diff options
| author | David Benjamin <davidben@chromium.org> | 2015-02-11 01:17:41 -0500 |
|---|---|---|
| committer | Adam Langley <agl@chromium.org> | 2015-02-11 15:14:46 -0800 |
| commit | 6eb000dbeea7e652921097eb324c0893ad685b16 (patch) | |
| tree | 8df47893b3a8c70c95a2bccdb919b3e0884e850c | |
| parent | 9ab14e00d5f9a1c9847137f1d6f776e18f59048b (diff) | |
| download | boringssl-6eb000dbeea7e652921097eb324c0893ad685b16.zip boringssl-6eb000dbeea7e652921097eb324c0893ad685b16.tar.gz boringssl-6eb000dbeea7e652921097eb324c0893ad685b16.tar.bz2 | |
Add in missing curly braces part 3.
Everything else.
Change-Id: Iac02b144465b4e7b6d69ea22ff2aaf52695ae732
| -rw-r--r-- | crypto/evp/evp.c | 6 | ||||
| -rw-r--r-- | crypto/evp/p_ec.c | 3 | ||||
| -rw-r--r-- | crypto/evp/p_ec_asn1.c | 53 | ||||
| -rw-r--r-- | crypto/evp/p_rsa.c | 3 | ||||
| -rw-r--r-- | crypto/evp/p_rsa_asn1.c | 18 | ||||
| -rw-r--r-- | crypto/modes/cbc.c | 6 | ||||
| -rw-r--r-- | crypto/modes/ctr.c | 9 | ||||
| -rw-r--r-- | crypto/modes/gcm.c | 21 | ||||
| -rw-r--r-- | crypto/pkcs8/pkcs8.c | 44 | ||||
| -rw-r--r-- | crypto/poly1305/poly1305.c | 24 | ||||
| -rw-r--r-- | crypto/poly1305/poly1305_arm.c | 33 | ||||
| -rw-r--r-- | crypto/poly1305/poly1305_vec.c | 15 | ||||
| -rw-r--r-- | crypto/rand/urandom.c | 3 | ||||
| -rw-r--r-- | crypto/rc4/rc4.c | 24 | ||||
| -rw-r--r-- | crypto/rsa/blinding.c | 12 | ||||
| -rw-r--r-- | crypto/rsa/padding.c | 3 | ||||
| -rw-r--r-- | crypto/rsa/rsa.c | 30 | ||||
| -rw-r--r-- | crypto/rsa/rsa_impl.c | 84 | ||||
| -rw-r--r-- | crypto/rsa/rsa_test.c | 3 | ||||
| -rw-r--r-- | crypto/sha/sha1.c | 3 | ||||
| -rw-r--r-- | crypto/sha/sha512.c | 24 | ||||
| -rw-r--r-- | crypto/time_support.c | 9 | ||||
| -rw-r--r-- | ssl/d1_clnt.c | 3 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 6 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 3 | ||||
| -rw-r--r-- | ssl/ssl_cert.c | 3 | ||||
| -rw-r--r-- | ssl/ssl_txt.c | 3 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 3 |
28 files changed, 291 insertions, 160 deletions
diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c index 8a1d513..4ba64b7 100644 --- a/crypto/evp/evp.c +++ b/crypto/evp/evp.c @@ -142,8 +142,9 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) { /* Compare parameters if the algorithm has them */ if (a->ameth->param_cmp) { ret = a->ameth->param_cmp(a, b); - if (ret <= 0) + if (ret <= 0) { return ret; + } } if (a->ameth->pub_cmp) { @@ -246,8 +247,9 @@ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const uint8_t *mac_key, } merr: - if (mac_ctx) + if (mac_ctx) { EVP_PKEY_CTX_free(mac_ctx); + } return ret; } diff --git a/crypto/evp/p_ec.c b/crypto/evp/p_ec.c index c274131..f45989a 100644 --- a/crypto/evp/p_ec.c +++ b/crypto/evp/p_ec.c @@ -212,8 +212,9 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2) { OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_CURVE); return 0; } - if (dctx->gen_group) + if (dctx->gen_group) { EC_GROUP_free(dctx->gen_group); + } dctx->gen_group = group; return 1; diff --git a/crypto/evp/p_ec_asn1.c b/crypto/evp/p_ec_asn1.c index 48a175b..d2d6792 100644 --- a/crypto/evp/p_ec_asn1.c +++ b/crypto/evp/p_ec_asn1.c @@ -201,8 +201,9 @@ static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { return 1; err: - if (eckey) + if (eckey) { EC_KEY_free(eckey); + } return 0; } @@ -235,8 +236,9 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { eckey = eckey_type2param(ptype, pval); - if (!eckey) + if (!eckey) { goto ecliberr; + } /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) { @@ -282,8 +284,9 @@ static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { ecliberr: OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB); ecerr: - if (eckey) + if (eckey) { EC_KEY_free(eckey); + } return 0; } @@ -435,10 +438,12 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { if (ktype == 2) { priv_key = EC_KEY_get0_private_key(x); - if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len) + if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len) { buf_len = i; - } else + } + } else { priv_key = NULL; + } if (ktype > 0) { buf_len += 10; @@ -447,24 +452,27 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { goto err; } } - if (ktype == 2) + if (ktype == 2) { ecstr = "Private-Key"; - else if (ktype == 1) + } else if (ktype == 1) { ecstr = "Public-Key"; - else + } else { ecstr = "ECDSA-Parameters"; + } - if (!BIO_indent(bp, off, 128)) - goto err; - if ((order = BN_new()) == NULL) - goto err; - if (!EC_GROUP_get_order(group, order, NULL)) + if (!BIO_indent(bp, off, 128)) { goto err; - if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0) + } + order = BN_new(); + if (order == NULL || !EC_GROUP_get_order(group, order, NULL) || + BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0) { goto err; + } - if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key, buffer, off)) + if ((priv_key != NULL) && + !ASN1_bn_print(bp, "priv:", priv_key, buffer, off)) { goto err; + } if (pub_key_bytes != NULL) { BIO_hexdump(bp, pub_key_bytes, pub_key_bytes_len, off); } @@ -475,16 +483,21 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { ret = 1; err: - if (!ret) + if (!ret) { OPENSSL_PUT_ERROR(EVP, do_EC_KEY_print, reason); - if (pub_key_bytes) + } + if (pub_key_bytes) { OPENSSL_free(pub_key_bytes); - if (order) + } + if (order) { BN_free(order); - if (ctx) + } + if (ctx) { BN_CTX_free(ctx); - if (buffer != NULL) + } + if (buffer != NULL) { OPENSSL_free(buffer); + } return ret; } diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c index 31f5aaa..ff294ae 100644 --- a/crypto/evp/p_rsa.c +++ b/crypto/evp/p_rsa.c @@ -497,8 +497,9 @@ static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { if (!rctx->pub_exp) { rctx->pub_exp = BN_new(); - if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4)) + if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4)) { return 0; + } } rsa = RSA_new(); if (!rsa) { diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c index f478d50..dd39f03 100644 --- a/crypto/evp/p_rsa_asn1.c +++ b/crypto/evp/p_rsa_asn1.c @@ -463,12 +463,15 @@ static int rsa_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md) { stmp = NULL; err: - if (stmp) + if (stmp) { ASN1_STRING_free(stmp); - if (algtmp) + } + if (algtmp) { X509_ALGOR_free(algtmp); - if (*palg) + } + if (*palg) { return 1; + } return 0; } @@ -560,12 +563,15 @@ static ASN1_STRING *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx) { rv = 1; err: - if (pss) + if (pss) { RSA_PSS_PARAMS_free(pss); - if (rv) + } + if (rv) { return os; - if (os) + } + if (os) { ASN1_STRING_free(os); + } return NULL; } diff --git a/crypto/modes/cbc.c b/crypto/modes/cbc.c index a2ad26c..ba4805b 100644 --- a/crypto/modes/cbc.c +++ b/crypto/modes/cbc.c @@ -128,8 +128,9 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len, ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) { while (len >= 16) { (*block)(in, out, key); - for (n = 0; n < 16; ++n) + for (n = 0; n < 16; ++n) { out[n] ^= iv[n]; + } iv = in; len -= 16; in += 16; @@ -140,8 +141,9 @@ void CRYPTO_cbc128_decrypt(const uint8_t *in, uint8_t *out, size_t len, size_t *out_t = (size_t *)out, *iv_t = (size_t *)iv; (*block)(in, out, key); - for (n = 0; n < 16 / sizeof(size_t); n++) + for (n = 0; n < 16 / sizeof(size_t); n++) { out_t[n] ^= iv_t[n]; + } iv = in; len -= 16; in += 16; diff --git a/crypto/modes/ctr.c b/crypto/modes/ctr.c index 61832ba..a5a3589 100644 --- a/crypto/modes/ctr.c +++ b/crypto/modes/ctr.c @@ -121,8 +121,9 @@ void CRYPTO_ctr128_encrypt(const uint8_t *in, uint8_t *out, size_t len, while (len >= 16) { (*block)(ivec, ecount_buf, key); ctr128_inc(ivec); - for (; n < 16; n += sizeof(size_t)) + for (; n < 16; n += sizeof(size_t)) { *(size_t *)(out + n) = *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n); + } len -= 16; out += 16; in += 16; @@ -179,8 +180,9 @@ void CRYPTO_ctr128_encrypt_ctr32(const uint8_t *in, uint8_t *out, /* 1<<28 is just a not-so-small yet not-so-large number... * Below condition is practically never met, but it has to * be checked for code correctness. */ - if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28)) + if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28)) { blocks = (1U << 28); + } /* As (*func) operates on 32-bit counter, caller * has to handle overflow. 'if' below detects the * overflow, which is then handled by limiting the @@ -194,8 +196,9 @@ void CRYPTO_ctr128_encrypt_ctr32(const uint8_t *in, uint8_t *out, /* (*func) does not update ivec, caller does: */ PUTU32(ivec + 12, ctr32); /* ... overflow was detected, propogate carry. */ - if (ctr32 == 0) + if (ctr32 == 0) { ctr96_inc(ivec); + } blocks *= 16; len -= blocks; out += blocks; diff --git a/crypto/modes/gcm.c b/crypto/modes/gcm.c index eeaeeff..b1c10b3 100644 --- a/crypto/modes/gcm.c +++ b/crypto/modes/gcm.c @@ -620,8 +620,9 @@ int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const uint8_t *aad, size_t len) { #endif if (len) { n = (unsigned int)len; - for (i = 0; i < len; ++i) + for (i = 0; i < len; ++i) { ctx->Xi.c[i] ^= aad[i]; + } } ctx->ares = n; @@ -1123,10 +1124,11 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, GHASH(ctx, in, GHASH_CHUNK); (*stream)(in, out, GHASH_CHUNK / 16, key, ctx->Yi.c); ctr += GHASH_CHUNK / 16; - if (is_endian.little) + if (is_endian.little) { PUTU32(ctx->Yi.c + 12, ctr); - else + } else { ctx->Yi.d[3] = ctr; + } out += GHASH_CHUNK; in += GHASH_CHUNK; len -= GHASH_CHUNK; @@ -1140,8 +1142,9 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, #else while (j--) { size_t k; - for (k = 0; k < 16; ++k) + for (k = 0; k < 16; ++k) { ctx->Xi.c[k] ^= in[k]; + } GCM_MUL(ctx, Xi); in += 16; } @@ -1150,10 +1153,11 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, #endif (*stream)(in, out, j, key, ctx->Yi.c); ctr += (unsigned int)j; - if (is_endian.little) + if (is_endian.little) { PUTU32(ctx->Yi.c + 12, ctr); - else + } else { ctx->Yi.d[3] = ctr; + } out += i; in += i; len -= i; @@ -1161,10 +1165,11 @@ int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx, const uint8_t *in, if (len) { (*ctx->block)(ctx->Yi.c, ctx->EKi.c, key); ++ctr; - if (is_endian.little) + if (is_endian.little) { PUTU32(ctx->Yi.c + 12, ctr); - else + } else { ctx->Yi.d[3] = ctr; + } while (len--) { uint8_t c = in[n]; ctx->Xi.c[n] ^= c; diff --git a/crypto/pkcs8/pkcs8.c b/crypto/pkcs8/pkcs8.c index ab5cf42..e6b33f6 100644 --- a/crypto/pkcs8/pkcs8.c +++ b/crypto/pkcs8/pkcs8.c @@ -123,23 +123,28 @@ static int pkcs12_key_gen_raw(const uint8_t *pass_raw, size_t pass_raw_len, Ai = OPENSSL_malloc(u); B = OPENSSL_malloc(v + 1); Slen = v * ((salt_len + v - 1) / v); - if (pass_raw_len) + if (pass_raw_len) { Plen = v * ((pass_raw_len + v - 1) / v); - else + } else { Plen = 0; + } Ilen = Slen + Plen; I = OPENSSL_malloc(Ilen); Ij = BN_new(); Bpl1 = BN_new(); - if (!D || !Ai || !B || !I || !Ij || !Bpl1) + if (!D || !Ai || !B || !I || !Ij || !Bpl1) { goto err; - for (i = 0; i < v; i++) + } + for (i = 0; i < v; i++) { D[i] = id; + } p = I; - for (i = 0; i < Slen; i++) + for (i = 0; i < Slen; i++) { *p++ = salt[i % salt_len]; - for (i = 0; i < Plen; i++) + } + for (i = 0; i < Plen; i++) { *p++ = pass_raw[i % pass_raw_len]; + } for (;;) { if (!EVP_DigestInit_ex(&ctx, md_type, NULL) || !EVP_DigestUpdate(&ctx, D, v) || @@ -161,31 +166,33 @@ static int pkcs12_key_gen_raw(const uint8_t *pass_raw, size_t pass_raw_len, } out_len -= u; out += u; - for (j = 0; j < v; j++) + for (j = 0; j < v; j++) { B[j] = Ai[j % u]; + } /* Work out B + 1 first then can use B as tmp space */ - if (!BN_bin2bn(B, v, Bpl1)) - goto err; - if (!BN_add_word(Bpl1, 1)) + if (!BN_bin2bn(B, v, Bpl1) || + !BN_add_word(Bpl1, 1)) { goto err; + } for (j = 0; j < Ilen; j += v) { - if (!BN_bin2bn(I + j, v, Ij)) - goto err; - if (!BN_add(Ij, Ij, Bpl1)) - goto err; - if (!BN_bn2bin(Ij, B)) + if (!BN_bin2bn(I + j, v, Ij) || + !BN_add(Ij, Ij, Bpl1) || + !BN_bn2bin(Ij, B)) { goto err; + } Ijlen = BN_num_bytes(Ij); /* If more than 2^(v*8) - 1 cut off MSB */ if (Ijlen > v) { - if (!BN_bn2bin(Ij, B)) + if (!BN_bn2bin(Ij, B)) { goto err; + } memcpy(I + j, B + 1, v); /* If less than v bytes pad with zeroes */ } else if (Ijlen < v) { memset(I + j, 0, v - Ijlen); - if (!BN_bn2bin(Ij, I + j + v - Ijlen)) + if (!BN_bn2bin(Ij, I + j + v - Ijlen)) { goto err; + } } else if (!BN_bn2bin(Ij, I + j)) { goto err; } @@ -547,8 +554,9 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { ASN1_OBJECT *algoid; char obj_tmp[80]; - if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8)) + if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8)) { return NULL; + } pkey = EVP_PKEY_new(); if (pkey == NULL) { diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c index bf5cd5e..5a49e2d 100644 --- a/crypto/poly1305/poly1305.c +++ b/crypto/poly1305/poly1305.c @@ -132,19 +132,23 @@ poly1305_donna_mul: b = (uint32_t)(t[4] >> 26); state->h0 += b * 5; - if (len >= 16) + if (len >= 16) { goto poly1305_donna_16bytes; + } /* final bytes */ poly1305_donna_atmost15bytes: - if (!len) + if (!len) { return; + } - for (j = 0; j < len; j++) + for (j = 0; j < len; j++) { mp[j] = in[j]; + } mp[j++] = 1; - for (; j < 16; j++) + for (; j < 16; j++) { mp[j] = 0; + } len = 0; t0 = U8TO32_LE(mp + 0); @@ -221,10 +225,12 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in, if (state->buf_used) { unsigned int todo = 16 - state->buf_used; - if (todo > in_len) + if (todo > in_len) { todo = in_len; - for (i = 0; i < todo; i++) + } + for (i = 0; i < todo; i++) { state->buf[state->buf_used + i] = in[i]; + } state->buf_used += todo; in_len -= todo; in += todo; @@ -243,8 +249,9 @@ void CRYPTO_poly1305_update(poly1305_state *statep, const uint8_t *in, } if (in_len) { - for (i = 0; i < in_len; i++) + for (i = 0; i < in_len; i++) { state->buf[i] = in[i]; + } state->buf_used = in_len; } } @@ -262,8 +269,9 @@ void CRYPTO_poly1305_finish(poly1305_state *statep, uint8_t mac[16]) { } #endif - if (state->buf_used) + if (state->buf_used) { poly1305_update(state, state->buf, state->buf_used); + } b = state->h0 >> 26; state->h0 = state->h0 & 0x3ffffff; diff --git a/crypto/poly1305/poly1305_arm.c b/crypto/poly1305/poly1305_arm.c index 61ebec5..c06eded 100644 --- a/crypto/poly1305/poly1305_arm.c +++ b/crypto/poly1305/poly1305_arm.c @@ -135,13 +135,15 @@ static void fe1305x2_frombytearray(fe1305x2 *r, const uint8_t *x, int i; uint8_t t[17]; - for (i = 0; (i < 16) && (i < xlen); i++) + for (i = 0; (i < 16) && (i < xlen); i++) { t[i] = x[i]; + } xlen -= i; x += i; t[i++] = 1; - for (; i < 17; i++) + for (; i < 17; i++) { t[i] = 0; + } r->v[0] = 0x3ffffff & load32(t); r->v[2] = 0x3ffffff & (load32(t + 3) >> 2); @@ -150,19 +152,22 @@ static void fe1305x2_frombytearray(fe1305x2 *r, const uint8_t *x, r->v[8] = load32(t + 13); if (xlen) { - for (i = 0; (i < 16) && (i < xlen); i++) + for (i = 0; (i < 16) && (i < xlen); i++) { t[i] = x[i]; + } t[i++] = 1; - for (; i < 17; i++) + for (; i < 17; i++) { t[i] = 0; + } r->v[1] = 0x3ffffff & load32(t); r->v[3] = 0x3ffffff & (load32(t + 3) >> 2); r->v[5] = 0x3ffffff & (load32(t + 6) >> 4); r->v[7] = 0x3ffffff & (load32(t + 9) >> 6); r->v[9] = load32(t + 13); - } else + } else { r->v[1] = r->v[3] = r->v[5] = r->v[7] = r->v[9] = 0; + } } static const fe1305x2 zero __attribute__((aligned(16))); @@ -188,8 +193,9 @@ void CRYPTO_poly1305_init_neon(poly1305_state *state, const uint8_t key[32]) { r->v[7] = r->v[6] = 0x3f03fff & ((*(uint32_t *)(key + 9)) >> 6); r->v[9] = r->v[8] = 0x00fffff & ((*(uint32_t *)(key + 12)) >> 8); - for (j = 0; j < 10; j++) + for (j = 0; j < 10; j++) { h->v[j] = 0; /* XXX: should fast-forward a bit */ + } addmulmod(precomp, r, r, &zero); /* precompute r^2 */ addmulmod(precomp + 1, precomp, precomp, &zero); /* precompute r^4 */ @@ -209,10 +215,12 @@ void CRYPTO_poly1305_update_neon(poly1305_state *state, const uint8_t *in, if (st->buf_used) { unsigned int todo = 32 - st->buf_used; - if (todo > in_len) + if (todo > in_len) { todo = in_len; - for (i = 0; i < todo; i++) + } + for (i = 0; i < todo; i++) { st->buf[st->buf_used + i] = in[i]; + } st->buf_used += todo; in_len -= todo; in += todo; @@ -220,24 +228,27 @@ void CRYPTO_poly1305_update_neon(poly1305_state *state, const uint8_t *in, if (st->buf_used == sizeof(st->buf) && in_len) { addmulmod(h, h, precomp, &zero); fe1305x2_frombytearray(c, st->buf, sizeof(st->buf)); - for (i = 0; i < 10; i++) + for (i = 0; i < 10; i++) { h->v[i] += c->v[i]; + } st->buf_used = 0; } } while (in_len > 32) { unsigned int tlen = 1048576; - if (in_len < tlen) + if (in_len < tlen) { tlen = in_len; + } tlen -= blocks(h, precomp, in, tlen); in_len -= tlen; in += tlen; } if (in_len) { - for (i = 0; i < in_len; i++) + for (i = 0; i < in_len; i++) { st->buf[i] = in[i]; + } st->buf_used = in_len; } } diff --git a/crypto/poly1305/poly1305_vec.c b/crypto/poly1305/poly1305_vec.c index 89fcacb..07578d0 100644 --- a/crypto/poly1305/poly1305_vec.c +++ b/crypto/poly1305/poly1305_vec.c @@ -727,8 +727,9 @@ void CRYPTO_poly1305_update(poly1305_state *state, const uint8_t *m, bytes -= want; m += want; st->leftover += want; - if ((st->leftover < 32) || (bytes == 0)) + if ((st->leftover < 32) || (bytes == 0)) { return; + } poly1305_first_block(st, st->buffer); st->leftover = 0; } @@ -742,8 +743,9 @@ void CRYPTO_poly1305_update(poly1305_state *state, const uint8_t *m, bytes -= want; m += want; st->leftover += want; - if (st->leftover < 64) + if (st->leftover < 64) { return; + } poly1305_blocks(st, st->buffer, 64); st->leftover = 0; } @@ -791,8 +793,9 @@ void CRYPTO_poly1305_finish(poly1305_state *state, uint8_t mac[16]) { s1 = r1 * (5 << 2); s2 = r2 * (5 << 2); - if (leftover < 16) + if (leftover < 16) { goto poly1305_donna_atmost15bytes; + } poly1305_donna_atleast16bytes: t0 = U8TO64_LE(m + 0); @@ -821,13 +824,15 @@ poly1305_donna_mul: m += 16; leftover -= 16; - if (leftover >= 16) + if (leftover >= 16) { goto poly1305_donna_atleast16bytes; + } /* final bytes */ poly1305_donna_atmost15bytes: - if (!leftover) + if (!leftover) { goto poly1305_donna_finish; + } m[leftover++] = 1; poly1305_block_zero(m + leftover, 16 - leftover); diff --git a/crypto/rand/urandom.c b/crypto/rand/urandom.c index a7e2ad8..a874974 100644 --- a/crypto/rand/urandom.c +++ b/crypto/rand/urandom.c @@ -88,8 +88,9 @@ static int urandom_buffering = 0; /* urandom_get_fd_locked returns a file descriptor to /dev/urandom. The caller * of this function must hold CRYPTO_LOCK_RAND. */ static int urandom_get_fd_locked(void) { - if (urandom_fd != -2) + if (urandom_fd != -2) { return urandom_fd; + } urandom_fd = open("/dev/urandom", O_RDONLY); return urandom_fd; diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c index 00b59c8..2ebee3b 100644 --- a/crypto/rc4/rc4.c +++ b/crypto/rc4/rc4.c @@ -285,34 +285,42 @@ void RC4(RC4_KEY *key, size_t len, const uint8_t *in, uint8_t *out) { in += 8; out += 8; #endif - if (--i == 0) + if (--i == 0) { break; + } } } i = len & 0x07; if (i) { for (;;) { RC4_LOOP(in, out, 0); - if (--i == 0) + if (--i == 0) { break; + } RC4_LOOP(in, out, 1); - if (--i == 0) + if (--i == 0) { break; + } RC4_LOOP(in, out, 2); - if (--i == 0) + if (--i == 0) { break; + } RC4_LOOP(in, out, 3); - if (--i == 0) + if (--i == 0) { break; + } RC4_LOOP(in, out, 4); - if (--i == 0) + if (--i == 0) { break; + } RC4_LOOP(in, out, 5); - if (--i == 0) + if (--i == 0) { break; + } RC4_LOOP(in, out, 6); - if (--i == 0) + if (--i == 0) { break; + } } } key->x = x; diff --git a/crypto/rsa/blinding.c b/crypto/rsa/blinding.c index 06f87a7..6b13d0d 100644 --- a/crypto/rsa/blinding.c +++ b/crypto/rsa/blinding.c @@ -182,14 +182,18 @@ void BN_BLINDING_free(BN_BLINDING *r) { return; } - if (r->A != NULL) + if (r->A != NULL) { BN_free(r->A); - if (r->Ai != NULL) + } + if (r->Ai != NULL) { BN_free(r->Ai); - if (r->e != NULL) + } + if (r->e != NULL) { BN_free(r->e); - if (r->mod != NULL) + } + if (r->mod != NULL) { BN_free(r->mod); + } OPENSSL_free(r); } diff --git a/crypto/rsa/padding.c b/crypto/rsa/padding.c index 66fdf13..902e15e 100644 --- a/crypto/rsa/padding.c +++ b/crypto/rsa/padding.c @@ -620,8 +620,9 @@ int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const uint8_t *mHash, if (MSBits) { DB[0] &= 0xFF >> (8 - MSBits); } - for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++) + for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++) { ; + } if (DB[i++] != 0x1) { OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1, RSA_R_SLEN_RECOVERY_FAILED); diff --git a/crypto/rsa/rsa.c b/crypto/rsa/rsa.c index cfdd7ff..86fd2aa 100644 --- a/crypto/rsa/rsa.c +++ b/crypto/rsa/rsa.c @@ -127,29 +127,39 @@ void RSA_free(RSA *rsa) { CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, rsa, &rsa->ex_data); - if (rsa->n != NULL) + if (rsa->n != NULL) { BN_clear_free(rsa->n); - if (rsa->e != NULL) + } + if (rsa->e != NULL) { BN_clear_free(rsa->e); - if (rsa->d != NULL) + } + if (rsa->d != NULL) { BN_clear_free(rsa->d); - if (rsa->p != NULL) + } + if (rsa->p != NULL) { BN_clear_free(rsa->p); - if (rsa->q != NULL) + } + if (rsa->q != NULL) { BN_clear_free(rsa->q); - if (rsa->dmp1 != NULL) + } + if (rsa->dmp1 != NULL) { BN_clear_free(rsa->dmp1); - if (rsa->dmq1 != NULL) + } + if (rsa->dmq1 != NULL) { BN_clear_free(rsa->dmq1); - if (rsa->iqmp != NULL) + } + if (rsa->iqmp != NULL) { BN_clear_free(rsa->iqmp); + } for (u = 0; u < rsa->num_blindings; u++) { BN_BLINDING_free(rsa->blindings[u]); } - if (rsa->blindings != NULL) + if (rsa->blindings != NULL) { OPENSSL_free(rsa->blindings); - if (rsa->blindings_inuse != NULL) + } + if (rsa->blindings_inuse != NULL) { OPENSSL_free(rsa->blindings_inuse); + } OPENSSL_free(rsa); } diff --git a/crypto/rsa/rsa_impl.c b/crypto/rsa/rsa_impl.c index d950d50..349d74f 100644 --- a/crypto/rsa/rsa_impl.c +++ b/crypto/rsa/rsa_impl.c @@ -814,65 +814,79 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { bitsq = bits - bitsp; /* We need the RSA components non-NULL */ - if (!rsa->n && ((rsa->n = BN_new()) == NULL)) + if (!rsa->n && ((rsa->n = BN_new()) == NULL)) { goto err; - if (!rsa->d && ((rsa->d = BN_new()) == NULL)) + } + if (!rsa->d && ((rsa->d = BN_new()) == NULL)) { goto err; - if (!rsa->e && ((rsa->e = BN_new()) == NULL)) + } + if (!rsa->e && ((rsa->e = BN_new()) == NULL)) { goto err; - if (!rsa->p && ((rsa->p = BN_new()) == NULL)) + } + if (!rsa->p && ((rsa->p = BN_new()) == NULL)) { goto err; - if (!rsa->q && ((rsa->q = BN_new()) == NULL)) + } + if (!rsa->q && ((rsa->q = BN_new()) == NULL)) { goto err; - if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL)) + } + if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL)) { goto err; - if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL)) + } + if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL)) { goto err; - if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL)) + } + if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL)) { goto err; + } BN_copy(rsa->e, e_value); /* generate p and q */ for (;;) { - if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) - goto err; - if (!BN_sub(r2, rsa->p, BN_value_one())) + if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb) || + !BN_sub(r2, rsa->p, BN_value_one()) || + !BN_gcd(r1, r2, rsa->e, ctx)) { goto err; - if (!BN_gcd(r1, r2, rsa->e, ctx)) - goto err; - if (BN_is_one(r1)) + } + if (BN_is_one(r1)) { break; - if (!BN_GENCB_call(cb, 2, n++)) + } + if (!BN_GENCB_call(cb, 2, n++)) { goto err; + } } - if (!BN_GENCB_call(cb, 3, 0)) + if (!BN_GENCB_call(cb, 3, 0)) { goto err; + } for (;;) { /* When generating ridiculously small keys, we can get stuck * continually regenerating the same prime values. Check for * this and bail if it happens 3 times. */ unsigned int degenerate = 0; do { - if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) + if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) { goto err; + } } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3)); if (degenerate == 3) { ok = 0; /* we set our own err */ OPENSSL_PUT_ERROR(RSA, keygen, RSA_R_KEY_SIZE_TOO_SMALL); goto err; } - if (!BN_sub(r2, rsa->q, BN_value_one())) - goto err; - if (!BN_gcd(r1, r2, rsa->e, ctx)) + if (!BN_sub(r2, rsa->q, BN_value_one()) || + !BN_gcd(r1, r2, rsa->e, ctx)) { goto err; - if (BN_is_one(r1)) + } + if (BN_is_one(r1)) { break; - if (!BN_GENCB_call(cb, 2, n++)) + } + if (!BN_GENCB_call(cb, 2, n++)) { goto err; + } } - if (!BN_GENCB_call(cb, 3, 1)) + if (!BN_GENCB_call(cb, 3, 1)) { goto err; + } if (BN_cmp(rsa->p, rsa->q) < 0) { tmp = rsa->p; rsa->p = rsa->q; @@ -880,39 +894,47 @@ static int keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) { } /* calculate n */ - if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) + if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) { goto err; + } /* calculate d */ - if (!BN_sub(r1, rsa->p, BN_value_one())) + if (!BN_sub(r1, rsa->p, BN_value_one())) { goto err; /* p-1 */ - if (!BN_sub(r2, rsa->q, BN_value_one())) + } + if (!BN_sub(r2, rsa->q, BN_value_one())) { goto err; /* q-1 */ - if (!BN_mul(r0, r1, r2, ctx)) + } + if (!BN_mul(r0, r1, r2, ctx)) { goto err; /* (p-1)(q-1) */ + } pr0 = &local_r0; BN_with_flags(pr0, r0, BN_FLG_CONSTTIME); - if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) + if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) { goto err; /* d */ + } /* set up d for correct BN_FLG_CONSTTIME flag */ d = &local_d; BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME); /* calculate d mod (p-1) */ - if (!BN_mod(rsa->dmp1, d, r1, ctx)) + if (!BN_mod(rsa->dmp1, d, r1, ctx)) { goto err; + } /* calculate d mod (q-1) */ - if (!BN_mod(rsa->dmq1, d, r2, ctx)) + if (!BN_mod(rsa->dmq1, d, r2, ctx)) { goto err; + } /* calculate inverse of q mod p */ p = &local_p; BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME); - if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx)) + if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx)) { goto err; + } ok = 1; diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c index 75489e0..386ecac 100644 --- a/crypto/rsa/rsa_test.c +++ b/crypto/rsa/rsa_test.c @@ -478,8 +478,9 @@ int main(int argc, char *argv[]) { int b; unsigned char saved = ctext[n]; for (b = 0; b < 256; ++b) { - if (b == saved) + if (b == saved) { continue; + } ctext[n] = b; num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); diff --git a/crypto/sha/sha1.c b/crypto/sha/sha1.c index 7595bc8..60d09f6 100644 --- a/crypto/sha/sha1.c +++ b/crypto/sha/sha1.c @@ -367,8 +367,9 @@ static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num) { c->h3 = (c->h3 + B) & 0xffffffffL; c->h4 = (c->h4 + C) & 0xffffffffL; - if (--num == 0) + if (--num == 0) { break; + } A = c->h0; B = c->h1; diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c index 59be8c1..2acefb1 100644 --- a/crypto/sha/sha512.c +++ b/crypto/sha/sha512.c @@ -189,8 +189,9 @@ int SHA512_Update(SHA512_CTX *c, const void *in_data, size_t len) { uint8_t *p = c->u.p; const uint8_t *data = (const uint8_t *)in_data; - if (len == 0) + if (len == 0) { return 1; + } l = (c->Nl + (((uint64_t)len) << 3)) & OPENSSL_U64(0xffffffffffffffff); if (l < c->Nl) { @@ -218,14 +219,21 @@ int SHA512_Update(SHA512_CTX *c, const void *in_data, size_t len) { if (len >= sizeof(c->u)) { #ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA - if ((size_t)data % sizeof(c->u.d[0]) != 0) - while (len >= sizeof(c->u)) - memcpy(p, data, sizeof(c->u)), sha512_block_data_order(c, p, 1), - len -= sizeof(c->u), data += sizeof(c->u); - else + if ((size_t)data % sizeof(c->u.d[0]) != 0) { + while (len >= sizeof(c->u)) { + memcpy(p, data, sizeof(c->u)); + sha512_block_data_order(c, p, 1); + len -= sizeof(c->u); + data += sizeof(c->u); + } + } else #endif - sha512_block_data_order(c, data, len / sizeof(c->u)), data += len, - len %= sizeof(c->u), data -= len; + { + sha512_block_data_order(c, data, len / sizeof(c->u)); + data += len; + len %= sizeof(c->u); + data -= len; + } } if (len != 0) { diff --git a/crypto/time_support.c b/crypto/time_support.c index bbfe303..0f2787c 100644 --- a/crypto/time_support.c +++ b/crypto/time_support.c @@ -129,8 +129,9 @@ static int julian_adj(const struct tm *tm, int off_day, long offset_sec, /* Work out Julian day of new date */ time_jd += offset_day; - if (time_jd < 0) + if (time_jd < 0) { return 0; + } *pday = time_jd; *psec = offset_hms; @@ -142,15 +143,17 @@ int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec) { long time_jd; /* Convert time and offset into julian day and seconds */ - if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec)) + if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec)) { return 0; + } /* Convert Julian day back to date */ julian_to_date(time_jd, &time_year, &time_month, &time_day); - if (time_year < 1900 || time_year > 9999) + if (time_year < 1900 || time_year > 9999) { return 0; + } /* Update tm structure */ diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 3f9e814..ae6f36d 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -490,8 +490,9 @@ int dtls1_connect(SSL *s) { ret = 1; s->ctx->stats.sess_connect_good++; - if (cb != NULL) + if (cb != NULL) { cb(s, SSL_CB_HANDSHAKE_DONE, 1); + } /* done with handshaking */ s->d1->handshake_read_seq = 0; diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 42be93a..f3bdefd 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -199,8 +199,9 @@ int ssl3_connect(SSL *s) { /* fallthrough */ case SSL_ST_CONNECT: case SSL_ST_BEFORE | SSL_ST_CONNECT: - if (cb != NULL) + if (cb != NULL) { cb(s, SSL_CB_HANDSHAKE_START, 1); + } if (s->init_buf == NULL) { buf = BUF_MEM_new(); @@ -445,8 +446,9 @@ int ssl3_connect(SSL *s) { * hashes. */ if (s->s3->tlsext_channel_id_new) { ret = tls1_record_handshake_hashes_for_channel_id(s); - if (ret <= 0) + if (ret <= 0) { goto end; + } } if ((SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) && ssl3_can_cutthrough(s) && diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 6ecca21..2045590 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -394,8 +394,9 @@ int ssl3_accept(SSL *s) { if (ssl_cipher_requires_server_key_exchange(s->s3->tmp.new_cipher) || ((alg_a & SSL_aPSK) && s->psk_identity_hint)) { ret = ssl3_send_server_key_exchange(s); - if (ret <= 0) + if (ret <= 0) { goto end; + } } else { skip = 1; } diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 624c41a..f0f8da5 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -1050,8 +1050,9 @@ int ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags) { } cpk->chain = chain; - if (rv == 0) + if (rv == 0) { rv = 1; + } err: if (flags & SSL_BUILD_CHAIN_FLAG_CHECK) { diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c index c950ce8..3c13609 100644 --- a/ssl/ssl_txt.c +++ b/ssl/ssl_txt.c @@ -145,8 +145,9 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) { } for (i = 0; i < x->session_id_length; i++) { - if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0) + if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0) { goto err; + } } if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0) { diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index e26351b..19e52a4 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -255,8 +255,9 @@ static int tls1_check_duplicate_extensions(const CBS *cbs) { ret = 1; done: - if (extension_types) + if (extension_types) { OPENSSL_free(extension_types); + } return ret; } |