Switch a bit more of libcrypto to scopers There was no real organization to which files I looked at here. Mostly just bounced around. At some point we'll probably need to set up some more infrastructure though: - For functions to return UniquePtr, they need to stop being C linkage, which is something we want to do anyway. - For types to use UniquePtr, we need to get them out of malloc/free and into the realm of constructors and destructors. That probably means moving some of the helpers from ssl/internal.h to crypto/internal.h. - UniquePtr is not very good at buffers. We should probably move Array Vector, and InPlaceVector to crypto/internal.h. Change-Id: I90ebc917051d354c0e447598f382db6b22eb8813 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/78687 Auto-Submit: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/evp/evp_asn1.cc b/crypto/evp/evp_asn1.cc index eeea963..d77a3d2 100644 --- a/crypto/evp/evp_asn1.cc +++ b/crypto/evp/evp_asn1.cc
@@ -435,25 +435,24 @@ EC_KEY *d2i_EC_PUBKEY(EC_KEY **out, const uint8_t **inp, long len) { if (len < 0) { - return NULL; + return nullptr; } CBS cbs; CBS_init(&cbs, *inp, (size_t)len); - EVP_PKEY *pkey = EVP_parse_public_key(&cbs); - if (pkey == NULL) { - return NULL; + bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_public_key(&cbs)); + if (pkey == nullptr) { + return nullptr; } - EC_KEY *ec_key = EVP_PKEY_get1_EC_KEY(pkey); - EVP_PKEY_free(pkey); - if (ec_key == NULL) { - return NULL; + bssl::UniquePtr<EC_KEY> ec_key(EVP_PKEY_get1_EC_KEY(pkey.get())); + if (ec_key == nullptr) { + return nullptr; } - if (out != NULL) { + if (out != nullptr) { EC_KEY_free(*out); - *out = ec_key; + *out = ec_key.get(); } *inp = CBS_data(&cbs); - return ec_key; + return ec_key.release(); } int i2d_EC_PUBKEY(const EC_KEY *ec_key, uint8_t **outp) {
diff --git a/crypto/evp/evp_ctx.cc b/crypto/evp/evp_ctx.cc index e34dfa0..9a5f97e 100644 --- a/crypto/evp/evp_ctx.cc +++ b/crypto/evp/evp_ctx.cc
@@ -108,37 +108,36 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx) { if (!ctx->pmeth || !ctx->pmeth->copy) { - return NULL; + return nullptr; } - EVP_PKEY_CTX *ret = - reinterpret_cast<EVP_PKEY_CTX *>(OPENSSL_zalloc(sizeof(EVP_PKEY_CTX))); + bssl::UniquePtr<EVP_PKEY_CTX> ret( + reinterpret_cast<EVP_PKEY_CTX *>(OPENSSL_zalloc(sizeof(EVP_PKEY_CTX)))); if (!ret) { - return NULL; + return nullptr; } ret->pmeth = ctx->pmeth; ret->engine = ctx->engine; ret->operation = ctx->operation; - if (ctx->pkey != NULL) { + if (ctx->pkey != nullptr) { EVP_PKEY_up_ref(ctx->pkey); ret->pkey = ctx->pkey; } - if (ctx->peerkey != NULL) { + if (ctx->peerkey != nullptr) { EVP_PKEY_up_ref(ctx->peerkey); ret->peerkey = ctx->peerkey; } - if (ctx->pmeth->copy(ret, ctx) <= 0) { - ret->pmeth = NULL; - EVP_PKEY_CTX_free(ret); + if (ctx->pmeth->copy(ret.get(), ctx) <= 0) { + ret->pmeth = nullptr; OPENSSL_PUT_ERROR(EVP, ERR_LIB_EVP); - return NULL; + return nullptr; } - return ret; + return ret.release(); } EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx) { return ctx->pkey; }
diff --git a/crypto/evp/sign.cc b/crypto/evp/sign.cc index 2a7836f..e14acc4 100644 --- a/crypto/evp/sign.cc +++ b/crypto/evp/sign.cc
@@ -36,39 +36,30 @@ int EVP_SignFinal(const EVP_MD_CTX *ctx, uint8_t *sig, unsigned *out_sig_len, EVP_PKEY *pkey) { - uint8_t m[EVP_MAX_MD_SIZE]; - unsigned m_len; - int ret = 0; - EVP_MD_CTX tmp_ctx; - EVP_PKEY_CTX *pkctx = NULL; - size_t sig_len = EVP_PKEY_size(pkey); - // Ensure the final result will fit in |unsigned|. + size_t sig_len = EVP_PKEY_size(pkey); if (sig_len > UINT_MAX) { sig_len = UINT_MAX; } *out_sig_len = 0; - EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) || - !EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) { - goto out; + uint8_t m[EVP_MAX_MD_SIZE]; + unsigned m_len; + bssl::ScopedEVP_MD_CTX tmp_ctx; + if (!EVP_MD_CTX_copy_ex(tmp_ctx.get(), ctx) || + !EVP_DigestFinal_ex(tmp_ctx.get(), m, &m_len)) { + return 0; } - EVP_MD_CTX_cleanup(&tmp_ctx); - pkctx = EVP_PKEY_CTX_new(pkey, NULL); + bssl::UniquePtr<EVP_PKEY_CTX> pkctx(EVP_PKEY_CTX_new(pkey, nullptr)); if (!pkctx || // - !EVP_PKEY_sign_init(pkctx) || - !EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) || - !EVP_PKEY_sign(pkctx, sig, &sig_len, m, m_len)) { - goto out; + !EVP_PKEY_sign_init(pkctx.get()) || + !EVP_PKEY_CTX_set_signature_md(pkctx.get(), ctx->digest) || + !EVP_PKEY_sign(pkctx.get(), sig, &sig_len, m, m_len)) { + return 0; } - *out_sig_len = (unsigned)sig_len; - ret = 1; - -out: - EVP_PKEY_CTX_free(pkctx); - return ret; + *out_sig_len = static_cast<unsigned>(sig_len); + return 1; } int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) { @@ -87,28 +78,18 @@ EVP_PKEY *pkey) { uint8_t m[EVP_MAX_MD_SIZE]; unsigned m_len; - int ret = 0; - EVP_MD_CTX tmp_ctx; - EVP_PKEY_CTX *pkctx = NULL; - - EVP_MD_CTX_init(&tmp_ctx); - if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx) || - !EVP_DigestFinal_ex(&tmp_ctx, m, &m_len)) { - EVP_MD_CTX_cleanup(&tmp_ctx); - goto out; + bssl::ScopedEVP_MD_CTX tmp_ctx; + if (!EVP_MD_CTX_copy_ex(tmp_ctx.get(), ctx) || + !EVP_DigestFinal_ex(tmp_ctx.get(), m, &m_len)) { + return 0; } - EVP_MD_CTX_cleanup(&tmp_ctx); - pkctx = EVP_PKEY_CTX_new(pkey, NULL); + bssl::UniquePtr<EVP_PKEY_CTX> pkctx(EVP_PKEY_CTX_new(pkey, nullptr)); if (!pkctx || - !EVP_PKEY_verify_init(pkctx) || - !EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest)) { - goto out; + !EVP_PKEY_verify_init(pkctx.get()) || + !EVP_PKEY_CTX_set_signature_md(pkctx.get(), ctx->digest)) { + return 0; } - ret = EVP_PKEY_verify(pkctx, sig, sig_len, m, m_len); - -out: - EVP_PKEY_CTX_free(pkctx); - return ret; + return EVP_PKEY_verify(pkctx.get(), sig, sig_len, m, m_len); }