#include <openssl/core_names.h>
#include <openssl/dh.h>
#include <openssl/err.h>
+#include <openssl/proverr.h>
#include <openssl/params.h>
#include "prov/providercommon.h"
#include "prov/implementations.h"
size_t dhsize;
const BIGNUM *pub_key = NULL;
- /* TODO(3.0): Add errors to stack */
- if (pdhctx->dh == NULL || pdhctx->dhpeer == NULL)
+ if (pdhctx->dh == NULL || pdhctx->dhpeer == NULL) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
return 0;
+ }
dhsize = (size_t)DH_size(pdhctx->dh);
if (secret == NULL) {
*secretlen = dhsize;
return 1;
}
- if (outlen < dhsize)
+ if (outlen < dhsize) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;
+ }
DH_get0_key(pdhctx->dhpeer, &pub_key, NULL);
if (pdhctx->pad)
return 1;
}
- if (pdhctx->kdf_outlen > outlen)
+ if (pdhctx->kdf_outlen > outlen) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;
+ }
if (!dh_plain_derive(pdhctx, NULL, &stmplen, 0))
return 0;
if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) {
#include <openssl/ec.h>
#include <openssl/params.h>
#include <openssl/err.h>
+#include <openssl/proverr.h>
#include "prov/provider_ctx.h"
#include "prov/providercommon.h"
#include "prov/implementations.h"
int key_cofactor_mode;
if (pecdhctx->k == NULL || pecdhctx->peerk == NULL) {
- ERR_raise(ERR_LIB_PROV, EC_R_KEYS_NOT_SET);
+ ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
return 0;
}
return 1;
}
- if (pecdhctx->kdf_outlen > outlen)
+ if (pecdhctx->kdf_outlen > outlen) {
+ ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;
+ }
if (!ecdh_plain_derive(vpecdhctx, NULL, &stmplen, 0))
return 0;
if ((stmp = OPENSSL_secure_malloc(stmplen)) == NULL) {
if (ecxctx->key == NULL
|| ecxctx->key->privkey == NULL
|| ecxctx->peerkey == NULL) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY);
+ ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_KEY);
return 0;
}
return 1;
}
if (outlen < ecxctx->keylen) {
- ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
+ ERR_raise(ERR_LIB_PROV, PROV_R_OUTPUT_BUFFER_TOO_SMALL);
return 0;
}