mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 10:10:06 +00:00
Code Issues Releases Wiki Activity

Add missing "Design by Contract" REQUIREs

Browse Source
This commit is contained in:
Mark Andrews 2023-08-30 15:31:34 +10:00
parent 936b73cb57
commit b442ae8d3e
1 changed files with 29 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
lib/dns/opensslrsa_link.c
View File

@ -168,6 +168,7 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
const EVP_MD *type = NULL; const EVP_MD *type = NULL;
UNUSED(key); UNUSED(key);
REQUIRE(dctx != NULL && dctx->key != NULL);
REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg)); REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg));
/* /*
@ -229,10 +230,13 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
static void static void
opensslrsa_destroyctx(dst_context_t *dctx) { opensslrsa_destroyctx(dst_context_t *dctx) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; EVP_MD_CTX *evp_md_ctx = NULL;
REQUIRE(dctx != NULL && dctx->key != NULL);
REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg)); REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg));
evp_md_ctx = dctx->ctxdata.evp_md_ctx;
if (evp_md_ctx != NULL) { if (evp_md_ctx != NULL) {
EVP_MD_CTX_destroy(evp_md_ctx); EVP_MD_CTX_destroy(evp_md_ctx);
dctx->ctxdata.evp_md_ctx = NULL; dctx->ctxdata.evp_md_ctx = NULL;
@ -241,10 +245,13 @@ opensslrsa_destroyctx(dst_context_t *dctx) {
static isc_result_t static isc_result_t
opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) { opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; EVP_MD_CTX *evp_md_ctx = NULL;
REQUIRE(dctx != NULL && dctx->key != NULL);
REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg)); REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg));
evp_md_ctx = dctx->ctxdata.evp_md_ctx;
if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) { if (!EVP_DigestUpdate(evp_md_ctx, data->base, data->length)) {
return (dst__openssl_toresult3( return (dst__openssl_toresult3(
dctx->category, "EVP_DigestUpdate", ISC_R_FAILURE)); dctx->category, "EVP_DigestUpdate", ISC_R_FAILURE));
@ -254,14 +261,19 @@ opensslrsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
static isc_result_t static isc_result_t
opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) { opensslrsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
dst_key_t *key = dctx->key; dst_key_t *key = NULL;
isc_region_t r; isc_region_t r;
unsigned int siglen = 0; unsigned int siglen = 0;
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; EVP_MD_CTX *evp_md_ctx = NULL;
EVP_PKEY *pkey = key->keydata.pkeypair.priv; EVP_PKEY *pkey = NULL;
REQUIRE(dctx != NULL && dctx->key != NULL);
REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg)); REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg));
key = dctx->key;
evp_md_ctx = dctx->ctxdata.evp_md_ctx;
pkey = key->keydata.pkeypair.priv;
isc_buffer_availableregion(sig, &r); isc_buffer_availableregion(sig, &r);
if (r.length < (unsigned int)EVP_PKEY_size(pkey)) { if (r.length < (unsigned int)EVP_PKEY_size(pkey)) {
@ -305,13 +317,18 @@ opensslrsa_check_exponent_bits(EVP_PKEY *pkey, int maxbits) {
static isc_result_t static isc_result_t
opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) { opensslrsa_verify2(dst_context_t *dctx, int maxbits, const isc_region_t *sig) {
dst_key_t *key = dctx->key; dst_key_t *key = NULL;
int status = 0; int status = 0;
EVP_MD_CTX *evp_md_ctx = dctx->ctxdata.evp_md_ctx; EVP_MD_CTX *evp_md_ctx = NULL;
EVP_PKEY *pkey = key->keydata.pkeypair.pub; EVP_PKEY *pkey = NULL;
REQUIRE(dctx != NULL && dctx->key != NULL);
REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg)); REQUIRE(opensslrsa_valid_key_alg(dctx->key->key_alg));
key = dctx->key;
evp_md_ctx = dctx->ctxdata.evp_md_ctx;
pkey = key->keydata.pkeypair.pub;
if (maxbits != 0 && !opensslrsa_check_exponent_bits(pkey, maxbits)) { if (maxbits != 0 && !opensslrsa_check_exponent_bits(pkey, maxbits)) {
return (DST_R_VERIFYFAILURE); return (DST_R_VERIFYFAILURE);
} }
@ -902,13 +919,16 @@ opensslrsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
dst_private_t priv; dst_private_t priv;
isc_result_t ret; isc_result_t ret;
int i; int i;
isc_mem_t *mctx = key->mctx; isc_mem_t *mctx = NULL;
const char *engine = NULL, *label = NULL; const char *engine = NULL, *label = NULL;
EVP_PKEY *pkey = NULL; EVP_PKEY *pkey = NULL;
rsa_components_t c = { .bnfree = true }; rsa_components_t c = { .bnfree = true };
REQUIRE(key != NULL);
REQUIRE(opensslrsa_valid_key_alg(key->key_alg)); REQUIRE(opensslrsa_valid_key_alg(key->key_alg));
mctx = key->mctx;
/* read private key file */ /* read private key file */
ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv); ret = dst__privstruct_parse(key, DST_ALG_RSA, lexer, mctx, &priv);
if (ret != ISC_R_SUCCESS) { if (ret != ISC_R_SUCCESS) {