Correctly check the return code of EVP_MAC_ctrl everwhere it is used

EVP_MAC_ctrl is documented to return 0 or -1 on failure. Numerous places
were not getting this check correct.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/8584)

diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c
index 858ca28754444c921299647ce5239d15cc61c854..fc627f17b67039073b11b9035aab6a9f94ff1e5b 100644 (file)
--- a/crypto/evp/pkey_mac.c
+++ b/crypto/evp/pkey_mac.c
@@ -231,9 +231,9 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                 int rv;
 
                 if ((rv = EVP_MAC_ctrl(hctx->ctx, EVP_MAC_CTRL_SET_ENGINE,
-                                       ctx->engine)) < 0
+                                       ctx->engine)) <= 0
                     || (rv = EVP_MAC_ctrl(hctx->ctx, EVP_MAC_CTRL_SET_CIPHER,
-                                          p2)) < 0
+                                          p2)) <= 0
                     || !(rv = EVP_MAC_init(hctx->ctx)))
                     return rv;
             }
@@ -275,7 +275,7 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                 return 0;
             break;
         case MAC_TYPE_MAC:
-            if (!EVP_MAC_ctrl(hctx->ctx, EVP_MAC_CTRL_SET_KEY, p2, p1))
+            if (EVP_MAC_ctrl(hctx->ctx, EVP_MAC_CTRL_SET_KEY, p2, p1) <= 0)
                 return 0;
             break;
         default:
@@ -296,11 +296,11 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                     (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
 
                 if ((rv = EVP_MAC_ctrl(hctx->ctx, EVP_MAC_CTRL_SET_ENGINE,
-                                       ctx->engine)) < 0
+                                       ctx->engine)) <= 0
                     || (rv = EVP_MAC_ctrl(hctx->ctx, EVP_MAC_CTRL_SET_MD,
-                                          hctx->raw_data.md)) < 0
+                                          hctx->raw_data.md)) <= 0
                     || (rv = EVP_MAC_ctrl(hctx->ctx, EVP_MAC_CTRL_SET_KEY,
-                                          key->data, key->length)) < 0)
+                                          key->data, key->length)) <= 0)
                     return rv;
             }
             break;

diff --git a/crypto/kdf/sskdf.c b/crypto/kdf/sskdf.c
index e999b54b773ed2ba3198a16dfaf1510c9a40387c..935428f77f79ce6215c4872fec2600e042c4a69a 100644 (file)
--- a/crypto/kdf/sskdf.c
+++ b/crypto/kdf/sskdf.c
@@ -138,7 +138,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom,
     if (custom == NULL)
         return 1;
 
-    if (!EVP_MAC_ctrl(ctx, EVP_MAC_CTRL_SET_CUSTOM, custom, custom_len))
+    if (EVP_MAC_ctrl(ctx, EVP_MAC_CTRL_SET_CUSTOM, custom, custom_len) <= 0)
         return 0;
 
     /* By default only do one iteration if kmac_out_len is not specified */
@@ -153,7 +153,7 @@ static int kmac_init(EVP_MAC_CTX *ctx, const unsigned char *custom,
             || kmac_out_len == 64))
         return 0;
 
-    if (!EVP_MAC_ctrl(ctx, EVP_MAC_CTRL_SET_SIZE, kmac_out_len))
+    if (EVP_MAC_ctrl(ctx, EVP_MAC_CTRL_SET_SIZE, kmac_out_len) <= 0)
         return 0;
 
     /*
@@ -200,10 +200,10 @@ static int SSKDF_mac_kdm(const EVP_MAC *kdf_mac, const EVP_MD *hmac_md,
     if (ctx == NULL || ctx_init == NULL)
         goto end;
     if (hmac_md != NULL &&
-            !EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_MD, hmac_md))
+            EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_MD, hmac_md) <= 0)
         goto end;
 
-    if (!EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_KEY, salt, salt_len))
+    if (EVP_MAC_ctrl(ctx_init, EVP_MAC_CTRL_SET_KEY, salt, salt_len) <= 0)
         goto end;
 
     if (!kmac_init(ctx_init, kmac_custom, kmac_custom_len, kmac_out_len,

diff --git a/crypto/modes/siv128.c b/crypto/modes/siv128.c
index 99b11d179a7765370ccb1be30084a09a638fc104..f812d0a727d4a44bef02644118c9fa2f7e966dd8 100644 (file)
--- a/crypto/modes/siv128.c
+++ b/crypto/modes/siv128.c
@@ -166,8 +166,8 @@ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen,
             || (ctx->cipher_ctx = EVP_CIPHER_CTX_new()) == NULL
             || (ctx->mac_ctx_init = EVP_MAC_CTX_new_id(EVP_MAC_CMAC)) == NULL
             || (ctx->mac_ctx = EVP_MAC_CTX_new_id(EVP_MAC_CMAC)) == NULL
-            || !EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_CIPHER, cbc)
-            || !EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_KEY, key, klen)
+            || EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_CIPHER, cbc) <= 0
+            || EVP_MAC_ctrl(ctx->mac_ctx_init, EVP_MAC_CTRL_SET_KEY, key, klen) <= 0
             || !EVP_EncryptInit_ex(ctx->cipher_ctx, ctr, NULL, key + klen, NULL)
             || !EVP_MAC_CTX_copy(ctx->mac_ctx, ctx->mac_ctx_init)
             || !EVP_MAC_update(ctx->mac_ctx, zero, sizeof(zero))