e);
+ if (!EVP_CipherInit_ex(&(ctx->cipher),c,NULL, k,i,e))
+ return 0;
if (b->callback != NULL)
- b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
+ return b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L);
+ return 1;
}
diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
index 9841e32e1a..144fdfd56a 100644
--- a/crypto/evp/bio_md.c
+++ b/crypto/evp/bio_md.c
@@ -153,8 +153,12 @@ static int md_write(BIO *b, const char *in, int inl)
{
if (ret > 0)
{
- EVP_DigestUpdate(ctx,(const unsigned char *)in,
- (unsigned int)ret);
+ if (!EVP_DigestUpdate(ctx,(const unsigned char *)in,
+ (unsigned int)ret))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
}
}
if(b->next_bio != NULL)
@@ -220,7 +224,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_DUP:
dbio=ptr;
dctx=dbio->ptr;
- EVP_MD_CTX_copy_ex(dctx,ctx);
+ if (!EVP_MD_CTX_copy_ex(dctx,ctx))
+ return 0;
b->init=1;
break;
default:
diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
index 98bc1ab409..ad8cad8766 100644
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -133,10 +133,10 @@ static int ok_new(BIO *h);
static int ok_free(BIO *data);
static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-static void sig_out(BIO* b);
-static void sig_in(BIO* b);
-static void block_out(BIO* b);
-static void block_in(BIO* b);
+static __owur int sig_out(BIO* b);
+static __owur int sig_in(BIO* b);
+static __owur int block_out(BIO* b);
+static __owur int block_in(BIO* b);
#define OK_BLOCK_SIZE (1024*4)
#define OK_BLOCK_BLOCK 4
#define IOBS (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
@@ -266,10 +266,24 @@ static int ok_read(BIO *b, char *out, int outl)
ctx->buf_len+= i;
/* no signature yet -- check if we got one */
- if (ctx->sigio == 1) sig_in(b);
+ if (ctx->sigio == 1)
+ {
+ if (!sig_in(b))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
/* signature ok -- check if we got block */
- if (ctx->sigio == 0) block_in(b);
+ if (ctx->sigio == 0)
+ {
+ if (!block_in(b))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
+ }
/* invalid block -- cancel */
if (ctx->cont <= 0) break;
@@ -293,7 +307,8 @@ static int ok_write(BIO *b, const char *in, int inl)
if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
- if(ctx->sigio) sig_out(b);
+ if(ctx->sigio && !sig_out(b))
+ return 0;
do{
BIO_clear_retry_flags(b);
@@ -332,7 +347,11 @@ static int ok_write(BIO *b, const char *in, int inl)
if(ctx->buf_len >= OK_BLOCK_SIZE+ OK_BLOCK_BLOCK)
{
- block_out(b);
+ if (!block_out(b))
+ {
+ BIO_clear_retry_flags(b);
+ return 0;
+ }
}
}while(inl > 0);
@@ -379,7 +398,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
case BIO_CTRL_FLUSH:
/* do a final write */
if(ctx->blockout == 0)
- block_out(b);
+ if (!block_out(b))
+ return 0;
while (ctx->blockout)
{
@@ -408,7 +428,8 @@ static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
break;
case BIO_C_SET_MD:
md=ptr;
- EVP_DigestInit_ex(&ctx->md, md, NULL);
+ if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
+ return 0;
b->init=1;
break;
case BIO_C_GET_MD:
@@ -455,7 +476,7 @@ static void longswap(void *_ptr, size_t len)
}
}
-static void sig_out(BIO* b)
+static int sig_out(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -463,9 +484,10 @@ static void sig_out(BIO* b)
ctx=b->ptr;
md=&ctx->md;
- if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return;
+ if(ctx->buf_len+ 2* md->digest->md_size > OK_BLOCK_SIZE) return 1;
- EVP_DigestInit_ex(md, md->digest, NULL);
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
/* FIXME: there's absolutely no guarantee this makes any sense at all,
* particularly now EVP_MD_CTX has been restructured.
*/
@@ -474,14 +496,20 @@ static void sig_out(BIO* b)
longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
ctx->buf_len+= md->digest->md_size;
- EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
ctx->sigio= 0;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void sig_in(BIO* b)
+static int sig_in(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -491,15 +519,18 @@ static void sig_in(BIO* b)
ctx=b->ptr;
md=&ctx->md;
- if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return;
+ if((int)(ctx->buf_len-ctx->buf_off) < 2*md->digest->md_size) return 1;
- EVP_DigestInit_ex(md, md->digest, NULL);
+ if (!EVP_DigestInit_ex(md, md->digest, NULL))
+ goto berr;
memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
longswap(md->md_data, md->digest->md_size);
ctx->buf_off+= md->digest->md_size;
- EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN));
- EVP_DigestFinal_ex(md, tmp, NULL);
+ if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
ret= memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
ctx->buf_off+= md->digest->md_size;
if(ret == 1)
@@ -516,9 +547,13 @@ static void sig_in(BIO* b)
{
ctx->cont= 0;
}
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void block_out(BIO* b)
+static int block_out(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -532,13 +567,20 @@ static void block_out(BIO* b)
ctx->buf[1]=(unsigned char)(tl>>16);
ctx->buf[2]=(unsigned char)(tl>>8);
ctx->buf[3]=(unsigned char)(tl);
- EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
- EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL);
+ if (!EVP_DigestUpdate(md,
+ (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+ goto berr;
ctx->buf_len+= md->digest->md_size;
ctx->blockout= 1;
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
-static void block_in(BIO* b)
+static int block_in(BIO* b)
{
BIO_OK_CTX *ctx;
EVP_MD_CTX *md;
@@ -554,10 +596,13 @@ static void block_in(BIO* b)
tl|=ctx->buf[2]; tl<<=8;
tl|=ctx->buf[3];
- if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return;
+ if (ctx->buf_len < tl+ OK_BLOCK_BLOCK+ md->digest->md_size) return 1;
- EVP_DigestUpdate(md, (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl);
- EVP_DigestFinal_ex(md, tmp, NULL);
+ if (!EVP_DigestUpdate(md,
+ (unsigned char*) &(ctx->buf[OK_BLOCK_BLOCK]), tl))
+ goto berr;
+ if (!EVP_DigestFinal_ex(md, tmp, NULL))
+ goto berr;
if(memcmp(&(ctx->buf[tl+ OK_BLOCK_BLOCK]), tmp, md->digest->md_size) == 0)
{
/* there might be parts from next block lurking around ! */
@@ -571,5 +616,9 @@ static void block_in(BIO* b)
{
ctx->cont= 0;
}
+ return 1;
+ berr:
+ BIO_clear_retry_flags(b);
+ return 0;
}
diff --git a/crypto/evp/e_rc2.c b/crypto/evp/e_rc2.c
index f78d781129..d4c33b58d4 100644
--- a/crypto/evp/e_rc2.c
+++ b/crypto/evp/e_rc2.c
@@ -183,7 +183,8 @@ static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
key_bits =rc2_magic_to_meth((int)num);
if (!key_bits)
return(-1);
- if(i > 0) EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1);
+ if(i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
+ return -1;
EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
}
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 361ea69ab6..a22fa5036e 100644
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -115,7 +115,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
unsigned char md_buf[EVP_MAX_MD_SIZE];
int niv,nkey,addmd=0;
unsigned int mds=0,i;
-
+ int rv = 0;
nkey=type->key_len;
niv=type->iv_len;
OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
@@ -129,17 +129,24 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
if (!EVP_DigestInit_ex(&c,md, NULL))
return 0;
if (addmd++)
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestUpdate(&c,data,datal);
+ if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+ goto err;
+ if (!EVP_DigestUpdate(&c,data,datal))
+ goto err;
if (salt != NULL)
- EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN);
- EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
+ if (!EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+ goto err;
for (i=1; i<(unsigned int)count; i++)
{
- EVP_DigestInit_ex(&c,md, NULL);
- EVP_DigestUpdate(&c,&(md_buf[0]),mds);
- EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds);
+ if (!EVP_DigestInit_ex(&c,md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&c,&(md_buf[0]),mds))
+ goto err;
+ if (!EVP_DigestFinal_ex(&c,&(md_buf[0]),&mds))
+ goto err;
}
i=0;
if (nkey)
@@ -168,8 +175,10 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
}
if ((nkey == 0) && (niv == 0)) break;
}
+ rv = type->key_len;
+ err:
EVP_MD_CTX_cleanup(&c);
OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
- return(type->key_len);
+ return rv;
}
diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c
index 7ecfa8dad9..7d9c1f0123 100644
--- a/crypto/evp/p5_crpt.c
+++ b/crypto/evp/p5_crpt.c
@@ -82,6 +82,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
unsigned char *salt;
const unsigned char *pbuf;
int mdsize;
+ int rv = 0;
+ EVP_MD_CTX_init(&ctx);
/* Extract useful info from parameter */
if (param == NULL || param->type != V_ASN1_SEQUENCE ||
@@ -104,29 +106,37 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
if(!pass) passlen = 0;
else if(passlen == -1) passlen = strlen(pass);
- EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, md, NULL);
- EVP_DigestUpdate(&ctx, pass, passlen);
- EVP_DigestUpdate(&ctx, salt, saltlen);
+ if (!EVP_DigestInit_ex(&ctx, md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, pass, passlen))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, salt, saltlen))
+ goto err;
PBEPARAM_free(pbe);
- EVP_DigestFinal_ex(&ctx, md_tmp, NULL);
+ if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+ goto err;
mdsize = EVP_MD_size(md);
if (mdsize < 0)
return 0;
for (i = 1; i < iter; i++) {
- EVP_DigestInit_ex(&ctx, md, NULL);
- EVP_DigestUpdate(&ctx, md_tmp, mdsize);
- EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md, NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
+ goto err;
+ if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
+ goto err;
}
- EVP_MD_CTX_cleanup(&ctx);
OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
EVP_CIPHER_iv_length(cipher));
- EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
+ if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
+ goto err;
OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
- return 1;
+ rv = 1;
+ err:
+ return rv;
}
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c
index 334379f310..01b6b50cf7 100644
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -110,10 +110,14 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
itmp[1] = (unsigned char)((i >> 16) & 0xff);
itmp[2] = (unsigned char)((i >> 8) & 0xff);
itmp[3] = (unsigned char)(i & 0xff);
- HMAC_Init_ex(&hctx, pass, passlen, digest, NULL);
- HMAC_Update(&hctx, salt, saltlen);
- HMAC_Update(&hctx, itmp, 4);
- HMAC_Final(&hctx, digtmp, NULL);
+ if (!HMAC_Init_ex(&hctx, pass, passlen, digest, NULL)
+ || !HMAC_Update(&hctx, salt, saltlen)
+ || !HMAC_Update(&hctx, itmp, 4)
+ || !HMAC_Final(&hctx, digtmp, NULL))
+ {
+ HMAC_CTX_cleanup(&hctx);
+ return 0;
+ }
memcpy(p, digtmp, cplen);
for(j = 1; j < iter; j++)
{
@@ -211,7 +215,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
}
/* Fixup cipher based on AlgorithmIdentifier */
- EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de);
+ if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
+ {
+ EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, ERR_R_EVP_LIB);
+ goto err;
+ }
if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
EVP_R_CIPHER_PARAMETER_ERROR);
@@ -278,7 +286,11 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
if(!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
keylen, key))
goto err;
- EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de))
+ {
+ EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, ERR_R_EVP_LIB);
+ goto err;
+ }
OPENSSL_cleanse(key, keylen);
PBKDF2PARAM_free(kdf);
return 1;
diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c
index 53a59a295c..c748fbea87 100644
--- a/crypto/evp/p_open.c
+++ b/crypto/evp/p_open.c
@@ -115,7 +115,8 @@ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
int i;
i=EVP_DecryptFinal_ex(ctx,out,outl);
- EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+ if (i)
+ i = EVP_DecryptInit_ex(ctx,NULL,NULL,NULL,NULL);
return(i);
}
#else /* !OPENSSL_NO_RSA */
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
index d8324526e7..e5919b0fbf 100644
--- a/crypto/evp/p_seal.c
+++ b/crypto/evp/p_seal.c
@@ -110,6 +110,7 @@ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
{
int i;
i = EVP_EncryptFinal_ex(ctx,out,outl);
- EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
+ if (i)
+ i = EVP_EncryptInit_ex(ctx,NULL,NULL,NULL,NULL);
return i;
}
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
index 8df6d48a7e..65bb474213 100644
--- a/crypto/evp/p_sign.c
+++ b/crypto/evp/p_sign.c
@@ -85,8 +85,10 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
*siglen=0;
EVP_MD_CTX_init(&tmp_ctx);
- EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
- EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+ goto err;
+ if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
+ goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
index 8db46412f3..6e2e70b382 100644
--- a/crypto/evp/p_verify.c
+++ b/crypto/evp/p_verify.c
@@ -71,8 +71,10 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
MS_STATIC EVP_MD_CTX tmp_ctx;
EVP_MD_CTX_init(&tmp_ctx);
- EVP_MD_CTX_copy_ex(&tmp_ctx,ctx);
- EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len);
+ if (!EVP_MD_CTX_copy_ex(&tmp_ctx,ctx))
+ goto err;
+ if (!EVP_DigestFinal_ex(&tmp_ctx,&(m[0]),&m_len))
+ goto err;
EVP_MD_CTX_cleanup(&tmp_ctx);
if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
diff --git a/crypto/hmac/hm_pmeth.c b/crypto/hmac/hm_pmeth.c
index 985921ca1a..050db82ba8 100644
--- a/crypto/hmac/hm_pmeth.c
+++ b/crypto/hmac/hm_pmeth.c
@@ -100,7 +100,8 @@ static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
dctx = dst->data;
dctx->md = sctx->md;
HMAC_CTX_init(&dctx->ctx);
- HMAC_CTX_copy(&dctx->ctx, &sctx->ctx);
+ if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
+ return 0;
if (sctx->ktmp.data)
{
if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
@@ -141,7 +142,8 @@ static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
static int int_update(EVP_MD_CTX *ctx,const void *data,size_t count)
{
HMAC_PKEY_CTX *hctx = ctx->pctx->data;
- HMAC_Update(&hctx->ctx, data, count);
+ if (!HMAC_Update(&hctx->ctx, data, count))
+ return 0;
return 1;
}
@@ -165,7 +167,8 @@ static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
if (!sig)
return 1;
- HMAC_Final(&hctx->ctx, sig, &hlen);
+ if (!HMAC_Final(&hctx->ctx, sig, &hlen))
+ return 0;
*siglen = (size_t)hlen;
return 1;
}
@@ -190,8 +193,9 @@ static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
case EVP_PKEY_CTRL_DIGESTINIT:
key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
- HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
- ctx->engine);
+ if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
+ ctx->engine))
+ return 0;
break;
default:
diff --git a/crypto/ocsp/ocsp_lib.c b/crypto/ocsp/ocsp_lib.c
index 36905d76cd..0090bc267c 100644
--- a/crypto/ocsp/ocsp_lib.c
+++ b/crypto/ocsp/ocsp_lib.c
@@ -124,7 +124,8 @@ OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err;
/* Calculate the issuerKey hash, excluding tag and length */
- EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL);
+ if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
+ goto err;
if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err;
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index 22231c26d3..c2d7690580 100644
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -439,13 +439,13 @@ STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
EVP_MD *md_type, unsigned char **ek, int *ekl,
unsigned char *iv, EVP_PKEY **pubk, int npubk);
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+int PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
unsigned char *in, int inl);
int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
unsigned char *out, int *outl, EVP_PKEY *priv);
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
-void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+int PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey);
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index a547fdc933..27f0544c06 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -394,7 +394,8 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
goto err;
/* The 'iv' is used as the iv and as a salt. It is
* NOT taken from the BytesToKey function */
- EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
+ if (!EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL))
+ goto err;
if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
@@ -406,12 +407,15 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
/* k=strlen(buf); */
EVP_CIPHER_CTX_init(&ctx);
- EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv);
- EVP_EncryptUpdate(&ctx,data,&j,data,i);
- EVP_EncryptFinal_ex(&ctx,&(data[j]),&i);
+ ret = 1;
+ if (!EVP_EncryptInit_ex(&ctx,enc,NULL,key,iv)
+ || !EVP_EncryptUpdate(&ctx,data,&j,data,i)
+ || !EVP_EncryptFinal_ex(&ctx,&(data[j]),&i))
+ ret = 0;
EVP_CIPHER_CTX_cleanup(&ctx);
+ if (ret == 0)
+ goto err;
i+=j;
- ret=1;
}
else
{
@@ -459,14 +463,17 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
ebcdic2ascii(buf, buf, klen);
#endif
- EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
- (unsigned char *)buf,klen,1,key,NULL);
+ if (!EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
+ (unsigned char *)buf,klen,1,key,NULL))
+ return 0;
j=(int)len;
EVP_CIPHER_CTX_init(&ctx);
- EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
- EVP_DecryptUpdate(&ctx,data,&i,data,j);
- o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
+ o = EVP_DecryptInit_ex(&ctx,cipher->cipher,NULL, key,&(cipher->iv[0]));
+ if (o)
+ o = EVP_DecryptUpdate(&ctx,data,&i,data,j);
+ if (o)
+ o = EVP_DecryptFinal_ex(&ctx,&(data[i]),&j);
EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_cleanse((char *)buf,sizeof(buf));
OPENSSL_cleanse((char *)key,sizeof(key));
diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c
index 4e554e5481..d400c169c7 100644
--- a/crypto/pem/pem_seal.c
+++ b/crypto/pem/pem_seal.c
@@ -96,7 +96,8 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
EVP_EncodeInit(&ctx->encode);
EVP_MD_CTX_init(&ctx->md);
- EVP_SignInit(&ctx->md,md_type);
+ if (!EVP_SignInit(&ctx->md,md_type))
+ goto err;
EVP_CIPHER_CTX_init(&ctx->cipher);
ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
@@ -118,14 +119,15 @@ err:
return(ret);
}
-void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+int PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
unsigned char *in, int inl)
{
unsigned char buffer[1600];
int i,j;
*outl=0;
- EVP_SignUpdate(&ctx->md,in,inl);
+ if (!EVP_SignUpdate(&ctx->md,in,inl))
+ return 0;
for (;;)
{
if (inl <= 0) break;
@@ -133,13 +135,15 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
i=1200;
else
i=inl;
- EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);
+ if (!EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i))
+ return 0;
EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);
*outl+=j;
out+=j;
in+=i;
inl-=i;
}
+ return 1;
}
int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
@@ -163,7 +167,8 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
goto err;
}
- EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
+ if (!EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i))
+ goto err;
EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
*outl=j;
out+=j;
diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c
index c3b9808cb2..80fb6e71ba 100644
--- a/crypto/pem/pem_sign.c
+++ b/crypto/pem/pem_sign.c
@@ -64,15 +64,15 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
-void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
+int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
{
- EVP_DigestInit_ex(ctx, type, NULL);
+ return EVP_DigestInit_ex(ctx, type, NULL);
}
-void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
+int PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data,
unsigned int count)
{
- EVP_DigestUpdate(ctx,data,count);
+ return EVP_DigestUpdate(ctx,data,count);
}
int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 11e1f10f57..0d6c749c33 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -707,13 +707,16 @@ static int derive_pvk_key(unsigned char *key,
const unsigned char *pass, int passlen)
{
EVP_MD_CTX mctx;
+ int rv = 1;
EVP_MD_CTX_init(&mctx);
- EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL);
- EVP_DigestUpdate(&mctx, salt, saltlen);
- EVP_DigestUpdate(&mctx, pass, passlen);
- EVP_DigestFinal_ex(&mctx, key, NULL);
+ if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
+ || !EVP_DigestUpdate(&mctx, salt, saltlen)
+ || !EVP_DigestUpdate(&mctx, pass, passlen)
+ || !EVP_DigestFinal_ex(&mctx, key, NULL))
+ rv = 0;
+
EVP_MD_CTX_cleanup(&mctx);
- return 1;
+ return rv;
}
@@ -725,11 +728,12 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
const unsigned char *p = *in;
unsigned int magic;
unsigned char *enctmp = NULL, *q;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
if (saltlen)
{
char psbuf[PEM_BUFSIZE];
unsigned char keybuf[20];
- EVP_CIPHER_CTX cctx;
int enctmplen, inlen;
if (cb)
inlen=cb(psbuf,PEM_BUFSIZE,0,u);
@@ -755,37 +759,41 @@ static EVP_PKEY *do_PVK_body(const unsigned char **in,
p += 8;
inlen = keylen - 8;
q = enctmp + 8;
- EVP_CIPHER_CTX_init(&cctx);
- EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL);
- EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen);
- EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen);
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto err;
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+ goto err;
magic = read_ledword((const unsigned char **)&q);
if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)
{
q = enctmp + 8;
memset(keybuf + 5, 0, 11);
- EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,
- NULL);
+ if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,
+ NULL))
+ goto err;
OPENSSL_cleanse(keybuf, 20);
- EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen);
- EVP_DecryptFinal_ex(&cctx, q + enctmplen,
- &enctmplen);
+ if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+ goto err;
+ if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen,
+ &enctmplen))
+ goto err;
magic = read_ledword((const unsigned char **)&q);
if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC)
{
- EVP_CIPHER_CTX_cleanup(&cctx);
PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
goto err;
}
}
else
OPENSSL_cleanse(keybuf, 20);
- EVP_CIPHER_CTX_cleanup(&cctx);
p = enctmp;
}
ret = b2i_PrivateKey(&p, keylen);
err:
+ EVP_CIPHER_CTX_cleanup(&cctx);
if (enctmp && saltlen)
OPENSSL_free(enctmp);
return ret;
@@ -839,6 +847,8 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
{
int outlen = 24, noinc, pklen;
unsigned char *p, *salt = NULL;
+ EVP_CIPHER_CTX cctx;
+ EVP_CIPHER_CTX_init(&cctx);
if (enclevel)
outlen += PVK_SALTLEN;
pklen = do_i2b(NULL, pk, 0);
@@ -887,7 +897,6 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
{
char psbuf[PEM_BUFSIZE];
unsigned char keybuf[20];
- EVP_CIPHER_CTX cctx;
int enctmplen, inlen;
if (cb)
inlen=cb(psbuf,PEM_BUFSIZE,1,u);
@@ -904,16 +913,19 @@ static int i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel,
if (enclevel == 1)
memset(keybuf + 5, 0, 11);
p = salt + PVK_SALTLEN + 8;
- EVP_CIPHER_CTX_init(&cctx);
- EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL);
+ if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+ goto error;
OPENSSL_cleanse(keybuf, 20);
- EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8);
- EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen);
- EVP_CIPHER_CTX_cleanup(&cctx);
+ if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
+ goto error;
+ if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
+ goto error;
}
+ EVP_CIPHER_CTX_cleanup(&cctx);
return outlen;
error:
+ EVP_CIPHER_CTX_cleanup(&cctx);
return -1;
}
diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c
index ba77dbbe32..5dcb55b16b 100644
--- a/crypto/pkcs12/p12_decr.c
+++ b/crypto/pkcs12/p12_decr.c
@@ -89,7 +89,15 @@ unsigned char * PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
goto err;
}
- EVP_CipherUpdate(&ctx, out, &i, in, inlen);
+ if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen))
+ {
+ OPENSSL_free(out);
+ out = NULL;
+ PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_EVP_LIB);
+ goto err;
+ }
+ outlen += i;
+
outlen = i;
if(!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
OPENSSL_free(out);
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index a29794bbbc..705050ec4c 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -153,14 +153,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen];
for (i = 0; i < Plen; i++) *p++ = pass[i % passlen];
for (;;) {
- EVP_DigestInit_ex(&ctx, md_type, NULL);
- EVP_DigestUpdate(&ctx, D, v);
- EVP_DigestUpdate(&ctx, I, Ilen);
- EVP_DigestFinal_ex(&ctx, Ai, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+ || !EVP_DigestUpdate(&ctx, D, v)
+ || !EVP_DigestUpdate(&ctx, I, Ilen)
+ || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ goto err;
for (j = 1; j < iter; j++) {
- EVP_DigestInit_ex(&ctx, md_type, NULL);
- EVP_DigestUpdate(&ctx, Ai, u);
- EVP_DigestFinal_ex(&ctx, Ai, NULL);
+ if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+ || !EVP_DigestUpdate(&ctx, Ai, u)
+ || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+ goto err;
}
memcpy (out, Ai, min (n, u));
if (u >= n) {
@@ -201,6 +203,9 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
} else BN_bn2bin (Ij, I + j);
}
}
+ err:
+ EVP_MD_CTX_cleanup(&ctx);
+ return 0;
}
#ifdef DEBUG_KEYGEN
void h__dump (unsigned char *p, int len)
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 9ab740d51f..96de1bd11e 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -97,10 +97,14 @@ int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
return 0;
}
HMAC_CTX_init(&hmac);
- HMAC_Init_ex(&hmac, key, md_size, md_type, NULL);
- HMAC_Update(&hmac, p12->authsafes->d.data->data,
- p12->authsafes->d.data->length);
- HMAC_Final(&hmac, mac, maclen);
+ if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
+ || !HMAC_Update(&hmac, p12->authsafes->d.data->data,
+ p12->authsafes->d.data->length)
+ || !HMAC_Final(&hmac, mac, maclen))
+ {
+ HMAC_CTX_cleanup(&hmac);
+ return 0;
+ }
HMAC_CTX_cleanup(&hmac);
return 1;
}
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 451de84489..c2a56893ef 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -679,7 +679,11 @@ static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
}
/* Add digest */
- EVP_DigestFinal_ex(mctx, md_data,&md_len);
+ if (!EVP_DigestFinal_ex(mctx, md_data,&md_len))
+ {
+ PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
+ return 0;
+ }
if (!PKCS7_add1_attrib_digest(si, md_data, md_len))
{
PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
@@ -787,7 +791,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
/* We now have the EVP_MD_CTX, lets do the
* signing. */
- EVP_MD_CTX_copy_ex(&ctx_tmp,mdc);
+ if (!EVP_MD_CTX_copy_ex(&ctx_tmp,mdc))
+ goto err;
sk=si->auth_attr;
@@ -825,7 +830,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
if (!PKCS7_find_digest(&mdc, bio,
OBJ_obj2nid(p7->d.digest->md->algorithm)))
goto err;
- EVP_DigestFinal_ex(mdc,md_data,&md_len);
+ if (!EVP_DigestFinal_ex(mdc,md_data,&md_len))
+ goto err;
M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
}
@@ -1018,7 +1024,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
/* mdc is the digest ctx that we want, unless there are attributes,
* in which case the digest is the signed attributes */
- EVP_MD_CTX_copy_ex(&mdc_tmp,mdc);
+ if (!EVP_MD_CTX_copy_ex(&mdc_tmp,mdc))
+ goto err;
sk=si->auth_attr;
if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
@@ -1028,7 +1035,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
int alen;
ASN1_OCTET_STRING *message_digest;
- EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len);
+ if (!EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len))
+ goto err;
message_digest=PKCS7_digest_from_attributes(sk);
if (!message_digest)
{
@@ -1053,7 +1061,8 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
goto err;
}
- EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL);
+ if (!EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL))
+ goto err;
alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
@@ -1063,7 +1072,8 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
ret = -1;
goto err;
}
- EVP_VerifyUpdate(&mdc_tmp, abuf, alen);
+ if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
+ goto err;
OPENSSL_free(abuf);
}
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 88088ce73c..4e581f3917 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -155,8 +155,8 @@ int rand_predictable=0;
const char RAND_version[]="RAND" OPENSSL_VERSION_PTEXT;
static void ssleay_rand_cleanup(void);
-static void ssleay_rand_seed(const void *buf, int num);
-static void ssleay_rand_add(const void *buf, int num, double add_entropy);
+static int ssleay_rand_seed(const void *buf, int num);
+static int ssleay_rand_add(const void *buf, int num, double add_entropy);
static int ssleay_rand_bytes(unsigned char *buf, int num);
static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
static int ssleay_rand_status(void);
@@ -187,13 +187,14 @@ static void ssleay_rand_cleanup(void)
initialized=0;
}
-static void ssleay_rand_add(const void *buf, int num, double add)
+static int ssleay_rand_add(const void *buf, int num, double add)
{
int i,j,k,st_idx;
long md_c[2];
unsigned char local_md[MD_DIGEST_LENGTH];
EVP_MD_CTX m;
int do_not_lock;
+ int rv = 0;
/*
* (Based on the rand(3) manpage)
@@ -210,6 +211,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
* hash function.
*/
+ EVP_MD_CTX_init(&m);
/* check if we already have the lock */
if (crypto_lock_rand)
{
@@ -256,25 +258,30 @@ static void ssleay_rand_add(const void *buf, int num, double add)
if (!do_not_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
- EVP_MD_CTX_init(&m);
for (i=0; i<num; i+=MD_DIGEST_LENGTH)
{
j=(num-i);
j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
- MD_Init(&m);
- MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+ if (!MD_Init(&m))
+ goto err;
+ if (!MD_Update(&m,local_md,MD_DIGEST_LENGTH))
+ goto err;
k=(st_idx+j)-STATE_SIZE;
if (k > 0)
{
- MD_Update(&m,&(state[st_idx]),j-k);
- MD_Update(&m,&(state[0]),k);
+ if (!MD_Update(&m,&(state[st_idx]),j-k))
+ goto err;
+ if (!MD_Update(&m,&(state[0]),k))
+ goto err;
}
else
- MD_Update(&m,&(state[st_idx]),j);
+ if (!MD_Update(&m,&(state[st_idx]),j))
+ goto err;
/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
- MD_Update(&m,buf,j);
+ if (!MD_Update(&m,buf,j))
+ goto err;
/* We know that line may cause programs such as
purify and valgrind to complain about use of
uninitialized data. The problem is not, it's
@@ -282,8 +289,10 @@ static void ssleay_rand_add(const void *buf, int num, double add)
sure you get really bad randomness and thereby
other problems such as very insecure keys. */
- MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
- MD_Final(&m,local_md);
+ if (!MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)))
+ goto err;
+ if (!MD_Final(&m,local_md))
+ goto err;
md_c[1]++;
buf=(const char *)buf + j;
@@ -303,7 +312,6 @@ static void ssleay_rand_add(const void *buf, int num, double add)
st_idx=0;
}
}
- EVP_MD_CTX_cleanup(&m);
if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
/* Don't just copy back local_md into md -- this could mean that
@@ -321,11 +329,15 @@ static void ssleay_rand_add(const void *buf, int num, double add)
#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
assert(md_c[1] == md_count[1]);
#endif
+ rv = 1;
+ err:
+ EVP_MD_CTX_cleanup(&m);
+ return rv;
}
-static void ssleay_rand_seed(const void *buf, int num)
+static int ssleay_rand_seed(const void *buf, int num)
{
- ssleay_rand_add(buf, num, (double)num);
+ return ssleay_rand_add(buf, num, (double)num);
}
static int ssleay_rand_bytes(unsigned char *buf, int num)
@@ -464,20 +476,25 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
/* num_ceil -= MD_DIGEST_LENGTH/2 */
j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
num-=j;
- MD_Init(&m);
+ if (!MD_Init(&m))
+ goto err;
#ifndef GETPID_IS_MEANINGLESS
if (curr_pid) /* just in the first iteration to save time */
{
- MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
+ if (!MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid))
+ goto err;
curr_pid = 0;
}
#endif
- MD_Update(&m,local_md,MD_DIGEST_LENGTH);
- MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
+ if (!MD_Update(&m,local_md,MD_DIGEST_LENGTH))
+ goto err;
+ if (!MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)))
+ goto err;
#ifndef PURIFY /* purify complains */
/* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
- MD_Update(&m,buf,j);
+ if (!MD_Update(&m,buf,j))
+ goto err;
/* We know that line may cause programs such as
purify and valgrind to complain about use of
uninitialized data. */
@@ -486,12 +503,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
if (k > 0)
{
- MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k);
- MD_Update(&m,&(state[0]),k);
+ if (!MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2-k))
+ goto err;
+ if (!MD_Update(&m,&(state[0]),k))
+ goto err;
}
else
- MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2);
- MD_Final(&m,local_md);
+ if (!MD_Update(&m,&(state[st_idx]),MD_DIGEST_LENGTH/2))
+ goto err;
+ if (!MD_Final(&m,local_md))
+ goto err;
for (i=0; i<MD_DIGEST_LENGTH/2; i++)
{
@@ -503,12 +524,16 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
}
}
- MD_Init(&m);
- MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
- MD_Update(&m,local_md,MD_DIGEST_LENGTH);
+ if (!MD_Init(&m)
+ || !MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c))
+ || !MD_Update(&m,local_md,MD_DIGEST_LENGTH))
+ goto err;
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
- MD_Update(&m,md,MD_DIGEST_LENGTH);
- MD_Final(&m,md);
+ if (!MD_Update(&m,md,MD_DIGEST_LENGTH) || !MD_Final(&m,md))
+ {
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ goto err;
+ }
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
EVP_MD_CTX_cleanup(&m);
@@ -521,6 +546,11 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
"http://www.openssl.org/support/faq.html");
return(0);
}
+ err:
+ EVP_MD_CTX_cleanup(&m);
+ RANDerr(RAND_F_SSLEAY_RAND_BYTES,ERR_R_EVP_LIB);
+ return 0;
+
}
/* pseudo-random bytes that are guaranteed to be unique but not
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
index ac6c021763..5895d3b6e1 100644
--- a/crypto/rand/rand.h
+++ b/crypto/rand/rand.h
@@ -80,10 +80,10 @@ extern "C" {
struct rand_meth_st
{
- void (*seed)(const void *buf, int num);
+ int (*seed)(const void *buf, int num);
int (*bytes)(unsigned char *buf, int num);
void (*cleanup)(void);
- void (*add)(const void *buf, int num, double entropy);
+ int (*add)(const void *buf, int num, double entropy);
int (*pseudorand)(unsigned char *buf, int num);
int (*status)(void);
};
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index e238d10e5c..553d212ebe 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -56,7 +56,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
seed = to + 1;
db = to + SHA_DIGEST_LENGTH + 1;
- EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest((void *)param, plen, db, NULL, EVP_sha1(), NULL))
+ return 0;
memset(db + SHA_DIGEST_LENGTH, 0,
emlen - flen - 2 * SHA_DIGEST_LENGTH - 1);
db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01;
@@ -145,7 +146,8 @@ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
for (i = 0; i < dblen; i++)
db[i] ^= maskeddb[i];
- EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest((void *)param, plen, phash, NULL, EVP_sha1(), NULL))
+ return -1;
if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0 || bad)
goto decoding_err;
@@ -189,34 +191,40 @@ int PKCS1_MGF1(unsigned char *mask, long len,
EVP_MD_CTX c;
unsigned char md[EVP_MAX_MD_SIZE];
int mdlen;
+ int rv = -1;
EVP_MD_CTX_init(&c);
mdlen = EVP_MD_size(dgst);
if (mdlen < 0)
- return -1;
+ goto err;
for (i = 0; outlen < len; i++)
{
cnt[0] = (unsigned char)((i >> 24) & 255);
cnt[1] = (unsigned char)((i >> 16) & 255);
cnt[2] = (unsigned char)((i >> 8)) & 255;
cnt[3] = (unsigned char)(i & 255);
- EVP_DigestInit_ex(&c,dgst, NULL);
- EVP_DigestUpdate(&c, seed, seedlen);
- EVP_DigestUpdate(&c, cnt, 4);
+ if (!EVP_DigestInit_ex(&c,dgst, NULL)
+ || !EVP_DigestUpdate(&c, seed, seedlen)
+ || !EVP_DigestUpdate(&c, cnt, 4))
+ goto err;
if (outlen + mdlen <= len)
{
- EVP_DigestFinal_ex(&c, mask + outlen, NULL);
+ if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
+ goto err;
outlen += mdlen;
}
else
{
- EVP_DigestFinal_ex(&c, md, NULL);
+ if (!EVP_DigestFinal_ex(&c, md, NULL))
+ goto err;
memcpy(mask + outlen, md, len - outlen);
outlen = len;
}
}
+ rv = 0;
+ err:
EVP_MD_CTX_cleanup(&c);
- return 0;
+ return rv;
}
static int MGF1(unsigned char *mask, long len, const unsigned char *seed,
diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
index ac211e2ffe..4efb8eddad 100644
--- a/crypto/rsa/rsa_pss.c
+++ b/crypto/rsa/rsa_pss.c
@@ -80,6 +80,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
unsigned char *DB = NULL;
EVP_MD_CTX ctx;
unsigned char H_[EVP_MAX_MD_SIZE];
+ EVP_MD_CTX_init(&ctx);
hLen = EVP_MD_size(Hash);
if (hLen < 0)
@@ -145,14 +146,17 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_SLEN_CHECK_FAILED);
goto err;
}
- EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, Hash, NULL);
- EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
- EVP_DigestUpdate(&ctx, mHash, hLen);
+ if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ goto err;
if (maskedDBLen - i)
- EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i);
- EVP_DigestFinal(&ctx, H_, NULL);
- EVP_MD_CTX_cleanup(&ctx);
+ {
+ if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
+ goto err;
+ }
+ if (!EVP_DigestFinal(&ctx, H_, NULL))
+ goto err;
if (memcmp(H_, H, hLen))
{
RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS, RSA_R_BAD_SIGNATURE);
@@ -164,6 +168,7 @@ int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
err:
if (DB)
OPENSSL_free(DB);
+ EVP_MD_CTX_cleanup(&ctx);
return ret;
@@ -228,12 +233,14 @@ int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
maskedDBLen = emLen - hLen - 1;
H = EM + maskedDBLen;
EVP_MD_CTX_init(&ctx);
- EVP_DigestInit_ex(&ctx, Hash, NULL);
- EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes);
- EVP_DigestUpdate(&ctx, mHash, hLen);
- if (sLen)
- EVP_DigestUpdate(&ctx, salt, sLen);
- EVP_DigestFinal(&ctx, H, NULL);
+ if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+ || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+ || !EVP_DigestUpdate(&ctx, mHash, hLen))
+ goto err;
+ if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
+ goto err;
+ if (!EVP_DigestFinal(&ctx, H, NULL))
+ goto err;
EVP_MD_CTX_cleanup(&ctx);
/* Generate dbMask in place then perform XOR on it */
diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c
index e1f3b534af..afe16afbe4 100644
--- a/crypto/ts/ts_rsp_verify.c
+++ b/crypto/ts/ts_rsp_verify.c
@@ -614,12 +614,15 @@ static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
goto err;
}
- EVP_DigestInit(&md_ctx, md);
+ if (!EVP_DigestInit(&md_ctx, md))
+ goto err;
while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0)
{
- EVP_DigestUpdate(&md_ctx, buffer, length);
+ if (!EVP_DigestUpdate(&md_ctx, buffer, length))
+ goto err;
}
- EVP_DigestFinal(&md_ctx, *imprint, NULL);
+ if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
+ goto err;
return 1;
err:
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 2e444f2848..dd55b6e165 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -87,15 +87,20 @@ unsigned long X509_issuer_and_serial_hash(X509 *a)
EVP_MD_CTX_init(&ctx);
f=X509_NAME_oneline(a->cert_info->issuer,NULL,0);
ret=strlen(f);
- EVP_DigestInit_ex(&ctx, EVP_md5(), NULL);
- EVP_DigestUpdate(&ctx,(unsigned char *)f,ret);
+ if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
+ goto err;
+ if (!EVP_DigestUpdate(&ctx,(unsigned char *)f,ret))
+ goto err;
OPENSSL_free(f);
- EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
- (unsigned long)a->cert_info->serialNumber->length);
- EVP_DigestFinal_ex(&ctx,&(md[0]),NULL);
+ if(!EVP_DigestUpdate(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
+ (unsigned long)a->cert_info->serialNumber->length))
+ goto err;
+ if (!EVP_DigestFinal_ex(&ctx,&(md[0]),NULL))
+ goto err;
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
)&0xffffffffL;
+ err:
EVP_MD_CTX_cleanup(&ctx);
return(ret);
}
@@ -205,7 +210,9 @@ unsigned long X509_NAME_hash(X509_NAME *x)
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x,NULL);
- EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(), NULL);
+ if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
+ NULL))
+ return 0;
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
@@ -225,7 +232,8 @@ unsigned long X509_NAME_hash_old(X509_NAME *x)
/* Make sure X509_NAME structure contains valid cached encoding */
i2d_X509_NAME(x,NULL);
- EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
+ if (!EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL))
+ return 0;
ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c
index 202c9e4896..0a984fbaa8 100644
--- a/crypto/x509v3/v3_skey.c
+++ b/crypto/x509v3/v3_skey.c
@@ -129,7 +129,8 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
goto err;
}
- EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL);
+ if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
+ goto err;
if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE);