Clear OpenSSL errors on EVP_MD_CTX_create failures

author Mark Andrews <marka@isc.org>

Tue, 11 Jul 2023 04:00:29 +0000 (14:00 +1000)

committer Mark Andrews <marka@isc.org>

Fri, 1 Sep 2023 02:01:19 +0000 (12:01 +1000)
author Mark Andrews <marka@isc.org>
Tue, 11 Jul 2023 04:00:29 +0000 (14:00 +1000)
committer Mark Andrews <marka@isc.org>
Fri, 1 Sep 2023 02:01:19 +0000 (12:01 +1000)
diff --git a/lib/dns/opensslecdsa_link.c b/lib/dns/opensslecdsa_link.c

index 0c6dd0200f16b0c98708a41e442ceb28b51c3f9b..0dcbc8544efb5718174254db313fb21c53755b9d 100644 (file)
--- a/lib/dns/opensslecdsa_link.c
+++ b/lib/dns/opensslecdsa_link.c
@@ -571,7 +571,7 @@ opensslecdsa_createctx(dst_key_t *key, dst_context_t *dctx) {
  
         evp_md_ctx = EVP_MD_CTX_create();
         if (evp_md_ctx == NULL) {
-               DST_RET(ISC_R_NOMEMORY);
+               DST_RET(dst__openssl_toresult(ISC_R_NOMEMORY));
         }
         if (dctx->key->key_alg == DST_ALG_ECDSA256) {
                 type = EVP_sha256();
diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c

index 79cae64add56f14bf906e519c4dd51945563aef5..384ee2a9631a7b3cb60254e3885eb4a82bb06a41 100644 (file)
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -196,7 +196,7 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
  
         evp_md_ctx = EVP_MD_CTX_create();
         if (evp_md_ctx == NULL) {
-               return (ISC_R_NOMEMORY);
+               return (dst__openssl_toresult(ISC_R_NOMEMORY));
         }
  
         switch (dctx->key->key_alg) {
diff --git a/util/gen-eddsa-vectors.c b/util/gen-eddsa-vectors.c

index 12faa3600845ca2349a4a3e845ea3ef23a61e8e8..023951cd4cc2a3e9358f3e139338a606a6f346da 100644 (file)
--- a/util/gen-eddsa-vectors.c
+++ b/util/gen-eddsa-vectors.c
@@ -39,17 +39,20 @@ main() {
         EVP_MD_CTX *evp_md_ctx = EVP_MD_CTX_create();
  
         if (ctx == NULL || evp_md_ctx == NULL) {
+               ERR_clear_error();
                 return (1);
         }
  
         if (EVP_PKEY_keygen_init(ctx) != 1 ||
             EVP_PKEY_keygen(ctx, &pkey) != 1 || pkey == NULL)
         {
+               ERR_clear_error();
                 return (1);
         }
  
         bytes = sizeof(buf);
         if (EVP_PKEY_get_raw_public_key(pkey, buf, &bytes) != 1) {
+               ERR_clear_error();
                 return (1);
         }
  
@@ -64,6 +67,7 @@ main() {
             EVP_DigestSign(evp_md_ctx, buf, &bytes,
                            (const unsigned char *)"test", 4) != 1)
         {
+               ERR_clear_error();
                 return (1);
         }
  
@@ -80,17 +84,20 @@ main() {
         ctx = EVP_PKEY_CTX_new_id(NID_ED448, NULL);
         evp_md_ctx = EVP_MD_CTX_create();
         if (ctx == NULL || evp_md_ctx == NULL) {
+               ERR_clear_error();
                 return (1);
         }
  
         if (EVP_PKEY_keygen_init(ctx) != 1 ||
             EVP_PKEY_keygen(ctx, &pkey) != 1 || pkey == NULL)
         {
+               ERR_clear_error();
                 return (1);
         }
  
         bytes = sizeof(buf);
         if (EVP_PKEY_get_raw_public_key(pkey, buf, &bytes) != 1) {
+               ERR_clear_error();
                 return (1);
         }
  
@@ -105,6 +112,7 @@ main() {
             EVP_DigestSign(evp_md_ctx, buf, &bytes,
                            (const unsigned char *)"test", 4) != 1)
         {
+               ERR_clear_error();
                 return (1);
         }
  
diff --git a/util/gen-rsa-sha-vectors.c b/util/gen-rsa-sha-vectors.c

index 7f76036b84cb43b680c5b169ef1b5c36e8e3e86d..4d4d5137a5135d6fd998be9606726beaf127abfd 100644 (file)
--- a/util/gen-rsa-sha-vectors.c
+++ b/util/gen-rsa-sha-vectors.c
@@ -51,6 +51,7 @@ main() {
         unsigned int siglen = sizeof(buf);
  
         if (e == NULL || n == NULL || ctx == NULL || evp_md_ctx == NULL) {
+               ERR_clear_error();
                 return (1);
         }
  
@@ -62,11 +63,13 @@ main() {
             EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e) != 1 ||
             EVP_PKEY_keygen(ctx, &pkey) != 1 || pkey == NULL)
         {
+               ERR_clear_error();
                 return (1);
         }
  
         EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &n);
         if (n == NULL) {
+               ERR_clear_error();
                 return (1);
         }
  
@@ -90,6 +93,7 @@ main() {
             EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 ||
             EVP_SignFinal(evp_md_ctx, buf, &siglen, pkey) != 1)
         {
+               ERR_clear_error();
                 return (1);
         }
         bytes = siglen;
@@ -103,6 +107,7 @@ main() {
             EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 ||
             EVP_SignFinal(evp_md_ctx, buf, &siglen, pkey) != 1)
         {
+               ERR_clear_error();
                 return (1);
         }
         bytes = siglen;
@@ -116,6 +121,7 @@ main() {
             EVP_DigestUpdate(evp_md_ctx, "test", 4) != 1 ||
             EVP_SignFinal(evp_md_ctx, buf, &siglen, pkey) != 1)
         {
+               ERR_clear_error();
                 return (1);
         }
         bytes = siglen;
author	Mark Andrews <marka@isc.org>
	Tue, 11 Jul 2023 04:00:29 +0000 (14:00 +1000)
committer	Mark Andrews <marka@isc.org>
	Fri, 1 Sep 2023 02:01:19 +0000 (12:01 +1000)
lib/dns/opensslecdsa_link.c		patch \| blob \| blame \| history
lib/dns/opensslrsa_link.c		patch \| blob \| blame \| history
util/gen-eddsa-vectors.c		patch \| blob \| blame \| history
util/gen-rsa-sha-vectors.c		patch \| blob \| blame \| history