Replace assert() and OPENSSL_assert() calls with proper error return paths.

Careful review, feedback & ok doug@ jsing@
author: miod <> 2015-02-10 09:52:35 +0000
committer: miod <> 2015-02-10 09:52:35 +0000
commit: d2f68f95d95ff1ca4370b66eb67e8add10d9d079 (patch)
tree: 58f7f299c05557099d7278079e061aed0f4a9f23 /src/lib/libcrypto/evp
parent: 9c8f4b278d0fe6c5ae67ecea60905c57ccf4c4e1 (diff)
download: openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.tar.gz
openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.tar.bz2
openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.zip
8 files changed, 87 insertions, 30 deletions
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index 4a18aff657..c9fb60d49b 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.24 2014/11/09 19:12:18 miod Exp $ */
+/* $OpenBSD: digest.c,v 1.25 2015/02/10 09:52:35 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -249,7 +249,10 @@ EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
 {
        int ret;
-        OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
+        if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) {
+                EVPerr(EVP_F_EVP_DIGESTFINAL_EX, EVP_R_TOO_LARGE);
+                return 0;
+        }
        ret = ctx->digest->final(ctx, md);
        if (size != NULL)
                *size = ctx->digest->md_size;
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
index 456a22eeeb..9052195ac2 100644
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_rc2.c,v 1.10 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: e_rc2.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -187,7 +187,11 @@ rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
        if (type != NULL) {
                l = EVP_CIPHER_CTX_iv_length(c);
-                OPENSSL_assert(l <= sizeof(iv));
+                if (l > sizeof(iv)) {
+                        EVPerr(EVP_F_RC2_GET_ASN1_TYPE_AND_IV,
+                            EVP_R_IV_TOO_LARGE);
+                        return -1;
+                }
                i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
                if (i != (int)l)
                        return (-1);
diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h
index dd4d2245e6..6de762a4ff 100644
--- a/src/lib/libcrypto/evp/evp.h
+++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp.h,v 1.42 2015/02/08 22:22:13 miod Exp $ */
+/* $OpenBSD: evp.h,v 1.43 2015/02/10 09:52:35 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1353,13 +1353,19 @@ void ERR_load_EVP_strings(void);
 #define EVP_F_EVP_AEAD_CTX_INIT                          180
 #define EVP_F_EVP_AEAD_CTX_OPEN                          190
 #define EVP_F_EVP_AEAD_CTX_SEAL                          191
+#define EVP_F_EVP_BYTESTOKEY                             200
 #define EVP_F_EVP_CIPHERINIT_EX                          123
 #define EVP_F_EVP_CIPHER_CTX_COPY                        163
 #define EVP_F_EVP_CIPHER_CTX_CTRL                        124
 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH              122
+#define EVP_F_EVP_CIPHER_GET_ASN1_IV                     201
+#define EVP_F_EVP_CIPHER_SET_ASN1_IV                     202
 #define EVP_F_EVP_DECRYPTFINAL_EX                        101
+#define EVP_F_EVP_DECRYPTUPDATE                          199
+#define EVP_F_EVP_DIGESTFINAL_EX                         196
 #define EVP_F_EVP_DIGESTINIT_EX                          128
 #define EVP_F_EVP_ENCRYPTFINAL_EX                        127
+#define EVP_F_EVP_ENCRYPTUPDATE                          198
 #define EVP_F_EVP_MD_CTX_COPY_EX                         110
 #define EVP_F_EVP_MD_CTX_CTRL                            195
 #define EVP_F_EVP_MD_SIZE                                162
@@ -1415,6 +1421,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
 #define EVP_F_PKCS8_SET_BROKEN                           112
 #define EVP_F_PKEY_SET_TYPE                              158
+#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV                   197
 #define EVP_F_RC2_MAGIC_TO_METH                          109
 #define EVP_F_RC5_CTRL                                   125
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index 49ceacefad..42ccfceec9 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.25 2014/10/22 13:02:04 jsing Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.26 2015/02/10 09:52:35 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -140,10 +140,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
                        const EVP_CIPHER *c =
                            ENGINE_get_cipher(impl, cipher->nid);
                        if (!c) {
-                                /* One positive side-effect of US's export
-                                 * control history, is that we should at least
-                                 * be able to avoid using US mispellings of
-                                 * "initialisation"? */
                                EVPerr(EVP_F_EVP_CIPHERINIT_EX,
                                    EVP_R_INITIALIZATION_ERROR);
                                return 0;
@@ -186,9 +182,12 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
 skip_to_init:
 #endif
        /* we assume block size is a power of 2 in *cryptUpdate */
-        OPENSSL_assert(ctx->cipher->block_size == 1 ||
+        if (ctx->cipher->block_size != 1 &&
-            ctx->cipher->block_size == 8 ||
+            ctx->cipher->block_size != 8 &&
-            ctx->cipher->block_size == 16);
+            ctx->cipher->block_size != 16) {
+                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH);
+                return 0;
+        }
        if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
                switch (EVP_CIPHER_CTX_mode(ctx)) {
@@ -205,8 +204,12 @@ skip_to_init:
                case EVP_CIPH_CBC_MODE:
-                        OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
+                        if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
-                            (int)sizeof(ctx->iv));
+                            sizeof(ctx->iv)) {
+                                EVPerr(EVP_F_EVP_CIPHERINIT_EX,
+                                    EVP_R_IV_TOO_LARGE);
+                                return 0;
+                        }
                        if (iv)
                                memcpy(ctx->oiv, iv,
                                    EVP_CIPHER_CTX_iv_length(ctx));
@@ -325,7 +328,11 @@ EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
        }
        i = ctx->buf_len;
        bl = ctx->cipher->block_size;
-        OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
+        if ((size_t)bl > sizeof(ctx->buf)) {
+                EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
+                *outl = 0;
+                return 0;
+        }
        if (i != 0) {
                if (i + inl < bl) {
                        memcpy(&(ctx->buf[i]), in, inl);
@@ -383,7 +390,10 @@ EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
        }
        b = ctx->cipher->block_size;
-        OPENSSL_assert(b <= sizeof ctx->buf);
+        if (b > sizeof ctx->buf) {
+                EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH);
+                return 0;
+        }
        if (b == 1) {
                *outl = 0;
                return 1;
@@ -437,7 +447,10 @@ EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
                return EVP_EncryptUpdate(ctx, out, outl, in, inl);
        b = ctx->cipher->block_size;
-        OPENSSL_assert(b <= sizeof ctx->final);
+        if (b > sizeof ctx->final) {
+                EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
+                return 0;
+        }
        if (ctx->final_used) {
                memcpy(out, ctx->final, b);
@@ -506,7 +519,11 @@ EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
                            EVP_R_WRONG_FINAL_BLOCK_LENGTH);
                        return (0);
                }
-                OPENSSL_assert(b <= sizeof ctx->final);
+                if (b > sizeof ctx->final) {
+                        EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
+                            EVP_R_BAD_BLOCK_LENGTH);
+                        return 0;
+                }
                n = ctx->final[b - 1];
                if (n == 0 || n > (int)b) {
                        EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index 1493ca9103..4718ab6175 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_key.c,v 1.20 2014/08/06 04:28:21 guenther Exp $ */
+/* $OpenBSD: evp_key.c,v 1.21 2015/02/10 09:52:35 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -59,6 +59,7 @@
 #include <stdio.h>
 #include <string.h>
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/ui.h>
@@ -129,10 +130,18 @@ EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
        int niv, nkey, addmd = 0;
        unsigned int mds = 0, i;
        int rv = 0;
        nkey = type->key_len;
        niv = type->iv_len;
-        OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
-        OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
+        if ((size_t)nkey > EVP_MAX_KEY_LENGTH) {
+                EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_BAD_KEY_LENGTH);
+                return 0;
+        }
+        if ((size_t)niv > EVP_MAX_IV_LENGTH) {
+                EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_IV_TOO_LARGE);
+                return 0;
+        }
        if (data == NULL)
                return (nkey);
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
index 310252d0e8..491c8d6f67 100644
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_lib.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: evp_lib.c,v 1.14 2015/02/10 09:52:35 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -99,7 +99,11 @@ EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
        if (type != NULL) {
                l = EVP_CIPHER_CTX_iv_length(c);
-                OPENSSL_assert(l <= sizeof(c->iv));
+                if (l > sizeof(c->iv)) {
+                        EVPerr(EVP_F_EVP_CIPHER_GET_ASN1_IV,
+                             EVP_R_IV_TOO_LARGE);
+                        return 0;
+                }
                i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
                if (i != (int)l)
                        return (-1);
@@ -117,7 +121,11 @@ EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
        if (type != NULL) {
                j = EVP_CIPHER_CTX_iv_length(c);
-                OPENSSL_assert(j <= sizeof(c->iv));
+                if (j > sizeof(c->iv)) {
+                        EVPerr(EVP_F_EVP_CIPHER_SET_ASN1_IV,
+                             EVP_R_IV_TOO_LARGE);
+                        return 0;
+                }
                i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
        }
        return (i);
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 3b1419b545..112a69114c 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_crpt.c,v 1.14 2014/07/13 12:46:44 miod Exp $ */
+/* $OpenBSD: p5_crpt.c,v 1.15 2015/02/10 09:52:35 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -134,9 +134,15 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
                if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
                        goto err;
        }
-        OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
+        if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) {
+                EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
+                goto err;
+        }
        memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
-        OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
+        if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) {
+                EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_IV_TOO_LARGE);
+                goto err;
+        }
        memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
            EVP_CIPHER_iv_length(cipher));
        if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index 61eadec804..c9eef8f49a 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_crpt2.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */
+/* $OpenBSD: p5_crpt2.c,v 1.18 2015/02/10 09:52:35 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -255,7 +255,10 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
                goto err;
        }
        keylen = EVP_CIPHER_CTX_key_length(ctx);
-        OPENSSL_assert(keylen <= sizeof key);
+        if (keylen > sizeof key) {
+                EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
+                goto err;
+        }
        /* Decode parameter */
author	miod <>	2015-02-10 09:52:35 +0000
committer	miod <>	2015-02-10 09:52:35 +0000
commit	d2f68f95d95ff1ca4370b66eb67e8add10d9d079 (patch)
tree	58f7f299c05557099d7278079e061aed0f4a9f23 /src/lib/libcrypto/evp
parent	9c8f4b278d0fe6c5ae67ecea60905c57ccf4c4e1 (diff)
download	openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.tar.gz openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.tar.bz2 openbsd-d2f68f95d95ff1ca4370b66eb67e8add10d9d079.zip

diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c index 4a18aff657..c9fb60d49b 100644 --- a/src/lib/libcrypto/evp/digest.c +++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: digest.c,v 1.24 2014/11/09 19:12:18 miod Exp $ */	1	/* $OpenBSD: digest.c,v 1.25 2015/02/10 09:52:35 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -249,7 +249,10 @@ EVP_DigestFinal_ex(EVP_MD_CTX ctx, unsigned char md, unsigned int *size)
249	{	249	{
250	int ret;	250	int ret;
251		251
252	OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);	252	if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) {
		253	EVPerr(EVP_F_EVP_DIGESTFINAL_EX, EVP_R_TOO_LARGE);
		254	return 0;
		255	}
253	ret = ctx->digest->final(ctx, md);	256	ret = ctx->digest->final(ctx, md);
254	if (size != NULL)	257	if (size != NULL)
255	*size = ctx->digest->md_size;	258	*size = ctx->digest->md_size;


diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c index 456a22eeeb..9052195ac2 100644 --- a/src/lib/libcrypto/evp/e_rc2.c +++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: e_rc2.c,v 1.10 2014/07/11 08:44:48 jsing Exp $ */	1	/* $OpenBSD: e_rc2.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -187,7 +187,11 @@ rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX c, ASN1_TYPE type)
187		187
188	if (type != NULL) {	188	if (type != NULL) {
189	l = EVP_CIPHER_CTX_iv_length(c);	189	l = EVP_CIPHER_CTX_iv_length(c);
190	OPENSSL_assert(l <= sizeof(iv));	190	if (l > sizeof(iv)) {
		191	EVPerr(EVP_F_RC2_GET_ASN1_TYPE_AND_IV,
		192	EVP_R_IV_TOO_LARGE);
		193	return -1;
		194	}
191	i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);	195	i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
192	if (i != (int)l)	196	if (i != (int)l)
193	return (-1);	197	return (-1);


diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h index dd4d2245e6..6de762a4ff 100644 --- a/src/lib/libcrypto/evp/evp.h +++ b/src/lib/libcrypto/evp/evp.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp.h,v 1.42 2015/02/08 22:22:13 miod Exp $ */	1	/* $OpenBSD: evp.h,v 1.43 2015/02/10 09:52:35 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1353,13 +1353,19 @@ void ERR_load_EVP_strings(void);
1353	#define EVP_F_EVP_AEAD_CTX_INIT 180	1353	#define EVP_F_EVP_AEAD_CTX_INIT 180
1354	#define EVP_F_EVP_AEAD_CTX_OPEN 190	1354	#define EVP_F_EVP_AEAD_CTX_OPEN 190
1355	#define EVP_F_EVP_AEAD_CTX_SEAL 191	1355	#define EVP_F_EVP_AEAD_CTX_SEAL 191
		1356	#define EVP_F_EVP_BYTESTOKEY 200
1356	#define EVP_F_EVP_CIPHERINIT_EX 123	1357	#define EVP_F_EVP_CIPHERINIT_EX 123
1357	#define EVP_F_EVP_CIPHER_CTX_COPY 163	1358	#define EVP_F_EVP_CIPHER_CTX_COPY 163
1358	#define EVP_F_EVP_CIPHER_CTX_CTRL 124	1359	#define EVP_F_EVP_CIPHER_CTX_CTRL 124
1359	#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122	1360	#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
		1361	#define EVP_F_EVP_CIPHER_GET_ASN1_IV 201
		1362	#define EVP_F_EVP_CIPHER_SET_ASN1_IV 202
1360	#define EVP_F_EVP_DECRYPTFINAL_EX 101	1363	#define EVP_F_EVP_DECRYPTFINAL_EX 101
		1364	#define EVP_F_EVP_DECRYPTUPDATE 199
		1365	#define EVP_F_EVP_DIGESTFINAL_EX 196
1361	#define EVP_F_EVP_DIGESTINIT_EX 128	1366	#define EVP_F_EVP_DIGESTINIT_EX 128
1362	#define EVP_F_EVP_ENCRYPTFINAL_EX 127	1367	#define EVP_F_EVP_ENCRYPTFINAL_EX 127
		1368	#define EVP_F_EVP_ENCRYPTUPDATE 198
1363	#define EVP_F_EVP_MD_CTX_COPY_EX 110	1369	#define EVP_F_EVP_MD_CTX_COPY_EX 110
1364	#define EVP_F_EVP_MD_CTX_CTRL 195	1370	#define EVP_F_EVP_MD_CTX_CTRL 195
1365	#define EVP_F_EVP_MD_SIZE 162	1371	#define EVP_F_EVP_MD_SIZE 162
@@ -1415,6 +1421,7 @@ void ERR_load_EVP_strings(void);
1415	#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164	1421	#define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN 164
1416	#define EVP_F_PKCS8_SET_BROKEN 112	1422	#define EVP_F_PKCS8_SET_BROKEN 112
1417	#define EVP_F_PKEY_SET_TYPE 158	1423	#define EVP_F_PKEY_SET_TYPE 158
		1424	#define EVP_F_RC2_GET_ASN1_TYPE_AND_IV 197
1418	#define EVP_F_RC2_MAGIC_TO_METH 109	1425	#define EVP_F_RC2_MAGIC_TO_METH 109
1419	#define EVP_F_RC5_CTRL 125	1426	#define EVP_F_RC5_CTRL 125
1420		1427


diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index 49ceacefad..42ccfceec9 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_enc.c,v 1.25 2014/10/22 13:02:04 jsing Exp $ */	1	/* $OpenBSD: evp_enc.c,v 1.26 2015/02/10 09:52:35 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -140,10 +140,6 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX ctx, const EVP_CIPHER cipher, ENGINE *impl,
140	const EVP_CIPHER *c =	140	const EVP_CIPHER *c =
141	ENGINE_get_cipher(impl, cipher->nid);	141	ENGINE_get_cipher(impl, cipher->nid);
142	if (!c) {	142	if (!c) {
143	/* One positive side-effect of US's export
144	* control history, is that we should at least
145	* be able to avoid using US mispellings of
146	* "initialisation"? */
147	EVPerr(EVP_F_EVP_CIPHERINIT_EX,	143	EVPerr(EVP_F_EVP_CIPHERINIT_EX,
148	EVP_R_INITIALIZATION_ERROR);	144	EVP_R_INITIALIZATION_ERROR);
149	return 0;	145	return 0;
@@ -186,9 +182,12 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX ctx, const EVP_CIPHER cipher, ENGINE *impl,
186	skip_to_init:	182	skip_to_init:
187	#endif	183	#endif
188	/* we assume block size is a power of 2 in cryptUpdate /	184	/* we assume block size is a power of 2 in cryptUpdate /
189	OPENSSL_assert(ctx->cipher->block_size == 1 \|\|	185	if (ctx->cipher->block_size != 1 &&
190	ctx->cipher->block_size == 8 \|\|	186	ctx->cipher->block_size != 8 &&
191	ctx->cipher->block_size == 16);	187	ctx->cipher->block_size != 16) {
		188	EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH);
		189	return 0;
		190	}
192		191
193	if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {	192	if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
194	switch (EVP_CIPHER_CTX_mode(ctx)) {	193	switch (EVP_CIPHER_CTX_mode(ctx)) {
@@ -205,8 +204,12 @@ skip_to_init:
205		204
206	case EVP_CIPH_CBC_MODE:	205	case EVP_CIPH_CBC_MODE:
207		206
208	OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=	207	if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
209	(int)sizeof(ctx->iv));	208	sizeof(ctx->iv)) {
		209	EVPerr(EVP_F_EVP_CIPHERINIT_EX,
		210	EVP_R_IV_TOO_LARGE);
		211	return 0;
		212	}
210	if (iv)	213	if (iv)
211	memcpy(ctx->oiv, iv,	214	memcpy(ctx->oiv, iv,
212	EVP_CIPHER_CTX_iv_length(ctx));	215	EVP_CIPHER_CTX_iv_length(ctx));
@@ -325,7 +328,11 @@ EVP_EncryptUpdate(EVP_CIPHER_CTX ctx, unsigned char out, int *outl,
325	}	328	}
326	i = ctx->buf_len;	329	i = ctx->buf_len;
327	bl = ctx->cipher->block_size;	330	bl = ctx->cipher->block_size;
328	OPENSSL_assert(bl <= (int)sizeof(ctx->buf));	331	if ((size_t)bl > sizeof(ctx->buf)) {
		332	EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
		333	*outl = 0;
		334	return 0;
		335	}
329	if (i != 0) {	336	if (i != 0) {
330	if (i + inl < bl) {	337	if (i + inl < bl) {
331	memcpy(&(ctx->buf[i]), in, inl);	338	memcpy(&(ctx->buf[i]), in, inl);
@@ -383,7 +390,10 @@ EVP_EncryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
383	}	390	}
384		391
385	b = ctx->cipher->block_size;	392	b = ctx->cipher->block_size;
386	OPENSSL_assert(b <= sizeof ctx->buf);	393	if (b > sizeof ctx->buf) {
		394	EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH);
		395	return 0;
		396	}
387	if (b == 1) {	397	if (b == 1) {
388	*outl = 0;	398	*outl = 0;
389	return 1;	399	return 1;
@@ -437,7 +447,10 @@ EVP_DecryptUpdate(EVP_CIPHER_CTX ctx, unsigned char out, int *outl,
437	return EVP_EncryptUpdate(ctx, out, outl, in, inl);	447	return EVP_EncryptUpdate(ctx, out, outl, in, inl);
438		448
439	b = ctx->cipher->block_size;	449	b = ctx->cipher->block_size;
440	OPENSSL_assert(b <= sizeof ctx->final);	450	if (b > sizeof ctx->final) {
		451	EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH);
		452	return 0;
		453	}
441		454
442	if (ctx->final_used) {	455	if (ctx->final_used) {
443	memcpy(out, ctx->final, b);	456	memcpy(out, ctx->final, b);
@@ -506,7 +519,11 @@ EVP_DecryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
506	EVP_R_WRONG_FINAL_BLOCK_LENGTH);	519	EVP_R_WRONG_FINAL_BLOCK_LENGTH);
507	return (0);	520	return (0);
508	}	521	}
509	OPENSSL_assert(b <= sizeof ctx->final);	522	if (b > sizeof ctx->final) {
		523	EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
		524	EVP_R_BAD_BLOCK_LENGTH);
		525	return 0;
		526	}
510	n = ctx->final[b - 1];	527	n = ctx->final[b - 1];
511	if (n == 0 \|\| n > (int)b) {	528	if (n == 0 \|\| n > (int)b) {
512	EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);	529	EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);


diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c index 1493ca9103..4718ab6175 100644 --- a/src/lib/libcrypto/evp/evp_key.c +++ b/src/lib/libcrypto/evp/evp_key.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_key.c,v 1.20 2014/08/06 04:28:21 guenther Exp $ */	1	/* $OpenBSD: evp_key.c,v 1.21 2015/02/10 09:52:35 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -59,6 +59,7 @@
59	#include <stdio.h>	59	#include <stdio.h>
60	#include <string.h>	60	#include <string.h>
61		61
		62	#include <openssl/err.h>
62	#include <openssl/evp.h>	63	#include <openssl/evp.h>
63	#include <openssl/objects.h>	64	#include <openssl/objects.h>
64	#include <openssl/ui.h>	65	#include <openssl/ui.h>
@@ -129,10 +130,18 @@ EVP_BytesToKey(const EVP_CIPHER type, const EVP_MD md,
129	int niv, nkey, addmd = 0;	130	int niv, nkey, addmd = 0;
130	unsigned int mds = 0, i;	131	unsigned int mds = 0, i;
131	int rv = 0;	132	int rv = 0;
		133
132	nkey = type->key_len;	134	nkey = type->key_len;
133	niv = type->iv_len;	135	niv = type->iv_len;
134	OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);	136
135	OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);	137	if ((size_t)nkey > EVP_MAX_KEY_LENGTH) {
		138	EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_BAD_KEY_LENGTH);
		139	return 0;
		140	}
		141	if ((size_t)niv > EVP_MAX_IV_LENGTH) {
		142	EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_IV_TOO_LARGE);
		143	return 0;
		144	}
136		145
137	if (data == NULL)	146	if (data == NULL)
138	return (nkey);	147	return (nkey);


diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c index 310252d0e8..491c8d6f67 100644 --- a/src/lib/libcrypto/evp/evp_lib.c +++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_lib.c,v 1.13 2014/07/11 08:44:48 jsing Exp $ */	1	/* $OpenBSD: evp_lib.c,v 1.14 2015/02/10 09:52:35 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -99,7 +99,11 @@ EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX c, ASN1_TYPE type)
99		99
100	if (type != NULL) {	100	if (type != NULL) {
101	l = EVP_CIPHER_CTX_iv_length(c);	101	l = EVP_CIPHER_CTX_iv_length(c);
102	OPENSSL_assert(l <= sizeof(c->iv));	102	if (l > sizeof(c->iv)) {
		103	EVPerr(EVP_F_EVP_CIPHER_GET_ASN1_IV,
		104	EVP_R_IV_TOO_LARGE);
		105	return 0;
		106	}
103	i = ASN1_TYPE_get_octetstring(type, c->oiv, l);	107	i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
104	if (i != (int)l)	108	if (i != (int)l)
105	return (-1);	109	return (-1);
@@ -117,7 +121,11 @@ EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX c, ASN1_TYPE type)
117		121
118	if (type != NULL) {	122	if (type != NULL) {
119	j = EVP_CIPHER_CTX_iv_length(c);	123	j = EVP_CIPHER_CTX_iv_length(c);
120	OPENSSL_assert(j <= sizeof(c->iv));	124	if (j > sizeof(c->iv)) {
		125	EVPerr(EVP_F_EVP_CIPHER_SET_ASN1_IV,
		126	EVP_R_IV_TOO_LARGE);
		127	return 0;
		128	}
121	i = ASN1_TYPE_set_octetstring(type, c->oiv, j);	129	i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
122	}	130	}
123	return (i);	131	return (i);


diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c index 3b1419b545..112a69114c 100644 --- a/src/lib/libcrypto/evp/p5_crpt.c +++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p5_crpt.c,v 1.14 2014/07/13 12:46:44 miod Exp $ */	1	/* $OpenBSD: p5_crpt.c,v 1.15 2015/02/10 09:52:35 miod Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -134,9 +134,15 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX cctx, const char pass, int passlen,
134	if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))	134	if (!EVP_DigestFinal_ex (&ctx, md_tmp, NULL))
135	goto err;	135	goto err;
136	}	136	}
137	OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));	137	if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) {
		138	EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
		139	goto err;
		140	}
138	memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));	141	memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
139	OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);	142	if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) {
		143	EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_IV_TOO_LARGE);
		144	goto err;
		145	}
140	memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),	146	memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
141	EVP_CIPHER_iv_length(cipher));	147	EVP_CIPHER_iv_length(cipher));
142	if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))	148	if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))


diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c index 61eadec804..c9eef8f49a 100644 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p5_crpt2.c,v 1.17 2014/07/11 08:44:48 jsing Exp $ */	1	/* $OpenBSD: p5_crpt2.c,v 1.18 2015/02/10 09:52:35 miod Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -255,7 +255,10 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX ctx, const char pass, int passlen,
255	goto err;	255	goto err;
256	}	256	}
257	keylen = EVP_CIPHER_CTX_key_length(ctx);	257	keylen = EVP_CIPHER_CTX_key_length(ctx);
258	OPENSSL_assert(keylen <= sizeof key);	258	if (keylen > sizeof key) {
		259	EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH);
		260	goto err;
		261	}
259		262
260	/* Decode parameter */	263	/* Decode parameter */
261		264