Coverty fixes for MACs
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9700)
This commit is contained in:
parent
096978f099
commit
d5f8542913
4 changed files with 29 additions and 16 deletions
|
@ -133,7 +133,7 @@ static void collect_ciphers(EVP_CIPHER *cipher, void *stack)
|
||||||
{
|
{
|
||||||
STACK_OF(EVP_CIPHER) *cipher_stack = stack;
|
STACK_OF(EVP_CIPHER) *cipher_stack = stack;
|
||||||
|
|
||||||
sk_EVP_CIPHER_push(cipher_stack, cipher);
|
if (sk_EVP_CIPHER_push(cipher_stack, cipher) > 0)
|
||||||
EVP_CIPHER_up_ref(cipher);
|
EVP_CIPHER_up_ref(cipher);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -196,7 +196,7 @@ static void collect_digests(EVP_MD *md, void *stack)
|
||||||
{
|
{
|
||||||
STACK_OF(EVP_MD) *digest_stack = stack;
|
STACK_OF(EVP_MD) *digest_stack = stack;
|
||||||
|
|
||||||
sk_EVP_MD_push(digest_stack, md);
|
if (sk_EVP_MD_push(digest_stack, md) > 0)
|
||||||
EVP_MD_up_ref(md);
|
EVP_MD_up_ref(md);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -245,7 +245,7 @@ static void collect_macs(EVP_MAC *mac, void *stack)
|
||||||
{
|
{
|
||||||
STACK_OF(EVP_MAC) *mac_stack = stack;
|
STACK_OF(EVP_MAC) *mac_stack = stack;
|
||||||
|
|
||||||
sk_EVP_MAC_push(mac_stack, mac);
|
if (sk_EVP_MAC_push(mac_stack, mac) > 0)
|
||||||
EVP_MAC_up_ref(mac);
|
EVP_MAC_up_ref(mac);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -87,11 +87,13 @@ void CMAC_CTX_free(CMAC_CTX *ctx)
|
||||||
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
|
int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
|
||||||
{
|
{
|
||||||
int bl;
|
int bl;
|
||||||
|
|
||||||
if (in->nlast_block == -1)
|
if (in->nlast_block == -1)
|
||||||
return 0;
|
return 0;
|
||||||
|
if ((bl = EVP_CIPHER_CTX_block_size(in->cctx)) < 0)
|
||||||
|
return 0;
|
||||||
if (!EVP_CIPHER_CTX_copy(out->cctx, in->cctx))
|
if (!EVP_CIPHER_CTX_copy(out->cctx, in->cctx))
|
||||||
return 0;
|
return 0;
|
||||||
bl = EVP_CIPHER_CTX_block_size(in->cctx);
|
|
||||||
memcpy(out->k1, in->k1, bl);
|
memcpy(out->k1, in->k1, bl);
|
||||||
memcpy(out->k2, in->k2, bl);
|
memcpy(out->k2, in->k2, bl);
|
||||||
memcpy(out->tbl, in->tbl, bl);
|
memcpy(out->tbl, in->tbl, bl);
|
||||||
|
@ -104,6 +106,7 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
||||||
const EVP_CIPHER *cipher, ENGINE *impl)
|
const EVP_CIPHER *cipher, ENGINE *impl)
|
||||||
{
|
{
|
||||||
static const unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH] = { 0 };
|
static const unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH] = { 0 };
|
||||||
|
|
||||||
/* All zeros means restart */
|
/* All zeros means restart */
|
||||||
if (!key && !cipher && !impl && keylen == 0) {
|
if (!key && !cipher && !impl && keylen == 0) {
|
||||||
/* Not initialised */
|
/* Not initialised */
|
||||||
|
@ -121,13 +124,15 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
||||||
/* Non-NULL key means initialisation complete */
|
/* Non-NULL key means initialisation complete */
|
||||||
if (key) {
|
if (key) {
|
||||||
int bl;
|
int bl;
|
||||||
|
|
||||||
if (!EVP_CIPHER_CTX_cipher(ctx->cctx))
|
if (!EVP_CIPHER_CTX_cipher(ctx->cctx))
|
||||||
return 0;
|
return 0;
|
||||||
if (!EVP_CIPHER_CTX_set_key_length(ctx->cctx, keylen))
|
if (!EVP_CIPHER_CTX_set_key_length(ctx->cctx, keylen))
|
||||||
return 0;
|
return 0;
|
||||||
if (!EVP_EncryptInit_ex(ctx->cctx, NULL, NULL, key, zero_iv))
|
if (!EVP_EncryptInit_ex(ctx->cctx, NULL, NULL, key, zero_iv))
|
||||||
return 0;
|
return 0;
|
||||||
bl = EVP_CIPHER_CTX_block_size(ctx->cctx);
|
if ((bl = EVP_CIPHER_CTX_block_size(ctx->cctx)) < 0)
|
||||||
|
return 0;
|
||||||
if (!EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl))
|
if (!EVP_Cipher(ctx->cctx, ctx->tbl, zero_iv, bl))
|
||||||
return 0;
|
return 0;
|
||||||
make_kn(ctx->k1, ctx->tbl, bl);
|
make_kn(ctx->k1, ctx->tbl, bl);
|
||||||
|
@ -146,15 +151,18 @@ int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
|
||||||
int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
|
int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
|
||||||
{
|
{
|
||||||
const unsigned char *data = in;
|
const unsigned char *data = in;
|
||||||
size_t bl;
|
int bl;
|
||||||
|
|
||||||
if (ctx->nlast_block == -1)
|
if (ctx->nlast_block == -1)
|
||||||
return 0;
|
return 0;
|
||||||
if (dlen == 0)
|
if (dlen == 0)
|
||||||
return 1;
|
return 1;
|
||||||
bl = EVP_CIPHER_CTX_block_size(ctx->cctx);
|
if ((bl = EVP_CIPHER_CTX_block_size(ctx->cctx)) < 0)
|
||||||
|
return 0;
|
||||||
/* Copy into partial block if we need to */
|
/* Copy into partial block if we need to */
|
||||||
if (ctx->nlast_block > 0) {
|
if (ctx->nlast_block > 0) {
|
||||||
size_t nleft;
|
size_t nleft;
|
||||||
|
|
||||||
nleft = bl - ctx->nlast_block;
|
nleft = bl - ctx->nlast_block;
|
||||||
if (dlen < nleft)
|
if (dlen < nleft)
|
||||||
nleft = dlen;
|
nleft = dlen;
|
||||||
|
@ -170,7 +178,7 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/* Encrypt all but one of the complete blocks left */
|
/* Encrypt all but one of the complete blocks left */
|
||||||
while (dlen > bl) {
|
while (dlen > (size_t)bl) {
|
||||||
if (!EVP_Cipher(ctx->cctx, ctx->tbl, data, bl))
|
if (!EVP_Cipher(ctx->cctx, ctx->tbl, data, bl))
|
||||||
return 0;
|
return 0;
|
||||||
dlen -= bl;
|
dlen -= bl;
|
||||||
|
@ -186,9 +194,11 @@ int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
|
||||||
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
|
int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
|
||||||
{
|
{
|
||||||
int i, bl, lb;
|
int i, bl, lb;
|
||||||
|
|
||||||
if (ctx->nlast_block == -1)
|
if (ctx->nlast_block == -1)
|
||||||
return 0;
|
return 0;
|
||||||
bl = EVP_CIPHER_CTX_block_size(ctx->cctx);
|
if ((bl = EVP_CIPHER_CTX_block_size(ctx->cctx)) < 0)
|
||||||
|
return 0;
|
||||||
*poutlen = (size_t)bl;
|
*poutlen = (size_t)bl;
|
||||||
if (!out)
|
if (!out)
|
||||||
return 1;
|
return 1;
|
||||||
|
|
|
@ -66,8 +66,9 @@ static void *cmac_new(void *provctx)
|
||||||
|| (macctx->ctx = CMAC_CTX_new()) == NULL) {
|
|| (macctx->ctx = CMAC_CTX_new()) == NULL) {
|
||||||
OPENSSL_free(macctx);
|
OPENSSL_free(macctx);
|
||||||
macctx = NULL;
|
macctx = NULL;
|
||||||
}
|
} else {
|
||||||
macctx->provctx = provctx;
|
macctx->provctx = provctx;
|
||||||
|
}
|
||||||
|
|
||||||
return macctx;
|
return macctx;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1228,7 +1228,9 @@ static int mac_test_run_mac(EVP_TEST *t)
|
||||||
if (tmpval != NULL)
|
if (tmpval != NULL)
|
||||||
*tmpval++ = '\0';
|
*tmpval++ = '\0';
|
||||||
|
|
||||||
if (!OSSL_PARAM_allocate_from_text(¶ms[params_n], defined_params,
|
if (tmpval == NULL
|
||||||
|
|| !OSSL_PARAM_allocate_from_text(¶ms[params_n],
|
||||||
|
defined_params,
|
||||||
tmpkey, tmpval,
|
tmpkey, tmpval,
|
||||||
strlen(tmpval))) {
|
strlen(tmpval))) {
|
||||||
OPENSSL_free(tmpkey);
|
OPENSSL_free(tmpkey);
|
||||||
|
|
Loading…
Reference in a new issue