summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp
diff options
context:
space:
mode:
authorbeck <>2017-01-29 17:49:23 +0000
committerbeck <>2017-01-29 17:49:23 +0000
commitd1f47bd292f36094480caa49ada36b99a69c59b0 (patch)
tree1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/evp
parentf8c627888330b75c2eea8a3c27d0efe947a4f9da (diff)
downloadopenbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.gz
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.bz2
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.zip
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/evp')
-rw-r--r--src/lib/libcrypto/evp/digest.c29
-rw-r--r--src/lib/libcrypto/evp/e_aes.c18
-rw-r--r--src/lib/libcrypto/evp/e_camellia.c5
-rw-r--r--src/lib/libcrypto/evp/e_chacha20poly1305.c22
-rw-r--r--src/lib/libcrypto/evp/e_gost2814789.c18
-rw-r--r--src/lib/libcrypto/evp/e_rc2.c7
-rw-r--r--src/lib/libcrypto/evp/evp_aead.c10
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c59
-rw-r--r--src/lib/libcrypto/evp/evp_err.c99
-rw-r--r--src/lib/libcrypto/evp/evp_key.c6
-rw-r--r--src/lib/libcrypto/evp/evp_lib.c10
-rw-r--r--src/lib/libcrypto/evp/evp_pbe.c17
-rw-r--r--src/lib/libcrypto/evp/evp_pkey.c25
-rw-r--r--src/lib/libcrypto/evp/m_sigver.c4
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c13
-rw-r--r--src/lib/libcrypto/evp/p5_crpt2.c36
-rw-r--r--src/lib/libcrypto/evp/p_dec.c4
-rw-r--r--src/lib/libcrypto/evp/p_enc.c4
-rw-r--r--src/lib/libcrypto/evp/p_lib.c20
-rw-r--r--src/lib/libcrypto/evp/p_open.c6
-rw-r--r--src/lib/libcrypto/evp/p_sign.c6
-rw-r--r--src/lib/libcrypto/evp/p_verify.c7
-rw-r--r--src/lib/libcrypto/evp/pmeth_fn.c67
-rw-r--r--src/lib/libcrypto/evp/pmeth_gn.c18
-rw-r--r--src/lib/libcrypto/evp/pmeth_lib.c24
25 files changed, 187 insertions, 347 deletions
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index 6d8ed9b499..ee1f955959 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: digest.c,v 1.26 2015/02/11 03:19:37 doug Exp $ */ 1/* $OpenBSD: digest.c,v 1.27 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -162,8 +162,7 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
162 ENGINE_finish(ctx->engine); 162 ENGINE_finish(ctx->engine);
163 if (impl) { 163 if (impl) {
164 if (!ENGINE_init(impl)) { 164 if (!ENGINE_init(impl)) {
165 EVPerr(EVP_F_EVP_DIGESTINIT_EX, 165 EVPerror(EVP_R_INITIALIZATION_ERROR);
166 EVP_R_INITIALIZATION_ERROR);
167 return 0; 166 return 0;
168 } 167 }
169 } else 168 } else
@@ -174,8 +173,7 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
174 const EVP_MD *d = ENGINE_get_digest(impl, type->type); 173 const EVP_MD *d = ENGINE_get_digest(impl, type->type);
175 if (!d) { 174 if (!d) {
176 /* Same comment from evp_enc.c */ 175 /* Same comment from evp_enc.c */
177 EVPerr(EVP_F_EVP_DIGESTINIT_EX, 176 EVPerror(EVP_R_INITIALIZATION_ERROR);
178 EVP_R_INITIALIZATION_ERROR);
179 ENGINE_finish(impl); 177 ENGINE_finish(impl);
180 return 0; 178 return 0;
181 } 179 }
@@ -188,7 +186,7 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
188 } else 186 } else
189 ctx->engine = NULL; 187 ctx->engine = NULL;
190 } else if (!ctx->digest) { 188 } else if (!ctx->digest) {
191 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET); 189 EVPerror(EVP_R_NO_DIGEST_SET);
192 return 0; 190 return 0;
193 } 191 }
194#endif 192#endif
@@ -206,8 +204,7 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
206 if (ctx->md_data == NULL) { 204 if (ctx->md_data == NULL) {
207 EVP_PKEY_CTX_free(ctx->pctx); 205 EVP_PKEY_CTX_free(ctx->pctx);
208 ctx->pctx = NULL; 206 ctx->pctx = NULL;
209 EVPerr(EVP_F_EVP_DIGESTINIT_EX, 207 EVPerror(ERR_R_MALLOC_FAILURE);
210 ERR_R_MALLOC_FAILURE);
211 return 0; 208 return 0;
212 } 209 }
213 } 210 }
@@ -251,7 +248,7 @@ EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
251 int ret; 248 int ret;
252 249
253 if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) { 250 if ((size_t)ctx->digest->md_size > EVP_MAX_MD_SIZE) {
254 EVPerr(EVP_F_EVP_DIGESTFINAL_EX, EVP_R_TOO_LARGE); 251 EVPerror(EVP_R_TOO_LARGE);
255 return 0; 252 return 0;
256 } 253 }
257 ret = ctx->digest->final(ctx, md); 254 ret = ctx->digest->final(ctx, md);
@@ -278,13 +275,13 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
278 unsigned char *tmp_buf; 275 unsigned char *tmp_buf;
279 276
280 if ((in == NULL) || (in->digest == NULL)) { 277 if ((in == NULL) || (in->digest == NULL)) {
281 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED); 278 EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
282 return 0; 279 return 0;
283 } 280 }
284#ifndef OPENSSL_NO_ENGINE 281#ifndef OPENSSL_NO_ENGINE
285 /* Make sure it's safe to copy a digest context using an ENGINE */ 282 /* Make sure it's safe to copy a digest context using an ENGINE */
286 if (in->engine && !ENGINE_init(in->engine)) { 283 if (in->engine && !ENGINE_init(in->engine)) {
287 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB); 284 EVPerror(ERR_R_ENGINE_LIB);
288 return 0; 285 return 0;
289 } 286 }
290#endif 287#endif
@@ -303,8 +300,7 @@ EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
303 else { 300 else {
304 out->md_data = malloc(out->digest->ctx_size); 301 out->md_data = malloc(out->digest->ctx_size);
305 if (!out->md_data) { 302 if (!out->md_data) {
306 EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, 303 EVPerror(ERR_R_MALLOC_FAILURE);
307 ERR_R_MALLOC_FAILURE);
308 return 0; 304 return 0;
309 } 305 }
310 } 306 }
@@ -386,19 +382,18 @@ EVP_MD_CTX_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
386 int ret; 382 int ret;
387 383
388 if (!ctx->digest) { 384 if (!ctx->digest) {
389 EVPerr(EVP_F_EVP_MD_CTX_CTRL, EVP_R_NO_CIPHER_SET); 385 EVPerror(EVP_R_NO_CIPHER_SET);
390 return 0; 386 return 0;
391 } 387 }
392 388
393 if (!ctx->digest->md_ctrl) { 389 if (!ctx->digest->md_ctrl) {
394 EVPerr(EVP_F_EVP_MD_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); 390 EVPerror(EVP_R_CTRL_NOT_IMPLEMENTED);
395 return 0; 391 return 0;
396 } 392 }
397 393
398 ret = ctx->digest->md_ctrl(ctx, type, arg, ptr); 394 ret = ctx->digest->md_ctrl(ctx, type, arg, ptr);
399 if (ret == -1) { 395 if (ret == -1) {
400 EVPerr(EVP_F_EVP_MD_CTX_CTRL, 396 EVPerror(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
401 EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
402 return 0; 397 return 0;
403 } 398 }
404 return ret; 399 return ret;
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index b20543a90c..71a18363f1 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_aes.c,v 1.31 2016/11/04 17:30:30 miod Exp $ */ 1/* $OpenBSD: e_aes.c,v 1.32 2017/01/29 17:49:23 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -225,7 +225,7 @@ aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
225 } 225 }
226 226
227 if (ret < 0) { 227 if (ret < 0) {
228 EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED); 228 EVPerror(EVP_R_AES_KEY_SETUP_FAILED);
229 return 0; 229 return 0;
230 } 230 }
231 231
@@ -563,7 +563,7 @@ aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
563 } 563 }
564 564
565 if (ret < 0) { 565 if (ret < 0) {
566 EVPerr(EVP_F_AES_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED); 566 EVPerror(EVP_R_AES_KEY_SETUP_FAILED);
567 return 0; 567 return 0;
568 } 568 }
569 569
@@ -1378,7 +1378,7 @@ aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const unsigned char *key, size_t key_len,
1378 1378
1379 /* EVP_AEAD_CTX_init should catch this. */ 1379 /* EVP_AEAD_CTX_init should catch this. */
1380 if (key_bits != 128 && key_bits != 256) { 1380 if (key_bits != 128 && key_bits != 256) {
1381 EVPerr(EVP_F_AEAD_AES_GCM_INIT, EVP_R_BAD_KEY_LENGTH); 1381 EVPerror(EVP_R_BAD_KEY_LENGTH);
1382 return 0; 1382 return 0;
1383 } 1383 }
1384 1384
@@ -1386,7 +1386,7 @@ aead_aes_gcm_init(EVP_AEAD_CTX *ctx, const unsigned char *key, size_t key_len,
1386 tag_len = EVP_AEAD_AES_GCM_TAG_LEN; 1386 tag_len = EVP_AEAD_AES_GCM_TAG_LEN;
1387 1387
1388 if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) { 1388 if (tag_len > EVP_AEAD_AES_GCM_TAG_LEN) {
1389 EVPerr(EVP_F_AEAD_AES_GCM_INIT, EVP_R_TAG_TOO_LARGE); 1389 EVPerror(EVP_R_TAG_TOO_LARGE);
1390 return 0; 1390 return 0;
1391 } 1391 }
1392 1392
@@ -1432,7 +1432,7 @@ aead_aes_gcm_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
1432 size_t bulk = 0; 1432 size_t bulk = 0;
1433 1433
1434 if (max_out_len < in_len + gcm_ctx->tag_len) { 1434 if (max_out_len < in_len + gcm_ctx->tag_len) {
1435 EVPerr(EVP_F_AEAD_AES_GCM_SEAL, EVP_R_BUFFER_TOO_SMALL); 1435 EVPerror(EVP_R_BUFFER_TOO_SMALL);
1436 return 0; 1436 return 0;
1437 } 1437 }
1438 1438
@@ -1471,14 +1471,14 @@ aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
1471 size_t bulk = 0; 1471 size_t bulk = 0;
1472 1472
1473 if (in_len < gcm_ctx->tag_len) { 1473 if (in_len < gcm_ctx->tag_len) {
1474 EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT); 1474 EVPerror(EVP_R_BAD_DECRYPT);
1475 return 0; 1475 return 0;
1476 } 1476 }
1477 1477
1478 plaintext_len = in_len - gcm_ctx->tag_len; 1478 plaintext_len = in_len - gcm_ctx->tag_len;
1479 1479
1480 if (max_out_len < plaintext_len) { 1480 if (max_out_len < plaintext_len) {
1481 EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BUFFER_TOO_SMALL); 1481 EVPerror(EVP_R_BUFFER_TOO_SMALL);
1482 return 0; 1482 return 0;
1483 } 1483 }
1484 1484
@@ -1500,7 +1500,7 @@ aead_aes_gcm_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
1500 1500
1501 CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len); 1501 CRYPTO_gcm128_tag(&gcm, tag, gcm_ctx->tag_len);
1502 if (timingsafe_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) { 1502 if (timingsafe_memcmp(tag, in + plaintext_len, gcm_ctx->tag_len) != 0) {
1503 EVPerr(EVP_F_AEAD_AES_GCM_OPEN, EVP_R_BAD_DECRYPT); 1503 EVPerror(EVP_R_BAD_DECRYPT);
1504 return 0; 1504 return 0;
1505 } 1505 }
1506 1506
diff --git a/src/lib/libcrypto/evp/e_camellia.c b/src/lib/libcrypto/evp/e_camellia.c
index e3424cfe94..fd12cf9c50 100644
--- a/src/lib/libcrypto/evp/e_camellia.c
+++ b/src/lib/libcrypto/evp/e_camellia.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_camellia.c,v 1.7 2015/02/10 09:50:12 miod Exp $ */ 1/* $OpenBSD: e_camellia.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -114,8 +114,7 @@ camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
114 ret = Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data); 114 ret = Camellia_set_key(key, ctx->key_len * 8, ctx->cipher_data);
115 115
116 if (ret < 0) { 116 if (ret < 0) {
117 EVPerr(EVP_F_CAMELLIA_INIT_KEY, 117 EVPerror(EVP_R_CAMELLIA_KEY_SETUP_FAILED);
118 EVP_R_CAMELLIA_KEY_SETUP_FAILED);
119 return 0; 118 return 0;
120 } 119 }
121 120
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c
index e5395ad8ca..e135f9a104 100644
--- a/src/lib/libcrypto/evp/e_chacha20poly1305.c
+++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_chacha20poly1305.c,v 1.14 2016/04/28 16:06:53 jsing Exp $ */ 1/* $OpenBSD: e_chacha20poly1305.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org> 4 * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
@@ -59,7 +59,7 @@ aead_chacha20_poly1305_init(EVP_AEAD_CTX *ctx, const unsigned char *key,
59 tag_len = POLY1305_TAG_LEN; 59 tag_len = POLY1305_TAG_LEN;
60 60
61 if (tag_len > POLY1305_TAG_LEN) { 61 if (tag_len > POLY1305_TAG_LEN) {
62 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_INIT, EVP_R_TOO_LARGE); 62 EVPerror(EVP_R_TOO_LARGE);
63 return 0; 63 return 0;
64 } 64 }
65 65
@@ -142,18 +142,17 @@ aead_chacha20_poly1305_seal(const EVP_AEAD_CTX *ctx, unsigned char *out,
142 * Casting to uint64_t inside the conditional is not sufficient to stop 142 * Casting to uint64_t inside the conditional is not sufficient to stop
143 * the warning. */ 143 * the warning. */
144 if (in_len_64 >= (1ULL << 32) * 64 - 64) { 144 if (in_len_64 >= (1ULL << 32) * 64 - 64) {
145 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL, EVP_R_TOO_LARGE); 145 EVPerror(EVP_R_TOO_LARGE);
146 return 0; 146 return 0;
147 } 147 }
148 148
149 if (max_out_len < in_len + c20_ctx->tag_len) { 149 if (max_out_len < in_len + c20_ctx->tag_len) {
150 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL, 150 EVPerror(EVP_R_BUFFER_TOO_SMALL);
151 EVP_R_BUFFER_TOO_SMALL);
152 return 0; 151 return 0;
153 } 152 }
154 153
155 if (nonce_len != ctx->aead->nonce_len) { 154 if (nonce_len != ctx->aead->nonce_len) {
156 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_SEAL, EVP_R_IV_TOO_LARGE); 155 EVPerror(EVP_R_IV_TOO_LARGE);
157 return 0; 156 return 0;
158 } 157 }
159 158
@@ -216,7 +215,7 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
216 uint64_t ctr = 0; 215 uint64_t ctr = 0;
217 216
218 if (in_len < c20_ctx->tag_len) { 217 if (in_len < c20_ctx->tag_len) {
219 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT); 218 EVPerror(EVP_R_BAD_DECRYPT);
220 return 0; 219 return 0;
221 } 220 }
222 221
@@ -228,20 +227,19 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
228 * Casting to uint64_t inside the conditional is not sufficient to stop 227 * Casting to uint64_t inside the conditional is not sufficient to stop
229 * the warning. */ 228 * the warning. */
230 if (in_len_64 >= (1ULL << 32) * 64 - 64) { 229 if (in_len_64 >= (1ULL << 32) * 64 - 64) {
231 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_TOO_LARGE); 230 EVPerror(EVP_R_TOO_LARGE);
232 return 0; 231 return 0;
233 } 232 }
234 233
235 if (nonce_len != ctx->aead->nonce_len) { 234 if (nonce_len != ctx->aead->nonce_len) {
236 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_IV_TOO_LARGE); 235 EVPerror(EVP_R_IV_TOO_LARGE);
237 return 0; 236 return 0;
238 } 237 }
239 238
240 plaintext_len = in_len - c20_ctx->tag_len; 239 plaintext_len = in_len - c20_ctx->tag_len;
241 240
242 if (max_out_len < plaintext_len) { 241 if (max_out_len < plaintext_len) {
243 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, 242 EVPerror(EVP_R_BUFFER_TOO_SMALL);
244 EVP_R_BUFFER_TOO_SMALL);
245 return 0; 243 return 0;
246 } 244 }
247 245
@@ -276,7 +274,7 @@ aead_chacha20_poly1305_open(const EVP_AEAD_CTX *ctx, unsigned char *out,
276 CRYPTO_poly1305_finish(&poly1305, mac); 274 CRYPTO_poly1305_finish(&poly1305, mac);
277 275
278 if (timingsafe_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) { 276 if (timingsafe_memcmp(mac, in + plaintext_len, c20_ctx->tag_len) != 0) {
279 EVPerr(EVP_F_AEAD_CHACHA20_POLY1305_OPEN, EVP_R_BAD_DECRYPT); 277 EVPerror(EVP_R_BAD_DECRYPT);
280 return 0; 278 return 0;
281 } 279 }
282 280
diff --git a/src/lib/libcrypto/evp/e_gost2814789.c b/src/lib/libcrypto/evp/e_gost2814789.c
index e2235a64b5..730de4fed1 100644
--- a/src/lib/libcrypto/evp/e_gost2814789.c
+++ b/src/lib/libcrypto/evp/e_gost2814789.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_gost2814789.c,v 1.3 2014/11/18 05:30:07 miod Exp $ */ 1/* $OpenBSD: e_gost2814789.c,v 1.4 2017/01/29 17:49:23 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> 3 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4 * Copyright (c) 2005-2006 Cryptocom LTD 4 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -107,13 +107,12 @@ gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
107 GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new(); 107 GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
108 108
109 if (gcp == NULL) { 109 if (gcp == NULL) {
110 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, 110 GOSTerror(ERR_R_MALLOC_FAILURE);
111 ERR_R_MALLOC_FAILURE);
112 return 0; 111 return 0;
113 } 112 }
114 if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) { 113 if (ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len) == 0) {
115 GOST_CIPHER_PARAMS_free(gcp); 114 GOST_CIPHER_PARAMS_free(gcp);
116 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB); 115 GOSTerror(ERR_R_ASN1_LIB);
117 return 0; 116 return 0;
118 } 117 }
119 ASN1_OBJECT_free(gcp->enc_param_set); 118 ASN1_OBJECT_free(gcp->enc_param_set);
@@ -123,8 +122,7 @@ gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
123 p = buf = malloc(len); 122 p = buf = malloc(len);
124 if (buf == NULL) { 123 if (buf == NULL) {
125 GOST_CIPHER_PARAMS_free(gcp); 124 GOST_CIPHER_PARAMS_free(gcp);
126 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, 125 GOSTerror(ERR_R_MALLOC_FAILURE);
127 ERR_R_MALLOC_FAILURE);
128 return 0; 126 return 0;
129 } 127 }
130 i2d_GOST_CIPHER_PARAMS(gcp, &p); 128 i2d_GOST_CIPHER_PARAMS(gcp, &p);
@@ -133,14 +131,13 @@ gost2814789_set_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
133 os = ASN1_OCTET_STRING_new(); 131 os = ASN1_OCTET_STRING_new();
134 if (os == NULL) { 132 if (os == NULL) {
135 free(buf); 133 free(buf);
136 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, 134 GOSTerror(ERR_R_MALLOC_FAILURE);
137 ERR_R_MALLOC_FAILURE);
138 return 0; 135 return 0;
139 } 136 }
140 if (ASN1_OCTET_STRING_set(os, buf, len) == 0) { 137 if (ASN1_OCTET_STRING_set(os, buf, len) == 0) {
141 ASN1_OCTET_STRING_free(os); 138 ASN1_OCTET_STRING_free(os);
142 free(buf); 139 free(buf);
143 GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, ERR_R_ASN1_LIB); 140 GOSTerror(ERR_R_ASN1_LIB);
144 return 0; 141 return 0;
145 } 142 }
146 free(buf); 143 free(buf);
@@ -169,8 +166,7 @@ gost2814789_get_asn1_params(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
169 len = gcp->iv->length; 166 len = gcp->iv->length;
170 if (len != ctx->cipher->iv_len) { 167 if (len != ctx->cipher->iv_len) {
171 GOST_CIPHER_PARAMS_free(gcp); 168 GOST_CIPHER_PARAMS_free(gcp);
172 GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, 169 GOSTerror(GOST_R_INVALID_IV_LENGTH);
173 GOST_R_INVALID_IV_LENGTH);
174 return -1; 170 return -1;
175 } 171 }
176 172
diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c
index 9052195ac2..de1b24a306 100644
--- a/src/lib/libcrypto/evp/e_rc2.c
+++ b/src/lib/libcrypto/evp/e_rc2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_rc2.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */ 1/* $OpenBSD: e_rc2.c,v 1.12 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -171,7 +171,7 @@ rc2_magic_to_meth(int i)
171 else if (i == RC2_40_MAGIC) 171 else if (i == RC2_40_MAGIC)
172 return 40; 172 return 40;
173 else { 173 else {
174 EVPerr(EVP_F_RC2_MAGIC_TO_METH, EVP_R_UNSUPPORTED_KEY_SIZE); 174 EVPerror(EVP_R_UNSUPPORTED_KEY_SIZE);
175 return (0); 175 return (0);
176 } 176 }
177} 177}
@@ -188,8 +188,7 @@ rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
188 if (type != NULL) { 188 if (type != NULL) {
189 l = EVP_CIPHER_CTX_iv_length(c); 189 l = EVP_CIPHER_CTX_iv_length(c);
190 if (l > sizeof(iv)) { 190 if (l > sizeof(iv)) {
191 EVPerr(EVP_F_RC2_GET_ASN1_TYPE_AND_IV, 191 EVPerror(EVP_R_IV_TOO_LARGE);
192 EVP_R_IV_TOO_LARGE);
193 return -1; 192 return -1;
194 } 193 }
195 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l); 194 i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
diff --git a/src/lib/libcrypto/evp/evp_aead.c b/src/lib/libcrypto/evp/evp_aead.c
index 197b7f515f..40471b0022 100644
--- a/src/lib/libcrypto/evp/evp_aead.c
+++ b/src/lib/libcrypto/evp/evp_aead.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_aead.c,v 1.5 2014/06/21 15:30:36 jsing Exp $ */ 1/* $OpenBSD: evp_aead.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2014, Google Inc. 3 * Copyright (c) 2014, Google Inc.
4 * 4 *
@@ -53,7 +53,7 @@ EVP_AEAD_CTX_init(EVP_AEAD_CTX *ctx, const EVP_AEAD *aead,
53{ 53{
54 ctx->aead = aead; 54 ctx->aead = aead;
55 if (key_len != aead->key_len) { 55 if (key_len != aead->key_len) {
56 EVPerr(EVP_F_EVP_AEAD_CTX_INIT, EVP_R_UNSUPPORTED_KEY_SIZE); 56 EVPerror(EVP_R_UNSUPPORTED_KEY_SIZE);
57 return 0; 57 return 0;
58 } 58 }
59 return aead->init(ctx, key, key_len, tag_len); 59 return aead->init(ctx, key, key_len, tag_len);
@@ -96,12 +96,12 @@ EVP_AEAD_CTX_seal(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
96 96
97 /* Overflow. */ 97 /* Overflow. */
98 if (possible_out_len < in_len) { 98 if (possible_out_len < in_len) {
99 EVPerr(EVP_F_AEAD_CTX_SEAL, EVP_R_TOO_LARGE); 99 EVPerror(EVP_R_TOO_LARGE);
100 goto error; 100 goto error;
101 } 101 }
102 102
103 if (!check_alias(in, in_len, out)) { 103 if (!check_alias(in, in_len, out)) {
104 EVPerr(EVP_F_AEAD_CTX_SEAL, EVP_R_OUTPUT_ALIASES_INPUT); 104 EVPerror(EVP_R_OUTPUT_ALIASES_INPUT);
105 goto error; 105 goto error;
106 } 106 }
107 107
@@ -125,7 +125,7 @@ EVP_AEAD_CTX_open(const EVP_AEAD_CTX *ctx, unsigned char *out, size_t *out_len,
125 size_t ad_len) 125 size_t ad_len)
126{ 126{
127 if (!check_alias(in, in_len, out)) { 127 if (!check_alias(in, in_len, out)) {
128 EVPerr(EVP_F_AEAD_CTX_OPEN, EVP_R_OUTPUT_ALIASES_INPUT); 128 EVPerror(EVP_R_OUTPUT_ALIASES_INPUT);
129 goto error; 129 goto error;
130 } 130 }
131 131
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index 0dfb7a5dc3..d0a5eb2d5f 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_enc.c,v 1.35 2016/09/09 00:03:22 bcook Exp $ */ 1/* $OpenBSD: evp_enc.c,v 1.36 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -130,8 +130,7 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
130#ifndef OPENSSL_NO_ENGINE 130#ifndef OPENSSL_NO_ENGINE
131 if (impl) { 131 if (impl) {
132 if (!ENGINE_init(impl)) { 132 if (!ENGINE_init(impl)) {
133 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 133 EVPerror(EVP_R_INITIALIZATION_ERROR);
134 EVP_R_INITIALIZATION_ERROR);
135 return 0; 134 return 0;
136 } 135 }
137 } else 136 } else
@@ -142,8 +141,7 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
142 const EVP_CIPHER *c = 141 const EVP_CIPHER *c =
143 ENGINE_get_cipher(impl, cipher->nid); 142 ENGINE_get_cipher(impl, cipher->nid);
144 if (!c) { 143 if (!c) {
145 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 144 EVPerror(EVP_R_INITIALIZATION_ERROR);
146 EVP_R_INITIALIZATION_ERROR);
147 return 0; 145 return 0;
148 } 146 }
149 /* We'll use the ENGINE's private cipher definition */ 147 /* We'll use the ENGINE's private cipher definition */
@@ -160,8 +158,7 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
160 if (ctx->cipher->ctx_size) { 158 if (ctx->cipher->ctx_size) {
161 ctx->cipher_data = malloc(ctx->cipher->ctx_size); 159 ctx->cipher_data = malloc(ctx->cipher->ctx_size);
162 if (!ctx->cipher_data) { 160 if (!ctx->cipher_data) {
163 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 161 EVPerror(ERR_R_MALLOC_FAILURE);
164 ERR_R_MALLOC_FAILURE);
165 return 0; 162 return 0;
166 } 163 }
167 } else { 164 } else {
@@ -171,13 +168,12 @@ EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
171 ctx->flags = 0; 168 ctx->flags = 0;
172 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { 169 if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
173 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { 170 if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
174 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 171 EVPerror(EVP_R_INITIALIZATION_ERROR);
175 EVP_R_INITIALIZATION_ERROR);
176 return 0; 172 return 0;
177 } 173 }
178 } 174 }
179 } else if (!ctx->cipher) { 175 } else if (!ctx->cipher) {
180 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET); 176 EVPerror(EVP_R_NO_CIPHER_SET);
181 return 0; 177 return 0;
182 } 178 }
183#ifndef OPENSSL_NO_ENGINE 179#ifndef OPENSSL_NO_ENGINE
@@ -187,7 +183,7 @@ skip_to_init:
187 if (ctx->cipher->block_size != 1 && 183 if (ctx->cipher->block_size != 1 &&
188 ctx->cipher->block_size != 8 && 184 ctx->cipher->block_size != 8 &&
189 ctx->cipher->block_size != 16) { 185 ctx->cipher->block_size != 16) {
190 EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_BAD_BLOCK_LENGTH); 186 EVPerror(EVP_R_BAD_BLOCK_LENGTH);
191 return 0; 187 return 0;
192 } 188 }
193 189
@@ -208,8 +204,7 @@ skip_to_init:
208 204
209 if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) > 205 if ((size_t)EVP_CIPHER_CTX_iv_length(ctx) >
210 sizeof(ctx->iv)) { 206 sizeof(ctx->iv)) {
211 EVPerr(EVP_F_EVP_CIPHERINIT_EX, 207 EVPerror(EVP_R_IV_TOO_LARGE);
212 EVP_R_IV_TOO_LARGE);
213 return 0; 208 return 0;
214 } 209 }
215 if (iv) 210 if (iv)
@@ -336,7 +331,7 @@ EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
336 i = ctx->buf_len; 331 i = ctx->buf_len;
337 bl = ctx->cipher->block_size; 332 bl = ctx->cipher->block_size;
338 if ((size_t)bl > sizeof(ctx->buf)) { 333 if ((size_t)bl > sizeof(ctx->buf)) {
339 EVPerr(EVP_F_EVP_ENCRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH); 334 EVPerror(EVP_R_BAD_BLOCK_LENGTH);
340 *outl = 0; 335 *outl = 0;
341 return 0; 336 return 0;
342 } 337 }
@@ -401,7 +396,7 @@ EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
401 396
402 b = ctx->cipher->block_size; 397 b = ctx->cipher->block_size;
403 if (b > sizeof ctx->buf) { 398 if (b > sizeof ctx->buf) {
404 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_BAD_BLOCK_LENGTH); 399 EVPerror(EVP_R_BAD_BLOCK_LENGTH);
405 return 0; 400 return 0;
406 } 401 }
407 if (b == 1) { 402 if (b == 1) {
@@ -411,8 +406,7 @@ EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
411 bl = ctx->buf_len; 406 bl = ctx->buf_len;
412 if (ctx->flags & EVP_CIPH_NO_PADDING) { 407 if (ctx->flags & EVP_CIPH_NO_PADDING) {
413 if (bl) { 408 if (bl) {
414 EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX, 409 EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
415 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
416 return 0; 410 return 0;
417 } 411 }
418 *outl = 0; 412 *outl = 0;
@@ -458,7 +452,7 @@ EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
458 452
459 b = ctx->cipher->block_size; 453 b = ctx->cipher->block_size;
460 if (b > sizeof ctx->final) { 454 if (b > sizeof ctx->final) {
461 EVPerr(EVP_F_EVP_DECRYPTUPDATE, EVP_R_BAD_BLOCK_LENGTH); 455 EVPerror(EVP_R_BAD_BLOCK_LENGTH);
462 return 0; 456 return 0;
463 } 457 }
464 458
@@ -519,8 +513,7 @@ EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
519 b = ctx->cipher->block_size; 513 b = ctx->cipher->block_size;
520 if (ctx->flags & EVP_CIPH_NO_PADDING) { 514 if (ctx->flags & EVP_CIPH_NO_PADDING) {
521 if (ctx->buf_len) { 515 if (ctx->buf_len) {
522 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 516 EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
523 EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
524 return 0; 517 return 0;
525 } 518 }
526 *outl = 0; 519 *outl = 0;
@@ -528,24 +521,21 @@ EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
528 } 521 }
529 if (b > 1) { 522 if (b > 1) {
530 if (ctx->buf_len || !ctx->final_used) { 523 if (ctx->buf_len || !ctx->final_used) {
531 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 524 EVPerror(EVP_R_WRONG_FINAL_BLOCK_LENGTH);
532 EVP_R_WRONG_FINAL_BLOCK_LENGTH);
533 return (0); 525 return (0);
534 } 526 }
535 if (b > sizeof ctx->final) { 527 if (b > sizeof ctx->final) {
536 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 528 EVPerror(EVP_R_BAD_BLOCK_LENGTH);
537 EVP_R_BAD_BLOCK_LENGTH);
538 return 0; 529 return 0;
539 } 530 }
540 n = ctx->final[b - 1]; 531 n = ctx->final[b - 1];
541 if (n == 0 || n > (int)b) { 532 if (n == 0 || n > (int)b) {
542 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT); 533 EVPerror(EVP_R_BAD_DECRYPT);
543 return (0); 534 return (0);
544 } 535 }
545 for (i = 0; i < n; i++) { 536 for (i = 0; i < n; i++) {
546 if (ctx->final[--b] != n) { 537 if (ctx->final[--b] != n) {
547 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, 538 EVPerror(EVP_R_BAD_DECRYPT);
548 EVP_R_BAD_DECRYPT);
549 return (0); 539 return (0);
550 } 540 }
551 } 541 }
@@ -600,7 +590,7 @@ EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
600 c->key_len = keylen; 590 c->key_len = keylen;
601 return 1; 591 return 1;
602 } 592 }
603 EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH); 593 EVPerror(EVP_R_INVALID_KEY_LENGTH);
604 return 0; 594 return 0;
605} 595}
606 596
@@ -620,19 +610,18 @@ EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
620 int ret; 610 int ret;
621 611
622 if (!ctx->cipher) { 612 if (!ctx->cipher) {
623 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); 613 EVPerror(EVP_R_NO_CIPHER_SET);
624 return 0; 614 return 0;
625 } 615 }
626 616
627 if (!ctx->cipher->ctrl) { 617 if (!ctx->cipher->ctrl) {
628 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); 618 EVPerror(EVP_R_CTRL_NOT_IMPLEMENTED);
629 return 0; 619 return 0;
630 } 620 }
631 621
632 ret = ctx->cipher->ctrl(ctx, type, arg, ptr); 622 ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
633 if (ret == -1) { 623 if (ret == -1) {
634 EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, 624 EVPerror(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
635 EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
636 return 0; 625 return 0;
637 } 626 }
638 return ret; 627 return ret;
@@ -651,13 +640,13 @@ int
651EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in) 640EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
652{ 641{
653 if ((in == NULL) || (in->cipher == NULL)) { 642 if ((in == NULL) || (in->cipher == NULL)) {
654 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED); 643 EVPerror(EVP_R_INPUT_NOT_INITIALIZED);
655 return 0; 644 return 0;
656 } 645 }
657#ifndef OPENSSL_NO_ENGINE 646#ifndef OPENSSL_NO_ENGINE
658 /* Make sure it's safe to copy a cipher context using an ENGINE */ 647 /* Make sure it's safe to copy a cipher context using an ENGINE */
659 if (in->engine && !ENGINE_init(in->engine)) { 648 if (in->engine && !ENGINE_init(in->engine)) {
660 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB); 649 EVPerror(ERR_R_ENGINE_LIB);
661 return 0; 650 return 0;
662 } 651 }
663#endif 652#endif
@@ -668,7 +657,7 @@ EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
668 if (in->cipher_data && in->cipher->ctx_size) { 657 if (in->cipher_data && in->cipher->ctx_size) {
669 out->cipher_data = malloc(in->cipher->ctx_size); 658 out->cipher_data = malloc(in->cipher->ctx_size);
670 if (!out->cipher_data) { 659 if (!out->cipher_data) {
671 EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE); 660 EVPerror(ERR_R_MALLOC_FAILURE);
672 return 0; 661 return 0;
673 } 662 }
674 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size); 663 memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c
index dadd5365a0..1e1cc8350b 100644
--- a/src/lib/libcrypto/evp/evp_err.c
+++ b/src/lib/libcrypto/evp/evp_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_err.c,v 1.21 2015/02/15 14:35:30 miod Exp $ */ 1/* $OpenBSD: evp_err.c,v 1.22 2017/01/29 17:49:23 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -72,102 +72,7 @@
72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason) 72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
73 73
74static ERR_STRING_DATA EVP_str_functs[] = { 74static ERR_STRING_DATA EVP_str_functs[] = {
75 {ERR_FUNC(EVP_F_AEAD_AES_GCM_INIT), "AEAD_AES_GCM_INIT"}, 75 {ERR_FUNC(0xfff), "CRYPTO_internal"},
76 {ERR_FUNC(EVP_F_AEAD_AES_GCM_OPEN), "AEAD_AES_GCM_OPEN"},
77 {ERR_FUNC(EVP_F_AEAD_AES_GCM_SEAL), "AEAD_AES_GCM_SEAL"},
78 {ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_INIT), "AEAD_CHACHA20_POLY1305_INIT"},
79 {ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_OPEN), "AEAD_CHACHA20_POLY1305_OPEN"},
80 {ERR_FUNC(EVP_F_AEAD_CHACHA20_POLY1305_SEAL), "AEAD_CHACHA20_POLY1305_SEAL"},
81 {ERR_FUNC(EVP_F_AEAD_CTX_OPEN), "AEAD_CTX_OPEN"},
82 {ERR_FUNC(EVP_F_AEAD_CTX_SEAL), "AEAD_CTX_SEAL"},
83 {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
84 {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
85 {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
86 {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
87 {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
88 {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
89 {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
90 {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
91 {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
92 {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
93 {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
94 {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
95 {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
96 {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
97 {ERR_FUNC(EVP_F_EVP_AEAD_CTX_INIT), "EVP_AEAD_CTX_init"},
98 {ERR_FUNC(EVP_F_EVP_AEAD_CTX_OPEN), "EVP_AEAD_CTX_open"},
99 {ERR_FUNC(EVP_F_EVP_AEAD_CTX_SEAL), "EVP_AEAD_CTX_seal"},
100 {ERR_FUNC(EVP_F_EVP_BYTESTOKEY), "EVP_BytesToKey"},
101 {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
102 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
103 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
104 {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH), "EVP_CIPHER_CTX_set_key_length"},
105 {ERR_FUNC(EVP_F_EVP_CIPHER_GET_ASN1_IV), "EVP_CIPHER_get_asn1_iv"},
106 {ERR_FUNC(EVP_F_EVP_CIPHER_SET_ASN1_IV), "EVP_CIPHER_set_asn1_iv"},
107 {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
108 {ERR_FUNC(EVP_F_EVP_DECRYPTUPDATE), "EVP_DecryptUpdate"},
109 {ERR_FUNC(EVP_F_EVP_DIGESTFINAL_EX), "EVP_DigestFinal_ex"},
110 {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
111 {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
112 {ERR_FUNC(EVP_F_EVP_ENCRYPTUPDATE), "EVP_EncryptUpdate"},
113 {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
114 {ERR_FUNC(EVP_F_EVP_MD_CTX_CTRL), "EVP_MD_CTX_ctrl"},
115 {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
116 {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
117 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
118 {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
119 {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
120 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
121 {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
122 {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
123 {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
124 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
125 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
126 {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
127 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
128 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
129 {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
130 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
131 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
132 {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
133 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
134 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
135 {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
136 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
137 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
138 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
139 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
140 {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
141 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
142 {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
143 {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
144 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
145 {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
146 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
147 {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
148 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
149 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
150 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
151 {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT), "EVP_PKEY_verify_recover_init"},
152 {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
153 {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
154 {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
155 {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
156 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
157 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
158 {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH), "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
159 {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
160 {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
161 {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
162 {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
163 {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
164 {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
165 {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
166 {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
167 {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
168 {ERR_FUNC(EVP_F_RC2_GET_ASN1_TYPE_AND_IV), "RC2_GET_ASN1_TYPE_AND_IV"},
169 {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
170 {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
171 {0, NULL} 76 {0, NULL}
172}; 77};
173 78
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c
index 2c76743e42..33de513ef2 100644
--- a/src/lib/libcrypto/evp/evp_key.c
+++ b/src/lib/libcrypto/evp/evp_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_key.c,v 1.23 2015/09/10 15:56:25 jsing Exp $ */ 1/* $OpenBSD: evp_key.c,v 1.24 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -135,11 +135,11 @@ EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
135 niv = type->iv_len; 135 niv = type->iv_len;
136 136
137 if ((size_t)nkey > EVP_MAX_KEY_LENGTH) { 137 if ((size_t)nkey > EVP_MAX_KEY_LENGTH) {
138 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_BAD_KEY_LENGTH); 138 EVPerror(EVP_R_BAD_KEY_LENGTH);
139 return 0; 139 return 0;
140 } 140 }
141 if ((size_t)niv > EVP_MAX_IV_LENGTH) { 141 if ((size_t)niv > EVP_MAX_IV_LENGTH) {
142 EVPerr(EVP_F_EVP_BYTESTOKEY, EVP_R_IV_TOO_LARGE); 142 EVPerror(EVP_R_IV_TOO_LARGE);
143 return 0; 143 return 0;
144 } 144 }
145 145
diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c
index 491c8d6f67..ad97a3b7b9 100644
--- a/src/lib/libcrypto/evp/evp_lib.c
+++ b/src/lib/libcrypto/evp/evp_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_lib.c,v 1.14 2015/02/10 09:52:35 miod Exp $ */ 1/* $OpenBSD: evp_lib.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -100,8 +100,7 @@ EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
100 if (type != NULL) { 100 if (type != NULL) {
101 l = EVP_CIPHER_CTX_iv_length(c); 101 l = EVP_CIPHER_CTX_iv_length(c);
102 if (l > sizeof(c->iv)) { 102 if (l > sizeof(c->iv)) {
103 EVPerr(EVP_F_EVP_CIPHER_GET_ASN1_IV, 103 EVPerror(EVP_R_IV_TOO_LARGE);
104 EVP_R_IV_TOO_LARGE);
105 return 0; 104 return 0;
106 } 105 }
107 i = ASN1_TYPE_get_octetstring(type, c->oiv, l); 106 i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
@@ -122,8 +121,7 @@ EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
122 if (type != NULL) { 121 if (type != NULL) {
123 j = EVP_CIPHER_CTX_iv_length(c); 122 j = EVP_CIPHER_CTX_iv_length(c);
124 if (j > sizeof(c->iv)) { 123 if (j > sizeof(c->iv)) {
125 EVPerr(EVP_F_EVP_CIPHER_SET_ASN1_IV, 124 EVPerror(EVP_R_IV_TOO_LARGE);
126 EVP_R_IV_TOO_LARGE);
127 return 0; 125 return 0;
128 } 126 }
129 i = ASN1_TYPE_set_octetstring(type, c->oiv, j); 127 i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
@@ -291,7 +289,7 @@ int
291EVP_MD_size(const EVP_MD *md) 289EVP_MD_size(const EVP_MD *md)
292{ 290{
293 if (!md) { 291 if (!md) {
294 EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL); 292 EVPerror(EVP_R_MESSAGE_DIGEST_IS_NULL);
295 return -1; 293 return -1;
296 } 294 }
297 return md->md_size; 295 return md->md_size;
diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c
index c7f0c7749a..de08c8d78c 100644
--- a/src/lib/libcrypto/evp/evp_pbe.c
+++ b/src/lib/libcrypto/evp/evp_pbe.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_pbe.c,v 1.24 2017/01/21 04:38:23 jsing Exp $ */ 1/* $OpenBSD: evp_pbe.c,v 1.25 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -128,7 +128,7 @@ EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
128 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj), 128 if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
129 &cipher_nid, &md_nid, &keygen)) { 129 &cipher_nid, &md_nid, &keygen)) {
130 char obj_tmp[80]; 130 char obj_tmp[80];
131 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM); 131 EVPerror(EVP_R_UNKNOWN_PBE_ALGORITHM);
132 if (!pbe_obj) 132 if (!pbe_obj)
133 strlcpy(obj_tmp, "NULL", sizeof obj_tmp); 133 strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
134 else 134 else
@@ -147,7 +147,7 @@ EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
147 else { 147 else {
148 cipher = EVP_get_cipherbynid(cipher_nid); 148 cipher = EVP_get_cipherbynid(cipher_nid);
149 if (!cipher) { 149 if (!cipher) {
150 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER); 150 EVPerror(EVP_R_UNKNOWN_CIPHER);
151 return 0; 151 return 0;
152 } 152 }
153 } 153 }
@@ -157,13 +157,13 @@ EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
157 else { 157 else {
158 md = EVP_get_digestbynid(md_nid); 158 md = EVP_get_digestbynid(md_nid);
159 if (!md) { 159 if (!md) {
160 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST); 160 EVPerror(EVP_R_UNKNOWN_DIGEST);
161 return 0; 161 return 0;
162 } 162 }
163 } 163 }
164 164
165 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) { 165 if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
166 EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE); 166 EVPerror(EVP_R_KEYGEN_FAILURE);
167 return 0; 167 return 0;
168 } 168 }
169 return 1; 169 return 1;
@@ -222,14 +222,13 @@ EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
222 if (pbe_algs == NULL) { 222 if (pbe_algs == NULL) {
223 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp); 223 pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
224 if (pbe_algs == NULL) { 224 if (pbe_algs == NULL) {
225 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, 225 EVPerror(ERR_R_MALLOC_FAILURE);
226 ERR_R_MALLOC_FAILURE);
227 return 0; 226 return 0;
228 } 227 }
229 } 228 }
230 pbe_tmp = malloc(sizeof(EVP_PBE_CTL)); 229 pbe_tmp = malloc(sizeof(EVP_PBE_CTL));
231 if (pbe_tmp == NULL) { 230 if (pbe_tmp == NULL) {
232 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE); 231 EVPerror(ERR_R_MALLOC_FAILURE);
233 return 0; 232 return 0;
234 } 233 }
235 pbe_tmp->pbe_type = pbe_type; 234 pbe_tmp->pbe_type = pbe_type;
@@ -240,7 +239,7 @@ EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid, int md_nid,
240 239
241 if (sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp) == 0) { 240 if (sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp) == 0) {
242 free(pbe_tmp); 241 free(pbe_tmp);
243 EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE); 242 EVPerror(ERR_R_MALLOC_FAILURE);
244 return 0; 243 return 0;
245 } 244 }
246 return 1; 245 return 1;
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c
index 689ff596ce..4dcd2a15a9 100644
--- a/src/lib/libcrypto/evp/evp_pkey.c
+++ b/src/lib/libcrypto/evp/evp_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_pkey.c,v 1.18 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: evp_pkey.c,v 1.19 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -77,13 +77,12 @@ EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
77 return NULL; 77 return NULL;
78 78
79 if (!(pkey = EVP_PKEY_new())) { 79 if (!(pkey = EVP_PKEY_new())) {
80 EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); 80 EVPerror(ERR_R_MALLOC_FAILURE);
81 return NULL; 81 return NULL;
82 } 82 }
83 83
84 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) { 84 if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
85 EVPerr(EVP_F_EVP_PKCS82PKEY, 85 EVPerror(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
86 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
87 i2t_ASN1_OBJECT(obj_tmp, 80, algoid); 86 i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
88 ERR_asprintf_error_data("TYPE=%s", obj_tmp); 87 ERR_asprintf_error_data("TYPE=%s", obj_tmp);
89 goto error; 88 goto error;
@@ -91,12 +90,11 @@ EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
91 90
92 if (pkey->ameth->priv_decode) { 91 if (pkey->ameth->priv_decode) {
93 if (!pkey->ameth->priv_decode(pkey, p8)) { 92 if (!pkey->ameth->priv_decode(pkey, p8)) {
94 EVPerr(EVP_F_EVP_PKCS82PKEY, 93 EVPerror(EVP_R_PRIVATE_KEY_DECODE_ERROR);
95 EVP_R_PRIVATE_KEY_DECODE_ERROR);
96 goto error; 94 goto error;
97 } 95 }
98 } else { 96 } else {
99 EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED); 97 EVPerror(EVP_R_METHOD_NOT_SUPPORTED);
100 goto error; 98 goto error;
101 } 99 }
102 100
@@ -121,7 +119,7 @@ EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
121 PKCS8_PRIV_KEY_INFO *p8; 119 PKCS8_PRIV_KEY_INFO *p8;
122 120
123 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { 121 if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
124 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE); 122 EVPerror(ERR_R_MALLOC_FAILURE);
125 return NULL; 123 return NULL;
126 } 124 }
127 p8->broken = broken; 125 p8->broken = broken;
@@ -129,18 +127,15 @@ EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
129 if (pkey->ameth) { 127 if (pkey->ameth) {
130 if (pkey->ameth->priv_encode) { 128 if (pkey->ameth->priv_encode) {
131 if (!pkey->ameth->priv_encode(p8, pkey)) { 129 if (!pkey->ameth->priv_encode(p8, pkey)) {
132 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 130 EVPerror(EVP_R_PRIVATE_KEY_ENCODE_ERROR);
133 EVP_R_PRIVATE_KEY_ENCODE_ERROR);
134 goto error; 131 goto error;
135 } 132 }
136 } else { 133 } else {
137 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 134 EVPerror(EVP_R_METHOD_NOT_SUPPORTED);
138 EVP_R_METHOD_NOT_SUPPORTED);
139 goto error; 135 goto error;
140 } 136 }
141 } else { 137 } else {
142 EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, 138 EVPerror(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
143 EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
144 goto error; 139 goto error;
145 } 140 }
146 return p8; 141 return p8;
@@ -166,7 +161,7 @@ PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
166 break; 161 break;
167 162
168 default: 163 default:
169 EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); 164 EVPerror(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
170 return NULL; 165 return NULL;
171 } 166 }
172} 167}
diff --git a/src/lib/libcrypto/evp/m_sigver.c b/src/lib/libcrypto/evp/m_sigver.c
index 579325be67..6e955d9480 100644
--- a/src/lib/libcrypto/evp/m_sigver.c
+++ b/src/lib/libcrypto/evp/m_sigver.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: m_sigver.c,v 1.5 2015/12/14 03:37:27 beck Exp $ */ 1/* $OpenBSD: m_sigver.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -81,7 +81,7 @@ do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type,
81 } 81 }
82 82
83 if (type == NULL) { 83 if (type == NULL) {
84 EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST); 84 EVPerror(EVP_R_NO_DEFAULT_DIGEST);
85 return 0; 85 return 0;
86 } 86 }
87 87
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 1d02cbf4a6..75a631bf98 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_crpt.c,v 1.17 2016/11/08 20:01:06 miod Exp $ */ 1/* $OpenBSD: p5_crpt.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -90,7 +90,7 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
90 /* Extract useful info from parameter */ 90 /* Extract useful info from parameter */
91 if (param == NULL || param->type != V_ASN1_SEQUENCE || 91 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
92 param->value.sequence == NULL) { 92 param->value.sequence == NULL) {
93 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); 93 EVPerror(EVP_R_DECODE_ERROR);
94 return 0; 94 return 0;
95 } 95 }
96 96
@@ -100,15 +100,14 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
100 100
101 pbuf = param->value.sequence->data; 101 pbuf = param->value.sequence->data;
102 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) { 102 if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
103 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); 103 EVPerror(EVP_R_DECODE_ERROR);
104 return 0; 104 return 0;
105 } 105 }
106 106
107 if (!pbe->iter) 107 if (!pbe->iter)
108 iter = 1; 108 iter = 1;
109 else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) { 109 else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) {
110 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, 110 EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
111 EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
112 return 0; 111 return 0;
113 } 112 }
114 salt = pbe->salt->data; 113 salt = pbe->salt->data;
@@ -138,12 +137,12 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
138 goto err; 137 goto err;
139 } 138 }
140 if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) { 139 if ((size_t)EVP_CIPHER_key_length(cipher) > sizeof(md_tmp)) {
141 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_BAD_KEY_LENGTH); 140 EVPerror(EVP_R_BAD_KEY_LENGTH);
142 goto err; 141 goto err;
143 } 142 }
144 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); 143 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
145 if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) { 144 if ((size_t)EVP_CIPHER_iv_length(cipher) > 16) {
146 EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_IV_TOO_LARGE); 145 EVPerror(EVP_R_IV_TOO_LARGE);
147 goto err; 146 goto err;
148 } 147 }
149 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), 148 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index 44e8b331fb..4bef287706 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_crpt2.c,v 1.22 2016/11/08 20:01:06 miod Exp $ */ 1/* $OpenBSD: p5_crpt2.c,v 1.23 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -175,22 +175,21 @@ PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
175 175
176 if (param == NULL || param->type != V_ASN1_SEQUENCE || 176 if (param == NULL || param->type != V_ASN1_SEQUENCE ||
177 param->value.sequence == NULL) { 177 param->value.sequence == NULL) {
178 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); 178 EVPerror(EVP_R_DECODE_ERROR);
179 goto err; 179 goto err;
180 } 180 }
181 181
182 pbuf = param->value.sequence->data; 182 pbuf = param->value.sequence->data;
183 plen = param->value.sequence->length; 183 plen = param->value.sequence->length;
184 if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { 184 if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
185 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR); 185 EVPerror(EVP_R_DECODE_ERROR);
186 goto err; 186 goto err;
187 } 187 }
188 188
189 /* See if we recognise the key derivation function */ 189 /* See if we recognise the key derivation function */
190 190
191 if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { 191 if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
192 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 192 EVPerror(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
193 EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
194 goto err; 193 goto err;
195 } 194 }
196 195
@@ -200,8 +199,7 @@ PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
200 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm); 199 cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
201 200
202 if (!cipher) { 201 if (!cipher) {
203 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 202 EVPerror(EVP_R_UNSUPPORTED_CIPHER);
204 EVP_R_UNSUPPORTED_CIPHER);
205 goto err; 203 goto err;
206 } 204 }
207 205
@@ -209,8 +207,7 @@ PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
209 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de)) 207 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
210 goto err; 208 goto err;
211 if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { 209 if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
212 EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, 210 EVPerror(EVP_R_CIPHER_PARAMETER_ERROR);
213 EVP_R_CIPHER_PARAMETER_ERROR);
214 goto err; 211 goto err;
215 } 212 }
216 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen, 213 rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
@@ -235,19 +232,19 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
235 const EVP_MD *prfmd; 232 const EVP_MD *prfmd;
236 233
237 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) { 234 if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
238 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET); 235 EVPerror(EVP_R_NO_CIPHER_SET);
239 return 0; 236 return 0;
240 } 237 }
241 keylen = EVP_CIPHER_CTX_key_length(ctx); 238 keylen = EVP_CIPHER_CTX_key_length(ctx);
242 if (keylen > sizeof key) { 239 if (keylen > sizeof key) {
243 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_BAD_KEY_LENGTH); 240 EVPerror(EVP_R_BAD_KEY_LENGTH);
244 return 0; 241 return 0;
245 } 242 }
246 243
247 /* Decode parameter */ 244 /* Decode parameter */
248 245
249 if (!param || (param->type != V_ASN1_SEQUENCE)) { 246 if (!param || (param->type != V_ASN1_SEQUENCE)) {
250 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); 247 EVPerror(EVP_R_DECODE_ERROR);
251 return 0; 248 return 0;
252 } 249 }
253 250
@@ -255,7 +252,7 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
255 plen = param->value.sequence->length; 252 plen = param->value.sequence->length;
256 253
257 if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { 254 if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) {
258 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR); 255 EVPerror(EVP_R_DECODE_ERROR);
259 return 0; 256 return 0;
260 } 257 }
261 258
@@ -263,8 +260,7 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
263 260
264 if (kdf->keylength && 261 if (kdf->keylength &&
265 (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){ 262 (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)){
266 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 263 EVPerror(EVP_R_UNSUPPORTED_KEYLENGTH);
267 EVP_R_UNSUPPORTED_KEYLENGTH);
268 goto err; 264 goto err;
269 } 265 }
270 266
@@ -274,19 +270,18 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
274 prf_nid = NID_hmacWithSHA1; 270 prf_nid = NID_hmacWithSHA1;
275 271
276 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) { 272 if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
277 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); 273 EVPerror(EVP_R_UNSUPPORTED_PRF);
278 goto err; 274 goto err;
279 } 275 }
280 276
281 prfmd = EVP_get_digestbynid(hmac_md_nid); 277 prfmd = EVP_get_digestbynid(hmac_md_nid);
282 if (prfmd == NULL) { 278 if (prfmd == NULL) {
283 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); 279 EVPerror(EVP_R_UNSUPPORTED_PRF);
284 goto err; 280 goto err;
285 } 281 }
286 282
287 if (kdf->salt->type != V_ASN1_OCTET_STRING) { 283 if (kdf->salt->type != V_ASN1_OCTET_STRING) {
288 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 284 EVPerror(EVP_R_UNSUPPORTED_SALT_TYPE);
289 EVP_R_UNSUPPORTED_SALT_TYPE);
290 goto err; 285 goto err;
291 } 286 }
292 287
@@ -294,8 +289,7 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
294 salt = kdf->salt->value.octet_string->data; 289 salt = kdf->salt->value.octet_string->data;
295 saltlen = kdf->salt->value.octet_string->length; 290 saltlen = kdf->salt->value.octet_string->length;
296 if ((iter = ASN1_INTEGER_get(kdf->iter)) <= 0) { 291 if ((iter = ASN1_INTEGER_get(kdf->iter)) <= 0) {
297 EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, 292 EVPerror(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
298 EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
299 goto err; 293 goto err;
300 } 294 }
301 if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd, 295 if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c
index 2244ae8c62..c827c5e4c2 100644
--- a/src/lib/libcrypto/evp/p_dec.c
+++ b/src/lib/libcrypto/evp/p_dec.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_dec.c,v 1.10 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: p_dec.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -78,7 +78,7 @@ EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
78#ifndef OPENSSL_NO_RSA 78#ifndef OPENSSL_NO_RSA
79 if (priv->type != EVP_PKEY_RSA) { 79 if (priv->type != EVP_PKEY_RSA) {
80#endif 80#endif
81 EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA); 81 EVPerror(EVP_R_PUBLIC_KEY_NOT_RSA);
82#ifndef OPENSSL_NO_RSA 82#ifndef OPENSSL_NO_RSA
83 goto err; 83 goto err;
84 } 84 }
diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c
index 63d2649f6e..49c46f1a70 100644
--- a/src/lib/libcrypto/evp/p_enc.c
+++ b/src/lib/libcrypto/evp/p_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_enc.c,v 1.10 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: p_enc.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -78,7 +78,7 @@ EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key, int key_len,
78#ifndef OPENSSL_NO_RSA 78#ifndef OPENSSL_NO_RSA
79 if (pubk->type != EVP_PKEY_RSA) { 79 if (pubk->type != EVP_PKEY_RSA) {
80#endif 80#endif
81 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA); 81 EVPerror(EVP_R_PUBLIC_KEY_NOT_RSA);
82#ifndef OPENSSL_NO_RSA 82#ifndef OPENSSL_NO_RSA
83 goto err; 83 goto err;
84 } 84 }
diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c
index e172c34894..0d4cd26d45 100644
--- a/src/lib/libcrypto/evp/p_lib.c
+++ b/src/lib/libcrypto/evp/p_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_lib.c,v 1.16 2014/07/12 22:26:01 miod Exp $ */ 1/* $OpenBSD: p_lib.c,v 1.17 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -128,14 +128,12 @@ int
128EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) 128EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
129{ 129{
130 if (to->type != from->type) { 130 if (to->type != from->type) {
131 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, 131 EVPerror(EVP_R_DIFFERENT_KEY_TYPES);
132 EVP_R_DIFFERENT_KEY_TYPES);
133 goto err; 132 goto err;
134 } 133 }
135 134
136 if (EVP_PKEY_missing_parameters(from)) { 135 if (EVP_PKEY_missing_parameters(from)) {
137 EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, 136 EVPerror(EVP_R_MISSING_PARAMETERS);
138 EVP_R_MISSING_PARAMETERS);
139 goto err; 137 goto err;
140 } 138 }
141 if (from->ameth && from->ameth->param_copy) 139 if (from->ameth && from->ameth->param_copy)
@@ -192,7 +190,7 @@ EVP_PKEY_new(void)
192 190
193 ret = malloc(sizeof(EVP_PKEY)); 191 ret = malloc(sizeof(EVP_PKEY));
194 if (ret == NULL) { 192 if (ret == NULL) {
195 EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); 193 EVPerror(ERR_R_MALLOC_FAILURE);
196 return (NULL); 194 return (NULL);
197 } 195 }
198 ret->type = EVP_PKEY_NONE; 196 ret->type = EVP_PKEY_NONE;
@@ -240,7 +238,7 @@ pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
240 ENGINE_finish(e); 238 ENGINE_finish(e);
241#endif 239#endif
242 if (!ameth) { 240 if (!ameth) {
243 EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); 241 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
244 return 0; 242 return 0;
245 } 243 }
246 if (pkey) { 244 if (pkey) {
@@ -294,7 +292,7 @@ RSA *
294EVP_PKEY_get1_RSA(EVP_PKEY *pkey) 292EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
295{ 293{
296 if (pkey->type != EVP_PKEY_RSA) { 294 if (pkey->type != EVP_PKEY_RSA) {
297 EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); 295 EVPerror(EVP_R_EXPECTING_AN_RSA_KEY);
298 return NULL; 296 return NULL;
299 } 297 }
300 RSA_up_ref(pkey->pkey.rsa); 298 RSA_up_ref(pkey->pkey.rsa);
@@ -316,7 +314,7 @@ DSA *
316EVP_PKEY_get1_DSA(EVP_PKEY *pkey) 314EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
317{ 315{
318 if (pkey->type != EVP_PKEY_DSA) { 316 if (pkey->type != EVP_PKEY_DSA) {
319 EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY); 317 EVPerror(EVP_R_EXPECTING_A_DSA_KEY);
320 return NULL; 318 return NULL;
321 } 319 }
322 DSA_up_ref(pkey->pkey.dsa); 320 DSA_up_ref(pkey->pkey.dsa);
@@ -339,7 +337,7 @@ EC_KEY *
339EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) 337EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
340{ 338{
341 if (pkey->type != EVP_PKEY_EC) { 339 if (pkey->type != EVP_PKEY_EC) {
342 EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); 340 EVPerror(EVP_R_EXPECTING_A_EC_KEY);
343 return NULL; 341 return NULL;
344 } 342 }
345 EC_KEY_up_ref(pkey->pkey.ec); 343 EC_KEY_up_ref(pkey->pkey.ec);
@@ -363,7 +361,7 @@ DH *
363EVP_PKEY_get1_DH(EVP_PKEY *pkey) 361EVP_PKEY_get1_DH(EVP_PKEY *pkey)
364{ 362{
365 if (pkey->type != EVP_PKEY_DH) { 363 if (pkey->type != EVP_PKEY_DH) {
366 EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY); 364 EVPerror(EVP_R_EXPECTING_A_DH_KEY);
367 return NULL; 365 return NULL;
368 } 366 }
369 DH_up_ref(pkey->pkey.dh); 367 DH_up_ref(pkey->pkey.dh);
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
index 002a6dea70..1eb238dfde 100644
--- a/src/lib/libcrypto/evp/p_open.c
+++ b/src/lib/libcrypto/evp/p_open.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_open.c,v 1.17 2015/09/10 15:56:25 jsing Exp $ */ 1/* $OpenBSD: p_open.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -86,7 +86,7 @@ EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
86 return 1; 86 return 1;
87 87
88 if (priv->type != EVP_PKEY_RSA) { 88 if (priv->type != EVP_PKEY_RSA) {
89 EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA); 89 EVPerror(EVP_R_PUBLIC_KEY_NOT_RSA);
90 goto err; 90 goto err;
91 } 91 }
92 92
@@ -94,7 +94,7 @@ EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
94 key = malloc(size + 2); 94 key = malloc(size + 2);
95 if (key == NULL) { 95 if (key == NULL) {
96 /* ERROR */ 96 /* ERROR */
97 EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE); 97 EVPerror(ERR_R_MALLOC_FAILURE);
98 goto err; 98 goto err;
99 } 99 }
100 100
diff --git a/src/lib/libcrypto/evp/p_sign.c b/src/lib/libcrypto/evp/p_sign.c
index 4058d47f07..6312924518 100644
--- a/src/lib/libcrypto/evp/p_sign.c
+++ b/src/lib/libcrypto/evp/p_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_sign.c,v 1.13 2015/02/07 13:19:15 doug Exp $ */ 1/* $OpenBSD: p_sign.c,v 1.14 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -110,12 +110,12 @@ err:
110 } 110 }
111 } 111 }
112 if (!ok) { 112 if (!ok) {
113 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE); 113 EVPerror(EVP_R_WRONG_PUBLIC_KEY_TYPE);
114 return (0); 114 return (0);
115 } 115 }
116 116
117 if (ctx->digest->sign == NULL) { 117 if (ctx->digest->sign == NULL) {
118 EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED); 118 EVPerror(EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
119 return (0); 119 return (0);
120 } 120 }
121 return(ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen, 121 return(ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c
index e653fcf6a5..7dd752c4fb 100644
--- a/src/lib/libcrypto/evp/p_verify.c
+++ b/src/lib/libcrypto/evp/p_verify.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p_verify.c,v 1.12 2014/07/11 08:44:48 jsing Exp $ */ 1/* $OpenBSD: p_verify.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -105,12 +105,11 @@ err:
105 } 105 }
106 } 106 }
107 if (!ok) { 107 if (!ok) {
108 EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE); 108 EVPerror(EVP_R_WRONG_PUBLIC_KEY_TYPE);
109 return (-1); 109 return (-1);
110 } 110 }
111 if (ctx->digest->verify == NULL) { 111 if (ctx->digest->verify == NULL) {
112 EVPerr(EVP_F_EVP_VERIFYFINAL, 112 EVPerror(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
113 EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
114 return (0); 113 return (0);
115 } 114 }
116 115
diff --git a/src/lib/libcrypto/evp/pmeth_fn.c b/src/lib/libcrypto/evp/pmeth_fn.c
index 4cf18a0be1..c9117eedd4 100644
--- a/src/lib/libcrypto/evp/pmeth_fn.c
+++ b/src/lib/libcrypto/evp/pmeth_fn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_fn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: pmeth_fn.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -76,7 +76,7 @@
76 } \ 76 } \
77 else if (*arglen < pksize) \ 77 else if (*arglen < pksize) \
78 { \ 78 { \
79 EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\ 79 EVPerror(EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
80 return 0; \ 80 return 0; \
81 } \ 81 } \
82 } 82 }
@@ -87,8 +87,7 @@ EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
87 int ret; 87 int ret;
88 88
89 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { 89 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
90 EVPerr(EVP_F_EVP_PKEY_SIGN_INIT, 90 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
91 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
92 return -2; 91 return -2;
93 } 92 }
94 ctx->operation = EVP_PKEY_OP_SIGN; 93 ctx->operation = EVP_PKEY_OP_SIGN;
@@ -105,12 +104,11 @@ EVP_PKEY_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
105 const unsigned char *tbs, size_t tbslen) 104 const unsigned char *tbs, size_t tbslen)
106{ 105{
107 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) { 106 if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
108 EVPerr(EVP_F_EVP_PKEY_SIGN, 107 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
109 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
110 return -2; 108 return -2;
111 } 109 }
112 if (ctx->operation != EVP_PKEY_OP_SIGN) { 110 if (ctx->operation != EVP_PKEY_OP_SIGN) {
113 EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED); 111 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
114 return -1; 112 return -1;
115 } 113 }
116 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN) 114 M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
@@ -123,8 +121,7 @@ EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
123 int ret; 121 int ret;
124 122
125 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { 123 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
126 EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT, 124 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
127 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
128 return -2; 125 return -2;
129 } 126 }
130 ctx->operation = EVP_PKEY_OP_VERIFY; 127 ctx->operation = EVP_PKEY_OP_VERIFY;
@@ -141,12 +138,11 @@ EVP_PKEY_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen,
141 const unsigned char *tbs, size_t tbslen) 138 const unsigned char *tbs, size_t tbslen)
142{ 139{
143 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) { 140 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
144 EVPerr(EVP_F_EVP_PKEY_VERIFY, 141 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
146 return -2; 142 return -2;
147 } 143 }
148 if (ctx->operation != EVP_PKEY_OP_VERIFY) { 144 if (ctx->operation != EVP_PKEY_OP_VERIFY) {
149 EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED); 145 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
150 return -1; 146 return -1;
151 } 147 }
152 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen); 148 return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
@@ -158,8 +154,7 @@ EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
158 int ret; 154 int ret;
159 155
160 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { 156 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
161 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT, 157 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
162 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
163 return -2; 158 return -2;
164 } 159 }
165 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER; 160 ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
@@ -176,13 +171,11 @@ EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen,
176 const unsigned char *sig, size_t siglen) 171 const unsigned char *sig, size_t siglen)
177{ 172{
178 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) { 173 if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
179 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, 174 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
180 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
181 return -2; 175 return -2;
182 } 176 }
183 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) { 177 if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
184 EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, 178 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
185 EVP_R_OPERATON_NOT_INITIALIZED);
186 return -1; 179 return -1;
187 } 180 }
188 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER) 181 M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
@@ -195,8 +188,7 @@ EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
195 int ret; 188 int ret;
196 189
197 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { 190 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
198 EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT, 191 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
199 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
200 return -2; 192 return -2;
201 } 193 }
202 ctx->operation = EVP_PKEY_OP_ENCRYPT; 194 ctx->operation = EVP_PKEY_OP_ENCRYPT;
@@ -213,12 +205,11 @@ EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
213 const unsigned char *in, size_t inlen) 205 const unsigned char *in, size_t inlen)
214{ 206{
215 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) { 207 if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
216 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, 208 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
217 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
218 return -2; 209 return -2;
219 } 210 }
220 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) { 211 if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
221 EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 212 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
222 return -1; 213 return -1;
223 } 214 }
224 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT) 215 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
@@ -231,8 +222,7 @@ EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
231 int ret; 222 int ret;
232 223
233 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { 224 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
234 EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT, 225 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
235 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
236 return -2; 226 return -2;
237 } 227 }
238 ctx->operation = EVP_PKEY_OP_DECRYPT; 228 ctx->operation = EVP_PKEY_OP_DECRYPT;
@@ -249,12 +239,11 @@ EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
249 const unsigned char *in, size_t inlen) 239 const unsigned char *in, size_t inlen)
250{ 240{
251 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) { 241 if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
252 EVPerr(EVP_F_EVP_PKEY_DECRYPT, 242 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
253 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
254 return -2; 243 return -2;
255 } 244 }
256 if (ctx->operation != EVP_PKEY_OP_DECRYPT) { 245 if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
257 EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED); 246 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
258 return -1; 247 return -1;
259 } 248 }
260 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT) 249 M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
@@ -267,8 +256,7 @@ EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
267 int ret; 256 int ret;
268 257
269 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { 258 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
270 EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT, 259 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
271 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
272 return -2; 260 return -2;
273 } 261 }
274 ctx->operation = EVP_PKEY_OP_DERIVE; 262 ctx->operation = EVP_PKEY_OP_DERIVE;
@@ -288,15 +276,13 @@ EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
288 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive || 276 if (!ctx || !ctx->pmeth || !(ctx->pmeth->derive ||
289 ctx->pmeth->encrypt || ctx->pmeth->decrypt) || 277 ctx->pmeth->encrypt || ctx->pmeth->decrypt) ||
290 !ctx->pmeth->ctrl) { 278 !ctx->pmeth->ctrl) {
291 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 279 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
292 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
293 return -2; 280 return -2;
294 } 281 }
295 if (ctx->operation != EVP_PKEY_OP_DERIVE && 282 if (ctx->operation != EVP_PKEY_OP_DERIVE &&
296 ctx->operation != EVP_PKEY_OP_ENCRYPT && 283 ctx->operation != EVP_PKEY_OP_ENCRYPT &&
297 ctx->operation != EVP_PKEY_OP_DECRYPT) { 284 ctx->operation != EVP_PKEY_OP_DECRYPT) {
298 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 285 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
299 EVP_R_OPERATON_NOT_INITIALIZED);
300 return -1; 286 return -1;
301 } 287 }
302 288
@@ -309,13 +295,12 @@ EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
309 return 1; 295 return 1;
310 296
311 if (!ctx->pkey) { 297 if (!ctx->pkey) {
312 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET); 298 EVPerror(EVP_R_NO_KEY_SET);
313 return -1; 299 return -1;
314 } 300 }
315 301
316 if (ctx->pkey->type != peer->type) { 302 if (ctx->pkey->type != peer->type) {
317 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 303 EVPerror(EVP_R_DIFFERENT_KEY_TYPES);
318 EVP_R_DIFFERENT_KEY_TYPES);
319 return -1; 304 return -1;
320 } 305 }
321 306
@@ -326,8 +311,7 @@ EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
326 * -2 is OK for us here, as well as 1, so we can check for 0 only. */ 311 * -2 is OK for us here, as well as 1, so we can check for 0 only. */
327 if (!EVP_PKEY_missing_parameters(peer) && 312 if (!EVP_PKEY_missing_parameters(peer) &&
328 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) { 313 !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
329 EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, 314 EVPerror(EVP_R_DIFFERENT_PARAMETERS);
330 EVP_R_DIFFERENT_PARAMETERS);
331 return -1; 315 return -1;
332 } 316 }
333 317
@@ -349,12 +333,11 @@ int
349EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen) 333EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
350{ 334{
351 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) { 335 if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
352 EVPerr(EVP_F_EVP_PKEY_DERIVE, 336 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
353 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
354 return -2; 337 return -2;
355 } 338 }
356 if (ctx->operation != EVP_PKEY_OP_DERIVE) { 339 if (ctx->operation != EVP_PKEY_OP_DERIVE) {
357 EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED); 340 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
358 return -1; 341 return -1;
359 } 342 }
360 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE) 343 M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
diff --git a/src/lib/libcrypto/evp/pmeth_gn.c b/src/lib/libcrypto/evp/pmeth_gn.c
index 29f533625a..d1cbdc409f 100644
--- a/src/lib/libcrypto/evp/pmeth_gn.c
+++ b/src/lib/libcrypto/evp/pmeth_gn.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_gn.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */ 1/* $OpenBSD: pmeth_gn.c,v 1.6 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -72,8 +72,7 @@ EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
72 int ret; 72 int ret;
73 73
74 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) { 74 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
75 EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT, 75 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
76 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
77 return -2; 76 return -2;
78 } 77 }
79 ctx->operation = EVP_PKEY_OP_PARAMGEN; 78 ctx->operation = EVP_PKEY_OP_PARAMGEN;
@@ -91,13 +90,12 @@ EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
91 int ret; 90 int ret;
92 91
93 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) { 92 if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
94 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, 93 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
95 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
96 return -2; 94 return -2;
97 } 95 }
98 96
99 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) { 97 if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
100 EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED); 98 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
101 return -1; 99 return -1;
102 } 100 }
103 101
@@ -121,8 +119,7 @@ EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
121 int ret; 119 int ret;
122 120
123 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { 121 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
124 EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT, 122 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
125 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
126 return -2; 123 return -2;
127 } 124 }
128 ctx->operation = EVP_PKEY_OP_KEYGEN; 125 ctx->operation = EVP_PKEY_OP_KEYGEN;
@@ -140,12 +137,11 @@ EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
140 int ret; 137 int ret;
141 138
142 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) { 139 if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
143 EVPerr(EVP_F_EVP_PKEY_KEYGEN, 140 EVPerror(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
144 EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
145 return -2; 141 return -2;
146 } 142 }
147 if (ctx->operation != EVP_PKEY_OP_KEYGEN) { 143 if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
148 EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED); 144 EVPerror(EVP_R_OPERATON_NOT_INITIALIZED);
149 return -1; 145 return -1;
150 } 146 }
151 147
diff --git a/src/lib/libcrypto/evp/pmeth_lib.c b/src/lib/libcrypto/evp/pmeth_lib.c
index 1d64edcbeb..fc5f4ef91e 100644
--- a/src/lib/libcrypto/evp/pmeth_lib.c
+++ b/src/lib/libcrypto/evp/pmeth_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pmeth_lib.c,v 1.12 2017/01/21 04:38:23 jsing Exp $ */ 1/* $OpenBSD: pmeth_lib.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -166,7 +166,7 @@ int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
166 /* Try to find an ENGINE which implements this method */ 166 /* Try to find an ENGINE which implements this method */
167 if (e) { 167 if (e) {
168 if (!ENGINE_init(e)) { 168 if (!ENGINE_init(e)) {
169 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB); 169 EVPerror(ERR_R_ENGINE_LIB);
170 return NULL; 170 return NULL;
171 } 171 }
172 } else 172 } else
@@ -183,7 +183,7 @@ int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
183 pmeth = EVP_PKEY_meth_find(id); 183 pmeth = EVP_PKEY_meth_find(id);
184 184
185 if (pmeth == NULL) { 185 if (pmeth == NULL) {
186 EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM); 186 EVPerror(EVP_R_UNSUPPORTED_ALGORITHM);
187 return NULL; 187 return NULL;
188 } 188 }
189 189
@@ -193,7 +193,7 @@ int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
193 if (e) 193 if (e)
194 ENGINE_finish(e); 194 ENGINE_finish(e);
195#endif 195#endif
196 EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE); 196 EVPerror(ERR_R_MALLOC_FAILURE);
197 return NULL; 197 return NULL;
198 } 198 }
199 ret->engine = e; 199 ret->engine = e;
@@ -336,7 +336,7 @@ EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
336#ifndef OPENSSL_NO_ENGINE 336#ifndef OPENSSL_NO_ENGINE
337 /* Make sure it's safe to copy a pkey context using an ENGINE */ 337 /* Make sure it's safe to copy a pkey context using an ENGINE */
338 if (pctx->engine && !ENGINE_init(pctx->engine)) { 338 if (pctx->engine && !ENGINE_init(pctx->engine)) {
339 EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB); 339 EVPerror(ERR_R_ENGINE_LIB);
340 return 0; 340 return 0;
341 } 341 }
342#endif 342#endif
@@ -409,26 +409,26 @@ EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, int cmd,
409 int ret; 409 int ret;
410 410
411 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) { 411 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
412 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); 412 EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
413 return -2; 413 return -2;
414 } 414 }
415 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype)) 415 if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
416 return -1; 416 return -1;
417 417
418 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) { 418 if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
419 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET); 419 EVPerror(EVP_R_NO_OPERATION_SET);
420 return -1; 420 return -1;
421 } 421 }
422 422
423 if ((optype != -1) && !(ctx->operation & optype)) { 423 if ((optype != -1) && !(ctx->operation & optype)) {
424 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION); 424 EVPerror(EVP_R_INVALID_OPERATION);
425 return -1; 425 return -1;
426 } 426 }
427 427
428 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2); 428 ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
429 429
430 if (ret == -2) 430 if (ret == -2)
431 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED); 431 EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
432 432
433 return ret; 433 return ret;
434 434
@@ -438,15 +438,13 @@ int
438EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value) 438EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *name, const char *value)
439{ 439{
440 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) { 440 if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
441 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, 441 EVPerror(EVP_R_COMMAND_NOT_SUPPORTED);
442 EVP_R_COMMAND_NOT_SUPPORTED);
443 return -2; 442 return -2;
444 } 443 }
445 if (!strcmp(name, "digest")) { 444 if (!strcmp(name, "digest")) {
446 const EVP_MD *md; 445 const EVP_MD *md;
447 if (!value || !(md = EVP_get_digestbyname(value))) { 446 if (!value || !(md = EVP_get_digestbyname(value))) {
448 EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, 447 EVPerror(EVP_R_INVALID_DIGEST);
449 EVP_R_INVALID_DIGEST);
450 return 0; 448 return 0;
451 } 449 }
452 return EVP_PKEY_CTX_set_signature_md(ctx, md); 450 return EVP_PKEY_CTX_set_signature_md(ctx, md);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-09 13:55:56 +0000