diff options
| author | Richard Levitte <levitte@openssl.org> | 2022-09-29 13:57:34 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2022-10-05 14:02:03 +0200 |
| commit | e077455e9e57ed4ee4676996b4a9aa11df6327a6 (patch) | |
| tree | edcb7412024f95fbc97c2c7a780f78ad05d586e3 /crypto/ec | |
| parent | 9167a47f78159b0578bc032401ab1d66e14eecdb (diff) | |
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
Diffstat (limited to 'crypto/ec')
| -rw-r--r-- | crypto/ec/ec2_smpl.c | 6 | ||||
| -rw-r--r-- | crypto/ec/ec_ameth.c | 2 | ||||
| -rw-r--r-- | crypto/ec/ec_asn1.c | 45 | ||||
| -rw-r--r-- | crypto/ec/ec_backend.c | 16 | ||||
| -rw-r--r-- | crypto/ec/ec_check.c | 4 | ||||
| -rw-r--r-- | crypto/ec/ec_curve.c | 2 | ||||
| -rw-r--r-- | crypto/ec/ec_deprecated.c | 4 | ||||
| -rw-r--r-- | crypto/ec/ec_key.c | 6 | ||||
| -rw-r--r-- | crypto/ec/ec_kmeth.c | 11 | ||||
| -rw-r--r-- | crypto/ec/ec_lib.c | 24 | ||||
| -rw-r--r-- | crypto/ec/ec_mult.c | 27 | ||||
| -rw-r--r-- | crypto/ec/ec_oct.c | 4 | ||||
| -rw-r--r-- | crypto/ec/ec_pmeth.c | 8 | ||||
| -rw-r--r-- | crypto/ec/ecdh_ossl.c | 17 | ||||
| -rw-r--r-- | crypto/ec/ecdsa_ossl.c | 16 | ||||
| -rw-r--r-- | crypto/ec/eck_prn.c | 4 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistp224.c | 10 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistp256.c | 10 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistp521.c | 10 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistz256.c | 24 | ||||
| -rw-r--r-- | crypto/ec/ecp_s390x_nistp.c | 8 | ||||
| -rw-r--r-- | crypto/ec/ecp_smpl.c | 4 | ||||
| -rw-r--r-- | crypto/ec/ecx_backend.c | 13 | ||||
| -rw-r--r-- | crypto/ec/ecx_key.c | 9 | ||||
| -rw-r--r-- | crypto/ec/ecx_meth.c | 28 |
25 files changed, 127 insertions, 185 deletions
diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c index 79884c72bb..d9fee26612 100644 --- a/crypto/ec/ec2_smpl.c +++ b/crypto/ec/ec2_smpl.c @@ -188,7 +188,7 @@ int ossl_ec_GF2m_simple_group_check_discriminant(const EC_GROUP *group, if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } } @@ -826,7 +826,7 @@ int ec_GF2m_simple_ladder_post(const EC_GROUP *group, t1 = BN_CTX_get(ctx); t2 = BN_CTX_get(ctx); if (t2 == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -905,7 +905,7 @@ int ec_GF2m_simple_points_mul(const EC_GROUP *group, EC_POINT *r, */ if ((t = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); return 0; } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 50adca042a..e9866a4e69 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -611,7 +611,7 @@ static int ec_pkey_import_from(const OSSL_PARAM params[], void *vpctx) EC_KEY *ec = EC_KEY_new_ex(pctx->libctx, pctx->propquery); if (ec == NULL) { - ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); return 0; } diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 3d9fc197e9..b32697fb85 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -206,7 +206,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) if (nid == NID_X9_62_prime_field) { if ((tmp = BN_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } /* the parameters are specified by the prime number p */ @@ -235,7 +235,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) char_two = field->p.char_two; if (char_two == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } @@ -261,7 +261,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) char_two->p.tpBasis = ASN1_INTEGER_new(); if (char_two->p.tpBasis == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k)) { @@ -276,7 +276,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) char_two->p.ppBasis = X9_62_PENTANOMIAL_new(); if (char_two->p.ppBasis == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } @@ -289,7 +289,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) /* for ONB the parameters are (asn1) NULL */ char_two->p.onBasis = ASN1_NULL_new(); if (char_two->p.onBasis == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } } @@ -318,7 +318,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) return 0; if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -335,10 +335,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) */ len = ((size_t)EC_GROUP_get_degree(group) + 7) / 8; if ((a_buf = OPENSSL_malloc(len)) == NULL - || (b_buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + || (b_buf = OPENSSL_malloc(len)) == NULL) goto err; - } if (BN_bn2binpad(tmp_1, a_buf, len) < 0 || BN_bn2binpad(tmp_2, b_buf, len) < 0) { ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); @@ -356,7 +354,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) if (group->seed) { if (!curve->seed) if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } ossl_asn1_string_set_bits_left(curve->seed, 0); @@ -393,7 +391,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, if (params == NULL) { if ((ret = ECPARAMETERS_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } } else @@ -429,7 +427,7 @@ ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group, } if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) { OPENSSL_free(buffer); - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } ASN1_STRING_set0(ret->base, buffer, len); @@ -474,7 +472,7 @@ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group, if (ret == NULL) { if ((ret = ECPKPARAMETERS_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); return NULL; } } else { @@ -580,7 +578,7 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) } if ((p = BN_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -698,10 +696,8 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) goto err; } OPENSSL_free(ret->seed); - if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL) goto err; - } memcpy(ret->seed, params->curve->seed->data, params->curve->seed->length); ret->seed_len = params->curve->seed->length; @@ -945,7 +941,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) if (a == NULL || *a == NULL) { if ((ret = EC_KEY_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } else @@ -1033,7 +1029,7 @@ int i2d_ECPrivateKey(const EC_KEY *a, unsigned char **out) } if ((priv_key = EC_PRIVATEKEY_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -1061,7 +1057,7 @@ int i2d_ECPrivateKey(const EC_KEY *a, unsigned char **out) if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) { priv_key->publicKey = ASN1_BIT_STRING_new(); if (priv_key->publicKey == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_ASN1_LIB); goto err; } @@ -1109,7 +1105,7 @@ EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len) if (a == NULL || *a == NULL) { if ((ret = EC_KEY_new()) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); return NULL; } } else @@ -1173,10 +1169,8 @@ int i2o_ECPublicKey(const EC_KEY *a, unsigned char **out) return buf_len; if (*out == NULL) { - if ((*out = OPENSSL_malloc(buf_len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((*out = OPENSSL_malloc(buf_len)) == NULL) return 0; - } new_buffer = 1; } if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form, @@ -1201,8 +1195,7 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_name(ECDSA_SIG, ECDSA_SIG) ECDSA_SIG *ECDSA_SIG_new(void) { ECDSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig)); - if (sig == NULL) - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + return sig; } diff --git a/crypto/ec/ec_backend.c b/crypto/ec/ec_backend.c index 62cc134ffd..60e88de488 100644 --- a/crypto/ec/ec_backend.c +++ b/crypto/ec/ec_backend.c @@ -190,7 +190,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, BIGNUM *b = BN_CTX_get(bnctx); if (b == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -201,7 +201,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (!ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_P, p) || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_A, a) || !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_B, b)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -216,7 +216,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, } if (!ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_ORDER, order)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -226,7 +226,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (!ossl_param_build_set_utf8_string(tmpl, params, OSSL_PKEY_PARAM_EC_FIELD_TYPE, field_type)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -249,7 +249,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (!ossl_param_build_set_octet_string(tmpl, params, OSSL_PKEY_PARAM_EC_GENERATOR, *genbuf, genbuf_len)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -261,7 +261,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, if (cofactor != NULL && !ossl_param_build_set_bn(tmpl, params, OSSL_PKEY_PARAM_EC_COFACTOR, cofactor)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -276,7 +276,7 @@ static int ec_group_explicit_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, && !ossl_param_build_set_octet_string(tmpl, params, OSSL_PKEY_PARAM_EC_SEED, seed, seed_len)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } } @@ -773,7 +773,7 @@ EC_KEY *ossl_ec_key_param_from_x509_algor(const X509_ALGOR *palg, X509_ALGOR_get0(NULL, &ptype, &pval, palg); if ((eckey = EC_KEY_new_ex(libctx, propq)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto ecerr; } diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c index 484124915d..9ed94b328c 100644 --- a/crypto/ec/ec_check.c +++ b/crypto/ec/ec_check.c @@ -30,7 +30,7 @@ int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only, if (ctx == NULL) { ctx = new_ctx = BN_CTX_new_ex(NULL); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return NID_undef; } } @@ -69,7 +69,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } } diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index b5b2f3342d..2bf6522e84 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3151,7 +3151,7 @@ static EC_GROUP *ec_group_new_from_data(OSSL_LIB_CTX *libctx, curve.meth != NULL ? curve.meth() : NULL); if ((ctx = BN_CTX_new_ex(libctx)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } diff --git a/crypto/ec/ec_deprecated.c b/crypto/ec/ec_deprecated.c index 22ddb3660c..905b560638 100644 --- a/crypto/ec/ec_deprecated.c +++ b/crypto/ec/ec_deprecated.c @@ -47,10 +47,8 @@ EC_POINT *EC_POINT_bn2point(const EC_GROUP *group, if ((buf_len = BN_num_bytes(bn)) == 0) buf_len = 1; - if ((buf = OPENSSL_malloc(buf_len)) == NULL) { - ECerr(EC_F_EC_POINT_BN2POINT, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(buf_len)) == NULL) return NULL; - } if (BN_bn2binpad(bn, buf, buf_len) < 0) { OPENSSL_free(buf); diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 44bac9afa7..4d0faa64c7 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -992,7 +992,7 @@ int ossl_ec_key_simple_oct2priv(EC_KEY *eckey, const unsigned char *buf, if (eckey->priv_key == NULL) eckey->priv_key = BN_secure_new(); if (eckey->priv_key == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return 0; } if (BN_bin2bn(buf, len, eckey->priv_key) == NULL) { @@ -1011,10 +1011,8 @@ size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf) len = EC_KEY_priv2oct(eckey, NULL, 0); if (len == 0) return 0; - if ((buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(len)) == NULL) return 0; - } len = EC_KEY_priv2oct(eckey, buf, len); if (len == 0) { OPENSSL_free(buf); diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c index 8c011635cb..eca531d2b3 100644 --- a/crypto/ec/ec_kmeth.c +++ b/crypto/ec/ec_kmeth.c @@ -83,24 +83,20 @@ EC_KEY *ossl_ec_key_new_method_int(OSSL_LIB_CTX *libctx, const char *propq, { EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->libctx = libctx; if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); - if (ret->propq == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret->propq == NULL) goto err; - } } ret->references = 1; ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } @@ -129,6 +125,7 @@ EC_KEY *ossl_ec_key_new_method_int(OSSL_LIB_CTX *libctx, const char *propq, /* No ex_data inside the FIPS provider */ #ifndef FIPS_MODULE if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) { + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); goto err; } #endif diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index a84e088c19..2e7139cbdd 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -40,18 +40,14 @@ EC_GROUP *ossl_ec_group_new_ex(OSSL_LIB_CTX *libctx, const char *propq, } ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->libctx = libctx; if (propq != NULL) { ret->propq = OPENSSL_strdup(propq); - if (ret->propq == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret->propq == NULL) goto err; - } } ret->meth = meth; if ((ret->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) { @@ -246,10 +242,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) if (src->seed) { OPENSSL_free(dest->seed); - if ((dest->seed = OPENSSL_malloc(src->seed_len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((dest->seed = OPENSSL_malloc(src->seed_len)) == NULL) return 0; - } if (!memcpy(dest->seed, src->seed, src->seed_len)) return 0; dest->seed_len = src->seed_len; @@ -532,10 +526,8 @@ size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len) if (!len || !p) return 1; - if ((group->seed = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((group->seed = OPENSSL_malloc(len)) == NULL) return 0; - } memcpy(group->seed, p, len); group->seed_len = len; @@ -726,10 +718,8 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) } ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } ret->meth = group->meth; ret->curve_name = group->curve_name; @@ -1582,7 +1572,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], /* If it gets here then we are trying explicit parameters */ bnctx = BN_CTX_new_ex(libctx); if (bnctx == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return 0; } BN_CTX_start(bnctx); @@ -1592,7 +1582,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], b = BN_CTX_get(bnctx); order = BN_CTX_get(bnctx); if (order == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index c6ec2964b7..a913c1e786 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -56,10 +56,8 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) return NULL; ret = OPENSSL_zalloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return ret; - } ret->group = group; ret->blocksize = 8; /* default */ @@ -68,7 +66,7 @@ static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group) ret->lock = CRYPTO_THREAD_lock_new(); if (ret->lock == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_CRYPTO_LIB); OPENSSL_free(ret); return NULL; } @@ -171,7 +169,7 @@ int ossl_ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r, if (((p = EC_POINT_new(group)) == NULL) || ((s = EC_POINT_new(group)) == NULL)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -195,7 +193,7 @@ int ossl_ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r, lambda = BN_CTX_get(ctx); k = BN_CTX_get(ctx); if (k == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -520,10 +518,8 @@ int ossl_ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (wNAF != NULL) wNAF[0] = NULL; /* preliminary pivot */ - if (wsize == NULL || wNAF_len == NULL || wNAF == NULL || val_sub == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (wsize == NULL || wNAF_len == NULL || wNAF == NULL || val_sub == NULL) goto err; - } /* * num_val will be the total number of temporarily precomputed points @@ -633,7 +629,6 @@ int ossl_ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, wNAF[i + 1] = NULL; wNAF[i] = OPENSSL_malloc(wNAF_len[i]); if (wNAF[i] == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); OPENSSL_free(tmp_wNAF); goto err; } @@ -661,10 +656,8 @@ int ossl_ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, * subarray of 'pre_comp->points' if we already have precomputation. */ val = OPENSSL_malloc((num_val + 1) * sizeof(val[0])); - if (val == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (val == NULL) goto err; - } val[num_val] = NULL; /* pivot element */ /* allocate points for precomputation */ @@ -893,23 +886,21 @@ int ossl_ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) * and store */ points = OPENSSL_malloc(sizeof(*points) * (num + 1)); - if (points == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (points == NULL) goto err; - } var = points; var[num] = NULL; /* pivot */ for (i = 0; i < num; i++) { if ((var[i] = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } } if ((tmp_point = EC_POINT_new(group)) == NULL || (base = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } diff --git a/crypto/ec/ec_oct.c b/crypto/ec/ec_oct.c index 790a0b2907..0ad3394c82 100644 --- a/crypto/ec/ec_oct.c +++ b/crypto/ec/ec_oct.c @@ -140,10 +140,8 @@ size_t EC_POINT_point2buf(const EC_GROUP *group, const EC_POINT *point, len = EC_POINT_point2oct(group, point, form, NULL, 0, NULL); if (len == 0) return 0; - if ((buf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(len)) == NULL) return 0; - } len = EC_POINT_point2oct(group, point, form, buf, len, ctx); if (len == 0) { OPENSSL_free(buf); diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 19e2f0d0c0..716b1860bb 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -48,10 +48,8 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx) { EC_PKEY_CTX *dctx; - if ((dctx = OPENSSL_zalloc(sizeof(*dctx))) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((dctx = OPENSSL_zalloc(sizeof(*dctx))) == NULL) return 0; - } dctx->cofactor_mode = -1; dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE; @@ -229,10 +227,8 @@ static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx, return 0; if (!pkey_ec_derive(ctx, NULL, &ktmplen)) return 0; - if ((ktmp = OPENSSL_malloc(ktmplen)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((ktmp = OPENSSL_malloc(ktmplen)) == NULL) return 0; - } if (!pkey_ec_derive(ctx, ktmp, &ktmplen)) goto err; /* Do KDF stuff */ diff --git a/crypto/ec/ecdh_ossl.c b/crypto/ec/ecdh_ossl.c index 8016c6d7ad..41f7e39046 100644 --- a/crypto/ec/ecdh_ossl.c +++ b/crypto/ec/ecdh_ossl.c @@ -63,7 +63,7 @@ int ossl_ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen, BN_CTX_start(ctx); x = BN_CTX_get(ctx); if (x == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } @@ -80,16 +80,19 @@ int ossl_ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen, * * peer_public_key. */ if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) { - if (!EC_GROUP_get_cofactor(group, x, NULL) || - !BN_mul(x, x, priv_key, ctx)) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if (!EC_GROUP_get_cofactor(group, x, NULL)) { + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); + goto err; + } + if (!BN_mul(x, x, priv_key, ctx)) { + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } priv_key = x; } if ((tmp = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); goto err; } @@ -118,10 +121,8 @@ int ossl_ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen, ERR_raise(ERR_LIB_EC, ERR_R_INTERNAL_ERROR); goto err; } - if ((buf = OPENSSL_malloc(buflen)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + if ((buf = OPENSSL_malloc(buflen)) == NULL) goto err; - } memset(buf, 0, buflen - len); if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) { diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index fe9b3cf593..96dab38adf 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -100,7 +100,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, if ((ctx = ctx_in) == NULL) { if ((ctx = BN_CTX_new_ex(eckey->libctx)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); return 0; } } @@ -109,7 +109,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, r = BN_new(); /* this value is later returned in *rp */ X = BN_new(); if (k == NULL || r == NULL || X == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); goto err; } if ((tmp_point = EC_POINT_new(group)) == NULL) { @@ -221,20 +221,20 @@ ECDSA_ |