summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem
diff options
context:
space:
mode:
authorbeck <>2017-01-29 17:49:23 +0000
committerbeck <>2017-01-29 17:49:23 +0000
commit957b11334a7afb14537322f0e4795b2e368b3f59 (patch)
tree1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/pem
parentdf96e020e729c6c37a8c7fe311fdd1fe6a8718c5 (diff)
downloadopenbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.gz
openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.bz2
openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.zip
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/pem')
-rw-r--r--src/lib/libcrypto/pem/pem_err.c43
-rw-r--r--src/lib/libcrypto/pem/pem_info.c25
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c69
-rw-r--r--src/lib/libcrypto/pem/pem_oth.c4
-rw-r--r--src/lib/libcrypto/pem/pem_pk8.c13
-rw-r--r--src/lib/libcrypto/pem/pem_pkey.c13
-rw-r--r--src/lib/libcrypto/pem/pem_seal.c10
-rw-r--r--src/lib/libcrypto/pem/pem_sign.c4
-rw-r--r--src/lib/libcrypto/pem/pvkfmt.c68
9 files changed, 95 insertions, 154 deletions
diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c
index c3d0fa3576..8d3c278b54 100644
--- a/src/lib/libcrypto/pem/pem_err.c
+++ b/src/lib/libcrypto/pem/pem_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_err.c,v 1.11 2014/07/10 22:45:57 jsing Exp $ */ 1/* $OpenBSD: pem_err.c,v 1.12 2017/01/29 17:49:23 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -72,46 +72,7 @@
72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason) 72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
73 73
74static ERR_STRING_DATA PEM_str_functs[] = { 74static ERR_STRING_DATA PEM_str_functs[] = {
75 {ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"}, 75 {ERR_FUNC(0xfff), "CRYPTO_internal"},
76 {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"},
77 {ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"},
78 {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"},
79 {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"},
80 {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
81 {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
82 {ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"},
83 {ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"},
84 {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"},
85 {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
86 {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
87 {ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"},
88 {ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"},
89 {ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"},
90 {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"},
91 {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
92 {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
93 {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
94 {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
95 {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
96 {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
97 {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
98 {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
99 {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
100 {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
101 {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
102 {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
103 {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"},
104 {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
105 {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
106 {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
107 {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
108 {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
109 {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
110 {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
111 {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"},
112 {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
113 {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
114 {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
115 {0, NULL} 76 {0, NULL}
116}; 77};
117 78
diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
index 191e3b5b10..f02aaa8bb4 100644
--- a/src/lib/libcrypto/pem/pem_info.c
+++ b/src/lib/libcrypto/pem/pem_info.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_info.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */ 1/* $OpenBSD: pem_info.c,v 1.22 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -83,7 +83,7 @@ PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
83 STACK_OF(X509_INFO) *ret; 83 STACK_OF(X509_INFO) *ret;
84 84
85 if ((b = BIO_new(BIO_s_file())) == NULL) { 85 if ((b = BIO_new(BIO_s_file())) == NULL) {
86 PEMerr(PEM_F_PEM_X509_INFO_READ, ERR_R_BUF_LIB); 86 PEMerror(ERR_R_BUF_LIB);
87 return (0); 87 return (0);
88 } 88 }
89 BIO_set_fp(b, fp, BIO_NOCLOSE); 89 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -109,8 +109,7 @@ PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
109 109
110 if (sk == NULL) { 110 if (sk == NULL) {
111 if ((ret = sk_X509_INFO_new_null()) == NULL) { 111 if ((ret = sk_X509_INFO_new_null()) == NULL) {
112 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, 112 PEMerror(ERR_R_MALLOC_FAILURE);
113 ERR_R_MALLOC_FAILURE);
114 return 0; 113 return 0;
115 } 114 }
116 } else 115 } else
@@ -249,13 +248,11 @@ start:
249 if (ptype) { 248 if (ptype) {
250 if (!d2i_PrivateKey(ptype, pp, &p, 249 if (!d2i_PrivateKey(ptype, pp, &p,
251 len)) { 250 len)) {
252 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, 251 PEMerror(ERR_R_ASN1_LIB);
253 ERR_R_ASN1_LIB);
254 goto err; 252 goto err;
255 } 253 }
256 } else if (d2i(pp, &p, len) == NULL) { 254 } else if (d2i(pp, &p, len) == NULL) {
257 PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, 255 PEMerror(ERR_R_ASN1_LIB);
258 ERR_R_ASN1_LIB);
259 goto err; 256 goto err;
260 } 257 }
261 } else { /* encrypted RSA data */ 258 } else { /* encrypted RSA data */
@@ -323,8 +320,7 @@ PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
323 if (enc != NULL) { 320 if (enc != NULL) {
324 objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); 321 objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
325 if (objstr == NULL) { 322 if (objstr == NULL) {
326 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, 323 PEMerror(PEM_R_UNSUPPORTED_CIPHER);
327 PEM_R_UNSUPPORTED_CIPHER);
328 goto err; 324 goto err;
329 } 325 }
330 } 326 }
@@ -337,8 +333,7 @@ PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
337 if (xi->x_pkey != NULL) { 333 if (xi->x_pkey != NULL) {
338 if ((xi->enc_data != NULL) && (xi->enc_len > 0) ) { 334 if ((xi->enc_data != NULL) && (xi->enc_len > 0) ) {
339 if (enc == NULL) { 335 if (enc == NULL) {
340 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, 336 PEMerror(PEM_R_CIPHER_IS_NULL);
341 PEM_R_CIPHER_IS_NULL);
342 goto err; 337 goto err;
343 } 338 }
344 339
@@ -355,16 +350,14 @@ PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
355 objstr = OBJ_nid2sn( 350 objstr = OBJ_nid2sn(
356 EVP_CIPHER_nid(xi->enc_cipher.cipher)); 351 EVP_CIPHER_nid(xi->enc_cipher.cipher));
357 if (objstr == NULL) { 352 if (objstr == NULL) {
358 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, 353 PEMerror(PEM_R_UNSUPPORTED_CIPHER);
359 PEM_R_UNSUPPORTED_CIPHER);
360 goto err; 354 goto err;
361 } 355 }
362 356
363 /* create the right magic header stuff */ 357 /* create the right magic header stuff */
364 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > 358 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 >
365 sizeof buf) { 359 sizeof buf) {
366 PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, 360 PEMerror(ASN1_R_BUFFER_TOO_SMALL);
367 ASN1_R_BUFFER_TOO_SMALL);
368 goto err; 361 goto err;
369 } 362 }
370 buf[0] = '\0'; 363 buf[0] = '\0';
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 7178c8744f..b2c72e1d76 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_lib.c,v 1.43 2016/10/19 16:49:11 jsing Exp $ */ 1/* $OpenBSD: pem_lib.c,v 1.44 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -112,8 +112,7 @@ PEM_def_callback(char *buf, int num, int w, void *key)
112 for (;;) { 112 for (;;) {
113 i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w); 113 i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
114 if (i != 0) { 114 if (i != 0) {
115 PEMerr(PEM_F_PEM_DEF_CALLBACK, 115 PEMerror(PEM_R_PROBLEMS_GETTING_PASSWORD);
116 PEM_R_PROBLEMS_GETTING_PASSWORD);
117 memset(buf, 0, num); 116 memset(buf, 0, num);
118 return (-1); 117 return (-1);
119 } 118 }
@@ -176,7 +175,7 @@ PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
176 void *ret; 175 void *ret;
177 176
178 if ((b = BIO_new(BIO_s_file())) == NULL) { 177 if ((b = BIO_new(BIO_s_file())) == NULL) {
179 PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB); 178 PEMerror(ERR_R_BUF_LIB);
180 return (0); 179 return (0);
181 } 180 }
182 BIO_set_fp(b, fp, BIO_NOCLOSE); 181 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -323,7 +322,7 @@ PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, void *x,
323 int ret; 322 int ret;
324 323
325 if ((b = BIO_new(BIO_s_file())) == NULL) { 324 if ((b = BIO_new(BIO_s_file())) == NULL) {
326 PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB); 325 PEMerror(ERR_R_BUF_LIB);
327 return (0); 326 return (0);
328 } 327 }
329 BIO_set_fp(b, fp, BIO_NOCLOSE); 328 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -348,14 +347,13 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
348 if (enc != NULL) { 347 if (enc != NULL) {
349 objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); 348 objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
350 if (objstr == NULL) { 349 if (objstr == NULL) {
351 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, 350 PEMerror(PEM_R_UNSUPPORTED_CIPHER);
352 PEM_R_UNSUPPORTED_CIPHER);
353 goto err; 351 goto err;
354 } 352 }
355 } 353 }
356 354
357 if ((dsize = i2d(x, NULL)) < 0) { 355 if ((dsize = i2d(x, NULL)) < 0) {
358 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB); 356 PEMerror(ERR_R_ASN1_LIB);
359 dsize = 0; 357 dsize = 0;
360 goto err; 358 goto err;
361 } 359 }
@@ -363,7 +361,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
363 /* actually it needs the cipher block size extra... */ 361 /* actually it needs the cipher block size extra... */
364 data = malloc(dsize + 20); 362 data = malloc(dsize + 20);
365 if (data == NULL) { 363 if (data == NULL) {
366 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE); 364 PEMerror(ERR_R_MALLOC_FAILURE);
367 goto err; 365 goto err;
368 } 366 }
369 p = data; 367 p = data;
@@ -376,14 +374,13 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
376 else 374 else
377 klen = (*callback)(buf, PEM_BUFSIZE, 1, u); 375 klen = (*callback)(buf, PEM_BUFSIZE, 1, u);
378 if (klen <= 0) { 376 if (klen <= 0) {
379 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, 377 PEMerror(PEM_R_READ_KEY);
380 PEM_R_READ_KEY);
381 goto err; 378 goto err;
382 } 379 }
383 kstr = (unsigned char *)buf; 380 kstr = (unsigned char *)buf;
384 } 381 }
385 if ((size_t)enc->iv_len > sizeof(iv)) { 382 if ((size_t)enc->iv_len > sizeof(iv)) {
386 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, EVP_R_IV_TOO_LARGE); 383 PEMerror(EVP_R_IV_TOO_LARGE);
387 goto err; 384 goto err;
388 } 385 }
389 arc4random_buf(iv, enc->iv_len); /* Generate a salt */ 386 arc4random_buf(iv, enc->iv_len); /* Generate a salt */
@@ -397,8 +394,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
397 explicit_bzero(buf, PEM_BUFSIZE); 394 explicit_bzero(buf, PEM_BUFSIZE);
398 395
399 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) { 396 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) {
400 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, 397 PEMerror(ASN1_R_BUFFER_TOO_SMALL);
401 ASN1_R_BUFFER_TOO_SMALL);
402 goto err; 398 goto err;
403 } 399 }
404 400
@@ -455,7 +451,7 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
455 else 451 else
456 klen = callback(buf, PEM_BUFSIZE, 0, u); 452 klen = callback(buf, PEM_BUFSIZE, 0, u);
457 if (klen <= 0) { 453 if (klen <= 0) {
458 PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ); 454 PEMerror(PEM_R_BAD_PASSWORD_READ);
459 return (0); 455 return (0);
460 } 456 }
461 if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]), 457 if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
@@ -474,7 +470,7 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
474 explicit_bzero((char *)buf, sizeof(buf)); 470 explicit_bzero((char *)buf, sizeof(buf));
475 explicit_bzero((char *)key, sizeof(key)); 471 explicit_bzero((char *)key, sizeof(key));
476 if (!o) { 472 if (!o) {
477 PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT); 473 PEMerror(PEM_R_BAD_DECRYPT);
478 return (0); 474 return (0);
479 } 475 }
480 *plen = j + i; 476 *plen = j + i;
@@ -492,7 +488,7 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
492 if ((header == NULL) || (*header == '\0') || (*header == '\n')) 488 if ((header == NULL) || (*header == '\0') || (*header == '\n'))
493 return (1); 489 return (1);
494 if (strncmp(header, "Proc-Type: ", 11) != 0) { 490 if (strncmp(header, "Proc-Type: ", 11) != 0) {
495 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE); 491 PEMerror(PEM_R_NOT_PROC_TYPE);
496 return (0); 492 return (0);
497 } 493 }
498 header += 11; 494 header += 11;
@@ -503,18 +499,18 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
503 return (0); 499 return (0);
504 header++; 500 header++;
505 if (strncmp(header, "ENCRYPTED", 9) != 0) { 501 if (strncmp(header, "ENCRYPTED", 9) != 0) {
506 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED); 502 PEMerror(PEM_R_NOT_ENCRYPTED);
507 return (0); 503 return (0);
508 } 504 }
509 for (; (*header != '\n') && (*header != '\0'); header++) 505 for (; (*header != '\n') && (*header != '\0'); header++)
510 ; 506 ;
511 if (*header == '\0') { 507 if (*header == '\0') {
512 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER); 508 PEMerror(PEM_R_SHORT_HEADER);
513 return (0); 509 return (0);
514 } 510 }
515 header++; 511 header++;
516 if (strncmp(header, "DEK-Info: ", 10) != 0) { 512 if (strncmp(header, "DEK-Info: ", 10) != 0) {
517 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO); 513 PEMerror(PEM_R_NOT_DEK_INFO);
518 return (0); 514 return (0);
519 } 515 }
520 header += 10; 516 header += 10;
@@ -533,8 +529,7 @@ PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
533 header++; 529 header++;
534 530
535 if (enc == NULL) { 531 if (enc == NULL) {
536 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, 532 PEMerror(PEM_R_UNSUPPORTED_ENCRYPTION);
537 PEM_R_UNSUPPORTED_ENCRYPTION);
538 return (0); 533 return (0);
539 } 534 }
540 if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len)) 535 if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
@@ -561,7 +556,7 @@ load_iv(char **fromp, unsigned char *to, int num)
561 else if ((*from >= 'a') && (*from <= 'f')) 556 else if ((*from >= 'a') && (*from <= 'f'))
562 v = *from - 'a' + 10; 557 v = *from - 'a' + 10;
563 else { 558 else {
564 PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS); 559 PEMerror(PEM_R_BAD_IV_CHARS);
565 return (0); 560 return (0);
566 } 561 }
567 from++; 562 from++;
@@ -579,7 +574,7 @@ PEM_write(FILE *fp, char *name, char *header, unsigned char *data, long len)
579 int ret; 574 int ret;
580 575
581 if ((b = BIO_new(BIO_s_file())) == NULL) { 576 if ((b = BIO_new(BIO_s_file())) == NULL) {
582 PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB); 577 PEMerror(ERR_R_BUF_LIB);
583 return (0); 578 return (0);
584 } 579 }
585 BIO_set_fp(b, fp, BIO_NOCLOSE); 580 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -645,7 +640,7 @@ err:
645 explicit_bzero(buf, PEM_BUFSIZE * 8); 640 explicit_bzero(buf, PEM_BUFSIZE * 8);
646 free(buf); 641 free(buf);
647 } 642 }
648 PEMerr(PEM_F_PEM_WRITE_BIO, reason); 643 PEMerror(reason);
649 return (0); 644 return (0);
650} 645}
651 646
@@ -656,7 +651,7 @@ PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len)
656 int ret; 651 int ret;
657 652
658 if ((b = BIO_new(BIO_s_file())) == NULL) { 653 if ((b = BIO_new(BIO_s_file())) == NULL) {
659 PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB); 654 PEMerror(ERR_R_BUF_LIB);
660 return (0); 655 return (0);
661 } 656 }
662 BIO_set_fp(b, fp, BIO_NOCLOSE); 657 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -683,7 +678,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
683 BUF_MEM_free(nameB); 678 BUF_MEM_free(nameB);
684 BUF_MEM_free(headerB); 679 BUF_MEM_free(headerB);
685 BUF_MEM_free(dataB); 680 BUF_MEM_free(dataB);
686 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 681 PEMerror(ERR_R_MALLOC_FAILURE);
687 return (0); 682 return (0);
688 } 683 }
689 684
@@ -692,7 +687,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
692 i = BIO_gets(bp, buf, 254); 687 i = BIO_gets(bp, buf, 254);
693 688
694 if (i <= 0) { 689 if (i <= 0) {
695 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE); 690 PEMerror(PEM_R_NO_START_LINE);
696 goto err; 691 goto err;
697 } 692 }
698 693
@@ -707,8 +702,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
707 if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0) 702 if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0)
708 continue; 703 continue;
709 if (!BUF_MEM_grow(nameB, i + 9)) { 704 if (!BUF_MEM_grow(nameB, i + 9)) {
710 PEMerr(PEM_F_PEM_READ_BIO, 705 PEMerror(ERR_R_MALLOC_FAILURE);
711 ERR_R_MALLOC_FAILURE);
712 goto err; 706 goto err;
713 } 707 }
714 memcpy(nameB->data, &(buf[11]), i - 6); 708 memcpy(nameB->data, &(buf[11]), i - 6);
@@ -718,7 +712,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
718 } 712 }
719 hl = 0; 713 hl = 0;
720 if (!BUF_MEM_grow(headerB, 256)) { 714 if (!BUF_MEM_grow(headerB, 256)) {
721 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 715 PEMerror(ERR_R_MALLOC_FAILURE);
722 goto err; 716 goto err;
723 } 717 }
724 headerB->data[0] = '\0'; 718 headerB->data[0] = '\0';
@@ -735,7 +729,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
735 if (buf[0] == '\n') 729 if (buf[0] == '\n')
736 break; 730 break;
737 if (!BUF_MEM_grow(headerB, hl + i + 9)) { 731 if (!BUF_MEM_grow(headerB, hl + i + 9)) {
738 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 732 PEMerror(ERR_R_MALLOC_FAILURE);
739 goto err; 733 goto err;
740 } 734 }
741 if (strncmp(buf, "-----END ", 9) == 0) { 735 if (strncmp(buf, "-----END ", 9) == 0) {
@@ -749,7 +743,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
749 743
750 bl = 0; 744 bl = 0;
751 if (!BUF_MEM_grow(dataB, 1024)) { 745 if (!BUF_MEM_grow(dataB, 1024)) {
752 PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE); 746 PEMerror(ERR_R_MALLOC_FAILURE);
753 goto err; 747 goto err;
754 } 748 }
755 dataB->data[0] = '\0'; 749 dataB->data[0] = '\0';
@@ -771,8 +765,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
771 if (i > 65) 765 if (i > 65)
772 break; 766 break;
773 if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) { 767 if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) {
774 PEMerr(PEM_F_PEM_READ_BIO, 768 PEMerror(ERR_R_MALLOC_FAILURE);
775 ERR_R_MALLOC_FAILURE);
776 goto err; 769 goto err;
777 } 770 }
778 memcpy(&(dataB->data[bl]), buf, i); 771 memcpy(&(dataB->data[bl]), buf, i);
@@ -802,7 +795,7 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
802 if ((strncmp(buf, "-----END ", 9) != 0) || 795 if ((strncmp(buf, "-----END ", 9) != 0) ||
803 (strncmp(nameB->data, &(buf[9]), i) != 0) || 796 (strncmp(nameB->data, &(buf[9]), i) != 0) ||
804 (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) { 797 (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) {
805 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE); 798 PEMerror(PEM_R_BAD_END_LINE);
806 goto err; 799 goto err;
807 } 800 }
808 801
@@ -811,12 +804,12 @@ PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
811 (unsigned char *)dataB->data, &bl, 804 (unsigned char *)dataB->data, &bl,
812 (unsigned char *)dataB->data, bl); 805 (unsigned char *)dataB->data, bl);
813 if (i < 0) { 806 if (i < 0) {
814 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); 807 PEMerror(PEM_R_BAD_BASE64_DECODE);
815 goto err; 808 goto err;
816 } 809 }
817 i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k); 810 i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k);
818 if (i < 0) { 811 if (i < 0) {
819 PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE); 812 PEMerror(PEM_R_BAD_BASE64_DECODE);
820 goto err; 813 goto err;
821 } 814 }
822 bl += k; 815 bl += k;
diff --git a/src/lib/libcrypto/pem/pem_oth.c b/src/lib/libcrypto/pem/pem_oth.c
index ccd2b893d5..21498cb6b5 100644
--- a/src/lib/libcrypto/pem/pem_oth.c
+++ b/src/lib/libcrypto/pem/pem_oth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_oth.c,v 1.7 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: pem_oth.c,v 1.8 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -81,7 +81,7 @@ PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
81 p = data; 81 p = data;
82 ret = d2i(x, &p, len); 82 ret = d2i(x, &p, len);
83 if (ret == NULL) 83 if (ret == NULL)
84 PEMerr(PEM_F_PEM_ASN1_READ_BIO, ERR_R_ASN1_LIB); 84 PEMerror(ERR_R_ASN1_LIB);
85 free(data); 85 free(data);
86 return (ret); 86 return (ret);
87} 87}
diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c
index 4b3578f971..43581905f0 100644
--- a/src/lib/libcrypto/pem/pem_pk8.c
+++ b/src/lib/libcrypto/pem/pem_pk8.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_pk8.c,v 1.12 2016/09/04 16:10:38 jsing Exp $ */ 1/* $OpenBSD: pem_pk8.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -116,8 +116,7 @@ do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
116 int ret; 116 int ret;
117 117
118 if (!(p8inf = EVP_PKEY2PKCS8(x))) { 118 if (!(p8inf = EVP_PKEY2PKCS8(x))) {
119 PEMerr(PEM_F_DO_PK8PKEY, 119 PEMerror(PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
120 PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
121 return 0; 120 return 0;
122 } 121 }
123 if (enc || (nid != -1)) { 122 if (enc || (nid != -1)) {
@@ -127,7 +126,7 @@ do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
127 else 126 else
128 klen = cb(buf, PEM_BUFSIZE, 1, u); 127 klen = cb(buf, PEM_BUFSIZE, 1, u);
129 if (klen <= 0) { 128 if (klen <= 0) {
130 PEMerr(PEM_F_DO_PK8PKEY, PEM_R_READ_KEY); 129 PEMerror(PEM_R_READ_KEY);
131 PKCS8_PRIV_KEY_INFO_free(p8inf); 130 PKCS8_PRIV_KEY_INFO_free(p8inf);
132 return 0; 131 return 0;
133 } 132 }
@@ -171,7 +170,7 @@ d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
171 else 170 else
172 klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); 171 klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
173 if (klen <= 0) { 172 if (klen <= 0) {
174 PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ); 173 PEMerror(PEM_R_BAD_PASSWORD_READ);
175 X509_SIG_free(p8); 174 X509_SIG_free(p8);
176 return NULL; 175 return NULL;
177 } 176 }
@@ -227,7 +226,7 @@ do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
227 int ret; 226 int ret;
228 227
229 if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { 228 if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
230 PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB); 229 PEMerror(ERR_R_BUF_LIB);
231 return (0); 230 return (0);
232 } 231 }
233 ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); 232 ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
@@ -242,7 +241,7 @@ d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
242 EVP_PKEY *ret; 241 EVP_PKEY *ret;
243 242
244 if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { 243 if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
245 PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB); 244 PEMerror(ERR_R_BUF_LIB);
246 return NULL; 245 return NULL;
247 } 246 }
248 ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u); 247 ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c
index afb476f818..6651ef9419 100644
--- a/src/lib/libcrypto/pem/pem_pkey.c
+++ b/src/lib/libcrypto/pem/pem_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_pkey.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */ 1/* $OpenBSD: pem_pkey.c,v 1.22 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -116,8 +116,7 @@ PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
116 else 116 else
117 klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); 117 klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
118 if (klen <= 0) { 118 if (klen <= 0) {
119 PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, 119 PEMerror(PEM_R_BAD_PASSWORD_READ);
120 PEM_R_BAD_PASSWORD_READ);
121 X509_SIG_free(p8); 120 X509_SIG_free(p8);
122 goto err; 121 goto err;
123 } 122 }
@@ -141,7 +140,7 @@ PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
141 140
142p8err: 141p8err:
143 if (ret == NULL) 142 if (ret == NULL)
144 PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB); 143 PEMerror(ERR_R_ASN1_LIB);
145err: 144err:
146 free(nm); 145 free(nm);
147 explicit_bzero(data, len); 146 explicit_bzero(data, len);
@@ -199,7 +198,7 @@ PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
199 198
200err: 199err:
201 if (ret == NULL) 200 if (ret == NULL)
202 PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS, ERR_R_ASN1_LIB); 201 PEMerror(ERR_R_ASN1_LIB);
203 free(nm); 202 free(nm);
204 free(data); 203 free(data);
205 return (ret); 204 return (ret);
@@ -226,7 +225,7 @@ PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u)
226 EVP_PKEY *ret; 225 EVP_PKEY *ret;
227 226
228 if ((b = BIO_new(BIO_s_file())) == NULL) { 227 if ((b = BIO_new(BIO_s_file())) == NULL) {
229 PEMerr(PEM_F_PEM_READ_PRIVATEKEY, ERR_R_BUF_LIB); 228 PEMerror(ERR_R_BUF_LIB);
230 return (0); 229 return (0);
231 } 230 }
232 BIO_set_fp(b, fp, BIO_NOCLOSE); 231 BIO_set_fp(b, fp, BIO_NOCLOSE);
@@ -243,7 +242,7 @@ PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
243 int ret; 242 int ret;
244 243
245 if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) { 244 if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
246 PEMerr(PEM_F_PEM_WRITE_PRIVATEKEY, ERR_R_BUF_LIB); 245 PEMerror(ERR_R_BUF_LIB);
247 return 0; 246 return 0;
248 } 247 }
249 ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u); 248 ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
index 79162b32d7..c6d61fff0f 100644
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_seal.c,v 1.23 2016/11/05 11:32:45 miod Exp $ */ 1/* $OpenBSD: pem_seal.c,v 1.24 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -97,7 +97,7 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
97 97
98 for (i = 0; i < npubk; i++) { 98 for (i = 0; i < npubk; i++) {
99 if (pubk[i]->type != EVP_PKEY_RSA) { 99 if (pubk[i]->type != EVP_PKEY_RSA) {
100 PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA); 100 PEMerror(PEM_R_PUBLIC_KEY_NO_RSA);
101 goto err; 101 goto err;
102 } 102 }
103 j = RSA_size(pubk[i]->pkey.rsa); 103 j = RSA_size(pubk[i]->pkey.rsa);
@@ -106,7 +106,7 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
106 } 106 }
107 s = reallocarray(NULL, max, 2); 107 s = reallocarray(NULL, max, 2);
108 if (s == NULL) { 108 if (s == NULL) {
109 PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE); 109 PEMerror(ERR_R_MALLOC_FAILURE);
110 goto err; 110 goto err;
111 } 111 }
112 112
@@ -170,7 +170,7 @@ PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
170 unsigned int i; 170 unsigned int i;
171 171
172 if (priv->type != EVP_PKEY_RSA) { 172 if (priv->type != EVP_PKEY_RSA) {
173 PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA); 173 PEMerror(PEM_R_PUBLIC_KEY_NO_RSA);
174 goto err; 174 goto err;
175 } 175 }
176 i = RSA_size(priv->pkey.rsa); 176 i = RSA_size(priv->pkey.rsa);
@@ -178,7 +178,7 @@ PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
178 i = 100; 178 i = 100;
179 s = reallocarray(NULL, i, 2); 179 s = reallocarray(NULL, i, 2);
180 if (s == NULL) { 180 if (s == NULL) {
181 PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE); 181 PEMerror(ERR_R_MALLOC_FAILURE);
182 goto err; 182 goto err;
183 } 183 }
184 184
diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c
index aab8c4d6b8..a225e8970f 100644
--- a/src/lib/libcrypto/pem/pem_sign.c
+++ b/src/lib/libcrypto/pem/pem_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_sign.c,v 1.12 2014/10/18 17:20:40 jsing Exp $ */ 1/* $OpenBSD: pem_sign.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -87,7 +87,7 @@ PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
87 87
88 m = malloc(EVP_PKEY_size(pkey) + 2); 88 m = malloc(EVP_PKEY_size(pkey) + 2);
89 if (m == NULL) { 89 if (m == NULL) {
90 PEMerr(PEM_F_PEM_SIGNFINAL, ERR_R_MALLOC_FAILURE); 90 PEMerror(ERR_R_MALLOC_FAILURE);
91 goto err; 91 goto err;
92 } 92 }
93 93
diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c
index 0a33a24b9f..5ed8df585f 100644
--- a/src/lib/libcrypto/pem/pvkfmt.c
+++ b/src/lib/libcrypto/pem/pvkfmt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pvkfmt.c,v 1.17 2017/01/21 09:38:59 beck Exp $ */ 1/* $OpenBSD: pvkfmt.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005. 3 * project 2005.
4 */ 4 */
@@ -157,15 +157,13 @@ do_blob_header(const unsigned char **in, unsigned int length,
157 /* bType */ 157 /* bType */
158 if (*p == MS_PUBLICKEYBLOB) { 158 if (*p == MS_PUBLICKEYBLOB) {
159 if (*pispub == 0) { 159 if (*pispub == 0) {
160 PEMerr(PEM_F_DO_BLOB_HEADER, 160 PEMerror(PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
161 PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
162 return 0; 161 return 0;
163 } 162 }
164 *pispub = 1; 163 *pispub = 1;
165 } else if (*p == MS_PRIVATEKEYBLOB) { 164 } else if (*p == MS_PRIVATEKEYBLOB) {
166 if (*pispub == 1) { 165 if (*pispub == 1) {
167 PEMerr(PEM_F_DO_BLOB_HEADER, 166 PEMerror(PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
168 PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
169 return 0; 167 return 0;
170 } 168 }
171 *pispub = 0; 169 *pispub = 0;
@@ -174,7 +172,7 @@ do_blob_header(const unsigned char **in, unsigned int length,
174 p++; 172 p++;
175 /* Version */ 173 /* Version */
176 if (*p++ != 0x2) { 174 if (*p++ != 0x2) {
177 PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER); 175 PEMerror(PEM_R_BAD_VERSION_NUMBER);
178 return 0; 176 return 0;
179 } 177 }
180 /* Ignore reserved, aiKeyAlg */ 178 /* Ignore reserved, aiKeyAlg */
@@ -182,7 +180,7 @@ do_blob_header(const unsigned char **in, unsigned int length,
182 *pmagic = read_ledword(&p); 180 *pmagic = read_ledword(&p);
183 *pbitlen = read_ledword(&p); 181 *pbitlen = read_ledword(&p);
184 if (*pbitlen > 65536) { 182 if (*pbitlen > 65536) {
185 PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_INCONSISTENT_HEADER); 183 PEMerror(PEM_R_INCONSISTENT_HEADER);
186 return 0; 184 return 0;
187 } 185 }
188 *pisdss = 0; 186 *pisdss = 0;
@@ -192,8 +190,7 @@ do_blob_header(const unsigned char **in, unsigned int length,
192 *pisdss = 1; 190 *pisdss = 1;
193 case MS_RSA1MAGIC: 191 case MS_RSA1MAGIC:
194 if (*pispub == 0) { 192 if (*pispub == 0) {
195 PEMerr(PEM_F_DO_BLOB_HEADER, 193 PEMerror(PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
196 PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
197 return 0; 194 return 0;
198 } 195 }
199 break; 196 break;
@@ -202,14 +199,13 @@ do_blob_header(const unsigned char **in, unsigned int length,
202 *pisdss = 1; 199 *pisdss = 1;
203 case MS_RSA2MAGIC: 200 case MS_RSA2MAGIC:
204 if (*pispub == 1) { 201 if (*pispub == 1) {
205 PEMerr(PEM_F_DO_BLOB_HEADER, 202 PEMerror(PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
206 PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
207 return 0; 203 return 0;
208 } 204 }
209 break; 205 break;
210 206
211 default: 207 default:
212 PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER); 208 PEMerror(PEM_R_BAD_MAGIC_NUMBER);
213 return -1; 209 return -1;
214 } 210 }
215 *in = p; 211 *in = p;
@@ -256,12 +252,12 @@ do_b2i(const unsigned char **in, unsigned int length, int ispub)
256 int isdss; 252 int isdss;
257 253
258 if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) { 254 if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
259 PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR); 255 PEMerror(PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
260 return NULL; 256 return NULL;
261 } 257 }
262 length -= 16; 258 length -= 16;
263 if (length < blob_length(bitlen, isdss, ispub)) { 259 if (length < blob_length(bitlen, isdss, ispub)) {
264 PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT); 260 PEMerror(PEM_R_KEYBLOB_TOO_SHORT);
265 return NULL; 261 return NULL;
266 } 262 }
267 if (isdss) 263 if (isdss)
@@ -280,7 +276,7 @@ do_b2i_bio(BIO *in, int ispub)
280 EVP_PKEY *ret = NULL; 276 EVP_PKEY *ret = NULL;
281 277
282 if (BIO_read(in, hdr_buf, 16) != 16) { 278 if (BIO_read(in, hdr_buf, 16) != 16) {
283 PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT); 279 PEMerror(PEM_R_KEYBLOB_TOO_SHORT);
284 return NULL; 280 return NULL;
285 } 281 }
286 p = hdr_buf; 282 p = hdr_buf;
@@ -290,12 +286,12 @@ do_b2i_bio(BIO *in, int ispub)
290 length = blob_length(bitlen, isdss, ispub); 286 length = blob_length(bitlen, isdss, ispub);
291 buf = malloc(length); 287 buf = malloc(length);
292 if (!buf) { 288 if (!buf) {
293 PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE); 289 PEMerror(ERR_R_MALLOC_FAILURE);
294 goto err; 290 goto err;
295 } 291 }
296 p = buf; 292 p = buf;
297 if (BIO_read(in, buf, length) != (int)length) { 293 if (BIO_read(in, buf, length) != (int)length) {
298 PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT); 294 PEMerror(PEM_R_KEYBLOB_TOO_SHORT);
299 goto err; 295 goto err;
300 } 296 }
301 297
@@ -354,7 +350,7 @@ b2i_dss(const unsigned char **in, unsigned int length, unsigned int bitlen,
354 return ret; 350 return ret;
355 351
356memerr: 352memerr:
357 PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE); 353 PEMerror(ERR_R_MALLOC_FAILURE);
358 DSA_free(dsa); 354 DSA_free(dsa);
359 EVP_PKEY_free(ret); 355 EVP_PKEY_free(ret);
360 BN_CTX_free(ctx); 356 BN_CTX_free(ctx);
@@ -404,7 +400,7 @@ b2i_rsa(const unsigned char **in, unsigned int length, unsigned int bitlen,
404 return ret; 400 return ret;
405 401
406memerr: 402memerr:
407 PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); 403 PEMerror(ERR_R_MALLOC_FAILURE);
408 RSA_free(rsa); 404 RSA_free(rsa);
409 EVP_PKEY_free(ret); 405 EVP_PKEY_free(ret);
410 return NULL; 406 return NULL;
@@ -566,7 +562,7 @@ check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
566 return bitlen; 562 return bitlen;
567 563
568badkey: 564badkey:
569 PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS); 565 PEMerror(PEM_R_UNSUPPORTED_KEY_COMPONENTS);
570 return 0; 566 return 0;
571} 567}
572 568
@@ -600,7 +596,7 @@ check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
600 return bitlen; 596 return bitlen;
601 597
602badkey: 598badkey:
603 PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS); 599 PEMerror(PEM_R_UNSUPPORTED_KEY_COMPONENTS);
604 return 0; 600 return 0;
605} 601}
606 602
@@ -665,19 +661,19 @@ do_PVK_header(const unsigned char **in, unsigned int length, int skip_magic,
665 661
666 if (skip_magic) { 662 if (skip_magic) {
667 if (length < 20) { 663 if (length < 20) {
668 PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); 664 PEMerror(PEM_R_PVK_TOO_SHORT);
669 return 0; 665 return 0;
670 } 666 }
671 length -= 20; 667 length -= 20;
672 } else { 668 } else {
673 if (length < 24) { 669 if (length < 24) {
674 PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT); 670 PEMerror(PEM_R_PVK_TOO_SHORT);
675 return 0; 671 return 0;
676 } 672 }
677 length -= 24; 673 length -= 24;
678 pvk_magic = read_ledword(&p); 674 pvk_magic = read_ledword(&p);
679 if (pvk_magic != MS_PVKMAGIC) { 675 if (pvk_magic != MS_PVKMAGIC) {
680 PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER); 676 PEMerror(PEM_R_BAD_MAGIC_NUMBER);
681 return 0; 677 return 0;
682 } 678 }
683 } 679 }
@@ -688,12 +684,12 @@ do_PVK_header(const unsigned char **in, unsigned int length, int skip_magic,
688 *psaltlen = read_ledword(&p); 684 *psaltlen = read_ledword(&p);
689 *pkeylen = read_ledword(&p); 685 *pkeylen = read_ledword(&p);
690 if (*psaltlen > 65536 || *pkeylen > 65536) { 686 if (*psaltlen > 65536 || *pkeylen > 65536) {
691 PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_ERROR_CONVERTING_PRIVATE_KEY); 687 PEMerror(PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
692 return 0; 688 return 0;
693 } 689 }
694 690
695 if (is_encrypted && !*psaltlen) { 691 if (is_encrypted && !*psaltlen) {
696 PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER); 692 PEMerror(PEM_R_INCONSISTENT_HEADER);
697 return 0; 693 return 0;
698 } 694 }
699 695
@@ -740,12 +736,12 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen,
740 else 736 else
741 inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); 737 inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
742 if (inlen <= 0) { 738 if (inlen <= 0) {
743 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ); 739 PEMerror(PEM_R_BAD_PASSWORD_READ);
744 goto err; 740 goto err;
745 } 741 }
746 enctmp = malloc(keylen + 8); 742 enctmp = malloc(keylen + 8);
747 if (!enctmp) { 743 if (!enctmp) {
748 PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE); 744 PEMerror(ERR_R_MALLOC_FAILURE);
749 goto err; 745 goto err;
750 } 746 }
751 if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf, 747 if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf,
@@ -757,7 +753,7 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen,
757 memcpy(enctmp, p, 8); 753 memcpy(enctmp, p, 8);
758 p += 8; 754 p += 8;
759 if (keylen < 8) { 755 if (keylen < 8) {
760 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); 756 PEMerror(PEM_R_PVK_TOO_SHORT);
761 goto err; 757 goto err;
762 } 758 }
763 inlen = keylen - 8; 759 inlen = keylen - 8;
@@ -783,7 +779,7 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen,
783 goto err; 779 goto err;
784 magic = read_ledword((const unsigned char **)&q); 780 magic = read_ledword((const unsigned char **)&q);
785 if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) { 781 if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
786 PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT); 782 PEMerror(PEM_R_BAD_DECRYPT);
787 goto err; 783 goto err;
788 } 784 }
789 } else 785 } else
@@ -811,7 +807,7 @@ b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
811 unsigned int saltlen, keylen; 807 unsigned int saltlen, keylen;
812 808
813 if (BIO_read(in, pvk_hdr, 24) != 24) { 809 if (BIO_read(in, pvk_hdr, 24) != 24) {
814 PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT); 810 PEMerror(PEM_R_PVK_DATA_TOO_SHORT);
815 return NULL; 811 return NULL;
816 } 812 }
817 p = pvk_hdr; 813 p = pvk_hdr;
@@ -821,12 +817,12 @@ b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
821 buflen = keylen + saltlen; 817 buflen = keylen + saltlen;
822 buf = malloc(buflen); 818 buf = malloc(buflen);
823 if (!buf) { 819 if (!buf) {
824 PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE); 820 PEMerror(ERR_R_MALLOC_FAILURE);
825 return 0; 821 return 0;
826 } 822 }
827 p = buf; 823 p = buf;
828 if (BIO_read(in, buf, buflen) != buflen) { 824 if (BIO_read(in, buf, buflen) != buflen) {
829 PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT); 825 PEMerror(PEM_R_PVK_DATA_TOO_SHORT);
830 goto err; 826 goto err;
831 } 827 }
832 ret = do_PVK_body(&p, saltlen, keylen, cb, u); 828 ret = do_PVK_body(&p, saltlen, keylen, cb, u);
@@ -861,7 +857,7 @@ i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, pem_password_cb *cb,
861 else { 857 else {
862 p = malloc(outlen); 858 p = malloc(outlen);
863 if (!p) { 859 if (!p) {
864 PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE); 860 PEMerror(ERR_R_MALLOC_FAILURE);
865 return -1; 861 return -1;
866 } 862 }
867 *out = p; 863 *out = p;
@@ -893,7 +889,7 @@ i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, pem_password_cb *cb,
893 else 889 else
894 inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u); 890 inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);
895 if (inlen <= 0) { 891 if (inlen <= 0) {
896 PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ); 892 PEMerror(PEM_R_BAD_PASSWORD_READ);
897 goto error; 893 goto error;
898 } 894 }
899 if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN, 895 if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
@@ -930,7 +926,7 @@ i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, pem_password_cb *cb, void *u)
930 wrlen = BIO_write(out, tmp, outlen); 926 wrlen = BIO_write(out, tmp, outlen);
931 free(tmp); 927 free(tmp);
932 if (wrlen == outlen) { 928 if (wrlen == outlen) {
933 PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE); 929 PEMerror(PEM_R_BIO_WRITE_FAILURE);
934 return outlen; 930 return outlen;
935 } 931 }
936 return -1; 932 return -1;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 17:07:23 +0000