Google Git
Sign in
boringssl/boringssl.git/2c3679210e77f825782317e6b5d4ffc7eae4b81b^!/.
commit
2c3679210e77f825782317e6b5d4ffc7eae4b81b
[log]
author
David Benjamin <davidben@chromium.org>
Wed May 27 01:41:01 2015 -0400
committer
Adam Langley <agl@google.com>
Mon Jun 01 22:17:10 2015 +0000
tree
eda6732256f719cefd914c2be6fda74eb76ce605
parent
e2375e139ee410538a3a77e8921b49cc8e727bb0 [diff]
EVP_Digest*Update, EVP_DigestFinal, and HMAC_Update can never fail.

Enough code fails to check their return codes anyway. We ought to make
it official.

Change-Id: Ie646360fd7073ea943036f5e21bed13df7e1b77a
Reviewed-on: https://boringssl-review.googlesource.com/4954
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/digest/digest.c b/crypto/digest/digest.c
index e32eafd..d60bdc9 100644
--- a/crypto/digest/digest.c
+++ b/crypto/digest/digest.c

@@ -189,7 +189,8 @@
     return 1;
   }
 
-  return ctx->digest->init(ctx);
+  ctx->digest->init(ctx);
+  return 1;
 }
 
 int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) {
@@ -198,26 +199,24 @@
 }
 
 int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t len) {
-  return ctx->update(ctx, data, len);
+  ctx->update(ctx, data, len);
+  return 1;
 }
 
 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out, unsigned int *size) {
-  int ret;
-
   assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
-  ret = ctx->digest->final(ctx, md_out);
+  ctx->digest->final(ctx, md_out);
   if (size != NULL) {
     *size = ctx->digest->md_size;
   }
   OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
-
-  return ret;
+  return 1;
 }
 
 int EVP_DigestFinal(EVP_MD_CTX *ctx, uint8_t *md, unsigned int *size) {
-  int ret = EVP_DigestFinal_ex(ctx, md, size);
+  EVP_DigestFinal_ex(ctx, md, size);
   EVP_MD_CTX_cleanup(ctx);
-  return ret;
+  return 1;
 }
 
 int EVP_Digest(const void *data, size_t count, uint8_t *out_md,

diff --git a/crypto/digest/digests.c b/crypto/digest/digests.c
index b0036af..4dff340 100644
--- a/crypto/digest/digests.c
+++ b/crypto/digest/digests.c

@@ -56,6 +56,8 @@
 
 #include <openssl/digest.h>
 
+#include <assert.h>
+
 #include <openssl/md4.h>
 #include <openssl/md5.h>
 #include <openssl/obj.h>
@@ -64,14 +66,19 @@
 #include "internal.h"
 
 
-static int md4_init(EVP_MD_CTX *ctx) { return MD4_Init(ctx->md_data); }
-
-static int md4_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
-  return MD4_Update(ctx->md_data, data, count);
+static void md4_init(EVP_MD_CTX *ctx) {
+  int ret = MD4_Init(ctx->md_data);
+  assert(ret);
 }
 
-static int md4_final(EVP_MD_CTX *ctx, uint8_t *out) {
-  return MD4_Final(out, ctx->md_data);
+static void md4_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  int ret = MD4_Update(ctx->md_data, data, count);
+  assert(ret);
+}
+
+static void md4_final(EVP_MD_CTX *ctx, uint8_t *out) {
+  int ret = MD4_Final(out, ctx->md_data);
+  assert(ret);
 }
 
 static const EVP_MD md4_md = {
@@ -82,14 +89,19 @@
 const EVP_MD *EVP_md4(void) { return &md4_md; }
 
 
-static int md5_init(EVP_MD_CTX *ctx) { return MD5_Init(ctx->md_data); }
-
-static int md5_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
-  return MD5_Update(ctx->md_data, data, count);
+static void md5_init(EVP_MD_CTX *ctx) {
+  int ret = MD5_Init(ctx->md_data);
+  assert(ret);
 }
 
-static int md5_final(EVP_MD_CTX *ctx, uint8_t *out) {
-  return MD5_Final(out, ctx->md_data);
+static void md5_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  int ret = MD5_Update(ctx->md_data, data, count);
+  assert(ret);
+}
+
+static void md5_final(EVP_MD_CTX *ctx, uint8_t *out) {
+  int ret = MD5_Final(out, ctx->md_data);
+  assert(ret);
 }
 
 static const EVP_MD md5_md = {
@@ -100,14 +112,19 @@
 const EVP_MD *EVP_md5(void) { return &md5_md; }
 
 
-static int sha1_init(EVP_MD_CTX *ctx) { return SHA1_Init(ctx->md_data); }
-
-static int sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
-  return SHA1_Update(ctx->md_data, data, count);
+static void sha1_init(EVP_MD_CTX *ctx) {
+  int ret = SHA1_Init(ctx->md_data);
+  assert(ret);
 }
 
-static int sha1_final(EVP_MD_CTX *ctx, uint8_t *md) {
-  return SHA1_Final(md, ctx->md_data);
+static void sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  int ret = SHA1_Update(ctx->md_data, data, count);
+  assert(ret);
+}
+
+static void sha1_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  int ret = SHA1_Final(md, ctx->md_data);
+  assert(ret);
 }
 
 static const EVP_MD sha1_md = {
@@ -118,14 +135,19 @@
 const EVP_MD *EVP_sha1(void) { return &sha1_md; }
 
 
-static int sha224_init(EVP_MD_CTX *ctx) { return SHA224_Init(ctx->md_data); }
-
-static int sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
-  return SHA224_Update(ctx->md_data, data, count);
+static void sha224_init(EVP_MD_CTX *ctx) {
+  int ret = SHA224_Init(ctx->md_data);
+  assert(ret);
 }
 
-static int sha224_final(EVP_MD_CTX *ctx, uint8_t *md) {
-  return SHA224_Final(md, ctx->md_data);
+static void sha224_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  int ret = SHA224_Update(ctx->md_data, data, count);
+  assert(ret);
+}
+
+static void sha224_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  int ret = SHA224_Final(md, ctx->md_data);
+  assert(ret);
 }
 
 static const EVP_MD sha224_md = {
@@ -137,14 +159,19 @@
 const EVP_MD *EVP_sha224(void) { return &sha224_md; }
 
 
-static int sha256_init(EVP_MD_CTX *ctx) { return SHA256_Init(ctx->md_data); }
-
-static int sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
-  return SHA256_Update(ctx->md_data, data, count);
+static void sha256_init(EVP_MD_CTX *ctx) {
+  int ret = SHA256_Init(ctx->md_data);
+  assert(ret);
 }
 
-static int sha256_final(EVP_MD_CTX *ctx, uint8_t *md) {
-  return SHA256_Final(md, ctx->md_data);
+static void sha256_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  int ret = SHA256_Update(ctx->md_data, data, count);
+  assert(ret);
+}
+
+static void sha256_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  int ret = SHA256_Final(md, ctx->md_data);
+  assert(ret);
 }
 
 static const EVP_MD sha256_md = {
@@ -156,14 +183,19 @@
 const EVP_MD *EVP_sha256(void) { return &sha256_md; }
 
 
-static int sha384_init(EVP_MD_CTX *ctx) { return SHA384_Init(ctx->md_data); }
-
-static int sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
-  return SHA384_Update(ctx->md_data, data, count);
+static void sha384_init(EVP_MD_CTX *ctx) {
+  int ret = SHA384_Init(ctx->md_data);
+  assert(ret);
 }
 
-static int sha384_final(EVP_MD_CTX *ctx, uint8_t *md) {
-  return SHA384_Final(md, ctx->md_data);
+static void sha384_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  int ret = SHA384_Update(ctx->md_data, data, count);
+  assert(ret);
+}
+
+static void sha384_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  int ret = SHA384_Final(md, ctx->md_data);
+  assert(ret);
 }
 
 static const EVP_MD sha384_md = {
@@ -175,14 +207,19 @@
 const EVP_MD *EVP_sha384(void) { return &sha384_md; }
 
 
-static int sha512_init(EVP_MD_CTX *ctx) { return SHA512_Init(ctx->md_data); }
-
-static int sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
-  return SHA512_Update(ctx->md_data, data, count);
+static void sha512_init(EVP_MD_CTX *ctx) {
+  int ret = SHA512_Init(ctx->md_data);
+  assert(ret);
 }
 
-static int sha512_final(EVP_MD_CTX *ctx, uint8_t *md) {
-  return SHA512_Final(md, ctx->md_data);
+static void sha512_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+  int ret = SHA512_Update(ctx->md_data, data, count);
+  assert(ret);
+}
+
+static void sha512_final(EVP_MD_CTX *ctx, uint8_t *md) {
+  int ret = SHA512_Final(md, ctx->md_data);
+  assert(ret);
 }
 
 static const EVP_MD sha512_md = {
@@ -199,23 +236,25 @@
   SHA_CTX sha1;
 } MD5_SHA1_CTX;
 
-static int md5_sha1_init(EVP_MD_CTX *md_ctx) {
+static void md5_sha1_init(EVP_MD_CTX *md_ctx) {
   MD5_SHA1_CTX *ctx = md_ctx->md_data;
-  return MD5_Init(&ctx->md5) && SHA1_Init(&ctx->sha1);
+  int ret = MD5_Init(&ctx->md5) && SHA1_Init(&ctx->sha1);
+  assert(ret);
 }
 
-static int md5_sha1_update(EVP_MD_CTX *md_ctx, const void *data, size_t count) {
+static void md5_sha1_update(EVP_MD_CTX *md_ctx, const void *data,
+                            size_t count) {
   MD5_SHA1_CTX *ctx = md_ctx->md_data;
-  return MD5_Update(&ctx->md5, data, count) && SHA1_Update(&ctx->sha1, data, count);
+  int ret = MD5_Update(&ctx->md5, data, count) &&
+            SHA1_Update(&ctx->sha1, data, count);
+  assert(ret);
 }
 
-static int md5_sha1_final(EVP_MD_CTX *md_ctx, uint8_t *out) {
+static void md5_sha1_final(EVP_MD_CTX *md_ctx, uint8_t *out) {
   MD5_SHA1_CTX *ctx = md_ctx->md_data;
-  if (!MD5_Final(out, &ctx->md5) ||
-      !SHA1_Final(out + MD5_DIGEST_LENGTH, &ctx->sha1)) {
-    return 0;
-  }
-  return 1;
+  int ret = MD5_Final(out, &ctx->md5) &&
+            SHA1_Final(out + MD5_DIGEST_LENGTH, &ctx->sha1);
+  assert(ret);
 }
 
 static const EVP_MD md5_sha1_md = {

diff --git a/crypto/digest/internal.h b/crypto/digest/internal.h
index 94dbfaa..1134702 100644
--- a/crypto/digest/internal.h
+++ b/crypto/digest/internal.h

@@ -75,15 +75,14 @@
   /* flags contains the OR of |EVP_MD_FLAG_*| values. */
   uint32_t flags;
 
-  /* init initialises the state in |ctx->md_data|. It returns one on success
-   * and zero otherwise. */
-  int (*init)(EVP_MD_CTX *ctx);
+  /* init initialises the state in |ctx->md_data|. */
+  void (*init)(EVP_MD_CTX *ctx);
 
   /* update hashes |len| bytes of |data| into the state in |ctx->md_data|. */
-  int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
+  void (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
 
   /* final completes the hash and writes |md_size| bytes of digest to |out|. */
-  int (*final)(EVP_MD_CTX *ctx, uint8_t *out);
+  void (*final)(EVP_MD_CTX *ctx, uint8_t *out);
 
   /* block_size contains the hash's native block size. */
   unsigned block_size;

diff --git a/crypto/evp/p_hmac.c b/crypto/evp/p_hmac.c
index 21703ed..f4a4193 100644
--- a/crypto/evp/p_hmac.c
+++ b/crypto/evp/p_hmac.c

@@ -142,9 +142,9 @@
   return 1;
 }
 
-static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
+static void int_update(EVP_MD_CTX *ctx, const void *data, size_t count) {
   HMAC_PKEY_CTX *hctx = ctx->pctx->data;
-  return HMAC_Update(&hctx->ctx, data, count);
+  HMAC_Update(&hctx->ctx, data, count);
 }
 
 static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx) {

diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c
index b1b2623..eb48620 100644
--- a/crypto/hmac/hmac.c
+++ b/crypto/hmac/hmac.c

@@ -172,6 +172,8 @@
   unsigned int i;
   uint8_t buf[EVP_MAX_MD_SIZE];
 
+  /* TODO(davidben): The only thing that can officially fail here is
+   * |EVP_MD_CTX_copy_ex|, but even that should be impossible in this case. */
   if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i) ||
       !EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx) ||
       !EVP_DigestUpdate(&ctx->md_ctx, buf, i) ||

diff --git a/include/openssl/digest.h b/include/openssl/digest.h
index 8285dce..a7123cc 100644
--- a/include/openssl/digest.h
+++ b/include/openssl/digest.h

@@ -134,7 +134,7 @@
 OPENSSL_EXPORT int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 
 /* EVP_DigestUpdate hashes |len| bytes from |data| into the hashing operation
- * in |ctx|. It returns one on success and zero otherwise. */
+ * in |ctx|. It returns one. */
 OPENSSL_EXPORT int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data,
                                     size_t len);
 
@@ -144,10 +144,9 @@
 
 /* EVP_DigestFinal_ex finishes the digest in |ctx| and writes the output to
  * |md_out|. At most |EVP_MAX_MD_SIZE| bytes are written. If |out_size| is not
- * NULL then |*out_size| is set to the number of bytes written. It returns one
- * on success and zero otherwise. After this call, the hash cannot be updated
- * or finished again until |EVP_DigestInit_ex| is called to start another
- * hashing operation. */
+ * NULL then |*out_size| is set to the number of bytes written. It returns one.
+ * After this call, the hash cannot be updated or finished again until
+ * |EVP_DigestInit_ex| is called to start another hashing operation. */
 OPENSSL_EXPORT int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, uint8_t *md_out,
                                       unsigned int *out_size);
 
@@ -251,7 +250,7 @@
   /* update is usually copied from |digest->update| but can differ in some
    * cases, i.e. HMAC.
    * TODO(davidben): Remove this hook once |EVP_PKEY_HMAC| is gone. */
-  int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
+  void (*update)(EVP_MD_CTX *ctx, const void *data, size_t count);
 
   /* pctx is an opaque (at this layer) pointer to additional context that
    * EVP_PKEY functions may store in this object. */

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 28ae987..490a951 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h

@@ -241,8 +241,7 @@
                                       EVP_PKEY *pkey);
 
 /* EVP_DigestSignUpdate appends |len| bytes from |data| to the data which will
- * be signed in |EVP_DigestSignFinal|. It returns one on success and zero
- * otherwise. */
+ * be signed in |EVP_DigestSignFinal|. It returns one. */
 OPENSSL_EXPORT int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data,
                                         size_t len);
 
@@ -293,8 +292,7 @@
                                                      EVP_PKEY *pkey);
 
 /* EVP_DigestVerifyUpdate appends |len| bytes from |data| to the data which
- * will be verified by |EVP_DigestVerifyFinal|. It returns one on success and
- * zero otherwise. */
+ * will be verified by |EVP_DigestVerifyFinal|. It returns one. */
 OPENSSL_EXPORT int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data,
                                           size_t len);
 

diff --git a/include/openssl/hmac.h b/include/openssl/hmac.h
index 89cdf8f..b8cf4af 100644
--- a/include/openssl/hmac.h
+++ b/include/openssl/hmac.h

@@ -106,7 +106,7 @@
                                 const EVP_MD *md, ENGINE *impl);
 
 /* HMAC_Update hashes |data_len| bytes from |data| into the current HMAC
- * operation in |ctx|. It returns one on success and zero on error. */
+ * operation in |ctx|. It returns one. */
 OPENSSL_EXPORT int HMAC_Update(HMAC_CTX *ctx, const uint8_t *data,
                                size_t data_len);