diff options
| author | tb <> | 2024-07-09 17:56:41 +0000 |
|---|---|---|
| committer | tb <> | 2024-07-09 17:56:41 +0000 |
| commit | 1d37f76d5044c1374e14316ecf9de89223b7096e (patch) | |
| tree | 964546cf5d4d27c0309455f3fbfc56f06c8825c4 /src/lib/libcrypto/kdf/tls1_prf.c | |
| parent | ad435e6afcf5da671e3d66380107cd00fbd4292a (diff) | |
| download | openbsd-1d37f76d5044c1374e14316ecf9de89223b7096e.tar.gz openbsd-1d37f76d5044c1374e14316ecf9de89223b7096e.tar.bz2 openbsd-1d37f76d5044c1374e14316ecf9de89223b7096e.zip | |
Turn tls1_prf_alg() into single exit
requested by jsing on review
ok beck
Diffstat (limited to 'src/lib/libcrypto/kdf/tls1_prf.c')
| -rw-r--r-- | src/lib/libcrypto/kdf/tls1_prf.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c index ce574928d4..7c07e23bbb 100644 --- a/src/lib/libcrypto/kdf/tls1_prf.c +++ b/src/lib/libcrypto/kdf/tls1_prf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls1_prf.c,v 1.37 2024/07/09 17:47:20 tb Exp $ */ | 1 | /* $OpenBSD: tls1_prf.c,v 1.38 2024/07/09 17:56:41 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project | 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project |
| 4 | * 2016. | 4 | * 2016. |
| @@ -258,9 +258,10 @@ static int | |||
| 258 | tls1_prf_alg(const EVP_MD *md, const unsigned char *secret, size_t secret_len, | 258 | tls1_prf_alg(const EVP_MD *md, const unsigned char *secret, size_t secret_len, |
| 259 | const unsigned char *seed, size_t seed_len, unsigned char *out, size_t out_len) | 259 | const unsigned char *seed, size_t seed_len, unsigned char *out, size_t out_len) |
| 260 | { | 260 | { |
| 261 | unsigned char *tmp; | 261 | unsigned char *tmp = NULL; |
| 262 | size_t half_len; | 262 | size_t half_len; |
| 263 | size_t i; | 263 | size_t i; |
| 264 | int ret = 0; | ||
| 264 | 265 | ||
| 265 | if (EVP_MD_type(md) != NID_md5_sha1) | 266 | if (EVP_MD_type(md) != NID_md5_sha1) |
| 266 | return tls1_prf_P_hash(md, secret, secret_len, seed, seed_len, | 267 | return tls1_prf_P_hash(md, secret, secret_len, seed, seed_len, |
| @@ -269,24 +270,25 @@ tls1_prf_alg(const EVP_MD *md, const unsigned char *secret, size_t secret_len, | |||
| 269 | half_len = secret_len - secret_len / 2; | 270 | half_len = secret_len - secret_len / 2; |
| 270 | if (!tls1_prf_P_hash(EVP_md5(), secret, half_len, seed, seed_len, | 271 | if (!tls1_prf_P_hash(EVP_md5(), secret, half_len, seed, seed_len, |
| 271 | out, out_len)) | 272 | out, out_len)) |
| 272 | return 0; | 273 | goto err; |
| 273 | 274 | ||
| 274 | if ((tmp = calloc(1, out_len)) == NULL) { | 275 | if ((tmp = calloc(1, out_len)) == NULL) { |
| 275 | KDFerror(ERR_R_MALLOC_FAILURE); | 276 | KDFerror(ERR_R_MALLOC_FAILURE); |
| 276 | return 0; | 277 | goto err; |
| 277 | } | 278 | } |
| 278 | secret += secret_len - half_len; | 279 | secret += secret_len - half_len; |
| 279 | if (!tls1_prf_P_hash(EVP_sha1(), secret, half_len, seed, seed_len, | 280 | if (!tls1_prf_P_hash(EVP_sha1(), secret, half_len, seed, seed_len, |
| 280 | tmp, out_len)) { | 281 | tmp, out_len)) |
| 281 | freezero(tmp, out_len); | 282 | goto err; |
| 282 | return 0; | ||
| 283 | } | ||
| 284 | for (i = 0; i < out_len; i++) | 283 | for (i = 0; i < out_len; i++) |
| 285 | out[i] ^= tmp[i]; | 284 | out[i] ^= tmp[i]; |
| 286 | 285 | ||
| 286 | ret = 1; | ||
| 287 | |||
| 288 | err: | ||
| 287 | freezero(tmp, out_len); | 289 | freezero(tmp, out_len); |
| 288 | 290 | ||
| 289 | return 1; | 291 | return ret; |
| 290 | } | 292 | } |
| 291 | 293 | ||
| 292 | static int | 294 | static int |