diff options
author | Doug Hogan <[email protected]> | 2019-01-04 00:00:28 -0800 |
---|---|---|
committer | Doug Hogan <[email protected]> | 2019-01-08 01:11:58 -0800 |
commit | 1e792cb2f5c29413476f5149fb1e5bd677cfe1ea (patch) | |
tree | a54c0796a2ab75e8f1828a15a3ab3ca56f7cf46e | |
parent | 46f66eae9471c0218f79bcb81b6b8678d1ca5069 (diff) | |
download | otp-1e792cb2f5c29413476f5149fb1e5bd677cfe1ea.tar.gz otp-1e792cb2f5c29413476f5149fb1e5bd677cfe1ea.tar.bz2 otp-1e792cb2f5c29413476f5149fb1e5bd677cfe1ea.zip |
Revamp aes_ctr_stream_encrypt()
* Add error handling for all OpenSSL and Erlang calls.
-rw-r--r-- | lib/crypto/c_src/aes.c | 44 |
1 files changed, 33 insertions, 11 deletions
diff --git a/lib/crypto/c_src/aes.c b/lib/crypto/c_src/aes.c index 624e9427fb..530b64fea0 100644 --- a/lib/crypto/c_src/aes.c +++ b/lib/crypto/c_src/aes.c @@ -229,26 +229,48 @@ ERL_NIF_TERM aes_ctr_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar ERL_NIF_TERM aes_ctr_stream_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) {/* (Context, Data) */ - struct evp_cipher_ctx *ctx, *new_ctx; + struct evp_cipher_ctx *ctx = NULL, *new_ctx = NULL; ErlNifBinary data_bin; ERL_NIF_TERM ret, cipher_term; unsigned char *out; int outl = 0; - if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx) - || !enif_inspect_iolist_as_binary(env, argv[1], &data_bin)) { - return enif_make_badarg(env); - } - new_ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx)); - new_ctx->ctx = EVP_CIPHER_CTX_new(); - EVP_CIPHER_CTX_copy(new_ctx->ctx, ctx->ctx); - out = enif_make_new_binary(env, data_bin.size, &cipher_term); - EVP_CipherUpdate(new_ctx->ctx, out, &outl, data_bin.data, data_bin.size); + if (argc != 2) + goto bad_arg; + if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx)) + goto bad_arg; + if (!enif_inspect_iolist_as_binary(env, argv[1], &data_bin)) + goto bad_arg; + if (data_bin.size > INT_MAX) + goto bad_arg; + + if ((new_ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL) + goto err; + if ((new_ctx->ctx = EVP_CIPHER_CTX_new()) == NULL) + goto err; + + if (EVP_CIPHER_CTX_copy(new_ctx->ctx, ctx->ctx) != 1) + goto err; + + if ((out = enif_make_new_binary(env, data_bin.size, &cipher_term)) == NULL) + goto err; + + if (EVP_CipherUpdate(new_ctx->ctx, out, &outl, data_bin.data, (int)data_bin.size) != 1) + goto err; ASSERT(outl == data_bin.size); ret = enif_make_tuple2(env, enif_make_resource(env, new_ctx), cipher_term); - enif_release_resource(new_ctx); CONSUME_REDS(env,data_bin); + goto done; + + bad_arg: + return enif_make_badarg(env); + + err: + ret = enif_make_badarg(env); + + done: + enif_release_resource(new_ctx); return ret; } |