X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=engines%2Fe_sureware.c;h=fb5e55c930a8e1b4fa26c16315390bf7cf46faf9;hp=aae568ab71fc5c6e641fe181d50a9046ce2b58aa;hb=e008d1b2672f0ab6d64ab1afd20a903678bd8ed2;hpb=474e469bbd056aebcf7e7d3207ef820f2faed4ce

diff --git a/engines/e_sureware.c b/engines/e_sureware.c
index aae568ab71..fb5e55c930 100644
--- a/engines/e_sureware.c
+++ b/engines/e_sureware.c
@@ -111,10 +111,6 @@ static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
                                         void *callback_data);
 static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
                                int idx, long argl, void *argp);
-#  if 0
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-                                  int idx, long argl, void *argp);
-#  endif
 
 #  ifndef OPENSSL_NO_RSA
 /* This function is aliased to mod_exp (with the mont stuff dropped). */
@@ -408,10 +404,8 @@ static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p,
         {
             BIO *bio = (BIO *)p;
             CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
-            if (logstream) {
-                BIO_free(logstream);
-                logstream = NULL;
-            }
+            BIO_free(logstream);
+            logstream = NULL;
             if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
                 logstream = bio;
             else
@@ -566,8 +560,7 @@ static int surewarehk_init(ENGINE *e)
 
     return 1;
  err:
-    if (surewarehk_dso)
-        DSO_free(surewarehk_dso);
+    DSO_free(surewarehk_dso);
     surewarehk_dso = NULL;
     p_surewarehk_Init = NULL;
     p_surewarehk_Finish = NULL;
@@ -600,8 +593,7 @@ static int surewarehk_finish(ENGINE *e)
         goto err;
     }
  err:
-    if (logstream)
-        BIO_free(logstream);
+    BIO_free(logstream);
     surewarehk_dso = NULL;
     p_surewarehk_Init = NULL;
     p_surewarehk_Finish = NULL;
@@ -717,10 +709,12 @@ static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
         /* set public big nums */
         rsatmp->e = BN_new();
         rsatmp->n = BN_new();
+        if (!rsatmp->e || !rsatmp->n)
+            goto err;
         bn_expand2(rsatmp->e, el / sizeof(BN_ULONG));
         bn_expand2(rsatmp->n, el / sizeof(BN_ULONG));
-        if (!rsatmp->e || rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
-            !rsatmp->n || rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
+        if (rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
+            rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
             goto err;
         ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el,
                                            (unsigned long *)rsatmp->n->d,
@@ -757,15 +751,16 @@ static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
         dsatmp->p = BN_new();
         dsatmp->q = BN_new();
         dsatmp->g = BN_new();
+        if (!dsatmp->pub_key || !dsatmp->p || !dsatmp->q || !dsatmp->g)
+            goto err;
         bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG));
         bn_expand2(dsatmp->p, el / sizeof(BN_ULONG));
         bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG));
         bn_expand2(dsatmp->g, el / sizeof(BN_ULONG));
-        if (!dsatmp->pub_key
-            || dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
-            || !dsatmp->p || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
-            || !dsatmp->q || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
-            || !dsatmp->g || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
+        if (dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
+            || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
+            || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
+            || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
             goto err;
 
         ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el,
@@ -805,12 +800,10 @@ static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
     return res;
  err:
 #  ifndef OPENSSL_NO_RSA
-    if (rsatmp)
-        RSA_free(rsatmp);
+    RSA_free(rsatmp);
 #  endif
 #  ifndef OPENSSL_NO_DSA
-    if (dsatmp)
-        DSA_free(dsatmp);
+    DSA_free(dsatmp);
 #  endif
     return NULL;
 }
@@ -881,23 +874,6 @@ static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
         p_surewarehk_Free((char *)item, 0);
 }
 
-#  if 0
-/* not currently used (bug?) */
-/*
- * This cleans up an DH KM key (destroys the key into hardware), called when
- * ex_data is freed
- */
-static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
-                                  int idx, long argl, void *argp)
-{
-    if (!p_surewarehk_Free) {
-        SUREWAREerr(SUREWARE_F_SUREWAREHK_DH_EX_FREE,
-                    ENGINE_R_NOT_INITIALISED);
-    } else
-        p_surewarehk_Free((char *)item, 1);
-}
-#  endif
-
 /*
  * return number of decrypted bytes
  */
@@ -913,7 +889,7 @@ static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
                     ENGINE_R_NOT_INITIALISED);
     }
     /* extract ref to private key */
-    else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) {
+    else if ((hptr = RSA_get_ex_data(rsa, rsaHndidx)) == NULL) {
         SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
                     SUREWARE_R_MISSING_KEY_COMPONENTS);
         goto err;
@@ -971,10 +947,7 @@ static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
                         SUREWARE_R_PADDING_CHECK_FAILED);
     }
  err:
-    if (buf) {
-        OPENSSL_cleanse(buf, tlen);
-        OPENSSL_free(buf);
-    }
+    OPENSSL_clear_free(buf, tlen);
     return ret;
 }
 
@@ -991,7 +964,7 @@ static int surewarehk_rsa_sign(int flen, const unsigned char *from,
         SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, ENGINE_R_NOT_INITIALISED);
     }
     /* extract ref to private key */
-    else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) {
+    else if ((hptr = RSA_get_ex_data(rsa, rsaHndidx)) == NULL) {
         SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,
                     SUREWARE_R_MISSING_KEY_COMPONENTS);
     } else {
@@ -1029,7 +1002,7 @@ static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen,
         goto err;
     }
     /* extract ref to private key */
-    else if (!(hptr = DSA_get_ex_data(dsa, dsaHndidx))) {
+    else if ((hptr = DSA_get_ex_data(dsa, dsaHndidx)) == NULL) {
         SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
                     SUREWARE_R_MISSING_KEY_COMPONENTS);
         goto err;
@@ -1041,10 +1014,12 @@ static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen,
         }
         psign->r = BN_new();
         psign->s = BN_new();
+        if (!psign->r || !psign->s)
+            goto err;
         bn_expand2(psign->r, 20 / sizeof(BN_ULONG));
         bn_expand2(psign->s, 20 / sizeof(BN_ULONG));
-        if (!psign->r || psign->r->dmax != 20 / sizeof(BN_ULONG) ||
-            !psign->s || psign->s->dmax != 20 / sizeof(BN_ULONG))
+        if (psign->r->dmax != 20 / sizeof(BN_ULONG) ||
+            psign->s->dmax != 20 / sizeof(BN_ULONG))
             goto err;
         ret = p_surewarehk_Dsa_Sign(msg, flen, from,
                                     (unsigned long *)psign->r->d,
@@ -1073,9 +1048,9 @@ static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
     char msg[64] = "ENGINE_modexp";
     if (!p_surewarehk_Mod_Exp) {
         SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED);
-    } else {
+    } else if (r) {
         bn_expand2(r, m->top);
-        if (r && r->dmax == m->top) {
+        if (r->dmax == m->top) {
             /* do it */
             ret = p_surewarehk_Mod_Exp(msg,
                                        m->top * sizeof(BN_ULONG),