correct error handling

author Bodo Möller <bodo@openssl.org>

Mon, 12 Jul 1999 09:46:34 +0000 (09:46 +0000)

committer Bodo Möller <bodo@openssl.org>

Mon, 12 Jul 1999 09:46:34 +0000 (09:46 +0000)
author Bodo Möller <bodo@openssl.org>
Mon, 12 Jul 1999 09:46:34 +0000 (09:46 +0000)
committer Bodo Möller <bodo@openssl.org>
Mon, 12 Jul 1999 09:46:34 +0000 (09:46 +0000)
diff --git a/apps/rsa.c b/apps/rsa.c

index 6537a24f5df83180fed3d0b46b715ce1d3b349f2..07c14e2edde9cedbcd44434578a974e1c283b5e2 100644 (file)
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -262,9 +262,12 @@ bad:
                 }
  
         if (check)
                 }
  
         if (check)
-               if (RSA_check_key(rsa))
+               {
+               int r = RSA_check_key(rsa);
+
+               if (r == 1)
                         BIO_printf(out,"RSA key ok\n");
                         BIO_printf(out,"RSA key ok\n");
-               else
+               else if (r == 0)
                         {
                         long e;
  
                         {
                         long e;
  
@@ -276,13 +279,15 @@ bad:
                                 BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e));
                                 ERR_get_error(); /* remove e from error stack */
                                 }
                                 BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e));
                                 ERR_get_error(); /* remove e from error stack */
                                 }
-                       if (e != 0)
-                               {
-                               ERR_print_errors(bio_err);
-                               goto end;
-                               }
                         }
                         }
-       
+               
+               if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
+                       {
+                       ERR_print_errors(bio_err);
+                       goto end;
+                       }
+               }
+               
         if (noout) goto end;
         BIO_printf(bio_err,"writing RSA private key\n");
         if      (outformat == FORMAT_ASN1)
         if (noout) goto end;
         BIO_printf(bio_err,"writing RSA private key\n");
         if      (outformat == FORMAT_ASN1)
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h

index 26423ddeabd0c577a19b69a377f379577ccde18f..0d0158dc06a98fbaef4fd11442f582129368f9f6 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -286,14 +286,14 @@ char *RSA_get_ex_data(RSA *r, int idx);
  #define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE               110
  #define RSA_R_DATA_TOO_SMALL                            111
  #define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE               122
  #define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE               110
  #define RSA_R_DATA_TOO_SMALL                            111
  #define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE               122
-#define RSA_R_DE_NOT_CONGRUENT_TO_1                     123
+#define RSA_R_D_E_NOT_CONGRUENT_TO_1                    123
  #define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY                112
  #define RSA_R_DMP1_NOT_CONGRUENT_TO_D                   124
  #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                   125
  #define RSA_R_IQMP_NOT_INVERSE_OF_Q                     126
  #define RSA_R_KEY_SIZE_TOO_SMALL                        120
  #define RSA_R_NULL_BEFORE_BLOCK_MISSING                         113
  #define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY                112
  #define RSA_R_DMP1_NOT_CONGRUENT_TO_D                   124
  #define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                   125
  #define RSA_R_IQMP_NOT_INVERSE_OF_Q                     126
  #define RSA_R_KEY_SIZE_TOO_SMALL                        120
  #define RSA_R_NULL_BEFORE_BLOCK_MISSING                         113
-#define RSA_R_N_DOES_NOT_EQUAL_PQ                       127
+#define RSA_R_N_DOES_NOT_EQUAL_P_Q                      127
  #define RSA_R_OAEP_DECODING_ERROR                       121
  #define RSA_R_PADDING_CHECK_FAILED                      114
  #define RSA_R_P_NOT_PRIME                               128
  #define RSA_R_OAEP_DECODING_ERROR                       121
  #define RSA_R_PADDING_CHECK_FAILED                      114
  #define RSA_R_P_NOT_PRIME                               128
diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c

index c95dab3b1f968d4c337dd997dfd4d68890cc1267..8e99fe019dd67e1d2bf131d4f7b7074990036437 100644 (file)
--- a/crypto/rsa/rsa_chk.c
+++ b/crypto/rsa/rsa_chk.c
@@ -57,6 +57,7 @@ int RSA_check_key(RSA *key)
         {
         BIGNUM *i, *j, *k, *l, *m;
         BN_CTX *ctx;
         {
         BIGNUM *i, *j, *k, *l, *m;
         BN_CTX *ctx;
+       int r;
         int ret=1;
         
         i = BN_new();
         int ret=1;
         
         i = BN_new();
@@ -68,85 +69,99 @@ int RSA_check_key(RSA *key)
         if (i == NULL || j == NULL || k == NULL || l == NULL ||
                 m == NULL || ctx == NULL)
                 {
         if (i == NULL || j == NULL || k == NULL || l == NULL ||
                 m == NULL || ctx == NULL)
                 {
-               ret = 0;
+               ret = -1;
                 RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
                 goto err;
                 }
         
         /* p prime? */
                 RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
                 goto err;
                 }
         
         /* p prime? */
-       if (BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL) != 1)
+       r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL);
+       if (r != 1)
                 {
                 {
-               ret = 0;
-               if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
+               ret = r;
+               if (r != 0)
                         goto err;
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
                 }
         
         /* q prime? */
                         goto err;
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
                 }
         
         /* q prime? */
-       if (BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL) != 1)
+       r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL);
+       if (r != 1)
                 {
                 {
-               ret = 0;
-               if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
+               ret = r;
+               if (r != 0)
                         goto err;
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
                 }
         
         /* n = p*q? */
                         goto err;
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
                 }
         
         /* n = p*q? */
-       BN_mul(i, key->p, key->q, ctx);
+       r = BN_mul(i, key->p, key->q, ctx);
+       if (!r) { ret = -1; goto err; }
+       
         if (BN_cmp(i, key->n) != 0)
                 {
                 ret = 0;
         if (BN_cmp(i, key->n) != 0)
                 {
                 ret = 0;
-               if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-                       goto err;
-               RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_PQ);
+               RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
                 }
         
         /* dmp1 = d mod (p-1)? */
                 }
         
         /* dmp1 = d mod (p-1)? */
-       BN_sub(i, key->p, BN_value_one());
-       BN_mod(j, key->d, i, ctx);
+       r = BN_sub(i, key->p, BN_value_one());
+       if (!r) { ret = -1; goto err; }
+
+       r = BN_mod(j, key->d, i, ctx);
+       if (!r) { ret = -1; goto err; }
+
         if (BN_cmp(j, key->dmp1) != 0)
                 {
                 ret = 0;
         if (BN_cmp(j, key->dmp1) != 0)
                 {
                 ret = 0;
-               if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-                       goto err;
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMP1_NOT_CONGRUENT_TO_D);
                 }
         
         /* dmq1 = d mod (q-1)? */    
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMP1_NOT_CONGRUENT_TO_D);
                 }
         
         /* dmq1 = d mod (q-1)? */    
-       BN_sub(i, key->q, BN_value_one());
-       BN_mod(j, key->d, i, ctx);
+       r = BN_sub(i, key->q, BN_value_one());
+       if (!r) { ret = -1; goto err; }
+       
+       r = BN_mod(j, key->d, i, ctx);
+       if (!r) { ret = -1; goto err; }
+
         if (BN_cmp(j, key->dmq1) != 0)
                 {
                 ret = 0;
         if (BN_cmp(j, key->dmq1) != 0)
                 {
                 ret = 0;
-               if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-                       goto err;
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
                 }
         
         /* iqmp = q^-1 mod p? */
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
                 }
         
         /* iqmp = q^-1 mod p? */
-       BN_mod_inverse(i, key->q, key->p, ctx);
+       r = BN_mod_inverse(i, key->q, key->p, ctx);
+       if (!r) { ret = -1; goto err; }
+
         if (BN_cmp(i, key->iqmp) != 0)
                 {
                 ret = 0;
         if (BN_cmp(i, key->iqmp) != 0)
                 {
                 ret = 0;
-               if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-                       goto err;
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_IQMP_NOT_INVERSE_OF_Q);
                 }
         
         /* d*e = 1  mod lcm(p-1,q-1)? */
                 RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_IQMP_NOT_INVERSE_OF_Q);
                 }
         
         /* d*e = 1  mod lcm(p-1,q-1)? */
-       BN_sub(i, key->p, BN_value_one());
-       BN_sub(j, key->q, BN_value_one());
+
+       r = BN_sub(i, key->p, BN_value_one());
+       if (!r) { ret = -1; goto err; }
+       r = BN_sub(j, key->q, BN_value_one());
+       if (!r) { ret = -1; goto err; }
+
         /* now compute k = lcm(i,j) */
         /* now compute k = lcm(i,j) */
-       BN_mul(l, i, j, ctx);
-       BN_gcd(m, i, j, ctx);
-       BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
-       BN_mod_mul(i, key->d, key->e, k, ctx);
+       r = BN_mul(l, i, j, ctx);
+       if (!r) { ret = -1; goto err; }
+       r = BN_gcd(m, i, j, ctx);
+       if (!r) { ret = -1; goto err; }
+       r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
+       if (!r) { ret = -1; goto err; }
+
+       r = BN_mod_mul(i, key->d, key->e, k, ctx);
+       if (!r) { ret = -1; goto err; }
+
         if (!BN_is_one(i))
                 {
                 ret = 0;
         if (!BN_is_one(i))
                 {
                 ret = 0;
-               if (ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)
-                       goto err;
-               RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DE_NOT_CONGRUENT_TO_1);
+               RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
                 }
         
   err:
                 }
         
   err:
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c

index d16555367854f85b178094644fddf882bdff79e4..9fb15e398ddfe9e29cd9bdd0b6eb604182d86adf 100644 (file)
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -106,14 +106,14 @@ static ERR_STRING_DATA RSA_str_reasons[]=
  {RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
  {RSA_R_DATA_TOO_SMALL                    ,"data too small"},
  {RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE       ,"data too small for key size"},
  {RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE       ,"data too large for key size"},
  {RSA_R_DATA_TOO_SMALL                    ,"data too small"},
  {RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE       ,"data too small for key size"},
-{RSA_R_DE_NOT_CONGRUENT_TO_1             ,"de not congruent to 1"},
+{RSA_R_D_E_NOT_CONGRUENT_TO_1            ,"d e not congruent to 1"},
  {RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY        ,"digest too big for rsa key"},
  {RSA_R_DMP1_NOT_CONGRUENT_TO_D           ,"dmp1 not congruent to d"},
  {RSA_R_DMQ1_NOT_CONGRUENT_TO_D           ,"dmq1 not congruent to d"},
  {RSA_R_IQMP_NOT_INVERSE_OF_Q             ,"iqmp not inverse of q"},
  {RSA_R_KEY_SIZE_TOO_SMALL                ,"key size too small"},
  {RSA_R_NULL_BEFORE_BLOCK_MISSING         ,"null before block missing"},
  {RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY        ,"digest too big for rsa key"},
  {RSA_R_DMP1_NOT_CONGRUENT_TO_D           ,"dmp1 not congruent to d"},
  {RSA_R_DMQ1_NOT_CONGRUENT_TO_D           ,"dmq1 not congruent to d"},
  {RSA_R_IQMP_NOT_INVERSE_OF_Q             ,"iqmp not inverse of q"},
  {RSA_R_KEY_SIZE_TOO_SMALL                ,"key size too small"},
  {RSA_R_NULL_BEFORE_BLOCK_MISSING         ,"null before block missing"},
-{RSA_R_N_DOES_NOT_EQUAL_PQ               ,"n does not equal pq"},
+{RSA_R_N_DOES_NOT_EQUAL_P_Q              ,"n does not equal p q"},
  {RSA_R_OAEP_DECODING_ERROR               ,"oaep decoding error"},
  {RSA_R_PADDING_CHECK_FAILED              ,"padding check failed"},
  {RSA_R_P_NOT_PRIME                       ,"p not prime"},
  {RSA_R_OAEP_DECODING_ERROR               ,"oaep decoding error"},
  {RSA_R_PADDING_CHECK_FAILED              ,"padding check failed"},
  {RSA_R_P_NOT_PRIME                       ,"p not prime"},
author	Bodo Möller <bodo@openssl.org>
	Mon, 12 Jul 1999 09:46:34 +0000 (09:46 +0000)
committer	Bodo Möller <bodo@openssl.org>
	Mon, 12 Jul 1999 09:46:34 +0000 (09:46 +0000)
apps/rsa.c		patch \| blob \| history
crypto/rsa/rsa.h		patch \| blob \| history
crypto/rsa/rsa_chk.c		patch \| blob \| history
crypto/rsa/rsa_err.c		patch \| blob \| history