X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_ec_keyx.c;h=8c2af2affef629a0ae5677bd8a505b5a61bd52cd;hb=9a58917e768502fd6111eb32006a954b864f4495;hp=2dd0d3ad11939bb797ed93e69cc8b56f1187e8a9;hpb=cba16944bff9d8c5dcf37be641822cd3de6d2ec1;p=openssl-gost%2Fengine.git

diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c
index 2dd0d3a..8c2af2a 100644
--- a/gost_ec_keyx.c
+++ b/gost_ec_keyx.c
@@ -8,6 +8,7 @@
  *          Requires OpenSSL 0.9.9 for compilation                    *
  **********************************************************************/
 #include <openssl/evp.h>
+#include <openssl/err.h>
 #include <openssl/rand.h>
 #include <string.h>
 #include <openssl/objects.h>
@@ -27,15 +28,15 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size,
     EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key));
     int i;
     BN_CTX *ctx = BN_CTX_new();
-    EVP_MD_CTX mdctx;
-    const EVP_MD *md;
+    EVP_MD_CTX *mdctx = NULL;
+    const EVP_MD *md = NULL;
     int effective_dgst_nid = (dgst_nid == NID_id_GostR3411_2012_512) ?
         NID_id_GostR3411_2012_256 : dgst_nid;
     int buf_len = (dgst_nid == NID_id_GostR3411_2012_512) ? 128 : 64,
         half_len = buf_len >> 1;
 
     if (!ctx) {
-        GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_NO_MEMORY);
+        GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
         return 0;
     }
     BN_CTX_start(ctx);
@@ -43,7 +44,7 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size,
     databuf = OPENSSL_malloc(buf_len);
     hashbuf = OPENSSL_malloc(buf_len);
     if (!databuf || !hashbuf) {
-        GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_MALLOC_FAILURE);
+        GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
         goto err;
     }
 
@@ -60,7 +61,11 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size,
     Y = BN_CTX_get(ctx);
     EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx);
     BN_mod_mul(p, key, UKM, order, ctx);
-    EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx);
+    if (!EC_POINT_mul
+        (EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx)) {
+        GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_ERROR_POINT_MUL);
+        goto err;
+    }
     EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key),
                                         pnt, X, Y, ctx);
     /*
@@ -72,20 +77,26 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size,
     for (i = 0; i < buf_len; i++) {
         hashbuf[buf_len - 1 - i] = databuf[i];
     }
-    EVP_MD_CTX_init(&mdctx);
-    EVP_DigestInit_ex(&mdctx, md, NULL);
-    EVP_DigestUpdate(&mdctx, hashbuf, buf_len);
-    EVP_DigestFinal_ex(&mdctx, shared_key, NULL);
-    EVP_MD_CTX_cleanup(&mdctx);
+    mdctx = EVP_MD_CTX_new();
+    if (!mdctx) {
+        GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    EVP_MD_CTX_init(mdctx);
+    EVP_DigestInit_ex(mdctx, md, NULL);
+    EVP_DigestUpdate(mdctx, hashbuf, buf_len);
+    EVP_DigestFinal_ex(mdctx, shared_key, NULL);
  err:
     BN_free(UKM);
     BN_CTX_end(ctx);
     BN_CTX_free(ctx);
+
     EC_POINT_free(pnt);
-    if (databuf)
-        OPENSSL_free(databuf);
-    if (hashbuf)
-        OPENSSL_free(hashbuf);
+
+    EVP_MD_CTX_free(mdctx);
+
+    OPENSSL_free(databuf);
+    OPENSSL_free(hashbuf);
 
     return 32;
 }
@@ -163,8 +174,7 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     } else if (out) {
 
         if (RAND_bytes(ukm, 8) <= 0) {
-            GOSTerr(GOST_F_PKEY_GOST_ECCP_ENCRYPT,
-                    GOST_R_RANDOM_GENERATOR_FAILURE);
+            GOSTerr(GOST_F_PKEY_GOST_ECCP_ENCRYPT, GOST_R_RNG_ERROR);
             return 0;
         }
     }
@@ -189,7 +199,7 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     }
     if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS)
         && param == gost_cipher_list) {
-        param = gost_cipher_list + 1;
+        param = gost_cipher_list;
     }
     if (out) {
         int dgst_nid = NID_undef;
@@ -229,7 +239,7 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     }
     ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
     gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
-    if (key_is_ephemeral && sec_key)
+    if (key_is_ephemeral)
         EVP_PKEY_free(sec_key);
     if (!key_is_ephemeral) {
         /* Set control "public key from client certificate used" */
@@ -244,7 +254,7 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
     GOST_KEY_TRANSPORT_free(gkt);
     return ret;
  err:
-    if (key_is_ephemeral && sec_key)
+    if (key_is_ephemeral)
         EVP_PKEY_free(sec_key);
     GOST_KEY_TRANSPORT_free(gkt);
     return -1;
@@ -331,9 +341,7 @@ int pkey_GOST_ECcp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
 
     ret = 1;
  err:
-    if (eph_key)
-        EVP_PKEY_free(eph_key);
-    if (gkt)
-        GOST_KEY_TRANSPORT_free(gkt);
+    EVP_PKEY_free(eph_key);
+    GOST_KEY_TRANSPORT_free(gkt);
     return ret;
 }