fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()

[openssl.git] / crypto / rsa / rsa_saos.c

diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
index d73beb04919cf48a6a0343b88c501cfa9ef408d5..f98e0a80a6c20fbee1b97ffdc45e588772c41363 100644 (file)
--- a/crypto/rsa/rsa_saos.c
+++ b/crypto/rsa/rsa_saos.c
@@ -58,13 +58,14 @@
 
 #include <stdio.h>
 #include "cryptlib.h"
-#include "bn.h"
-#include "rsa.h"
-#include "objects.h"
-#include "x509.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
 
-int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
-            unsigned char *sigret, unsigned int *siglen, RSA *rsa)
+int RSA_sign_ASN1_OCTET_STRING(int type,
+       const unsigned char *m, unsigned int m_len,
+       unsigned char *sigret, unsigned int *siglen, RSA *rsa)
        {
        ASN1_OCTET_STRING sig;
        int i,j,ret=1;
@@ -72,16 +73,16 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
 
        sig.type=V_ASN1_OCTET_STRING;
        sig.length=m_len;
-       sig.data=m;
+       sig.data=(unsigned char *)m;
 
        i=i2d_ASN1_OCTET_STRING(&sig,NULL);
        j=RSA_size(rsa);
-       if ((i-RSA_PKCS1_PADDING) > j)
+       if (i > (j-RSA_PKCS1_PADDING_SIZE))
                {
                RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
                return(0);
                }
-       s=(unsigned char *)Malloc((unsigned int)j+1);
+       s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1);
        if (s == NULL)
                {
                RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
@@ -95,17 +96,19 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
        else
                *siglen=i;
 
-       memset(s,0,(unsigned int)j+1);
-       Free(s);
+       OPENSSL_cleanse(s,(unsigned int)j+1);
+       OPENSSL_free(s);
        return(ret);
        }
 
-int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m,
-            unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
-            RSA *rsa)
+int RSA_verify_ASN1_OCTET_STRING(int dtype,
+       const unsigned char *m,
+       unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
+       RSA *rsa)
        {
        int i,ret=0;
-       unsigned char *p,*s;
+       unsigned char *s;
+       const unsigned char *p;
        ASN1_OCTET_STRING *sig=NULL;
 
        if (siglen != (unsigned int)RSA_size(rsa))
@@ -114,7 +117,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m,
                return(0);
                }
 
-       s=(unsigned char *)Malloc((unsigned int)siglen);
+       s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen);
        if (s == NULL)
                {
                RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
@@ -136,9 +139,12 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m,
        else
                ret=1;
 err:
-       if (sig != NULL) ASN1_OCTET_STRING_free(sig);
-       memset(s,0,(unsigned int)siglen);
-       Free(s);
+       if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
+       if (s != NULL)
+               {
+               OPENSSL_cleanse(s,(unsigned int)siglen);
+               OPENSSL_free(s);
+               }
        return(ret);
        }