aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDoug Hogan <[email protected]>2019-01-03 18:14:55 -0800
committerDoug Hogan <[email protected]>2019-01-08 00:08:22 -0800
commit10665143d538b0ed344d172655e174713da3a336 (patch)
treee5bd1571863909ba2296c46b03fb0237a20f2425
parentbf063a86501f47cbfa89475aefe5bfacde56a3c9 (diff)
downloadotp-10665143d538b0ed344d172655e174713da3a336.tar.gz
otp-10665143d538b0ed344d172655e174713da3a336.tar.bz2
otp-10665143d538b0ed344d172655e174713da3a336.zip
Revamp chacha20_stream_crypt()
* Check return values on all OpenSSL and Erlang calls. * Remove trailing semicolon after function definition.
-rw-r--r--lib/crypto/c_src/chacha20.c45
1 files changed, 33 insertions, 12 deletions
diff --git a/lib/crypto/c_src/chacha20.c b/lib/crypto/c_src/chacha20.c
index 587c0cea53..03b8589524 100644
--- a/lib/crypto/c_src/chacha20.c
+++ b/lib/crypto/c_src/chacha20.c
@@ -74,28 +74,49 @@ ERL_NIF_TERM chacha20_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM a
ERL_NIF_TERM chacha20_stream_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* (State, Data) */
#if defined(HAVE_CHACHA20)
- struct evp_cipher_ctx *ctx, *new_ctx;
+ struct evp_cipher_ctx *ctx = NULL, *new_ctx = NULL;
ErlNifBinary data_bin;
ERL_NIF_TERM ret, cipher_term;
unsigned char *out;
int outl = 0;
- if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx)
- || !enif_inspect_iolist_as_binary(env, argv[1], &data_bin)) {
- return enif_make_badarg(env);
- }
- new_ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx));
- new_ctx->ctx = EVP_CIPHER_CTX_new();
- EVP_CIPHER_CTX_copy(new_ctx->ctx, ctx->ctx);
- out = enif_make_new_binary(env, data_bin.size, &cipher_term);
- EVP_CipherUpdate(new_ctx->ctx, out, &outl, data_bin.data, data_bin.size);
+ if (argc != 2)
+ goto bad_arg;
+ if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx))
+ goto bad_arg;
+ if (!enif_inspect_iolist_as_binary(env, argv[1], &data_bin))
+ goto bad_arg;
+ if (data_bin.size > INT_MAX)
+ goto bad_arg;
+
+ if ((new_ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
+ goto err;
+ if ((new_ctx->ctx = EVP_CIPHER_CTX_new()) == NULL)
+ goto err;
+
+ if (EVP_CIPHER_CTX_copy(new_ctx->ctx, ctx->ctx) != 1)
+ goto err;
+ if ((out = enif_make_new_binary(env, data_bin.size, &cipher_term)) == NULL)
+ goto err;
+ if (EVP_CipherUpdate(new_ctx->ctx, out, &outl, data_bin.data, (int)data_bin.size) != 1)
+ goto err;
ASSERT(outl == data_bin.size);
ret = enif_make_tuple2(env, enif_make_resource(env, new_ctx), cipher_term);
+ CONSUME_REDS(env, data_bin);
+ goto done;
+
+ bad_arg:
+ return enif_make_badarg(env);
+
+ err:
+ ret = enif_make_badarg(env);
+
+ done:
enif_release_resource(new_ctx);
- CONSUME_REDS(env,data_bin);
return ret;
+
#else
return enif_raise_exception(env, atom_notsup);
#endif
-};
+}