Commit 3484236d authored by FdaSilvaYY's avatar FdaSilvaYY Committed by Dr. Matthias St. Pierre
Browse files

EVP,KDF: Add more error code along some return 0 in ... 


methods :
 - EVP_PBE_scrypt
 - EVP_PKEY_meth_add0
 - EVP_PKEY_meth_new
 - EVP_PKEY_CTX_dup

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarBernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5783)
parent 88b8d83e

crypto/err/openssl.txt

+5 −0
Original line number Diff line number Diff line
@@ -702,6 +702,8 @@ EVP_F_EVP_PKEY_GET0_RSA:121:EVP_PKEY_get0_RSA 
EVP_F_EVP_PKEY_GET0_SIPHASH:172:EVP_PKEY_get0_siphash

EVP_F_EVP_PKEY_KEYGEN:146:EVP_PKEY_keygen

EVP_F_EVP_PKEY_KEYGEN_INIT:147:EVP_PKEY_keygen_init

EVP_F_EVP_PKEY_METH_ADD0:194:EVP_PKEY_meth_add0

EVP_F_EVP_PKEY_METH_NEW:195:EVP_PKEY_meth_new

EVP_F_EVP_PKEY_NEW:106:EVP_PKEY_new

EVP_F_EVP_PKEY_NEW_CMAC_KEY:193:EVP_PKEY_new_CMAC_key

EVP_F_EVP_PKEY_NEW_RAW_PRIVATE_KEY:191:EVP_PKEY_new_raw_private_key
@@ -733,6 +735,8 @@ KDF_F_PKEY_HKDF_DERIVE:102:pkey_hkdf_derive 
KDF_F_PKEY_SCRYPT_CTRL_STR:104:pkey_scrypt_ctrl_str

KDF_F_PKEY_SCRYPT_CTRL_UINT64:105:pkey_scrypt_ctrl_uint64

KDF_F_PKEY_SCRYPT_DERIVE:109:pkey_scrypt_derive

KDF_F_PKEY_SCRYPT_INIT:106:pkey_scrypt_init

KDF_F_PKEY_SCRYPT_SET_MEMBUF:107:pkey_scrypt_set_membuf

KDF_F_PKEY_TLS1_PRF_CTRL_STR:100:pkey_tls1_prf_ctrl_str

KDF_F_PKEY_TLS1_PRF_DERIVE:101:pkey_tls1_prf_derive

OBJ_F_OBJ_ADD_OBJECT:105:OBJ_add_object
@@ -2109,6 +2113,7 @@ EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE:150:\ 
	operation not supported for this keytype

EVP_R_OPERATON_NOT_INITIALIZED:151:operaton not initialized

EVP_R_PARTIALLY_OVERLAPPING:162:partially overlapping buffers

EVP_R_PBKDF2_ERROR:181:pbkdf2 error

EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED:179:\

	pkey application asn1 method already registered

EVP_R_PRIVATE_KEY_DECODE_ERROR:145:private key decode error

crypto/evp/evp_err.c

+3 −0
Original line number Diff line number Diff line
@@ -92,6 +92,8 @@ static const ERR_STRING_DATA EVP_str_functs[] = { 
    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_KEYGEN, 0), "EVP_PKEY_keygen"},

    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_KEYGEN_INIT, 0),

     "EVP_PKEY_keygen_init"},

    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_METH_ADD0, 0), "EVP_PKEY_meth_add0"},

    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_METH_NEW, 0), "EVP_PKEY_meth_new"},

    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW, 0), "EVP_PKEY_new"},

    {ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_NEW_CMAC_KEY, 0),

     "EVP_PKEY_new_CMAC_key"},
@@ -212,6 +214,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = { 
    "operaton not initialized"},

    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PARTIALLY_OVERLAPPING),

    "partially overlapping buffers"},

    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PBKDF2_ERROR), "pbkdf2 error"},

    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED),

    "pkey application asn1 method already registered"},

    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_PRIVATE_KEY_DECODE_ERROR),

crypto/evp/pbe_scrypt.c

+18 −5
Original line number Diff line number Diff line
@@ -170,8 +170,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, 
    if (r == 0 || p == 0 || N < 2 || (N & (N - 1)))

        return 0;

    /* Check p * r < SCRYPT_PR_MAX avoiding overflow */

    if (p > SCRYPT_PR_MAX / r)

    if (p > SCRYPT_PR_MAX / r) {

        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);

        return 0;

    }



    /*

     * Need to check N: if 2^(128 * r / 8) overflows limit this is
@@ -179,9 +181,11 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, 
     */



    if (16 * r <= LOG2_UINT64_MAX) {

        if (N >= (((uint64_t)1) << (16 * r)))

        if (N >= (((uint64_t)1) << (16 * r))) {

            EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);

            return 0;

        }

    }



    /* Memory checks: check total allocated buffer size fits in uint64_t */
@@ -205,13 +209,17 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, 
     * This is combined size V, X and T (section 4)

     */

    i = UINT64_MAX / (32 * sizeof(uint32_t));

    if (N + 2 > i / r)

    if (N + 2 > i / r) {

        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);

        return 0;

    }

    Vlen = 32 * r * (N + 2) * sizeof(uint32_t);



    /* check total allocated size fits in uint64_t */

    if (Blen > UINT64_MAX - Vlen)

    if (Blen > UINT64_MAX - Vlen) {

        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);

        return 0;

    }



    if (maxmem == 0)

        maxmem = SCRYPT_MAX_MEM;
@@ -230,8 +238,10 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, 
        return 1;



    B = OPENSSL_malloc((size_t)(Blen + Vlen));

    if (B == NULL)

    if (B == NULL) {

        EVPerr(EVP_F_EVP_PBE_SCRYPT, ERR_R_MALLOC_FAILURE);

        return 0;

    }

    X = (uint32_t *)(B + Blen);

    T = X + 32 * r;

    V = T + 32 * r;
@@ -247,6 +257,9 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, 
        goto err;

    rv = 1;

 err:

    if (rv == 0)

        EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PBKDF2_ERROR);



    OPENSSL_clear_free(B, (size_t)(Blen + Vlen));

    return rv;

}

crypto/evp/pmeth_lib.c

+12 −5
Original line number Diff line number Diff line
@@ -123,7 +123,6 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) 
     * If an ENGINE handled this method look it up. Otherwise use internal

     * tables.

     */



    if (e)

        pmeth = ENGINE_get_pkey_meth(e, id);

    else
@@ -169,8 +168,10 @@ EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags) 
    EVP_PKEY_METHOD *pmeth;



    pmeth = OPENSSL_zalloc(sizeof(*pmeth));

    if (pmeth == NULL)

    if (pmeth == NULL) {

        EVPerr(EVP_F_EVP_PKEY_METH_NEW, ERR_R_MALLOC_FAILURE);

        return NULL;

    }



    pmeth->pkey_id = id;

    pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
@@ -258,8 +259,10 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx) 
    }

#endif

    rctx = OPENSSL_malloc(sizeof(*rctx));

    if (rctx == NULL)

    if (rctx == NULL) {

        EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_MALLOC_FAILURE);

        return NULL;

    }



    rctx->pmeth = pctx->pmeth;

#ifndef OPENSSL_NO_ENGINE
@@ -293,11 +296,15 @@ int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth) 
{

    if (app_pkey_methods == NULL) {

        app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);

        if (app_pkey_methods == NULL)

        if (app_pkey_methods == NULL){

            EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);

            return 0;

        }

    if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))

    }

    if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth)) {

        EVPerr(EVP_F_EVP_PKEY_METH_ADD0, ERR_R_MALLOC_FAILURE);

        return 0;

    }

    sk_EVP_PKEY_METHOD_sort(app_pkey_methods);

    return 1;

}

crypto/kdf/kdf_err.c

+4 −1
Original line number Diff line number Diff line 
/*

 * Generated by util/mkerr.pl DO NOT EDIT

 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.

 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.

 *

 * Licensed under the OpenSSL license (the "License").  You may not use

 * this file except in compliance with the License.  You can obtain a copy
@@ -21,6 +21,9 @@ static const ERR_STRING_DATA KDF_str_functs[] = { 
    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_CTRL_UINT64, 0),

     "pkey_scrypt_ctrl_uint64"},

    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_DERIVE, 0), "pkey_scrypt_derive"},

    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_INIT, 0), "pkey_scrypt_init"},

    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_SCRYPT_SET_MEMBUF, 0),

     "pkey_scrypt_set_membuf"},

    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_CTRL_STR, 0),

     "pkey_tls1_prf_ctrl_str"},

    {ERR_PACK(ERR_LIB_KDF, KDF_F_PKEY_TLS1_PRF_DERIVE, 0),