diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/cms/cms_pwri.c | 8 | ||||
| -rw-r--r-- | src/lib/libcrypto/pem/pvkfmt.c | 12 | ||||
| -rw-r--r-- | src/lib/libcrypto/pkcs12/p12_decr.c | 5 |
3 files changed, 12 insertions, 13 deletions
diff --git a/src/lib/libcrypto/cms/cms_pwri.c b/src/lib/libcrypto/cms/cms_pwri.c index 89f7925938..11509e3c11 100644 --- a/src/lib/libcrypto/cms/cms_pwri.c +++ b/src/lib/libcrypto/cms/cms_pwri.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: cms_pwri.c,v 1.8 2014/10/22 13:02:04 jsing Exp $ */ | 1 | /* $OpenBSD: cms_pwri.c,v 1.9 2015/05/15 11:00:14 jsg Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -332,14 +332,14 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, | |||
| 332 | 332 | ||
| 333 | if (!pwri->pass) { | 333 | if (!pwri->pass) { |
| 334 | CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD); | 334 | CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD); |
| 335 | return 0; | 335 | goto err; |
| 336 | } | 336 | } |
| 337 | algtmp = pwri->keyEncryptionAlgorithm; | 337 | algtmp = pwri->keyEncryptionAlgorithm; |
| 338 | 338 | ||
| 339 | if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) { | 339 | if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) { |
| 340 | CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, | 340 | CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, |
| 341 | CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM); | 341 | CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM); |
| 342 | return 0; | 342 | goto err; |
| 343 | } | 343 | } |
| 344 | 344 | ||
| 345 | if (algtmp->parameter->type == V_ASN1_SEQUENCE) { | 345 | if (algtmp->parameter->type == V_ASN1_SEQUENCE) { |
| @@ -350,7 +350,7 @@ cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, | |||
| 350 | if (kekalg == NULL) { | 350 | if (kekalg == NULL) { |
| 351 | CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, | 351 | CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, |
| 352 | CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER); | 352 | CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER); |
| 353 | return 0; | 353 | goto err; |
| 354 | } | 354 | } |
| 355 | 355 | ||
| 356 | kekcipher = EVP_get_cipherbyobj(kekalg->algorithm); | 356 | kekcipher = EVP_get_cipherbyobj(kekalg->algorithm); |
diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c index 2009c9db80..025381bcc0 100644 --- a/src/lib/libcrypto/pem/pvkfmt.c +++ b/src/lib/libcrypto/pem/pvkfmt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pvkfmt.c,v 1.12 2014/10/22 13:02:04 jsing Exp $ */ | 1 | /* $OpenBSD: pvkfmt.c,v 1.13 2015/05/15 11:00:14 jsg Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2005. | 3 | * project 2005. |
| 4 | */ | 4 | */ |
| @@ -731,17 +731,16 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen, | |||
| 731 | inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); | 731 | inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u); |
| 732 | if (inlen <= 0) { | 732 | if (inlen <= 0) { |
| 733 | PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ); | 733 | PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ); |
| 734 | return NULL; | 734 | goto err; |
| 735 | } | 735 | } |
| 736 | enctmp = malloc(keylen + 8); | 736 | enctmp = malloc(keylen + 8); |
| 737 | if (!enctmp) { | 737 | if (!enctmp) { |
| 738 | PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE); | 738 | PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE); |
| 739 | return NULL; | 739 | goto err; |
| 740 | } | 740 | } |
| 741 | if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf, | 741 | if (!derive_pvk_key(keybuf, p, saltlen, (unsigned char *)psbuf, |
| 742 | inlen)) { | 742 | inlen)) { |
| 743 | free(enctmp); | 743 | goto err; |
| 744 | return NULL; | ||
| 745 | } | 744 | } |
| 746 | p += saltlen; | 745 | p += saltlen; |
| 747 | /* Copy BLOBHEADER across, decrypt rest */ | 746 | /* Copy BLOBHEADER across, decrypt rest */ |
| @@ -749,8 +748,7 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen, | |||
| 749 | p += 8; | 748 | p += 8; |
| 750 | if (keylen < 8) { | 749 | if (keylen < 8) { |
| 751 | PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); | 750 | PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT); |
| 752 | free(enctmp); | 751 | goto err; |
| 753 | return NULL; | ||
| 754 | } | 752 | } |
| 755 | inlen = keylen - 8; | 753 | inlen = keylen - 8; |
| 756 | q = enctmp + 8; | 754 | q = enctmp + 8; |
diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c index 13be237b4c..4cccf43d3f 100644 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ b/src/lib/libcrypto/pkcs12/p12_decr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: p12_decr.c,v 1.14 2015/02/14 12:43:07 miod Exp $ */ | 1 | /* $OpenBSD: p12_decr.c,v 1.15 2015/05/15 11:00:14 jsg Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -77,9 +77,10 @@ PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, int passlen, | |||
| 77 | /* Decrypt data */ | 77 | /* Decrypt data */ |
| 78 | if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, | 78 | if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen, |
| 79 | algor->parameter, &ctx, en_de)) { | 79 | algor->parameter, &ctx, en_de)) { |
| 80 | out = NULL; | ||
| 80 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, | 81 | PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, |
| 81 | PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); | 82 | PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); |
| 82 | return NULL; | 83 | goto err; |
| 83 | } | 84 | } |
| 84 | 85 | ||
| 85 | if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { | 86 | if (!(out = malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { |