diff options
| author | Ben Laurie <ben@openssl.org> | 2011-11-14 00:36:10 +0000 |
|---|---|---|
| committer | Ben Laurie <ben@openssl.org> | 2011-11-14 00:36:10 +0000 |
| commit | ae551760917614647ad6fbacec6e4c1b495a94cf (patch) | |
| tree | 34a1985c9beb2aa0a43904de8e733796c40df48c /crypto/cms | |
| parent | fe0686483621d420705e881cd9187788a0691583 (diff) | |
Fix some warnings caused by __owur. Temporarily (I hope) remove the more
aspirational __owur annotations.
Diffstat (limited to 'crypto/cms')
| -rw-r--r-- | crypto/cms/cms_pwri.c | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index b79612a12d..8a574616d2 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -239,21 +239,22 @@ static int kek_unwrap_key(unsigned char *out, size_t *outlen, } tmp = OPENSSL_malloc(inlen); /* setup IV by decrypting last two blocks */ - EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl, - in + inlen - 2 * blocklen, blocklen * 2); + if (!EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl, + in + inlen - 2 * blocklen, blocklen * 2) /* Do a decrypt of last decrypted block to set IV to correct value * output it to start of buffer so we don't corrupt decrypted block * this works because buffer is at least two block lengths long. */ - EVP_DecryptUpdate(ctx, tmp, &outl, - tmp + inlen - blocklen, blocklen); + || !EVP_DecryptUpdate(ctx, tmp, &outl, + tmp + inlen - blocklen, blocklen) /* Can now decrypt first n - 1 blocks */ - EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen); + || !EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen) /* Reset IV to original value */ - EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL); + || !EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL) /* Decrypt again */ - EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen); + || !EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen)) + goto err; /* Check check bytes */ if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) { @@ -308,8 +309,9 @@ static int kek_wrap_key(unsigned char *out, size_t *outlen, if (olen > inlen + 4) RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen); /* Encrypt twice */ - EVP_EncryptUpdate(ctx, out, &dummy, out, olen); - EVP_EncryptUpdate(ctx, out, &dummy, out, olen); + if (!EVP_EncryptUpdate(ctx, out, &dummy, out, olen) + || !EVP_EncryptUpdate(ctx, out, &dummy, out, olen)) + return 0; } *outlen = olen; |