ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Clear OpenSSL errors on EVP failures

Browse Source
This commit is contained in:
Mark Andrews
2023-07-11 14:10:49 +10:00
parent 6df53cdb87
commit 4ea926934a
3 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/isc/hmac.c
View File

@@ -11,6 +11,7 @@
* information regarding copyright ownership.
*/
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/opensslv.h>
@@ -61,6 +62,7 @@ isc_hmac_init(isc_hmac_t *hmac, const void *key, const size_t keylen,
if (EVP_DigestSignInit(hmac, NULL, md_type, NULL, pkey) != 1) {
EVP_PKEY_free(pkey);
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}
@@ -74,6 +76,7 @@ isc_hmac_reset(isc_hmac_t *hmac) {
REQUIRE(hmac != NULL);
if (EVP_MD_CTX_reset(hmac) != 1) {
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}
@@ -89,6 +92,7 @@ isc_hmac_update(isc_hmac_t *hmac, const unsigned char *buf, const size_t len) {
}
if (EVP_DigestSignUpdate(hmac, buf, len) != 1) {
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}
@@ -105,6 +109,7 @@ isc_hmac_final(isc_hmac_t *hmac, unsigned char *digest,
size_t len = *digestlen;
if (EVP_DigestSignFinal(hmac, digest, &len) != 1) {
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}

1
lib/isc/iterated_hash.c
View File

@@ -130,6 +130,7 @@ isc_iterated_hash(unsigned char *out, const unsigned int hashalg,
return (outlength);
fail:
ERR_clear_error();
return (0);
}

4
lib/isc/md.c
View File

@@ -47,6 +47,7 @@ isc_md_init(isc_md_t *md, const isc_md_type_t *md_type) {
}
if (EVP_DigestInit_ex(md, md_type, NULL) != 1) {
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}
@@ -58,6 +59,7 @@ isc_md_reset(isc_md_t *md) {
REQUIRE(md != NULL);
if (EVP_MD_CTX_reset(md) != 1) {
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}
@@ -73,6 +75,7 @@ isc_md_update(isc_md_t *md, const unsigned char *buf, const size_t len) {
}
if (EVP_DigestUpdate(md, buf, len) != 1) {
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}
@@ -85,6 +88,7 @@ isc_md_final(isc_md_t *md, unsigned char *digest, unsigned int *digestlen) {
REQUIRE(digest != NULL);
if (EVP_DigestFinal_ex(md, digest, digestlen) != 1) {
ERR_clear_error();
return (ISC_R_CRYPTOFAILURE);
}