From 46f66eae9471c0218f79bcb81b6b8678d1ca5069 Mon Sep 17 00:00:00 2001
From: Doug Hogan <hogand@users.noreply.github.com>
Date: Thu, 3 Jan 2019 23:58:02 -0800
Subject: Revamp aes_ctr_stream_init()

* Add error handling for all OpenSSL calls.
---
 lib/crypto/c_src/aes.c | 56 ++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 41 insertions(+), 15 deletions(-)

(limited to 'lib/crypto/c_src/aes.c')

diff --git a/lib/crypto/c_src/aes.c b/lib/crypto/c_src/aes.c
index 51c2266987..624e9427fb 100644
--- a/lib/crypto/c_src/aes.c
+++ b/lib/crypto/c_src/aes.c
@@ -173,30 +173,56 @@ ERL_NIF_TERM aes_ige_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv
 ERL_NIF_TERM aes_ctr_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {/* (Key, IVec) */
     ErlNifBinary     key_bin, ivec_bin;
-    struct evp_cipher_ctx *ctx;
+    struct evp_cipher_ctx *ctx = NULL;
     const EVP_CIPHER *cipher;
     ERL_NIF_TERM     ret;
 
-    if (!enif_inspect_iolist_as_binary(env, argv[0], &key_bin)
-        || !enif_inspect_binary(env, argv[1], &ivec_bin)
-        || ivec_bin.size != 16) {
-        return enif_make_badarg(env);
-    }
+    if (argc != 2)
+        goto bad_arg;
+    if (!enif_inspect_iolist_as_binary(env, argv[0], &key_bin))
+        goto bad_arg;
+    if (!enif_inspect_binary(env, argv[1], &ivec_bin))
+        goto bad_arg;
+    if (ivec_bin.size != 16)
+        goto bad_arg;
 
     switch (key_bin.size)
     {
-    case 16: cipher = EVP_aes_128_ctr(); break;
-    case 24: cipher = EVP_aes_192_ctr(); break;
-    case 32: cipher = EVP_aes_256_ctr(); break;
-    default: return enif_make_badarg(env);
+    case 16:
+        cipher = EVP_aes_128_ctr();
+        break;
+    case 24:
+        cipher = EVP_aes_192_ctr();
+        break;
+    case 32:
+        cipher = EVP_aes_256_ctr();
+        break;
+    default:
+        goto bad_arg;
     }
 
-    ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx));
-    ctx->ctx = EVP_CIPHER_CTX_new();
-    EVP_CipherInit_ex(ctx->ctx, cipher, NULL,
-                      key_bin.data, ivec_bin.data, 1);
-    EVP_CIPHER_CTX_set_padding(ctx->ctx, 0);
+    if ((ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
+        goto err;
+    if ((ctx->ctx = EVP_CIPHER_CTX_new()) == NULL)
+        goto err;
+
+    if (EVP_CipherInit_ex(ctx->ctx, cipher, NULL,
+                          key_bin.data, ivec_bin.data, 1) != 1)
+        goto err;
+
+    if (EVP_CIPHER_CTX_set_padding(ctx->ctx, 0) != 1)
+        goto err;
+
     ret = enif_make_resource(env, ctx);
+    goto done;
+
+ bad_arg:
+    return enif_make_badarg(env);
+
+ err:
+    ret = enif_make_badarg(env);
+
+ done:
     enif_release_resource(ctx);
     return ret;
 }
-- 
cgit v1.2.3