diff options
| author | beck <> | 2017-01-29 17:49:23 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-29 17:49:23 +0000 |
| commit | 957b11334a7afb14537322f0e4795b2e368b3f59 (patch) | |
| tree | 1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/pkcs12/p12_decr.c | |
| parent | df96e020e729c6c37a8c7fe311fdd1fe6a8718c5 (diff) | |
| download | openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.gz openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.tar.bz2 openbsd-957b11334a7afb14537322f0e4795b2e368b3f59.zip | |
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
Diffstat (limited to 'src/lib/libcrypto/pkcs12/p12_decr.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs12/p12_decr.c | 27 |
1 files changed, 10 insertions, 17 deletions
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c index ad4e0bc660..ca08ee55d5 100644 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ b/src/lib/libcrypto/pkcs12/p12_decr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: p12_decr.c,v 1.17 2015/09/30 18:41:06 jsing Exp $ */ | 1 | /* $OpenBSD: p12_decr.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -79,20 +79,19 @@ PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen, | |||
| 79 | if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, | 79 | if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, |
| 80 | algor->parameter, &ctx, en_de)) { | 80 | algor->parameter, &ctx, en_de)) { |
| 81 | out = NULL; | 81 | out = NULL; |
| 82 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, | 82 | PKCS12error(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); |
| 83 | PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); | ||
| 84 | goto err; | 83 | goto err; |
| 85 | } | 84 | } |
| 86 | 85 | ||
| 87 | if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { | 86 | if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { |
| 88 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE); | 87 | PKCS12error(ERR_R_MALLOC_FAILURE); |
| 89 | goto err; | 88 | goto err; |
| 90 | } | 89 | } |
| 91 | 90 | ||
| 92 | if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) { | 91 | if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) { |
| 93 | free(out); | 92 | free(out); |
| 94 | out = NULL; | 93 | out = NULL; |
| 95 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB); | 94 | PKCS12error(ERR_R_EVP_LIB); |
| 96 | goto err; | 95 | goto err; |
| 97 | } | 96 | } |
| 98 | 97 | ||
| @@ -100,8 +99,7 @@ PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen, | |||
| 100 | if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) { | 99 | if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) { |
| 101 | free(out); | 100 | free(out); |
| 102 | out = NULL; | 101 | out = NULL; |
| 103 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, | 102 | PKCS12error(PKCS12_R_PKCS12_CIPHERFINAL_ERROR); |
| 104 | PKCS12_R_PKCS12_CIPHERFINAL_ERROR); | ||
| 105 | goto err; | 103 | goto err; |
| 106 | } | 104 | } |
| 107 | outlen += i; | 105 | outlen += i; |
| @@ -131,8 +129,7 @@ PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, | |||
| 131 | 129 | ||
| 132 | if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, | 130 | if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length, |
| 133 | &out, &outlen, 0)) { | 131 | &out, &outlen, 0)) { |
| 134 | PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, | 132 | PKCS12error(PKCS12_R_PKCS12_PBE_CRYPT_ERROR); |
| 135 | PKCS12_R_PKCS12_PBE_CRYPT_ERROR); | ||
| 136 | return NULL; | 133 | return NULL; |
| 137 | } | 134 | } |
| 138 | p = out; | 135 | p = out; |
| @@ -140,8 +137,7 @@ PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, | |||
| 140 | if (zbuf) | 137 | if (zbuf) |
| 141 | explicit_bzero(out, outlen); | 138 | explicit_bzero(out, outlen); |
| 142 | if (!ret) | 139 | if (!ret) |
| 143 | PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, | 140 | PKCS12error(PKCS12_R_DECODE_ERROR); |
| 144 | PKCS12_R_DECODE_ERROR); | ||
| 145 | free(out); | 141 | free(out); |
| 146 | return ret; | 142 | return ret; |
| 147 | } | 143 | } |
| @@ -160,20 +156,17 @@ PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *it, | |||
| 160 | int inlen; | 156 | int inlen; |
| 161 | 157 | ||
| 162 | if (!(oct = ASN1_OCTET_STRING_new ())) { | 158 | if (!(oct = ASN1_OCTET_STRING_new ())) { |
| 163 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, | 159 | PKCS12error(ERR_R_MALLOC_FAILURE); |
| 164 | ERR_R_MALLOC_FAILURE); | ||
| 165 | return NULL; | 160 | return NULL; |
| 166 | } | 161 | } |
| 167 | inlen = ASN1_item_i2d(obj, &in, it); | 162 | inlen = ASN1_item_i2d(obj, &in, it); |
| 168 | if (!in) { | 163 | if (!in) { |
| 169 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, | 164 | PKCS12error(PKCS12_R_ENCODE_ERROR); |
| 170 | PKCS12_R_ENCODE_ERROR); | ||
| 171 | goto err; | 165 | goto err; |
| 172 | } | 166 | } |
| 173 | if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, | 167 | if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data, |
| 174 | &oct->length, 1)) { | 168 | &oct->length, 1)) { |
| 175 | PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, | 169 | PKCS12error(PKCS12_R_ENCRYPT_ERROR); |
| 176 | PKCS12_R_ENCRYPT_ERROR); | ||
| 177 | goto err; | 170 | goto err; |
| 178 | } | 171 | } |
| 179 | if (zbuf) | 172 | if (zbuf) |