1 Patch developed in-house. Solaris-specific; not suitable for upstream. |
1 Patch developed in-house. Solaris-specific; not suitable for upstream. |
2 |
2 |
3 --- openssl-1.0.1f/crypto/evp/evp_enc.c.orig Mon Feb 11 07:26:04 2013 |
3 --- openssl-1.0.1f/crypto/evp/evp_enc.c.orig Mon Feb 11 07:26:04 2013 |
4 +++ openssl-1.0.1f/crypto/evp/evp_enc.c Mon Feb 3 16:40:48 2014 |
4 +++ openssl-1.0.1f/crypto/evp/evp_enc.c Mon Feb 3 16:40:48 2014 |
5 @@ -393,10 +393,14 @@ |
5 @@ -394,10 +394,14 @@ |
6 { |
6 { |
7 ret = M_do_cipher(ctx, out, NULL, 0); |
7 ret = M_do_cipher(ctx, out, NULL, 0); |
8 if (ret < 0) |
8 if (ret < 0) |
9 - return 0; |
9 - return 0; |
10 + { |
10 + { |
55 + } |
55 + } |
56 + |
56 + |
57 return ret; |
57 return ret; |
58 } |
58 } |
59 |
59 |
60 @@ -500,7 +513,7 @@ |
60 @@ -502,6 +515,7 @@ |
61 |
|
62 int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) |
61 int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) |
63 { |
62 { |
64 - int i,n; |
63 unsigned int i, b; |
65 + int i,n,ret = 1; |
64 + int err = 1; |
66 unsigned int b; |
65 unsigned char pad, padding_good; |
67 *outl=0; |
66 *outl=0; |
68 |
67 |
69 @@ -508,10 +521,14 @@ |
68 @@ -509,10 +522,14 @@ |
70 { |
69 { |
71 i = M_do_cipher(ctx, out, NULL, 0); |
70 int ret = M_do_cipher(ctx, out, NULL, 0); |
72 if (i < 0) |
71 if (ret < 0) |
73 - return 0; |
72 - return 0; |
74 + { |
73 + { |
75 + ret = 0; |
74 + err = 0; |
76 + goto cleanup; |
75 + goto cleanup; |
77 + } |
76 + } |
78 else |
77 else |
79 *outl = i; |
78 *outl = ret; |
80 - return 1; |
79 - return 1; |
81 + ret = 1; |
80 + err = 1; |
82 + goto cleanup; |
81 + goto cleanup; |
83 } |
82 } |
84 |
83 |
85 b=ctx->cipher->block_size; |
84 b=(unsigned int)(ctx->cipher->block_size); |
86 @@ -520,10 +537,12 @@ |
85 @@ -521,10 +538,12 @@ |
87 if(ctx->buf_len) |
86 if(ctx->buf_len) |
88 { |
87 { |
89 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); |
88 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH); |
90 - return 0; |
89 - return 0; |
91 + ret = 0; |
90 + err = 0; |
92 + goto cleanup; |
91 + goto cleanup; |
93 } |
92 } |
94 *outl = 0; |
93 *outl = 0; |
95 - return 1; |
94 - return 1; |
96 + ret = 1; |
95 + err = 1; |
97 + goto cleanup; |
96 + goto cleanup; |
98 } |
97 } |
99 if (b > 1) |
98 if (b > 1) |
100 { |
99 { |
101 @@ -530,7 +549,8 @@ |
100 @@ -531,7 +550,8 @@ |
102 if (ctx->buf_len || !ctx->final_used) |
101 if (ctx->buf_len || !ctx->final_used) |
103 { |
102 { |
104 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH); |
103 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_WRONG_FINAL_BLOCK_LENGTH); |
105 - return(0); |
104 - return(0); |
106 + ret = 0; |
105 + err = 0; |
107 + goto cleanup; |
106 + goto cleanup; |
108 } |
107 } |
109 OPENSSL_assert(b <= sizeof ctx->final); |
108 OPENSSL_assert(b <= sizeof ctx->final); |
110 n=ctx->final[b-1]; |
109 pad=ctx->final[b-1]; |
111 @@ -537,7 +557,8 @@ |
110 @@ -555,13 +577,22 @@ |
112 if (n == 0 || n > (int)b) |
111 out[i] = ctx->final[i] & padding_good; |
113 { |
112 /* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */ |
114 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); |
113 *outl = padding_good & ((unsigned char)(b - pad)); |
115 - return(0); |
114 - return padding_good & 1; |
116 + ret = 0; |
115 + err = padding_good & 1; |
117 + goto cleanup; |
116 + goto cleanup; |
118 } |
|
119 for (i=0; i<n; i++) |
|
120 { |
|
121 @@ -544,7 +565,8 @@ |
|
122 if (ctx->final[--b] != n) |
|
123 { |
|
124 EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); |
|
125 - return(0); |
|
126 + ret = 0; |
|
127 + goto cleanup; |
|
128 } |
|
129 } |
|
130 n=ctx->cipher->block_size-n; |
|
131 @@ -554,7 +576,14 @@ |
|
132 } |
117 } |
133 else |
118 else |
134 *outl=0; |
119 { |
135 - return(1); |
120 *outl = 0; |
|
121 - return 1; |
|
122 + err = 1; |
|
123 } |
136 + |
124 + |
137 +cleanup: |
125 +cleanup: |
138 + if (ctx->cipher->cleanup) |
126 + if (ctx->cipher->cleanup) |
139 + { |
127 + { |
140 + ctx->cipher->cleanup(ctx); |
128 + ctx->cipher->cleanup(ctx); |
141 + } |
129 + } |
142 + |
130 + |
143 + return ret; |
131 + return err; |
144 } |
132 } |
145 |
133 |
146 void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) |
134 void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) |