1 files changed, 23 insertions, 19 deletions

diff --git a/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c b/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c
index dcccc105..99b8260c 100644
--- a/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c
+++ b/Cryptlib/OpenSSL/crypto/pkcs12/p12_key.c
@@ -72,12 +72,6 @@ extern BIO *bio_err;
 void h__dump(unsigned char *p, int len);
 #endif
 
-#ifdef OPENSSL_SYS_NETWARE
-/* Rename these functions to avoid name clashes on NetWare OS */
-# define uni2asc OPENSSL_uni2asc
-# define asc2uni OPENSSL_asc2uni
-#endif
-
 /* PKCS12 compatible key/IV generation */
 #ifndef min
 # define min(a,b) ((a) < (b) ? (a) : (b))
@@ -90,15 +84,18 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
     int ret;
     unsigned char *unipass;
     int uniplen;
+
     if (!pass) {
         unipass = NULL;
         uniplen = 0;
-    } else if (!asc2uni(pass, passlen, &unipass, &uniplen)) {
+    } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
         PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC, ERR_R_MALLOC_FAILURE);
         return 0;
     }
     ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
                              id, iter, n, out, md_type);
+    if (ret <= 0)
+        return 0;
     if (unipass) {
         OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */
         OPENSSL_free(unipass);
@@ -139,6 +136,8 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 #endif
     v = EVP_MD_block_size(md_type);
     u = EVP_MD_size(md_type);
+    if (u < 0)
+        return 0;
     D = OPENSSL_malloc(v);
     Ai = OPENSSL_malloc(u);
     B = OPENSSL_malloc(v + 1);
@@ -161,14 +160,16 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
     for (i = 0; i < Plen; i++)
         *p++ = pass[i % passlen];
     for (;;) {
-        EVP_DigestInit_ex(&ctx, md_type, NULL);
-        EVP_DigestUpdate(&ctx, D, v);
-        EVP_DigestUpdate(&ctx, I, Ilen);
-        EVP_DigestFinal_ex(&ctx, Ai, NULL);
+        if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+            || !EVP_DigestUpdate(&ctx, D, v)
+            || !EVP_DigestUpdate(&ctx, I, Ilen)
+            || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+            goto err;
         for (j = 1; j < iter; j++) {
-            EVP_DigestInit_ex(&ctx, md_type, NULL);
-            EVP_DigestUpdate(&ctx, Ai, u);
-            EVP_DigestFinal_ex(&ctx, Ai, NULL);
+            if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+                || !EVP_DigestUpdate(&ctx, Ai, u)
+                || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+                goto err;
         }
         memcpy(out, Ai, min(n, u));
         if (u >= n) {
@@ -193,20 +194,23 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
                 goto err;
             if (!BN_add(Ij, Ij, Bpl1))
                 goto err;
-            BN_bn2bin(Ij, B);
+            if (!BN_bn2bin(Ij, B))
+                goto err;
             Ijlen = BN_num_bytes(Ij);
             /* If more than 2^(v*8) - 1 cut off MSB */
             if (Ijlen > v) {
-                BN_bn2bin(Ij, B);
+                if (!BN_bn2bin(Ij, B))
+                    goto err;
                 memcpy(I + j, B + 1, v);
 #ifndef PKCS12_BROKEN_KEYGEN
                 /* If less than v bytes pad with zeroes */
             } else if (Ijlen < v) {
                 memset(I + j, 0, v - Ijlen);
-                BN_bn2bin(Ij, I + j + v - Ijlen);
+                if (!BN_bn2bin(Ij, I + j + v - Ijlen))
+                    goto err;
 #endif
-            } else
-                BN_bn2bin(Ij, I + j);
+            } else if (!BN_bn2bin(Ij, I + j))
+                goto err;
         }
     }