diff options
author | Bob Beck <beck@cvs.openbsd.org> | 2017-01-29 17:49:24 +0000 |
---|---|---|
committer | Bob Beck <beck@cvs.openbsd.org> | 2017-01-29 17:49:24 +0000 |
commit | c95f3b2c0c39020aafaffd84899a33ece0210769 (patch) | |
tree | 6d6e55f6c8b4047319196f43823ad30170dfe061 /lib/libcrypto/rsa/rsa_eay.c | |
parent | b8dd3a8e12bfab2c15794994bc5bdc1397125536 (diff) |
Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@
Diffstat (limited to 'lib/libcrypto/rsa/rsa_eay.c')
-rw-r--r-- | lib/libcrypto/rsa/rsa_eay.c | 72 |
1 files changed, 28 insertions, 44 deletions
diff --git a/lib/libcrypto/rsa/rsa_eay.c b/lib/libcrypto/rsa/rsa_eay.c index c4da147ddfb..90a3be8dd33 100644 --- a/lib/libcrypto/rsa/rsa_eay.c +++ b/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.45 2017/01/21 10:38:29 beck Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.46 2017/01/29 17:49:23 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -160,19 +160,19 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, BN_CTX *ctx = NULL; if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE); + RSAerror(RSA_R_MODULUS_TOO_LARGE); return -1; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + RSAerror(RSA_R_BAD_E_VALUE); return -1; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) { if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE); + RSAerror(RSA_R_BAD_E_VALUE); return -1; } } @@ -187,7 +187,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, buf = malloc(num); if (f == NULL || ret == NULL || buf == NULL) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE); + RSAerror(ERR_R_MALLOC_FAILURE); goto err; } @@ -207,8 +207,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, i = RSA_padding_add_none(buf, num, from, flen); break; default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, - RSA_R_UNKNOWN_PADDING_TYPE); + RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (i <= 0) @@ -219,8 +218,7 @@ RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, - RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -374,7 +372,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, buf = malloc(num); if (f == NULL || ret == NULL || buf == NULL) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE); + RSAerror(ERR_R_MALLOC_FAILURE); goto err; } @@ -390,8 +388,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, break; case RSA_SSLV23_PADDING: default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, - RSA_R_UNKNOWN_PADDING_TYPE); + RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (i <= 0) @@ -402,24 +399,21 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, - RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, - ERR_R_INTERNAL_ERROR); + RSAerror(ERR_R_INTERNAL_ERROR); goto err; } } if (blinding != NULL) { if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, - ERR_R_MALLOC_FAILURE); + RSAerror(ERR_R_MALLOC_FAILURE); goto err; } if (!rsa_blinding_convert(blinding, f, unblind, ctx)) @@ -509,15 +503,14 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, buf = malloc(num); if (!f || !ret || !buf) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_MALLOC_FAILURE); + RSAerror(ERR_R_MALLOC_FAILURE); goto err; } /* This check was for equality but PGP does evil things * and chops off the top '0' bytes */ if (flen > num) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, - RSA_R_DATA_GREATER_THAN_MOD_LEN); + RSAerror(RSA_R_DATA_GREATER_THAN_MOD_LEN); goto err; } @@ -526,24 +519,21 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, goto err; if (BN_ucmp(f, rsa->n) >= 0) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, - RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, - ERR_R_INTERNAL_ERROR); + RSAerror(ERR_R_INTERNAL_ERROR); goto err; } } if (blinding != NULL) { if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, - ERR_R_MALLOC_FAILURE); + RSAerror(ERR_R_MALLOC_FAILURE); goto err; } if (!rsa_blinding_convert(blinding, f, unblind, ctx)) @@ -596,13 +586,11 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, r = RSA_padding_check_none(to, num, buf, j, num); break; default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, - RSA_R_UNKNOWN_PADDING_TYPE); + RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, - RSA_R_PADDING_CHECK_FAILED); + RSAerror(RSA_R_PADDING_CHECK_FAILED); err: if (ctx != NULL) { @@ -628,19 +616,19 @@ RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, BN_CTX *ctx = NULL; if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE); + RSAerror(RSA_R_MODULUS_TOO_LARGE); return -1; } if (BN_ucmp(rsa->n, rsa->e) <= 0) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + RSAerror(RSA_R_BAD_E_VALUE); return -1; } /* for large moduli, enforce exponent limit */ if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) { if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE); + RSAerror(RSA_R_BAD_E_VALUE); return -1; } } @@ -655,15 +643,14 @@ RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, buf = malloc(num); if (!f || !ret || !buf) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, ERR_R_MALLOC_FAILURE); + RSAerror(ERR_R_MALLOC_FAILURE); goto err; } /* This check was for equality but PGP does evil things * and chops off the top '0' bytes */ if (flen > num) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, - RSA_R_DATA_GREATER_THAN_MOD_LEN); + RSAerror(RSA_R_DATA_GREATER_THAN_MOD_LEN); goto err; } @@ -671,8 +658,7 @@ RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, goto err; if (BN_ucmp(f, rsa->n) >= 0) { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, - RSA_R_DATA_TOO_LARGE_FOR_MODULUS); + RSAerror(RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; } @@ -703,13 +689,11 @@ RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, r = RSA_padding_check_none(to, num, buf, i, num); break; default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, - RSA_R_UNKNOWN_PADDING_TYPE); + RSAerror(RSA_R_UNKNOWN_PADDING_TYPE); goto err; } if (r < 0) - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, - RSA_R_PADDING_CHECK_FAILED); + RSAerror(RSA_R_PADDING_CHECK_FAILED); err: if (ctx != NULL) { @@ -735,7 +719,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) m1 = BN_CTX_get(ctx); vrfy = BN_CTX_get(ctx); if (r1 == NULL || m1 == NULL || vrfy == NULL) { - RSAerr(RSA_F_RSA_EAY_MOD_EXP, ERR_R_MALLOC_FAILURE); + RSAerror(ERR_R_MALLOC_FAILURE); goto err; } |