diff options
| author | beck <> | 2017-01-29 17:49:23 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-29 17:49:23 +0000 |
| commit | 957b11334a7afb14537322f0e4795b2e368b3f59 (patch) | |
| tree | 1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/pem/pem_lib.c | |
| parent | df96e020e729c6c37a8c7fe311fdd1fe6a8718c5 (diff) | |
| download | openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.gz openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.bz2 openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.zip | |
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/pem/pem_lib.c')
| -rw-r--r-- | src/lib/libcrypto/pem/pem_lib.c | 69 |
1 files changed, 31 insertions, 38 deletions
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index 7178c8744f..b2c72e1d76 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pem_lib.c,v 1.43 2016/10/19 16:49:11 jsing Exp $ */ | 1 | /* $OpenBSD: pem_lib.c,v 1.44 2017/01/29 17:49:23 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -112,8 +112,7 @@ PEM_def_callback(char *buf, int num, int w, void *key) | |||
| 112 | for (;;) { | 112 | for (;;) { |
| 113 | i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w); | 113 | i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w); |
| 114 | if (i != 0) { | 114 | if (i != 0) { |
| 115 | PEMerr(PEM_F_PEM_DEF_CALLBACK, | 115 | PEMerror(PEM_R_PROBLEMS_GETTING_PASSWORD); |
| 116 | PEM_R_PROBLEMS_GETTING_PASSWORD); | ||
| 117 | memset(buf, 0, num); | 116 | memset(buf, 0, num); |
| 118 | return (-1); | 117 | return (-1); |
| 119 | } | 118 | } |
| @@ -176,7 +175,7 @@ PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, | |||
| 176 | void *ret; | 175 | void *ret; |
| 177 | 176 | ||
| 178 | if ((b = BIO_new(BIO_s_file())) == NULL) { | 177 | if ((b = BIO_new(BIO_s_file())) == NULL) { |
| 179 | PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB); | 178 | PEMerror(ERR_R_BUF_LIB); |
| 180 | return (0); | 179 | return (0); |
| 181 | } | 180 | } |
| 182 | BIO_set_fp(b, fp, BIO_NOCLOSE); | 181 | BIO_set_fp(b, fp, BIO_NOCLOSE); |
| @@ -323,7 +322,7 @@ PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, void *x, | |||
| 323 | int ret; | 322 | int ret; |
| 324 | 323 | ||
| 325 | if ((b = BIO_new(BIO_s_file())) == NULL) { | 324 | if ((b = BIO_new(BIO_s_file())) == NULL) { |
| 326 | PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB); | 325 | PEMerror(ERR_R_BUF_LIB); |
| 327 | return (0); | 326 | return (0); |
| 328 | } | 327 | } |
| 329 | BIO_set_fp(b, fp, BIO_NOCLOSE); | 328 | BIO_set_fp(b, fp, BIO_NOCLOSE); |
| @@ -348,14 +347,13 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, | |||
| 348 | if (enc != NULL) { | 347 | if (enc != NULL) { |
| 349 | objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); | 348 | objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); |
| 350 | if (objstr == NULL) { | 349 | if (objstr == NULL) { |
| 351 | PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, | 350 | PEMerror(PEM_R_UNSUPPORTED_CIPHER); |
| 352 | PEM_R_UNSUPPORTED_CIPHER); | ||
| 353 | goto err; | 351 | goto err; |
| 354 | } | 352 | } |
| 355 | } | 353 | } |
| 356 | 354 | ||
| 357 | if ((dsize = i2d(x, NULL)) < 0) { | 355 | if ((dsize = i2d(x, NULL)) < 0) { |
| 358 | PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB); | 356 | PEMerror(ERR_R_ASN1_LIB); |
| 359 | dsize = 0; | 357 | dsize = 0; |
| 360 | goto err; | 358 | goto err; |
| 361 | } | 359 | } |
| @@ -363,7 +361,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, | |||
| 363 | /* actually it needs the cipher block size extra... */ | 361 | /* actually it needs the cipher block size extra... */ |
| 364 | data = malloc(dsize + 20); | 362 | data = malloc(dsize + 20); |
| 365 | if (data == NULL) { | 363 | if (data == NULL) { |
| 366 | PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE); | 364 | PEMerror(ERR_R_MALLOC_FAILURE); |
| 367 | goto err; | 365 | goto err; |
| 368 | } | 366 | } |
| 369 | p = data; | 367 | p = data; |
| @@ -376,14 +374,13 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, | |||
| 376 | else | 374 | else |
| 377 | klen = (*callback)(buf, PEM_BUFSIZE, 1, u); | 375 | klen = (*callback)(buf, PEM_BUFSIZE, 1, u); |
| 378 | if (klen <= 0) { | 376 | if (klen <= 0) { |
| 379 | PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, | 377 | PEMerror(PEM_R_READ_KEY); |
| 380 | PEM_R_READ_KEY); | ||
| 381 | goto err; | 378 | goto err; |
| 382 | } | 379 | } |
| 383 | kstr = (unsigned char *)buf; | 380 | kstr = (unsigned char *)buf; |
| 384 | } | 381 | } |
| 385 | if ((size_t)enc->iv_len > sizeof(iv)) { | 382 | if ((size_t)enc->iv_len > sizeof(iv)) { |
| 386 | PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, EVP_R_IV_TOO_LARGE); | 383 | PEMerror(EVP_R_IV_TOO_LARGE); |
| 387 | goto err; | 384 | goto err; |
| 388 | } | 385 | } |
| 389 | arc4random_buf(iv, enc->iv_len); /* Generate a salt */ | 386 | arc4random_buf(iv, enc->iv_len); /* Generate a salt */ |
| @@ -397,8 +394,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x, | |||
| 397 | explicit_bzero(buf, PEM_BUFSIZE); | 394 | explicit_bzero(buf, PEM_BUFSIZE); |
| 398 | 395 | ||
| 399 | if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) { | 396 | if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) { |
| 400 | PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, | 397 | PEMerror(ASN1_R_BUFFER_TOO_SMALL); |
| 401 | ASN1_R_BUFFER_TOO_SMALL); | ||
| 402 | goto err; | 398 | goto err; |
| 403 | } | 399 | } |
| 404 | 400 | ||
| @@ -455,7 +451,7 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, | |||
| 455 | else | 451 | else |
| 456 | klen = callback(buf, PEM_BUFSIZE, 0, u); | 452 | klen = callback(buf, PEM_BUFSIZE, 0, u); |
| 457 | if (klen <= 0) { | 453 | if (klen <= 0) { |
| 458 | PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ); | 454 | PEMerror(PEM_R_BAD_PASSWORD_READ); |
| 459 | return (0); | 455 | return (0); |
| 460 | } | 456 | } |
| 461 | if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]), | 457 | if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]), |
| @@ -474,7 +470,7 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, | |||
| 474 | explicit_bzero((char *)buf, sizeof(buf)); | 470 | explicit_bzero((char *)buf, sizeof(buf)); |
| 475 | explicit_bzero((char *)key, sizeof(key)); | 471 | explicit_bzero((char *)key, sizeof(key)); |
| 476 | if (!o) { | 472 | if (!o) { |
| 477 | PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT); | 473 | PEMerror(PEM_R_BAD_DECRYPT); |
| 478 | return (0); | 474 | return (0); |
| 479 | } | 475 | } |
| 480 | *plen = j + i; | 476 | *plen = j + i; |
| @@ -492,7 +488,7 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) | |||
| 492 | if ((header == NULL) || (*header == '\0') || (*header == '\n')) | 488 | if ((header == NULL) || (*header == '\0') || (*header == '\n')) |
| 493 | return (1); | 489 | return (1); |
| 494 | if (strncmp(header, "Proc-Type: ", 11) != 0) { | 490 | if (strncmp(header, "Proc-Type: ", 11) != 0) { |
| 495 | PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); | 491 | PEMerror(PEM_R_NOT_PROC_TYPE); |
| 496 | return (0); | 492 | return (0); |
| 497 | } | 493 | } |
| 498 | header += 11; | 494 | header += 11; |
| @@ -503,18 +499,18 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) | |||
| 503 | return (0); | 499 | return (0); |
| 504 | header++; | 500 | header++; |
| 505 | if (strncmp(header, "ENCRYPTED", 9) != 0) { | 501 | if (strncmp(header, "ENCRYPTED", 9) != 0) { |
| 506 | PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); | 502 | PEMerror(PEM_R_NOT_ENCRYPTED); |
| 507 | return (0); | 503 | return (0); |
| 508 | } | 504 | } |
| 509 | for (; (*header != '\n') && (*header != '\0'); header++) | 505 | for (; (*header != '\n') && (*header != '\0'); header++) |
| 510 | ; | 506 | ; |
| 511 | if (*header == '\0') { | 507 | if (*header == '\0') { |
| 512 | PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); | 508 | PEMerror(PEM_R_SHORT_HEADER); |
| 513 | return (0); | 509 | return (0); |
| 514 | } | 510 | } |
| 515 | header++; | 511 | header++; |
| 516 | if (strncmp(header, "DEK-Info: ", 10) != 0) { | 512 | if (strncmp(header, "DEK-Info: ", 10) != 0) { |
| 517 | PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); | 513 | PEMerror(PEM_R_NOT_DEK_INFO); |
| 518 | return (0); | 514 | return (0); |
| 519 | } | 515 | } |
| 520 | header += 10; | 516 | header += 10; |
| @@ -533,8 +529,7 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) | |||
| 533 | header++; | 529 | header++; |
| 534 | 530 | ||
| 535 | if (enc == NULL) { | 531 | if (enc == NULL) { |
| 536 | PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, | 532 | PEMerror(PEM_R_UNSUPPORTED_ENCRYPTION); |
| 537 | PEM_R_UNSUPPORTED_ENCRYPTION); | ||
| 538 | return (0); | 533 | return (0); |
| 539 | } | 534 | } |
| 540 | if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len)) | 535 | if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len)) |
| @@ -561,7 +556,7 @@ load_iv(char **fromp, unsigned char *to, int num) | |||
| 561 | else if ((*from >= 'a') && (*from <= 'f')) | 556 | else if ((*from >= 'a') && (*from <= 'f')) |
| 562 | v = *from - 'a' + 10; | 557 | v = *from - 'a' + 10; |
| 563 | else { | 558 | else { |
| 564 | PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS); | 559 | PEMerror(PEM_R_BAD_IV_CHARS); |
| 565 | return (0); | 560 | return (0); |
| 566 | } | 561 | } |
| 567 | from++; | 562 | from++; |
| @@ -579,7 +574,7 @@ PEM_write(FILE *fp, char *name, char *header, unsigned char *data, long len) | |||
| 579 | int ret; | 574 | int ret; |
| 580 | 575 | ||
| 581 | if ((b = BIO_new(BIO_s_file())) == NULL) { | 576 | if ((b = BIO_new(BIO_s_file())) == NULL) { |
| 582 | PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB); | 577 | PEMerror(ERR_R_BUF_LIB); |
| 583 | return (0); | 578 | return (0); |
| 584 | } | 579 | } |
| 585 | BIO_set_fp(b, fp, BIO_NOCLOSE); | 580 | BIO_set_fp(b, fp, BIO_NOCLOSE); |
| @@ -645,7 +640,7 @@ err: | |||
| 645 | explicit_bzero(buf, PEM_BUFSIZE * 8); | 640 | explicit_bzero(buf, PEM_BUFSIZE * 8); |
| 646 | free(buf); | 641 | free(buf); |
| 647 | } | 642 | } |
| 648 | PEMerr(PEM_F_PEM_WRITE_BIO, reason); | 643 | PEMerror(reason); |
| 649 | return (0); | 644 | return (0); |
| 650 | } | 645 | } |
| 651 | 646 | ||
| @@ -656,7 +651,7 @@ PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len) | |||
| 656 | int ret; | 651 | int ret; |
| 657 | 652 | ||
| 658 | if ((b = BIO_new(BIO_s_file())) == NULL) { | 653 | if ((b = BIO_new(BIO_s_file())) == NULL) { |
| 659 | PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB); | 654 | PEMerror(ERR_R_BUF_LIB); |
| 660 | return (0); | 655 | return (0); |
| 661 | } | 656 | } |
| 662 | BIO_set_fp(b, fp, BIO_NOCLOSE); | 657 | BIO_set_fp(b, fp, BIO_NOCLOSE); |
| @@ -683,7 +678,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 683 | BUF_MEM_free(nameB); | 678 | BUF_MEM_free(nameB); |
| 684 | BUF_MEM_free(headerB); | 679 | BUF_MEM_free(headerB); |
| 685 | BUF_MEM_free(dataB); | 680 | BUF_MEM_free(dataB); |
| 686 | PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); | 681 | PEMerror(ERR_R_MALLOC_FAILURE); |
| 687 | return (0); | 682 | return (0); |
| 688 | } | 683 | } |
| 689 | 684 | ||
| @@ -692,7 +687,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 692 | i = BIO_gets(bp, buf, 254); | 687 | i = BIO_gets(bp, buf, 254); |
| 693 | 688 | ||
| 694 | if (i <= 0) { | 689 | if (i <= 0) { |
| 695 | PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE); | 690 | PEMerror(PEM_R_NO_START_LINE); |
| 696 | goto err; | 691 | goto err; |
| 697 | } | 692 | } |
| 698 | 693 | ||
| @@ -707,8 +702,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 707 | if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0) | 702 | if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0) |
| 708 | continue; | 703 | continue; |
| 709 | if (!BUF_MEM_grow(nameB, i + 9)) { | 704 | if (!BUF_MEM_grow(nameB, i + 9)) { |
| 710 | PEMerr(PEM_F_PEM_READ_BIO, | 705 | PEMerror(ERR_R_MALLOC_FAILURE); |
| 711 | ERR_R_MALLOC_FAILURE); | ||
| 712 | goto err; | 706 | goto err; |
| 713 | } | 707 | } |
| 714 | memcpy(nameB->data, &(buf[11]), i - 6); | 708 | memcpy(nameB->data, &(buf[11]), i - 6); |
| @@ -718,7 +712,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 718 | } | 712 | } |
| 719 | hl = 0; | 713 | hl = 0; |
| 720 | if (!BUF_MEM_grow(headerB, 256)) { | 714 | if (!BUF_MEM_grow(headerB, 256)) { |
| 721 | PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); | 715 | PEMerror(ERR_R_MALLOC_FAILURE); |
| 722 | goto err; | 716 | goto err; |
| 723 | } | 717 | } |
| 724 | headerB->data[0] = '\0'; | 718 | headerB->data[0] = '\0'; |
| @@ -735,7 +729,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 735 | if (buf[0] == '\n') | 729 | if (buf[0] == '\n') |
| 736 | break; | 730 | break; |
| 737 | if (!BUF_MEM_grow(headerB, hl + i + 9)) { | 731 | if (!BUF_MEM_grow(headerB, hl + i + 9)) { |
| 738 | PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); | 732 | PEMerror(ERR_R_MALLOC_FAILURE); |
| 739 | goto err; | 733 | goto err; |
| 740 | } | 734 | } |
| 741 | if (strncmp(buf, "-----END ", 9) == 0) { | 735 | if (strncmp(buf, "-----END ", 9) == 0) { |
| @@ -749,7 +743,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 749 | 743 | ||
| 750 | bl = 0; | 744 | bl = 0; |
| 751 | if (!BUF_MEM_grow(dataB, 1024)) { | 745 | if (!BUF_MEM_grow(dataB, 1024)) { |
| 752 | PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); | 746 | PEMerror(ERR_R_MALLOC_FAILURE); |
| 753 | goto err; | 747 | goto err; |
| 754 | } | 748 | } |
| 755 | dataB->data[0] = '\0'; | 749 | dataB->data[0] = '\0'; |
| @@ -771,8 +765,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 771 | if (i > 65) | 765 | if (i > 65) |
| 772 | break; | 766 | break; |
| 773 | if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) { | 767 | if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) { |
| 774 | PEMerr(PEM_F_PEM_READ_BIO, | 768 | PEMerror(ERR_R_MALLOC_FAILURE); |
| 775 | ERR_R_MALLOC_FAILURE); | ||
| 776 | goto err; | 769 | goto err; |
| 777 | } | 770 | } |
| 778 | memcpy(&(dataB->data[bl]), buf, i); | 771 | memcpy(&(dataB->data[bl]), buf, i); |
| @@ -802,7 +795,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 802 | if ((strncmp(buf, "-----END ", 9) != 0) || | 795 | if ((strncmp(buf, "-----END ", 9) != 0) || |
| 803 | (strncmp(nameB->data, &(buf[9]), i) != 0) || | 796 | (strncmp(nameB->data, &(buf[9]), i) != 0) || |
| 804 | (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) { | 797 | (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) { |
| 805 | PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE); | 798 | PEMerror(PEM_R_BAD_END_LINE); |
| 806 | goto err; | 799 | goto err; |
| 807 | } | 800 | } |
| 808 | 801 | ||
| @@ -811,12 +804,12 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, | |||
| 811 | (unsigned char *)dataB->data, &bl, | 804 | (unsigned char *)dataB->data, &bl, |
| 812 | (unsigned char *)dataB->data, bl); | 805 | (unsigned char *)dataB->data, bl); |
| 813 | if (i < 0) { | 806 | if (i < 0) { |
| 814 | PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); | 807 | PEMerror(PEM_R_BAD_BASE64_DECODE); |
| 815 | goto err; | 808 | goto err; |
| 816 | } | 809 | } |
| 817 | i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k); | 810 | i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k); |
| 818 | if (i < 0) { | 811 | if (i < 0) { |
| 819 | PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); | 812 | PEMerror(PEM_R_BAD_BASE64_DECODE); |
| 820 | goto err; | 813 | goto err; |
| 821 | } | 814 | } |
| 822 | bl += k; | 815 | bl += k; |