Clean up EVP_DecryptFinal_ex()

Rework the code to use the usual variable names, return early if we have block size 1 and unindent the remainder of the code for block sizes 8 and 16. Rework the padding check to be less acrobatic and copy the remainder of the plain text into out using memcpy() rather than a for loop. input/ok jsing
author: tb <> 2023-12-20 11:01:34 +0000
committer: tb <> 2023-12-20 11:01:34 +0000
commit: 74b8ddb5b61f63537bdc48dc15df226c190bd7e0 (patch)
tree: 59e94bd04de23e14a572ad99e60f61364aa01d1a /src
parent: 16cf191fc78fae1e65f8058c4b77bfedc8ca84c7 (diff)
download: openbsd-74b8ddb5b61f63537bdc48dc15df226c190bd7e0.tar.gz
openbsd-74b8ddb5b61f63537bdc48dc15df226c190bd7e0.tar.bz2
openbsd-74b8ddb5b61f63537bdc48dc15df226c190bd7e0.zip
1 files changed, 35 insertions, 32 deletions
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index b00150513c..2bcef15fc2 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.65 2023/12/20 10:42:43 tb Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.66 2023/12/20 11:01:34 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -487,50 +487,53 @@ EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 int
 EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 {
-        int i, n;
+        const int block_size = ctx->cipher->block_size;
-        unsigned int b;
+        int buf_offset = ctx->buf_len;
+        int i, pad, plain_len;
        *outl = 0;
        if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0)
                return evp_cipher(ctx, out, outl, NULL, 0);
-        b = ctx->cipher->block_size;
+        if ((ctx->flags & EVP_CIPH_NO_PADDING) != 0) {
-        if (ctx->flags & EVP_CIPH_NO_PADDING) {
+                if (buf_offset != 0) {
-                if (ctx->buf_len) {
                        EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
                        return 0;
                }
-                *outl = 0;
                return 1;
        }
-        if (b > 1) {
-                if (ctx->buf_len || !ctx->final_used) {
+        if (block_size == 1)
-                        EVPerror(EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+                return 1;
-                        return (0);
-                }
+        if (buf_offset != 0 || !ctx->final_used) {
-                if (b > sizeof ctx->final) {
+                EVPerror(EVP_R_WRONG_FINAL_BLOCK_LENGTH);
-                        EVPerror(EVP_R_BAD_BLOCK_LENGTH);
+                return 0;
-                        return 0;
+        }
-                }
-                n = ctx->final[b - 1];
+        if (block_size > sizeof(ctx->final)) {
-                if (n == 0 || n > (int)b) {
+                EVPerror(EVP_R_BAD_BLOCK_LENGTH);
+                return 0;
+        }
+        pad = ctx->final[block_size - 1];
+        if (pad <= 0 || pad > block_size) {
+                EVPerror(EVP_R_BAD_DECRYPT);
+                return 0;
+        }
+        plain_len = block_size - pad;
+        for (i = plain_len; i < block_size; i++) {
+                if (ctx->final[i] != pad) {
                        EVPerror(EVP_R_BAD_DECRYPT);
-                        return (0);
+                        return 0;
-                }
-                for (i = 0; i < n; i++) {
-                        if (ctx->final[--b] != n) {
-                                EVPerror(EVP_R_BAD_DECRYPT);
-                                return (0);
-                        }
                }
-                n = ctx->cipher->block_size - n;
+        }
-                for (i = 0; i < n; i++)
-                        out[i] = ctx->final[i];
+        memcpy(out, ctx->final, plain_len);
-                *outl = n;
+        *outl = plain_len;
-        } else
-                *outl = 0;
+        return 1;
-        return (1);
 }
 EVP_CIPHER_CTX *
author	tb <>	2023-12-20 11:01:34 +0000
committer	tb <>	2023-12-20 11:01:34 +0000
commit	74b8ddb5b61f63537bdc48dc15df226c190bd7e0 (patch)
tree	59e94bd04de23e14a572ad99e60f61364aa01d1a /src
parent	16cf191fc78fae1e65f8058c4b77bfedc8ca84c7 (diff)
download	openbsd-74b8ddb5b61f63537bdc48dc15df226c190bd7e0.tar.gz openbsd-74b8ddb5b61f63537bdc48dc15df226c190bd7e0.tar.bz2 openbsd-74b8ddb5b61f63537bdc48dc15df226c190bd7e0.zip

diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c index b00150513c..2bcef15fc2 100644 --- a/src/lib/libcrypto/evp/evp_enc.c +++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: evp_enc.c,v 1.65 2023/12/20 10:42:43 tb Exp $ */	1	/* $OpenBSD: evp_enc.c,v 1.66 2023/12/20 11:01:34 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -487,50 +487,53 @@ EVP_DecryptFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
487	int	487	int
488	EVP_DecryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)	488	EVP_DecryptFinal_ex(EVP_CIPHER_CTX ctx, unsigned char out, int *outl)
489	{	489	{
490	int i, n;	490	const int block_size = ctx->cipher->block_size;
491	unsigned int b;	491	int buf_offset = ctx->buf_len;
		492	int i, pad, plain_len;
492		493
493	*outl = 0;	494	*outl = 0;
494		495
495	if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0)	496	if ((ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) != 0)
496	return evp_cipher(ctx, out, outl, NULL, 0);	497	return evp_cipher(ctx, out, outl, NULL, 0);
497		498
498	b = ctx->cipher->block_size;	499	if ((ctx->flags & EVP_CIPH_NO_PADDING) != 0) {
499	if (ctx->flags & EVP_CIPH_NO_PADDING) {	500	if (buf_offset != 0) {
500	if (ctx->buf_len) {
501	EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);	501	EVPerror(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
502	return 0;	502	return 0;
503	}	503	}
504	*outl = 0;
505	return 1;	504	return 1;
506	}	505	}
507	if (b > 1) {	506
508	if (ctx->buf_len \|\| !ctx->final_used) {	507	if (block_size == 1)
509	EVPerror(EVP_R_WRONG_FINAL_BLOCK_LENGTH);	508	return 1;
510	return (0);	509
511	}	510	if (buf_offset != 0 \|\| !ctx->final_used) {
512	if (b > sizeof ctx->final) {	511	EVPerror(EVP_R_WRONG_FINAL_BLOCK_LENGTH);
513	EVPerror(EVP_R_BAD_BLOCK_LENGTH);	512	return 0;
514	return 0;	513	}
515	}	514
516	n = ctx->final[b - 1];	515	if (block_size > sizeof(ctx->final)) {
517	if (n == 0 \|\| n > (int)b) {	516	EVPerror(EVP_R_BAD_BLOCK_LENGTH);
		517	return 0;
		518	}
		519
		520	pad = ctx->final[block_size - 1];
		521	if (pad <= 0 \|\| pad > block_size) {
		522	EVPerror(EVP_R_BAD_DECRYPT);
		523	return 0;
		524	}
		525	plain_len = block_size - pad;
		526	for (i = plain_len; i < block_size; i++) {
		527	if (ctx->final[i] != pad) {
518	EVPerror(EVP_R_BAD_DECRYPT);	528	EVPerror(EVP_R_BAD_DECRYPT);
519	return (0);	529	return 0;
520	}
521	for (i = 0; i < n; i++) {
522	if (ctx->final[--b] != n) {
523	EVPerror(EVP_R_BAD_DECRYPT);
524	return (0);
525	}
526	}	530	}
527	n = ctx->cipher->block_size - n;	531	}
528	for (i = 0; i < n; i++)	532
529	out[i] = ctx->final[i];	533	memcpy(out, ctx->final, plain_len);
530	*outl = n;	534	*outl = plain_len;
531	} else	535
532	*outl = 0;	536	return 1;
533	return (1);
534	}	537	}
535		538
536	EVP_CIPHER_CTX *	539	EVP_CIPHER_CTX *