From e077455e9e57ed4ee4676996b4a9aa11df6327a6 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 29 Sep 2022 13:57:34 +0200 Subject: Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/19301) --- providers/common/provider_util.c | 4 +--- providers/implementations/asymciphers/rsa_enc.c | 8 ++------ providers/implementations/ciphers/cipher_aes.c | 4 +--- .../implementations/ciphers/cipher_aes_gcm_siv.c | 8 ++------ providers/implementations/ciphers/cipher_aes_ocb.c | 4 +--- providers/implementations/ciphers/cipher_aes_siv.c | 4 +--- providers/implementations/ciphers/cipher_aes_xts.c | 4 +--- providers/implementations/ciphers/cipher_aria.c | 4 +--- .../implementations/ciphers/cipher_blowfish.c | 4 +--- .../implementations/ciphers/cipher_camellia.c | 4 +--- providers/implementations/ciphers/cipher_cast5.c | 4 +--- providers/implementations/ciphers/cipher_des.c | 4 +--- providers/implementations/ciphers/cipher_idea.c | 4 +--- providers/implementations/ciphers/cipher_rc2.c | 8 +++----- providers/implementations/ciphers/cipher_rc4.c | 4 +--- providers/implementations/ciphers/cipher_rc5.c | 4 +--- providers/implementations/ciphers/cipher_seed.c | 4 +--- providers/implementations/ciphers/cipher_sm4.c | 4 +--- .../implementations/ciphers/cipher_tdes_common.c | 4 +--- .../encode_decode/decode_msblob2key.c | 4 +--- .../implementations/encode_decode/encode_key2any.c | 24 ++++++++++------------ .../encode_decode/encode_key2text.c | 2 +- providers/implementations/exchange/dh_exch.c | 4 +--- providers/implementations/exchange/ecdh_exch.c | 6 ++---- providers/implementations/exchange/ecx_exch.c | 8 ++------ providers/implementations/kdfs/hkdf.c | 4 +--- providers/implementations/kdfs/kbkdf.c | 4 +--- providers/implementations/kdfs/krb5kdf.c | 4 +--- providers/implementations/kdfs/pbkdf1.c | 10 +++------ providers/implementations/kdfs/pbkdf2.c | 8 ++------ providers/implementations/kdfs/pkcs12kdf.c | 14 ++++--------- providers/implementations/kdfs/pvkkdf.c | 8 ++------ providers/implementations/kdfs/scrypt.c | 16 ++++----------- providers/implementations/kdfs/sshkdf.c | 4 +--- providers/implementations/kdfs/sskdf.c | 9 +++----- providers/implementations/kdfs/tls1_prf.c | 11 +++------- providers/implementations/kdfs/x942kdf.c | 4 +--- providers/implementations/keymgmt/ec_kmgmt.c | 1 - providers/implementations/keymgmt/ecx_kmgmt.c | 24 ++++++++++------------ .../implementations/keymgmt/mac_legacy_kmgmt.c | 14 ++++--------- providers/implementations/macs/kmac_prov.c | 4 +--- providers/implementations/rands/drbg.c | 8 ++------ providers/implementations/rands/drbg_ctr.c | 12 ++++------- providers/implementations/rands/drbg_hash.c | 4 +--- providers/implementations/rands/drbg_hmac.c | 4 +--- providers/implementations/rands/seed_src.c | 10 +++------ providers/implementations/signature/dsa_sig.c | 1 - providers/implementations/signature/ecdsa_sig.c | 1 - providers/implementations/signature/eddsa_sig.c | 4 +--- .../implementations/signature/mac_legacy_sig.c | 4 +--- providers/implementations/signature/rsa_sig.c | 13 ++++-------- providers/implementations/signature/sm2_sig.c | 1 - providers/implementations/storemgmt/file_store.c | 10 ++++----- .../implementations/storemgmt/file_store_any2obj.c | 8 ++++---- .../implementations/storemgmt/winstore_store.c | 2 +- 55 files changed, 109 insertions(+), 248 deletions(-) (limited to 'providers') diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index f9a9dbef3c..2d8cba2ac9 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -357,10 +357,8 @@ int ossl_prov_memdup(const void *src, size_t src_len, unsigned char **dest, size_t *dest_len) { if (src != NULL) { - if ((*dest = OPENSSL_memdup(src, src_len)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*dest = OPENSSL_memdup(src, src_len)) == NULL) return 0; - } *dest_len = src_len; } else { *dest = NULL; diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index ce5ddff651..36c03403fb 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -156,10 +156,8 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, int rsasize = RSA_size(prsactx->rsa); unsigned char *tbuf; - if ((tbuf = OPENSSL_malloc(rsasize)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((tbuf = OPENSSL_malloc(rsasize)) == NULL) return 0; - } if (prsactx->oaep_md == NULL) { OPENSSL_free(tbuf); prsactx->oaep_md = EVP_MD_fetch(prsactx->libctx, "SHA-1", NULL); @@ -231,10 +229,8 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, || prsactx->pad_mode == RSA_PKCS1_WITH_TLS_PADDING) { unsigned char *tbuf; - if ((tbuf = OPENSSL_malloc(len)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((tbuf = OPENSSL_malloc(len)) == NULL) return 0; - } ret = RSA_private_decrypt(inlen, in, tbuf, prsactx->rsa, RSA_NO_PADDING); /* diff --git a/providers/implementations/ciphers/cipher_aes.c b/providers/implementations/ciphers/cipher_aes.c index 2f469c131a..280be2dddc 100644 --- a/providers/implementations/ciphers/cipher_aes.c +++ b/providers/implementations/ciphers/cipher_aes.c @@ -40,10 +40,8 @@ static void *aes_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_aes_gcm_siv.c b/providers/implementations/ciphers/cipher_aes_gcm_siv.c index 93e65d530e..7bca9b3bd1 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_siv.c +++ b/providers/implementations/ciphers/cipher_aes_gcm_siv.c @@ -65,19 +65,15 @@ static void *ossl_aes_gcm_siv_dupctx(void *vctx) return NULL; ret = OPENSSL_memdup(in, sizeof(*in)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } /* NULL-out these things we create later */ ret->aad = NULL; ret->ecb_ctx = NULL; if (in->aad == NULL) { - if ((ret->aad = OPENSSL_memdup(in->aad, UP16(ret->aad_len))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ret->aad = OPENSSL_memdup(in->aad, UP16(ret->aad_len))) == NULL) goto err; - } } if (!in->hw->dup_ctx(ret, in)) diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index ce377ad574..4f2f6fb430 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -340,10 +340,8 @@ static void *aes_ocb_dupctx(void *vctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; if (!aes_generic_ocb_copy_ctx(ret, in)) { OPENSSL_free(ret); diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c index 45010b90db..9ce91f70ce 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.c +++ b/providers/implementations/ciphers/cipher_aes_siv.c @@ -65,10 +65,8 @@ static void *siv_dupctx(void *vctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } if (!in->hw->dupctx(in, ret)) { OPENSSL_free(ret); ret = NULL; diff --git a/providers/implementations/ciphers/cipher_aes_xts.c b/providers/implementations/ciphers/cipher_aes_xts.c index dce2032986..ecd9f02ac2 100644 --- a/providers/implementations/ciphers/cipher_aes_xts.c +++ b/providers/implementations/ciphers/cipher_aes_xts.c @@ -146,10 +146,8 @@ static void *aes_xts_dupctx(void *vctx) return NULL; } ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; } diff --git a/providers/implementations/ciphers/cipher_aria.c b/providers/implementations/ciphers/cipher_aria.c index be69c39bab..ce4938d44a 100644 --- a/providers/implementations/ciphers/cipher_aria.c +++ b/providers/implementations/ciphers/cipher_aria.c @@ -33,10 +33,8 @@ static void *aria_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_blowfish.c b/providers/implementations/ciphers/cipher_blowfish.c index e3b08ddbe4..9f17f1200d 100644 --- a/providers/implementations/ciphers/cipher_blowfish.c +++ b/providers/implementations/ciphers/cipher_blowfish.c @@ -41,10 +41,8 @@ static void *blowfish_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_camellia.c b/providers/implementations/ciphers/cipher_camellia.c index b119666aa8..c550af3f83 100644 --- a/providers/implementations/ciphers/cipher_camellia.c +++ b/providers/implementations/ciphers/cipher_camellia.c @@ -39,10 +39,8 @@ static void *camellia_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_cast5.c b/providers/implementations/ciphers/cipher_cast5.c index 55081ccbe9..84c88793b0 100644 --- a/providers/implementations/ciphers/cipher_cast5.c +++ b/providers/implementations/ciphers/cipher_cast5.c @@ -42,10 +42,8 @@ static void *cast5_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index c6d13466f7..6acfa05119 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -53,10 +53,8 @@ static void *des_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_idea.c b/providers/implementations/ciphers/cipher_idea.c index bc716290a4..c69c6ac092 100644 --- a/providers/implementations/ciphers/cipher_idea.c +++ b/providers/implementations/ciphers/cipher_idea.c @@ -40,10 +40,8 @@ static void *idea_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_rc2.c b/providers/implementations/ciphers/cipher_rc2.c index 106f47e866..388613c548 100644 --- a/providers/implementations/ciphers/cipher_rc2.c +++ b/providers/implementations/ciphers/cipher_rc2.c @@ -50,10 +50,8 @@ static void *rc2_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; @@ -130,7 +128,7 @@ static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 0; } if ((type = ASN1_TYPE_new()) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } @@ -139,7 +137,7 @@ static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[]) if (!ASN1_TYPE_set_int_octetstring(type, num, ctx->base.iv, ctx->base.ivlen)) { ASN1_TYPE_free(type); - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } /* diff --git a/providers/implementations/ciphers/cipher_rc4.c b/providers/implementations/ciphers/cipher_rc4.c index a548beafaf..95f075076c 100644 --- a/providers/implementations/ciphers/cipher_rc4.c +++ b/providers/implementations/ciphers/cipher_rc4.c @@ -43,10 +43,8 @@ static void *rc4_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_rc5.c b/providers/implementations/ciphers/cipher_rc5.c index 5c7d2b1721..54fd4fba03 100644 --- a/providers/implementations/ciphers/cipher_rc5.c +++ b/providers/implementations/ciphers/cipher_rc5.c @@ -47,10 +47,8 @@ static void *rc5_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_seed.c b/providers/implementations/ciphers/cipher_seed.c index bae6a8e530..3644cb5e22 100644 --- a/providers/implementations/ciphers/cipher_seed.c +++ b/providers/implementations/ciphers/cipher_seed.c @@ -39,10 +39,8 @@ static void *seed_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } *ret = *in; return ret; diff --git a/providers/implementations/ciphers/cipher_sm4.c b/providers/implementations/ciphers/cipher_sm4.c index 6cf2731c6d..863c9997f5 100644 --- a/providers/implementations/ciphers/cipher_sm4.c +++ b/providers/implementations/ciphers/cipher_sm4.c @@ -33,10 +33,8 @@ static void *sm4_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index 346aec05a1..2e611df901 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -44,10 +44,8 @@ void *ossl_tdes_dupctx(void *ctx) return NULL; ret = OPENSSL_malloc(sizeof(*ret)); - if (ret == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ret == NULL) return NULL; - } in->base.hw->copyctx(&ret->base, &in->base); return ret; diff --git a/providers/implementations/encode_decode/decode_msblob2key.c b/providers/implementations/encode_decode/decode_msblob2key.c index 501957faba..fe4ea77b3a 100644 --- a/providers/implementations/encode_decode/decode_msblob2key.c +++ b/providers/implementations/encode_decode/decode_msblob2key.c @@ -120,10 +120,8 @@ static int msblob2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection, goto next; } buf = OPENSSL_malloc(length); - if (buf == NULL) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + if (buf == NULL) goto end; - } p = buf; if (BIO_read(in, buf, length) != (int)length) { ERR_raise(ERR_LIB_PEM, PEM_R_KEYBLOB_TOO_SHORT); diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index 246826749f..bd79228a4c 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -91,7 +91,7 @@ static PKCS8_PRIV_KEY_INFO *key_to_p8info(const void *key, int key_nid, || (derlen = k2d(key, &der)) <= 0 || !PKCS8_pkey_set0(p8info, OBJ_nid2obj(key_nid), 0, params_type, params, der, derlen)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); PKCS8_PRIV_KEY_INFO_free(p8info); OPENSSL_free(der); p8info = NULL; @@ -154,7 +154,7 @@ static X509_PUBKEY *key_to_pubkey(const void *key, int key_nid, || (derlen = k2d(key, &der)) <= 0 || !X509_PUBKEY_set0_param(xpk, OBJ_nid2obj(key_nid), params_type, params, der, derlen)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_X509_LIB); X509_PUBKEY_free(xpk); OPENSSL_free(der); xpk = NULL; @@ -380,7 +380,7 @@ static int key_to_type_specific_der_bio(BIO *out, const void *key, int ret; if ((derlen = k2d(key, &der)) <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return 0; } @@ -446,7 +446,7 @@ static int prepare_dh_params(const void *dh, int nid, int save, ASN1_STRING *params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } @@ -456,7 +456,7 @@ static int prepare_dh_params(const void *dh, int nid, int save, params->length = i2d_DHparams(dh, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); ASN1_STRING_free(params); return 0; } @@ -550,14 +550,14 @@ static int encode_dsa_params(const void *dsa, int nid, ASN1_STRING *params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } params->length = i2d_DSAparams(dsa, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); ASN1_STRING_free(params); return 0; } @@ -645,13 +645,13 @@ static int prepare_ec_explicit_params(const void *eckey, ASN1_STRING *params = ASN1_STRING_new(); if (params == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } params->length = i2d_ECParameters(eckey, ¶ms->data); if (params->length <= 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); ASN1_STRING_free(params); return 0; } @@ -762,10 +762,8 @@ static int ecx_spki_pub_to_der(const void *vecxkey, unsigned char **pder) } keyblob = OPENSSL_memdup(ecxkey->pubkey, ecxkey->keylen); - if (keyblob == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (keyblob == NULL) return 0; - } *pder = keyblob; return ecxkey->keylen; @@ -788,7 +786,7 @@ static int ecx_pki_priv_to_der(const void *vecxkey, unsigned char **pder) keybloblen = i2d_ASN1_OCTET_STRING(&oct, pder); if (keybloblen < 0) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_ASN1_LIB); return 0; } diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index a92e04a89d..11e45c7fb0 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -664,7 +664,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection) coeffs = sk_BIGNUM_const_new_null(); if (factors == NULL || exps == NULL || coeffs == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_CRYPTO_LIB); goto err; } diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c index ebed25a08f..5d459e1c69 100644 --- a/providers/implementations/exchange/dh_exch.c +++ b/providers/implementations/exchange/dh_exch.c @@ -194,10 +194,8 @@ static int dh_X9_42_kdf_derive(void *vpdhctx, unsigned char *secret, } if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0, 1)) return 0; - if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) return 0; - } if (!dh_plain_derive(pdhctx, stmp, &stmplen, stmplen, 1)) goto err; diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c index af24616eef..53b4249778 100644 --- a/providers/implementations/exchange/ecdh_exch.c +++ b/providers/implementations/exchange/ecdh_exch.c @@ -126,7 +126,7 @@ int ecdh_match_params(const EC_KEY *priv, const EC_KEY *peer) ctx = BN_CTX_new_ex(ossl_ec_key_get_libctx(priv)); if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_BN_LIB); return 0; } ret = group_priv != NULL @@ -524,10 +524,8 @@ int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret, } if (!ecdh_plain_derive(vpecdhctx, NULL, &stmplen, 0)) return 0; - if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) return 0; - } if (!ecdh_plain_derive(vpecdhctx, stmp, &stmplen, stmplen)) goto err; diff --git a/providers/implementations/exchange/ecx_exch.c b/providers/implementations/exchange/ecx_exch.c index 7e223f28c8..374f436c89 100644 --- a/providers/implementations/exchange/ecx_exch.c +++ b/providers/implementations/exchange/ecx_exch.c @@ -46,10 +46,8 @@ static void *ecx_newctx(void *provctx, size_t keylen) return NULL; ctx = OPENSSL_zalloc(sizeof(PROV_ECX_CTX)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->keylen = keylen; @@ -140,10 +138,8 @@ static void *ecx_dupctx(void *vecxctx) return NULL; dstctx = OPENSSL_zalloc(sizeof(*srcctx)); - if (dstctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (dstctx == NULL) return NULL; - } *dstctx = *srcctx; if (dstctx->key != NULL && !ossl_ecx_key_up_ref(dstctx->key)) { diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c index 7e5dd36eae..1293d6fc8a 100644 --- a/providers/implementations/kdfs/hkdf.c +++ b/providers/implementations/kdfs/hkdf.c @@ -94,9 +94,7 @@ static void *kdf_hkdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - else + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) ctx->provctx = provctx; return ctx; } diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c index f29d132e1a..53ddf5890a 100644 --- a/providers/implementations/kdfs/kbkdf.c +++ b/providers/implementations/kdfs/kbkdf.c @@ -115,10 +115,8 @@ static void *kbkdf_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; init(ctx); diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c index 0ad59734f8..b0fabd8ff2 100644 --- a/providers/implementations/kdfs/krb5kdf.c +++ b/providers/implementations/kdfs/krb5kdf.c @@ -64,10 +64,8 @@ static void *krb5kdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } diff --git a/providers/implementations/kdfs/pbkdf1.c b/providers/implementations/kdfs/pbkdf1.c index c43baa8e53..e76ed4b7e1 100644 --- a/providers/implementations/kdfs/pbkdf1.c +++ b/providers/implementations/kdfs/pbkdf1.c @@ -60,7 +60,7 @@ static int kdf_pbkdf1_do_derive(const unsigned char *pass, size_t passlen, ctx = EVP_MD_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto err; } @@ -96,10 +96,8 @@ static void *kdf_pbkdf1_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } @@ -161,10 +159,8 @@ static int kdf_pbkdf1_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index ff6a6d4a21..2506a96f7c 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -72,10 +72,8 @@ static void *kdf_pbkdf2_new_no_init(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } @@ -163,10 +161,8 @@ static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c index f3ade0f8b5..3495556302 100644 --- a/providers/implementations/kdfs/pkcs12kdf.c +++ b/providers/implementations/kdfs/pkcs12kdf.c @@ -60,7 +60,7 @@ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen, ctx = EVP_MD_CTX_new(); if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto end; } vi = EVP_MD_get_block_size(md_type); @@ -81,10 +81,8 @@ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen, Plen = 0; Ilen = Slen + Plen; I = OPENSSL_malloc(Ilen); - if (D == NULL || Ai == NULL || B == NULL || I == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (D == NULL || Ai == NULL || B == NULL || I == NULL) goto end; - } for (i = 0; i < v; i++) D[i] = id; p = I; @@ -144,10 +142,8 @@ static void *kdf_pkcs12_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; return ctx; } @@ -210,10 +206,8 @@ static int pkcs12kdf_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/pvkkdf.c b/providers/implementations/kdfs/pvkkdf.c index e5c964f84a..fde36ca19e 100644 --- a/providers/implementations/kdfs/pvkkdf.c +++ b/providers/implementations/kdfs/pvkkdf.c @@ -45,10 +45,8 @@ static void *kdf_pvk_new(void *provctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->provctx = provctx; kdf_pvk_init(ctx); return ctx; @@ -122,10 +120,8 @@ static int pvk_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c index e914eef992..253efeb16d 100644 --- a/providers/implementations/kdfs/scrypt.c +++ b/providers/implementations/kdfs/scrypt.c @@ -63,10 +63,8 @@ static void *kdf_scrypt_new_inner(OSSL_LIB_CTX *libctx) return NULL; ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx == NULL) return NULL; - } ctx->libctx = libctx; kdf_scrypt_init(ctx); return ctx; @@ -150,10 +148,8 @@ static int scrypt_set_membuf(unsigned char **buffer, size_t *buflen, *buflen = 0; if (p->data_size == 0) { - if ((*buffer = OPENSSL_malloc(1)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((*buffer = OPENSSL_malloc(1)) == NULL) return 0; - } } else if (p->data != NULL) { if (!OSSL_PARAM_get_octet_string(p, (void **)buffer, 0, buflen)) return 0; @@ -179,10 +175,8 @@ static int set_property_query(KDF_SCRYPT *ctx, const char *propq) ctx->propq = NULL; if (propq != NULL) { ctx->propq = OPENSSL_strdup(propq); - if (ctx->propq == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx->propq == NULL) return 0; - } } return 1; } @@ -527,10 +521,8 @@ static int scrypt_alg(const char *pass, size_t passlen, return 1; B = OPENSSL_malloc((size_t)(Blen + Vlen)); - if (B == NULL) { - ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE); + if (B == NULL) return 0; - } X = (uint32_t *)(B + Blen); T = X + 32 * r; V = T + 32 * r; diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index 1afac4e477..67170264fe 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -58,9 +58,7 @@ static void *kdf_sshkdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - else + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) ctx->provctx = provctx; return ctx; } diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index 1038c66dde..378aeb5d30 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -290,9 +290,8 @@ static void *sskdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - ctx->provctx = provctx; + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) + ctx->provctx = provctx; return ctx; } @@ -419,10 +418,8 @@ static int sskdf_derive(void *vctx, unsigned char *key, size_t keylen, /* If no salt is set then use a default_salt of zeros */ if (ctx->salt == NULL || ctx->salt_len <= 0) { ctx->salt = OPENSSL_zalloc(default_salt_len); - if (ctx->salt == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctx->salt == NULL) return 0; - } ctx->salt_len = default_salt_len; } ret = SSKDF_mac_kdm(ctx->macctx, diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index fd46283d3a..8a38073084 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -103,11 +103,8 @@ static void *kdf_tls1_prf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); - return NULL; - } - ctx->provctx = provctx; + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) != NULL) + ctx->provctx = provctx; return ctx; } @@ -414,10 +411,8 @@ static int tls1_prf_alg(EVP_MAC_CTX *mdctx, EVP_MAC_CTX *sha1ctx, seed, seed_len, out, olen)) return 0; - if ((tmp = OPENSSL_malloc(olen)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((tmp = OPENSSL_malloc(olen)) == NULL) return 0; - } if (!tls1_prf_P_hash(sha1ctx, sec + slen - L_S2, L_S2, seed, seed_len, tmp, olen)) { diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c index 51b2ebf26b..5e5bf68d60 100644 --- a/providers/implementations/kdfs/x942kdf.c +++ b/providers/implementations/kdfs/x942kdf.c @@ -335,10 +335,8 @@ static void *x942kdf_new(void *provctx) if (!ossl_prov_is_running()) return NULL; - if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) return NULL; - } ctx->provctx = provctx; ctx->use_keybits = 1; return ctx; diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 3f2653f8ae..ec5c954856 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -1018,7 +1018,6 @@ static void *sm2_gen_init(void *provctx, int selection, return gctx; if ((gctx->group_name = OPENSSL_strdup("sm2")) != NULL) return gctx; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); ec_gen_cleanup(gctx); } return NULL; diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index 32dcc53c0b..351de5a40b 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -384,10 +384,8 @@ static int set_property_query(ECX_KEY *ecxkey, const char *propq) ecxkey->propq = NULL; if (propq != NULL) { ecxkey->propq = OPENSSL_strdup(propq); - if (ecxkey->propq == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ecxkey->propq == NULL) return 0; - } } return 1; } @@ -596,7 +594,7 @@ static void *ecx_gen(struct ecx_gen_ctx *gctx) return NULL; if ((key = ossl_ecx_key_new(gctx->libctx, gctx->type, 0, gctx->propq)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); return NULL; } @@ -605,7 +603,7 @@ static void *ecx_gen(struct ecx_gen_ctx *gctx) return key; if ((privkey = ossl_ecx_key_allocate_privkey(key)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } #ifndef FIPS_MODULE @@ -865,7 +863,7 @@ static void *s390x_ecx_keygen25519(struct ecx_gen_ctx *gctx) unsigned char *privkey = NULL, *pubkey; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -877,7 +875,7 @@ static void *s390x_ecx_keygen25519(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -922,7 +920,7 @@ static void *s390x_ecx_keygen448(struct ecx_gen_ctx *gctx) unsigned char *privkey = NULL, *pubkey; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -934,7 +932,7 @@ static void *s390x_ecx_keygen448(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -985,7 +983,7 @@ static void *s390x_ecd_keygen25519(struct ecx_gen_ctx *gctx) int j; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -997,7 +995,7 @@ static void *s390x_ecd_keygen25519(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -1052,7 +1050,7 @@ static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx) EVP_MD *shake = NULL; if (key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } @@ -1064,7 +1062,7 @@ static void *s390x_ecd_keygen448(struct ecx_gen_ctx *gctx) privkey = ossl_ecx_key_allocate_privkey(key); if (privkey == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EC_LIB); goto err; } diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index fd19289300..4c5b7cc3c4 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -194,10 +194,8 @@ static int mac_key_fromdata(MAC_KEY *key, const OSSL_PARAM params[]) OPENSSL_secure_clear_free(key->priv_key, key->priv_key_len); /* allocate at least one byte to distinguish empty key from no key set */ key->priv_key = OPENSSL_secure_malloc(p->data_size > 0 ? p->data_size : 1); - if (key->priv_key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (key->priv_key == NULL) return 0; - } memcpy(key->priv_key, p->data, p->data_size); key->priv_key_len = p->data_size; } @@ -210,10 +208,8 @@ static int mac_key_fromdata(MAC_KEY *key, const OSSL_PARAM params[]) } OPENSSL_free(key->properties); key->properties = OPENSSL_strdup(p->data); - if (key->properties == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (key->properties == NULL) return 0; - } } if (key->cmac && !ossl_prov_cipher_load_from_params(&key->cipher, params, @@ -429,10 +425,8 @@ static int mac_gen_set_params(void *genctx, const OSSL_PARAM params[]) return 0; } gctx->priv_key = OPENSSL_secure_malloc(p->data_size); - if (gctx->priv_key == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (gctx->priv_key == NULL) return 0; - } memcpy(gctx->priv_key, p->data, p->data_size); gctx->priv_key_len = p->data_size; } @@ -486,7 +480,7 @@ static void *mac_gen(void *genctx, OSSL_CALLBACK *cb, void *cbarg) return NULL; if ((key = ossl_mac_key_new(gctx->libctx, 0)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return NULL; } diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 123c40f54f..7c1ce18ac7 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -310,10 +310,8 @@ static int kmac_init(void *vmacctx, const unsigned char *key, return 0; } out = OPENSSL_malloc(out_len); - if (out == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (out == NULL) return 0; - } res = bytepad(out, NULL, kmac_string, sizeof(kmac_string), kctx->custom, kctx->custom_len, block_len) && EVP_DigestUpdate(ctx, out, out_len) diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c index 007a181c89..11ba455233 100644 --- a/providers/implementations/rands/drbg.c +++ b/providers/implementations/rands/drbg.c @@ -160,10 +160,8 @@ size_t ossl_drbg_get_seed(void *vdrbg, unsigned char **pout, /* Allocate storage */ buffer = OPENSSL_secure_malloc(bytes_needed); - if (buffer == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (buffer == NULL) return 0; - } /* * Get random data. Include our DRBG address as @@ -777,10 +775,8 @@ PROV_DRBG *ossl_rand_drbg_new return NULL; drbg = OPENSSL_zalloc(sizeof(*drbg)); - if (drbg == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (drbg == NULL) return NULL; - } drbg->provctx = provctx; drbg->instantiate = instantiate; diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index 451113c4d1..89e0ca5573 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -538,7 +538,7 @@ static int drbg_ctr_init(PROV_DRBG *drbg) if (ctr->ctx_ctr == NULL) ctr->ctx_ctr = EVP_CIPHER_CTX_new(); if (ctr->ctx_ecb == NULL || ctr->ctx_ctr == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto err; } @@ -565,7 +565,7 @@ static int drbg_ctr_init(PROV_DRBG *drbg) if (ctr->ctx_df == NULL) ctr->ctx_df = EVP_CIPHER_CTX_new(); if (ctr->ctx_df == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_EVP_LIB); goto err; } /* Set key schedule for df_key */ @@ -589,10 +589,8 @@ static int drbg_ctr_new(PROV_DRBG *drbg) PROV_DRBG_CTR *ctr; ctr = OPENSSL_secure_zalloc(sizeof(*ctr)); - if (ctr == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (ctr == NULL) return 0; - } ctr->use_df = 1; drbg->data = ctr; @@ -693,10 +691,8 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) ERR_raise(ERR_LIB_PROV, PROV_R_REQUIRE_CTR_MODE_CIPHER); return 0; } - if ((ecb = OPENSSL_strndup(base, p->data_size)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ecb = OPENSSL_strndup(base, p->data_size)) == NULL) return 0; - } strcpy(ecb + p->data_size - ecb_str_len, "ECB"); EVP_CIPHER_free(ctr->cipher_ecb); EVP_CIPHER_free(ctr->cipher_ctr); diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c index 99853a7979..12faa993d0 100644 --- a/providers/implementations/rands/drbg_hash.c +++ b/providers/implementations/rands/drbg_hash.c @@ -390,10 +390,8 @@ static int drbg_hash_new(PROV_DRBG *ctx) PROV_DRBG_HASH *hash; hash = OPENSSL_secure_zalloc(sizeof(*hash)); - if (hash == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (hash == NULL) return 0; - } ctx->data = hash; ctx->seedlen = HASH_PRNG_MAX_SEEDLEN; diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c index e68465a78c..ffeb70f8c3 100644 --- a/providers/implementations/rands/drbg_hmac.c +++ b/providers/implementations/rands/drbg_hmac.c @@ -276,10 +276,8 @@ static int drbg_hmac_new(PROV_DRBG *drbg) PROV_DRBG_HMAC *hmac; hmac = OPENSSL_secure_zalloc(sizeof(*hmac)); - if (hmac == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (hmac == NULL) return 0; - } drbg->data = hmac; /* See SP800-57 Part1 Rev4 5.6.1 Table 3 */ diff --git a/providers/implementations/rands/seed_src.c b/providers/implementations/rands/seed_src.c index 7a4b780bb4..5e599775eb 100644 --- a/providers/implementations/rands/seed_src.c +++ b/providers/implementations/rands/seed_src.c @@ -53,10 +53,8 @@ static void *seed_src_new(void *provctx, void *parent, } s = OPENSSL_zalloc(sizeof(*s)); - if (s == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (s == NULL) return NULL; - } s->provctx = provctx; s->state = EVP_RAND_STATE_UNINITIALISED; @@ -106,7 +104,7 @@ static int seed_src_generate(void *vseed, unsigned char *out, size_t outlen, pool = ossl_rand_pool_new(strength, 1, outlen, outlen); if (pool == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_RAND_LIB); return 0; } @@ -197,10 +195,8 @@ static size_t seed_get_seed(void *vseed, unsigned char **pout, } p = OPENSSL_secure_malloc(bytes_needed); - if (p == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (p == NULL) return 0; - } if (seed_src_generate(vseed, p, bytes_needed, 0, prediction_resistance, adin, adin_len) != 0) { *pout = p; diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c index abcee00284..413559a747 100644 --- a/providers/implementations/signature/dsa_sig.c +++ b/providers/implementations/signature/dsa_sig.c @@ -111,7 +111,6 @@ static void *dsa_newctx(void *provctx, const char *propq) if (propq != NULL && (pdsactx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(pdsactx); pdsactx = NULL; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); } return pdsactx; } diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c index 865d49d100..c013140fec 100644 --- a/providers/implementations/signature/ecdsa_sig.c +++ b/providers/implementations/signature/ecdsa_sig.c @@ -120,7 +120,6 @@ static void *ecdsa_newctx(void *provctx, const char *propq) if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(ctx); ctx = NULL; - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); } return ctx; } diff --git a/providers/implementations/signature/eddsa_sig.c b/providers/implementations/signature/eddsa_sig.c index 2dc6c5e9d1..0229dd74d6 100644 --- a/providers/implementations/signature/eddsa_sig.c +++ b/providers/implementations/signature/eddsa_sig.c @@ -72,10 +72,8 @@ static void *eddsa_newctx(void *provctx, const char *propq_unused) return NULL; peddsactx = OPENSSL_zalloc(sizeof(PROV_EDDSA_CTX)); - if (peddsactx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (peddsactx == NULL) return NULL; - } peddsactx->libctx = PROV_LIBCTX_OF(provctx); diff --git a/providers/implementations/signature/mac_legacy_sig.c b/providers/implementations/signature/mac_legacy_sig.c index 6be605c8c6..d4bcc020da 100644 --- a/providers/implementations/signature/mac_legacy_sig.c +++ b/providers/implementations/signature/mac_legacy_sig.c @@ -60,10 +60,8 @@ static void *mac_newctx(void *provctx, const char *propq, const char *macname) return NULL; pmacctx->libctx = PROV_LIBCTX_OF(provctx); - if (propq != NULL && (pmacctx->propq = OPENSSL_strdup(propq)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (propq != NULL && (pmacctx->propq = OPENSSL_strdup(propq)) == NULL) goto err; - } mac = EVP_MAC_fetch(pmacctx->libctx, macname, propq); if (mac == NULL) diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c index 3670f84732..1c6b515d35 100644 --- a/providers/implementations/signature/rsa_sig.c +++ b/providers/implementations/signature/rsa_sig.c @@ -182,7 +182,6 @@ static void *rsa_newctx(void *provctx, const char *propq) || (propq != NULL && (propq_copy = OPENSSL_strdup(propq)) == NULL)) { OPENSSL_free(prsactx); - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return NULL; } @@ -230,7 +229,7 @@ static unsigned char *rsa_generate_signature_aid(PROV_RSA_CTX *ctx, int ret; if (!WPACKET_init_der(&pkt, aid_buf, buf_len)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_CRYPTO_LIB); return NULL; } @@ -484,10 +483,8 @@ static int setup_tbuf(PROV_RSA_CTX *ctx) { if (ctx->tbuf != NULL) return 1; - if ((ctx->tbuf = OPENSSL_malloc(RSA_size(ctx->rsa))) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if ((ctx->tbuf = OPENSSL_malloc(RSA_size(ctx->rsa))) == NULL) return 0; - } return 1; } @@ -568,7 +565,7 @@ static int rsa_sign(void *vprsactx, unsigned char *sig, size_t *siglen, return 0; } if (!setup_tbuf(prsactx)) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return 0; } memcpy(prsactx->tbuf, tbs, tbslen); @@ -986,10 +983,8 @@ static void *rsa_dupctx(void *vprsactx) return NULL; dstctx = OPENSSL_zalloc(sizeof(*srcctx)); - if (dstctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (dstctx == NULL) return NULL; - } *dstctx = *srcctx; dstctx->rsa = NULL; diff --git a/providers/implementations/signature/sm2_sig.c b/providers/implementations/signature/sm2_sig.c index b3647a9a73..15826d5fd2 100644 --- a/providers/implementations/signature/sm2_sig.c +++ b/providers/implementations/signature/sm2_sig.c @@ -122,7 +122,6 @@ static void *sm2sig_newctx(void *provctx, const char *propq) ctx->libctx = PROV_LIBCTX_OF(provctx); if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(ctx); - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return NULL; } ctx->mdsize = SM3_DIGEST_LENGTH; diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index 7548a01fe7..3f1d1ff2de 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -155,7 +155,7 @@ static struct file_ctx_st *file_open_stream(BIO *source, const char *uri, struct file_ctx_st *ctx; if ((ctx = new_file_ctx(IS_FILE, uri, provctx)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); goto err; } @@ -172,7 +172,7 @@ static void *file_open_dir(const char *path, const char *uri, void *provctx) struct file_ctx_st *ctx; if ((ctx = new_file_ctx(IS_DIR, uri, provctx)) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_PROV_LIB); return NULL; } @@ -422,7 +422,7 @@ static int file_setup_decoders(struct file_ctx_st *ctx) /* Setup for this session, so only if not already done */ if (ctx->_.file.decoderctx == NULL) { if ((ctx->_.file.decoderctx = OSSL_DECODER_CTX_new()) == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); goto err; } @@ -558,10 +558,8 @@ static char *file_name_to_uri(struct file_ctx_st *ctx, const char *name) + strlen(name) + 1 /* \0 */; data = OPENSSL_zalloc(calculated_length); - if (data == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + if (data == NULL) return NULL; - } OPENSSL_strlcat(data, ctx->uri, calculated_length); OPENSSL_strlcat(data, pathsep, calculated_length); diff --git a/providers/implementations/storemgmt/file_store_any2obj.c b/providers/implementations/storemgmt/file_store_any2obj.c index 28601683bf..b0be1c4d22 100644 --- a/providers/implementations/storemgmt/file_store_any2obj.c +++ b/providers/implementations/storemgmt/file_store_any2obj.c @@ -125,7 +125,7 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, mem_want = 16; /* The size of the MSBLOB header */ if ((mem = BUF_MEM_new()) == NULL || !BUF_MEM_grow(mem, mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } @@ -147,7 +147,7 @@ static int msblob2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, ok = 0; mem_want = ossl_blob_length(bitlen, isdss, ispub); if (!BUF_MEM_grow(mem, mem_len + mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } @@ -192,7 +192,7 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, mem_want = 24; /* The size of the PVK header */ if ((mem = BUF_MEM_new()) == NULL || !BUF_MEM_grow(mem, mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } @@ -214,7 +214,7 @@ static int pvk2obj_decode(void *provctx, OSSL_CORE_BIO *cin, int selection, ok = 0; mem_want = saltlen + keylen; if (!BUF_MEM_grow(mem, mem_len + mem_want)) { - ERR_raise(ERR_LIB_PEM, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PEM, ERR_R_BUF_LIB); goto err; } diff --git a/providers/implementations/storemgmt/winstore_store.c b/providers/implementations/storemgmt/winstore_store.c index f686517f74..a7d041b697 100644 --- a/providers/implementations/storemgmt/winstore_store.c +++ b/providers/implementations/storemgmt/winstore_store.c @@ -186,7 +186,7 @@ static int setup_decoder(struct winstore_ctx_st *ctx) ctx->dctx = OSSL_DECODER_CTX_new(); if (ctx->dctx == NULL) { - ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); + ERR_raise(ERR_LIB_PROV, ERR_R_OSSL_DECODER_LIB); return 0; } -- cgit v1.2.3