Some CBB_init_fixed simplifications. CBB_init_fixed callers no longer need to check the return value, or handle any cleanup. The hpke.c instance was even already (incorrectly at the time) assuming this. Change-Id: I2f4cb124454fc7ba7ff6d2075d99f537a58c6c6b Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/54647 Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: David Benjamin <davidben@google.com>

commit: 254b8e113977aeb84ced559772537cd15bbe6cfc [log] [tgz]
author: David Benjamin <davidben@google.com> Sat Jun 25 22:58:22 2022 -0400
committer: Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Tue Oct 11 21:24:34 2022 +0000
tree: d922430f9913140382db9ccbd303ff5e940a91a2
parent: 15ba28f839c828ced30178a86a9c56b104d3b5d7 [diff]
diff --git a/crypto/ecdsa_extra/ecdsa_asn1.c b/crypto/ecdsa_extra/ecdsa_asn1.c
index e6212cc..8ddfb3b 100644
--- a/crypto/ecdsa_extra/ecdsa_asn1.c
+++ b/crypto/ecdsa_extra/ecdsa_asn1.c

@@ -81,13 +81,11 @@
   }
 
   CBB cbb;
-  CBB_zero(&cbb);
+  CBB_init_fixed(&cbb, sig, ECDSA_size(eckey));
   size_t len;
-  if (!CBB_init_fixed(&cbb, sig, ECDSA_size(eckey)) ||
-      !ECDSA_SIG_marshal(&cbb, s) ||
+  if (!ECDSA_SIG_marshal(&cbb, s) ||
       !CBB_finish(&cbb, NULL, &len)) {
     OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_ENCODE_ERROR);
-    CBB_cleanup(&cbb);
     *sig_len = 0;
     goto err;
   }

diff --git a/crypto/hpke/hpke.c b/crypto/hpke/hpke.c
index f94b684..faea2ee 100644
--- a/crypto/hpke/hpke.c
+++ b/crypto/hpke/hpke.c

@@ -366,13 +366,11 @@
 static int hpke_build_suite_id(const EVP_HPKE_CTX *ctx,
                                uint8_t out[HPKE_SUITE_ID_LEN]) {
   CBB cbb;
-  int ret = CBB_init_fixed(&cbb, out, HPKE_SUITE_ID_LEN) &&
-            add_label_string(&cbb, "HPKE") &&   //
-            CBB_add_u16(&cbb, ctx->kem->id) &&  //
-            CBB_add_u16(&cbb, ctx->kdf->id) &&  //
-            CBB_add_u16(&cbb, ctx->aead->id);
-  CBB_cleanup(&cbb);
-  return ret;
+  CBB_init_fixed(&cbb, out, HPKE_SUITE_ID_LEN);
+  return add_label_string(&cbb, "HPKE") &&   //
+         CBB_add_u16(&cbb, ctx->kem->id) &&  //
+         CBB_add_u16(&cbb, ctx->kdf->id) &&  //
+         CBB_add_u16(&cbb, ctx->aead->id);
 }
 
 #define HPKE_MODE_BASE 0
@@ -409,8 +407,8 @@
   uint8_t context[sizeof(uint8_t) + 2 * EVP_MAX_MD_SIZE];
   size_t context_len;
   CBB context_cbb;
-  if (!CBB_init_fixed(&context_cbb, context, sizeof(context)) ||
-      !CBB_add_u8(&context_cbb, HPKE_MODE_BASE) ||
+  CBB_init_fixed(&context_cbb, context, sizeof(context));
+  if (!CBB_add_u8(&context_cbb, HPKE_MODE_BASE) ||
       !CBB_add_bytes(&context_cbb, psk_id_hash, psk_id_hash_len) ||
       !CBB_add_bytes(&context_cbb, info_hash, info_hash_len) ||
       !CBB_finish(&context_cbb, NULL, &context_len)) {

diff --git a/crypto/trust_token/trust_token.c b/crypto/trust_token/trust_token.c
index 5afb487..aa1182a 100644
--- a/crypto/trust_token/trust_token.c
+++ b/crypto/trust_token/trust_token.c

@@ -113,34 +113,26 @@
                              size_t *out_pub_key_len, size_t max_pub_key_len,
                              uint32_t id) {
   // Prepend the key ID in front of the PMBTokens format.
-  int ret = 0;
   CBB priv_cbb, pub_cbb;
-  CBB_zero(&priv_cbb);
-  CBB_zero(&pub_cbb);
-  if (!CBB_init_fixed(&priv_cbb, out_priv_key, max_priv_key_len) ||
-      !CBB_init_fixed(&pub_cbb, out_pub_key, max_pub_key_len) ||
-      !CBB_add_u32(&priv_cbb, id) ||
+  CBB_init_fixed(&priv_cbb, out_priv_key, max_priv_key_len);
+  CBB_init_fixed(&pub_cbb, out_pub_key, max_pub_key_len);
+  if (!CBB_add_u32(&priv_cbb, id) ||  //
       !CBB_add_u32(&pub_cbb, id)) {
     OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_BUFFER_TOO_SMALL);
-    goto err;
+    return 0;
   }
 
   if (!method->generate_key(&priv_cbb, &pub_cbb)) {
-    goto err;
+    return 0;
   }
 
   if (!CBB_finish(&priv_cbb, NULL, out_priv_key_len) ||
       !CBB_finish(&pub_cbb, NULL, out_pub_key_len)) {
     OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_BUFFER_TOO_SMALL);
-    goto err;
+    return 0;
   }
 
-  ret = 1;
-
-err:
-  CBB_cleanup(&priv_cbb);
-  CBB_cleanup(&pub_cbb);
-  return ret;
+  return 1;
 }
 
 int TRUST_TOKEN_derive_key_from_secret(
@@ -149,35 +141,27 @@
     size_t *out_pub_key_len, size_t max_pub_key_len, uint32_t id,
     const uint8_t *secret, size_t secret_len) {
   // Prepend the key ID in front of the PMBTokens format.
-  int ret = 0;
   CBB priv_cbb, pub_cbb;
-  CBB_zero(&priv_cbb);
-  CBB_zero(&pub_cbb);
-  if (!CBB_init_fixed(&priv_cbb, out_priv_key, max_priv_key_len) ||
-      !CBB_init_fixed(&pub_cbb, out_pub_key, max_pub_key_len) ||
-      !CBB_add_u32(&priv_cbb, id) ||
+  CBB_init_fixed(&priv_cbb, out_priv_key, max_priv_key_len);
+  CBB_init_fixed(&pub_cbb, out_pub_key, max_pub_key_len);
+  if (!CBB_add_u32(&priv_cbb, id) ||  //
       !CBB_add_u32(&pub_cbb, id)) {
     OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_BUFFER_TOO_SMALL);
-    goto err;
+    return 0;
   }
 
   if (!method->derive_key_from_secret(&priv_cbb, &pub_cbb, secret,
                                         secret_len)) {
-    goto err;
+    return 0;
   }
 
   if (!CBB_finish(&priv_cbb, NULL, out_priv_key_len) ||
       !CBB_finish(&pub_cbb, NULL, out_pub_key_len)) {
     OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_BUFFER_TOO_SMALL);
-    goto err;
+    return 0;
   }
 
-  ret = 1;
-
-err:
-  CBB_cleanup(&priv_cbb);
-  CBB_cleanup(&pub_cbb);
-  return ret;
+  return 1;
 }
 
 TRUST_TOKEN_CLIENT *TRUST_TOKEN_CLIENT_new(const TRUST_TOKEN_METHOD *method,
commit	254b8e113977aeb84ced559772537cd15bbe6cfc	[log] [tgz]
author	David Benjamin <davidben@google.com>	Sat Jun 25 22:58:22 2022 -0400
committer	Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>	Tue Oct 11 21:24:34 2022 +0000
tree	d922430f9913140382db9ccbd303ff5e940a91a2
parent	15ba28f839c828ced30178a86a9c56b104d3b5d7 [diff]