/*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
{
TLS1_PRF_PKEY_CTX *kctx;
- kctx = OPENSSL_zalloc(sizeof(*kctx));
- if (kctx == NULL)
+ if ((kctx = OPENSSL_zalloc(sizeof(*kctx))) == NULL) {
+ KDFerr(KDF_F_PKEY_TLS1_PRF_INIT, ERR_R_MALLOC_FAILURE);
return 0;
+ }
ctx->data = kctx;
return 1;
int ret = 0;
chunk = EVP_MD_size(md);
- OPENSSL_assert(chunk >= 0);
+ if (!ossl_assert(chunk > 0))
+ goto err;
ctx = EVP_MD_CTX_new();
ctx_tmp = EVP_MD_CTX_new();
if (ctx == NULL || ctx_tmp == NULL || ctx_init == NULL)
goto err;
EVP_MD_CTX_set_flags(ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
+ mac_key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
if (mac_key == NULL)
goto err;
if (!EVP_DigestSignInit(ctx_init, NULL, md, NULL, mac_key))
seed, seed_len, out, olen))
return 0;
- tmp = OPENSSL_malloc(olen);
- if (tmp == NULL)
+ if ((tmp = OPENSSL_malloc(olen)) == NULL) {
+ KDFerr(KDF_F_TLS1_PRF_ALG, ERR_R_MALLOC_FAILURE);
return 0;
+ }
if (!tls1_prf_P_hash(EVP_sha1(), sec + slen/2, slen/2 + (slen & 1),
seed, seed_len, tmp, olen)) {
OPENSSL_clear_free(tmp, olen);