EVP_SealInit(): minor cleanup.

Explicitly compare pointers against NULL, turn the function into single exit, add hint at why npubk <= 0 or pubk == NULL are a success path: The documentation briefly explains that EVP_OpenInit() and EVP_SealInit() is able to initialize the EVP_CIPHER_CTX in two steps exactly like the EVP_CipherInit_ex() API they wrap: the first call with non-NULL cipher (aka type) only sets the cipher on the ctx, then it returns to allow callers to customize the EVP_CIPHER_CTX, and a second call with cipher == NULL skips the initialization and finishes the ctx setup by setting key and iv. Prompted by a report by Niels Dossche. ok jsing kenjiro
author: tb <> 2026-01-30 13:51:44 +0000
committer: tb <> 2026-01-30 13:51:44 +0000
commit: 9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7 (patch)
tree: 88f090f3d76a8e7a24103c7723e4c55bb7000c2c /src/lib/libcrypto
parent: d08c52f7b1df87a6d0b5aa0f42fdeee3f3c0e6b9 (diff)
download: openbsd-9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7.tar.gz
openbsd-9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7.tar.bz2
openbsd-9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7.zip
1 files changed, 25 insertions, 11 deletions
diff --git a/src/lib/libcrypto/evp/p_legacy.c b/src/lib/libcrypto/evp/p_legacy.c
index 521bddaa02..02153be20b 100644
--- a/src/lib/libcrypto/evp/p_legacy.c
+++ b/src/lib/libcrypto/evp/p_legacy.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: p_legacy.c,v 1.9 2026/01/30 13:47:22 tb Exp $ */
+/*      $OpenBSD: p_legacy.c,v 1.10 2026/01/30 13:51:44 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -164,33 +164,47 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
 {
        unsigned char key[EVP_MAX_KEY_LENGTH];
        int i, iv_len;
+        int ret = 0;
-        if (type) {
+        if (type != NULL) {
                if (!EVP_CIPHER_CTX_reset(ctx))
-                        return 0;
+                        goto err;
                if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
-                        return 0;
+                        goto err;
        }
-        if ((npubk <= 0) || !pubk)
-                return 1;
+        /*
+         * Per manpage: "it is possible to call EVP_SealInit() twice in the
+         * same way as EVP_EncryptInit(3)." The return 1 indicates success.
+         */
+        if (npubk <= 0 || pubk == NULL) {
+                npubk = 1;
+                goto done;
+        }
        if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
-                return 0;
+                goto err;
        /* XXX - upper bound? */
        if ((iv_len = EVP_CIPHER_CTX_iv_length(ctx)) < 0)
-                return 0;
+                goto err;
        if (iv_len > 0)
                arc4random_buf(iv, iv_len);
        if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
-                return 0;
+                goto err;
        for (i = 0; i < npubk; i++) {
                ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,
                    EVP_CIPHER_CTX_key_length(ctx), pubk[i]);
                if (ekl[i] <= 0)
-                        return 0;
+                        goto err;
        }
-        return (npubk);
+ done:
+        ret = npubk;
+ err:
+        return ret;
 }
 LCRYPTO_ALIAS(EVP_SealInit);
author	tb <>	2026-01-30 13:51:44 +0000
committer	tb <>	2026-01-30 13:51:44 +0000
commit	9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7 (patch)
tree	88f090f3d76a8e7a24103c7723e4c55bb7000c2c /src/lib/libcrypto
parent	d08c52f7b1df87a6d0b5aa0f42fdeee3f3c0e6b9 (diff)
download	openbsd-9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7.tar.gz openbsd-9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7.tar.bz2 openbsd-9e1ab34f681a4aaf84ec91a6d2b36c59c85b73d7.zip

diff --git a/src/lib/libcrypto/evp/p_legacy.c b/src/lib/libcrypto/evp/p_legacy.c index 521bddaa02..02153be20b 100644 --- a/src/lib/libcrypto/evp/p_legacy.c +++ b/src/lib/libcrypto/evp/p_legacy.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p_legacy.c,v 1.9 2026/01/30 13:47:22 tb Exp $ */	1	/* $OpenBSD: p_legacy.c,v 1.10 2026/01/30 13:51:44 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -164,33 +164,47 @@ EVP_SealInit(EVP_CIPHER_CTX ctx, const EVP_CIPHER type, unsigned char **ek,
164	{	164	{
165	unsigned char key[EVP_MAX_KEY_LENGTH];	165	unsigned char key[EVP_MAX_KEY_LENGTH];
166	int i, iv_len;	166	int i, iv_len;
		167	int ret = 0;
167		168
168	if (type) {	169	if (type != NULL) {
169	if (!EVP_CIPHER_CTX_reset(ctx))	170	if (!EVP_CIPHER_CTX_reset(ctx))
170	return 0;	171	goto err;
171	if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))	172	if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
172	return 0;	173	goto err;
173	}	174	}
174	if ((npubk <= 0) \|\| !pubk)	175
175	return 1;	176	/*
		177	* Per manpage: "it is possible to call EVP_SealInit() twice in the
		178	* same way as EVP_EncryptInit(3)." The return 1 indicates success.
		179	*/
		180	if (npubk <= 0 \|\| pubk == NULL) {
		181	npubk = 1;
		182	goto done;
		183	}
		184
176	if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)	185	if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
177	return 0;	186	goto err;
178	/* XXX - upper bound? */	187	/* XXX - upper bound? */
179	if ((iv_len = EVP_CIPHER_CTX_iv_length(ctx)) < 0)	188	if ((iv_len = EVP_CIPHER_CTX_iv_length(ctx)) < 0)
180	return 0;	189	goto err;
181	if (iv_len > 0)	190	if (iv_len > 0)
182	arc4random_buf(iv, iv_len);	191	arc4random_buf(iv, iv_len);
183		192
184	if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))	193	if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
185	return 0;	194	goto err;
186		195
187	for (i = 0; i < npubk; i++) {	196	for (i = 0; i < npubk; i++) {
188	ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,	197	ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,
189	EVP_CIPHER_CTX_key_length(ctx), pubk[i]);	198	EVP_CIPHER_CTX_key_length(ctx), pubk[i]);
190	if (ekl[i] <= 0)	199	if (ekl[i] <= 0)
191	return 0;	200	goto err;
192	}	201	}
193	return (npubk);	202
		203	done:
		204	ret = npubk;
		205
		206	err:
		207	return ret;
194	}	208	}
195	LCRYPTO_ALIAS(EVP_SealInit);	209	LCRYPTO_ALIAS(EVP_SealInit);
196		210