1 files changed, 26 insertions, 11 deletions

diff --git a/Cryptlib/OpenSSL/crypto/evp/evp_key.c b/Cryptlib/OpenSSL/crypto/evp/evp_key.c
index 924e12fe..71fa627b 100644
--- a/Cryptlib/OpenSSL/crypto/evp/evp_key.c
+++ b/Cryptlib/OpenSSL/crypto/evp/evp_key.c
@@ -91,6 +91,12 @@ char *EVP_get_pw_prompt(void)
  */
 int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
 {
+    return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
+}
+
+int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
+                           int verify)
+{
     int ret;
     char buff[BUFSIZ];
     UI *ui;
@@ -98,11 +104,11 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
     if ((prompt == NULL) && (prompt_string[0] != '\0'))
         prompt = prompt_string;
     ui = UI_new();
-    UI_add_input_string(ui, prompt, 0, buf, 0,
+    UI_add_input_string(ui, prompt, 0, buf, min,
                         (len >= BUFSIZ) ? BUFSIZ - 1 : len);
     if (verify)
         UI_add_verify_string(ui, prompt, 0,
-                             buff, 0, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
+                             buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
                              buf);
     ret = UI_process(ui);
     UI_free(ui);
@@ -119,7 +125,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
     unsigned char md_buf[EVP_MAX_MD_SIZE];
     int niv, nkey, addmd = 0;
     unsigned int mds = 0, i;
-
+    int rv = 0;
     nkey = type->key_len;
     niv = type->iv_len;
     OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
@@ -133,16 +139,23 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
         if (!EVP_DigestInit_ex(&c, md, NULL))
             return 0;
         if (addmd++)
-            EVP_DigestUpdate(&c, &(md_buf[0]), mds);
-        EVP_DigestUpdate(&c, data, datal);
+            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+                goto err;
+        if (!EVP_DigestUpdate(&c, data, datal))
+            goto err;
         if (salt != NULL)
-            EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
-        EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds);
+            if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
+                goto err;
+        if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+            goto err;
 
         for (i = 1; i < (unsigned int)count; i++) {
-            EVP_DigestInit_ex(&c, md, NULL);
-            EVP_DigestUpdate(&c, &(md_buf[0]), mds);
-            EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds);
+            if (!EVP_DigestInit_ex(&c, md, NULL))
+                goto err;
+            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+                goto err;
+            if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+                goto err;
         }
         i = 0;
         if (nkey) {
@@ -172,7 +185,9 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
         if ((nkey == 0) && (niv == 0))
             break;
     }
+    rv = type->key_len;
+ err:
     EVP_MD_CTX_cleanup(&c);
     OPENSSL_cleanse(&(md_buf[0]), EVP_MAX_MD_SIZE);
-    return (type->key_len);
+    return rv;
 }