Add in missing curly braces part 3.
Everything else.
Change-Id: Iac02b144465b4e7b6d69ea22ff2aaf52695ae732
diff --git a/crypto/evp/evp.c b/crypto/evp/evp.c
index 8a1d513..4ba64b7 100644
--- a/crypto/evp/evp.c
+++ b/crypto/evp/evp.c
@@ -142,8 +142,9 @@
/* Compare parameters if the algorithm has them */
if (a->ameth->param_cmp) {
ret = a->ameth->param_cmp(a, b);
- if (ret <= 0)
+ if (ret <= 0) {
return ret;
+ }
}
if (a->ameth->pub_cmp) {
@@ -246,8 +247,9 @@
}
merr:
- if (mac_ctx)
+ if (mac_ctx) {
EVP_PKEY_CTX_free(mac_ctx);
+ }
return ret;
}
diff --git a/crypto/evp/p_ec.c b/crypto/evp/p_ec.c
index c274131..f45989a 100644
--- a/crypto/evp/p_ec.c
+++ b/crypto/evp/p_ec.c
@@ -212,8 +212,9 @@
OPENSSL_PUT_ERROR(EVP, pkey_ec_ctrl, EVP_R_INVALID_CURVE);
return 0;
}
- if (dctx->gen_group)
+ if (dctx->gen_group) {
EC_GROUP_free(dctx->gen_group);
+ }
dctx->gen_group = group;
return 1;
diff --git a/crypto/evp/p_ec_asn1.c b/crypto/evp/p_ec_asn1.c
index 48a175b..d2d6792 100644
--- a/crypto/evp/p_ec_asn1.c
+++ b/crypto/evp/p_ec_asn1.c
@@ -201,8 +201,9 @@
return 1;
err:
- if (eckey)
+ if (eckey) {
EC_KEY_free(eckey);
+ }
return 0;
}
@@ -235,8 +236,9 @@
eckey = eckey_type2param(ptype, pval);
- if (!eckey)
+ if (!eckey) {
goto ecliberr;
+ }
/* We have parameters now set private key */
if (!d2i_ECPrivateKey(&eckey, &p, pklen)) {
@@ -282,8 +284,9 @@
ecliberr:
OPENSSL_PUT_ERROR(EVP, eckey_priv_decode, ERR_R_EC_LIB);
ecerr:
- if (eckey)
+ if (eckey) {
EC_KEY_free(eckey);
+ }
return 0;
}
@@ -435,10 +438,12 @@
if (ktype == 2) {
priv_key = EC_KEY_get0_private_key(x);
- if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len)
+ if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len) {
buf_len = i;
- } else
+ }
+ } else {
priv_key = NULL;
+ }
if (ktype > 0) {
buf_len += 10;
@@ -447,24 +452,27 @@
goto err;
}
}
- if (ktype == 2)
+ if (ktype == 2) {
ecstr = "Private-Key";
- else if (ktype == 1)
+ } else if (ktype == 1) {
ecstr = "Public-Key";
- else
+ } else {
ecstr = "ECDSA-Parameters";
+ }
- if (!BIO_indent(bp, off, 128))
+ if (!BIO_indent(bp, off, 128)) {
goto err;
- if ((order = BN_new()) == NULL)
+ }
+ order = BN_new();
+ if (order == NULL || !EC_GROUP_get_order(group, order, NULL) ||
+ BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0) {
goto err;
- if (!EC_GROUP_get_order(group, order, NULL))
- goto err;
- if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0)
- goto err;
+ }
- if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key, buffer, off))
+ if ((priv_key != NULL) &&
+ !ASN1_bn_print(bp, "priv:", priv_key, buffer, off)) {
goto err;
+ }
if (pub_key_bytes != NULL) {
BIO_hexdump(bp, pub_key_bytes, pub_key_bytes_len, off);
}
@@ -475,16 +483,21 @@
ret = 1;
err:
- if (!ret)
+ if (!ret) {
OPENSSL_PUT_ERROR(EVP, do_EC_KEY_print, reason);
- if (pub_key_bytes)
+ }
+ if (pub_key_bytes) {
OPENSSL_free(pub_key_bytes);
- if (order)
+ }
+ if (order) {
BN_free(order);
- if (ctx)
+ }
+ if (ctx) {
BN_CTX_free(ctx);
- if (buffer != NULL)
+ }
+ if (buffer != NULL) {
OPENSSL_free(buffer);
+ }
return ret;
}
diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c
index 31f5aaa..ff294ae 100644
--- a/crypto/evp/p_rsa.c
+++ b/crypto/evp/p_rsa.c
@@ -497,8 +497,9 @@
if (!rctx->pub_exp) {
rctx->pub_exp = BN_new();
- if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4))
+ if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4)) {
return 0;
+ }
}
rsa = RSA_new();
if (!rsa) {
diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c
index f478d50..dd39f03 100644
--- a/crypto/evp/p_rsa_asn1.c
+++ b/crypto/evp/p_rsa_asn1.c
@@ -463,12 +463,15 @@
stmp = NULL;
err:
- if (stmp)
+ if (stmp) {
ASN1_STRING_free(stmp);
- if (algtmp)
+ }
+ if (algtmp) {
X509_ALGOR_free(algtmp);
- if (*palg)
+ }
+ if (*palg) {
return 1;
+ }
return 0;
}
@@ -560,12 +563,15 @@
rv = 1;
err:
- if (pss)
+ if (pss) {
RSA_PSS_PARAMS_free(pss);
- if (rv)
+ }
+ if (rv) {
return os;
- if (os)
+ }
+ if (os) {
ASN1_STRING_free(os);
+ }
return NULL;
}
diff --git a/crypto/modes/cbc.c b/crypto/modes/cbc.c
index a2ad26c..ba4805b 100644
--- a/crypto/modes/cbc.c
+++ b/crypto/modes/cbc.c
@@ -128,8 +128,9 @@
((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
while (len >= 16) {
(*block)(in, out, key);
- for (n = 0; n < 16; ++n)
+ for (n = 0; n < 16; ++n) {
out[n] ^= iv[n];
+ }
iv = in;
len -= 16;
in += 16;
@@ -140,8 +141,9 @@
size_t *out_t = (size_t *)out, *iv_t = (size_t *)iv;
(*block)(in, out, key);
- for (n = 0; n < 16 / sizeof(size_t); n++)
+ for (n = 0; n < 16 / sizeof(size_t); n++) {
out_t[n] ^= iv_t[n];
+ }
iv = in;
len -= 16;
in += 16;
diff --git a/crypto/modes/ctr.c b/crypto/modes/ctr.c
index 61832ba..a5a3589 100644
--- a/crypto/modes/ctr.c
+++ b/crypto/modes/ctr.c
@@ -121,8 +121,9 @@
while (len >= 16) {
(*block)(ivec, ecount_buf, key);
ctr128_inc(ivec);
- for (; n < 16; n += sizeof(size_t))
+ for (; n < 16; n += sizeof(size_t)) {
*(size_t *)(out + n) = *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);
+ }
len -= 16;
out += 16;
in += 16;
@@ -179,8 +180,9 @@
/* 1<<28 is just a not-so-small yet not-so-large number...
* Below condition is practically never met, but it has to
* be checked for code correctness. */
- if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28))
+ if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28)) {
blocks = (1U << 28);
+ }
/* As (*func) operates on 32-bit counter, caller
* has to handle overflow. 'if' below detects the
* overflow, which is then handled by limiting the
@@ -194,8 +196,9 @@
/* (*func) does not update ivec, caller does: */
PUTU32(ivec + 12, ctr32);
/* ... overflow was detected, propogate carry. */
- if (ctr32 == 0)
+ if (ctr32 == 0) {
ctr96_inc(ivec);
+ }
blocks *= 16;
len -= blocks;
out += blocks;
diff --git a/crypto/modes/gcm.c b/crypto/modes/gcm.c
index eeaeeff..b1c10b3 100644
--- a/crypto/modes/gcm.c
+++ b/crypto/modes/gcm.c
@@ -620,8 +620,9 @@
#endif
if (len) {
n = (unsigned int)len;
- for (i = 0; i < len; ++i)
+ for (i = 0; i < len; ++i) {
ctx->Xi.c[i] ^= aad[i];
+ }
}
ctx->ares = n;
@@ -1123,10 +1124,11 @@
GHASH(ctx, in, GHASH_CHUNK);
(*stream)(in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
ctr += GHASH_CHUNK / 16;
- if (is_endian.little)
+ if (is_endian.little) {
PUTU32(ctx->Yi.c + 12, ctr);
- else
+ } else {
ctx->Yi.d[3] = ctr;
+ }
out += GHASH_CHUNK;
in += GHASH_CHUNK;
len -= GHASH_CHUNK;
@@ -1140,8 +1142,9 @@
#else
while (j--) {
size_t k;
- for (k = 0; k < 16; ++k)
+ for (k = 0; k < 16; ++k) {
ctx->Xi.c[k] ^= in[k];
+ }
GCM_MUL(ctx, Xi);
in += 16;
}
@@ -1150,10 +1153,11 @@
#endif
(*stream)(in, out, j, key, ctx->Yi.c);
ctr += (unsigned int)j;
- if (is_endian.little)
+ if (is_endian.little) {
PUTU32(ctx->Yi.c + 12, ctr);
- else
+ } else {
ctx->Yi.d[3] = ctr;
+ }
out += i;
in += i;
len -= i;
@@ -1161,10 +1165,11 @@
if (len) {
(*ctx->block)(ctx->Yi.c, ctx->EKi.c, key);
++ctr;
- if (is_endian.little)
+ if (is_endian.little) {
PUTU32(ctx->Yi.c + 12, ctr);
- else
+ } else {
ctx->Yi.d[3] = ctr;
+ }
while (len--) {
uint8_t c = in[n];
ctx->Xi.c[n] ^= c;
diff --git a/crypto/pkcs8/pkcs8.c b/crypto/pkcs8/pkcs8.c
index ab5cf42..e6b33f6 100644
--- a/crypto/pkcs8/pkcs8.c
+++ b/crypto/pkcs8/pkcs8.c
@@ -123,23 +123,28 @@
Ai = OPENSSL_malloc(u);
B = OPENSSL_malloc(v + 1);
Slen = v * ((salt_len + v - 1) / v);
- if (pass_raw_len)
+ if (pass_raw_len) {
Plen = v * ((pass_raw_len + v - 1) / v);
- else
+ } else {
Plen = 0;
+ }
Ilen = Slen + Plen;
I = OPENSSL_malloc(Ilen);
Ij = BN_new();
Bpl1 = BN_new();
- if (!D || !Ai || !B || !I || !Ij || !Bpl1)
+ if (!D || !Ai || !B || !I || !Ij || !Bpl1) {
goto err;
- for (i = 0; i < v; i++)
+ }
+ for (i = 0; i < v; i++) {
D[i] = id;
+ }
p = I;
- for (i = 0; i < Slen; i++)
+ for (i = 0; i < Slen; i++) {
*p++ = salt[i % salt_len];
- for (i = 0; i < Plen; i++)
+ }
+ for (i = 0; i < Plen; i++) {
*p++ = pass_raw[i % pass_raw_len];
+ }
for (;;) {
if (!EVP_DigestInit_ex(&ctx, md_type, NULL) ||
!EVP_DigestUpdate(&ctx, D, v) ||
@@ -161,31 +166,33 @@
}
out_len -= u;
out += u;
- for (j = 0; j < v; j++)
+ for (j = 0; j < v; j++) {
B[j] = Ai[j % u];
+ }
/* Work out B + 1 first then can use B as tmp space */
- if (!BN_bin2bn(B, v, Bpl1))
+ if (!BN_bin2bn(B, v, Bpl1) ||
+ !BN_add_word(Bpl1, 1)) {
goto err;
- if (!BN_add_word(Bpl1, 1))
- goto err;
+ }
for (j = 0; j < Ilen; j += v) {
- if (!BN_bin2bn(I + j, v, Ij))
+ if (!BN_bin2bn(I + j, v, Ij) ||
+ !BN_add(Ij, Ij, Bpl1) ||
+ !BN_bn2bin(Ij, B)) {
goto err;
- if (!BN_add(Ij, Ij, Bpl1))
- goto err;
- if (!BN_bn2bin(Ij, B))
- goto err;
+ }
Ijlen = BN_num_bytes(Ij);
/* If more than 2^(v*8) - 1 cut off MSB */
if (Ijlen > v) {
- if (!BN_bn2bin(Ij, B))
+ if (!BN_bn2bin(Ij, B)) {
goto err;
+ }
memcpy(I + j, B + 1, v);
/* If less than v bytes pad with zeroes */
} else if (Ijlen < v) {
memset(I + j, 0, v - Ijlen);
- if (!BN_bn2bin(Ij, I + j + v - Ijlen))
+ if (!BN_bn2bin(Ij, I + j + v - Ijlen)) {
goto err;
+ }
} else if (!BN_bn2bin(Ij, I + j)) {
goto err;
}
@@ -547,8 +554,9 @@
ASN1_OBJECT *algoid;
char obj_tmp[80];
- if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
+ if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8)) {
return NULL;
+ }
pkey = EVP_PKEY_new();
if (pkey == NULL) {
diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
index bf5cd5e..5a49e2d 100644
--- a/crypto/poly1305/poly1305.c
+++ b/crypto/poly1305/poly1305.c
@@ -132,19 +132,23 @@
b = (uint32_t)(t[4] >> 26);
state->h0 += b * 5;
- if (len >= 16)
+ if (len >= 16) {
goto poly1305_donna_16bytes;
+ }
/* final bytes */
poly1305_donna_atmost15bytes:
- if (!len)
+ if (!len) {
return;
+ }
- for (j = 0; j < len; j++)
+ for (j = 0; j < len; j++) {
mp[j] = in[j];
+ }
mp[j++] = 1;
- for (; j < 16; j++)
+ for (; j < 16; j++) {
mp[j] = 0;
+ }
len = 0;
t0 = U8TO32_LE(mp + 0);
@@ -221,10 +225,12 @@
if (state->buf_used) {
unsigned int todo = 16 - state->buf_used;
- if (todo > in_len)
+ if (todo > in_len) {
todo = in_len;
- for (i = 0; i < todo; i++)
+ }
+ for (i = 0; i < todo; i++) {
state->buf[state->buf_used + i] = in[i];
+ }
state->buf_used += todo;
in_len -= todo;
in += todo;
@@ -243,8 +249,9 @@
}
if (in_len) {
- for (i = 0; i < in_len; i++)
+ for (i = 0; i < in_len; i++) {
state->buf[i] = in[i];
+ }
state->buf_used = in_len;
}
}
@@ -262,8 +269,9 @@
}
#endif
- if (state->buf_used)
+ if (state->buf_used) {
poly1305_update(state, state->buf, state->buf_used);
+ }
b = state->h0 >> 26;
state->h0 = state->h0 & 0x3ffffff;
diff --git a/crypto/poly1305/poly1305_arm.c b/crypto/poly1305/poly1305_arm.c
index 61ebec5..c06eded 100644
--- a/crypto/poly1305/poly1305_arm.c
+++ b/crypto/poly1305/poly1305_arm.c
@@ -135,13 +135,15 @@
int i;
uint8_t t[17];
- for (i = 0; (i < 16) && (i < xlen); i++)
+ for (i = 0; (i < 16) && (i < xlen); i++) {
t[i] = x[i];
+ }
xlen -= i;
x += i;
t[i++] = 1;
- for (; i < 17; i++)
+ for (; i < 17; i++) {
t[i] = 0;
+ }
r->v[0] = 0x3ffffff & load32(t);
r->v[2] = 0x3ffffff & (load32(t + 3) >> 2);
@@ -150,19 +152,22 @@
r->v[8] = load32(t + 13);
if (xlen) {
- for (i = 0; (i < 16) && (i < xlen); i++)
+ for (i = 0; (i < 16) && (i < xlen); i++) {
t[i] = x[i];
+ }
t[i++] = 1;
- for (; i < 17; i++)
+ for (; i < 17; i++) {
t[i] = 0;
+ }
r->v[1] = 0x3ffffff & load32(t);
r->v[3] = 0x3ffffff & (load32(t + 3) >> 2);
r->v[5] = 0x3ffffff & (load32(t + 6) >> 4);
r->v[7] = 0x3ffffff & (load32(t + 9) >> 6);
r->v[9] = load32(t + 13);
- } else
+ } else {
r->v[1] = r->v[3] = r->v[5] = r->v[7] = r->v[9] = 0;
+ }
}
static const fe1305x2 zero __attribute__((aligned(16)));
@@ -188,8 +193,9 @@
r->v[7] = r->v[6] = 0x3f03fff & ((*(uint32_t *)(key + 9)) >> 6);
r->v[9] = r->v[8] = 0x00fffff & ((*(uint32_t *)(key + 12)) >> 8);
- for (j = 0; j < 10; j++)
+ for (j = 0; j < 10; j++) {
h->v[j] = 0; /* XXX: should fast-forward a bit */
+ }
addmulmod(precomp, r, r, &zero); /* precompute r^2 */
addmulmod(precomp + 1, precomp, precomp, &zero); /* precompute r^4 */
@@ -209,10 +215,12 @@
if (st->buf_used) {
unsigned int todo = 32 - st->buf_used;
- if (todo > in_len)
+ if (todo > in_len) {
todo = in_len;
- for (i = 0; i < todo; i++)
+ }
+ for (i = 0; i < todo; i++) {
st->buf[st->buf_used + i] = in[i];
+ }
st->buf_used += todo;
in_len -= todo;
in += todo;
@@ -220,24 +228,27 @@
if (st->buf_used == sizeof(st->buf) && in_len) {
addmulmod(h, h, precomp, &zero);
fe1305x2_frombytearray(c, st->buf, sizeof(st->buf));
- for (i = 0; i < 10; i++)
+ for (i = 0; i < 10; i++) {
h->v[i] += c->v[i];
+ }
st->buf_used = 0;
}
}
while (in_len > 32) {
unsigned int tlen = 1048576;
- if (in_len < tlen)
+ if (in_len < tlen) {
tlen = in_len;
+ }
tlen -= blocks(h, precomp, in, tlen);
in_len -= tlen;
in += tlen;
}
if (in_len) {
- for (i = 0; i < in_len; i++)
+ for (i = 0; i < in_len; i++) {
st->buf[i] = in[i];
+ }
st->buf_used = in_len;
}
}
diff --git a/crypto/poly1305/poly1305_vec.c b/crypto/poly1305/poly1305_vec.c
index 89fcacb..07578d0 100644
--- a/crypto/poly1305/poly1305_vec.c
+++ b/crypto/poly1305/poly1305_vec.c
@@ -727,8 +727,9 @@
bytes -= want;
m += want;
st->leftover += want;
- if ((st->leftover < 32) || (bytes == 0))
+ if ((st->leftover < 32) || (bytes == 0)) {
return;
+ }
poly1305_first_block(st, st->buffer);
st->leftover = 0;
}
@@ -742,8 +743,9 @@
bytes -= want;
m += want;
st->leftover += want;
- if (st->leftover < 64)
+ if (st->leftover < 64) {
return;
+ }
poly1305_blocks(st, st->buffer, 64);
st->leftover = 0;
}
@@ -791,8 +793,9 @@
s1 = r1 * (5 << 2);
s2 = r2 * (5 << 2);
- if (leftover < 16)
+ if (leftover < 16) {
goto poly1305_donna_atmost15bytes;
+ }
poly1305_donna_atleast16bytes:
t0 = U8TO64_LE(m + 0);
@@ -821,13 +824,15 @@
m += 16;
leftover -= 16;
- if (leftover >= 16)
+ if (leftover >= 16) {
goto poly1305_donna_atleast16bytes;
+ }
/* final bytes */
poly1305_donna_atmost15bytes:
- if (!leftover)
+ if (!leftover) {
goto poly1305_donna_finish;
+ }
m[leftover++] = 1;
poly1305_block_zero(m + leftover, 16 - leftover);
diff --git a/crypto/rand/urandom.c b/crypto/rand/urandom.c
index a7e2ad8..a874974 100644
--- a/crypto/rand/urandom.c
+++ b/crypto/rand/urandom.c
@@ -88,8 +88,9 @@
/* urandom_get_fd_locked returns a file descriptor to /dev/urandom. The caller
* of this function must hold CRYPTO_LOCK_RAND. */
static int urandom_get_fd_locked(void) {
- if (urandom_fd != -2)
+ if (urandom_fd != -2) {
return urandom_fd;
+ }
urandom_fd = open("/dev/urandom", O_RDONLY);
return urandom_fd;
diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c
index 00b59c8..2ebee3b 100644
--- a/crypto/rc4/rc4.c
+++ b/crypto/rc4/rc4.c
@@ -285,34 +285,42 @@
in += 8;
out += 8;
#endif
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
}
}
i = len & 0x07;
if (i) {
for (;;) {
RC4_LOOP(in, out, 0);
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
RC4_LOOP(in, out, 1);
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
RC4_LOOP(in, out, 2);
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
RC4_LOOP(in, out, 3);
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
RC4_LOOP(in, out, 4);
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
RC4_LOOP(in, out, 5);
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
RC4_LOOP(in, out, 6);
- if (--i == 0)
+ if (--i == 0) {
break;
+ }
}
}
key->x = x;
diff --git a/crypto/rsa/blinding.c b/crypto/rsa/blinding.c
index 06f87a7..6b13d0d 100644
--- a/crypto/rsa/blinding.c
+++ b/crypto/rsa/blinding.c
@@ -182,14 +182,18 @@
return;
}
- if (r->A != NULL)
+ if (r->A != NULL) {
BN_free(r->A);
- if (r->Ai != NULL)
+ }
+ if (r->Ai != NULL) {
BN_free(r->Ai);
- if (r->e != NULL)
+ }
+ if (r->e != NULL) {
BN_free(r->e);
- if (r->mod != NULL)
+ }
+ if (r->mod != NULL) {
BN_free(r->mod);
+ }
OPENSSL_free(r);
}
diff --git a/crypto/rsa/padding.c b/crypto/rsa/padding.c
index 66fdf13..902e15e 100644
--- a/crypto/rsa/padding.c
+++ b/crypto/rsa/padding.c
@@ -620,8 +620,9 @@
if (MSBits) {
DB[0] &= 0xFF >> (8 - MSBits);
}
- for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++)
+ for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++) {
;
+ }
if (DB[i++] != 0x1) {
OPENSSL_PUT_ERROR(RSA, RSA_verify_PKCS1_PSS_mgf1,
RSA_R_SLEN_RECOVERY_FAILED);
diff --git a/crypto/rsa/rsa.c b/crypto/rsa/rsa.c
index cfdd7ff..86fd2aa 100644
--- a/crypto/rsa/rsa.c
+++ b/crypto/rsa/rsa.c
@@ -127,29 +127,39 @@
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, rsa, &rsa->ex_data);
- if (rsa->n != NULL)
+ if (rsa->n != NULL) {
BN_clear_free(rsa->n);
- if (rsa->e != NULL)
+ }
+ if (rsa->e != NULL) {
BN_clear_free(rsa->e);
- if (rsa->d != NULL)
+ }
+ if (rsa->d != NULL) {
BN_clear_free(rsa->d);
- if (rsa->p != NULL)
+ }
+ if (rsa->p != NULL) {
BN_clear_free(rsa->p);
- if (rsa->q != NULL)
+ }
+ if (rsa->q != NULL) {
BN_clear_free(rsa->q);
- if (rsa->dmp1 != NULL)
+ }
+ if (rsa->dmp1 != NULL) {
BN_clear_free(rsa->dmp1);
- if (rsa->dmq1 != NULL)
+ }
+ if (rsa->dmq1 != NULL) {
BN_clear_free(rsa->dmq1);
- if (rsa->iqmp != NULL)
+ }
+ if (rsa->iqmp != NULL) {
BN_clear_free(rsa->iqmp);
+ }
for (u = 0; u < rsa->num_blindings; u++) {
BN_BLINDING_free(rsa->blindings[u]);
}
- if (rsa->blindings != NULL)
+ if (rsa->blindings != NULL) {
OPENSSL_free(rsa->blindings);
- if (rsa->blindings_inuse != NULL)
+ }
+ if (rsa->blindings_inuse != NULL) {
OPENSSL_free(rsa->blindings_inuse);
+ }
OPENSSL_free(rsa);
}
diff --git a/crypto/rsa/rsa_impl.c b/crypto/rsa/rsa_impl.c
index d950d50..349d74f 100644
--- a/crypto/rsa/rsa_impl.c
+++ b/crypto/rsa/rsa_impl.c
@@ -814,65 +814,79 @@
bitsq = bits - bitsp;
/* We need the RSA components non-NULL */
- if (!rsa->n && ((rsa->n = BN_new()) == NULL))
+ if (!rsa->n && ((rsa->n = BN_new()) == NULL)) {
goto err;
- if (!rsa->d && ((rsa->d = BN_new()) == NULL))
+ }
+ if (!rsa->d && ((rsa->d = BN_new()) == NULL)) {
goto err;
- if (!rsa->e && ((rsa->e = BN_new()) == NULL))
+ }
+ if (!rsa->e && ((rsa->e = BN_new()) == NULL)) {
goto err;
- if (!rsa->p && ((rsa->p = BN_new()) == NULL))
+ }
+ if (!rsa->p && ((rsa->p = BN_new()) == NULL)) {
goto err;
- if (!rsa->q && ((rsa->q = BN_new()) == NULL))
+ }
+ if (!rsa->q && ((rsa->q = BN_new()) == NULL)) {
goto err;
- if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL))
+ }
+ if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL)) {
goto err;
- if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL))
+ }
+ if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL)) {
goto err;
- if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
+ }
+ if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL)) {
goto err;
+ }
BN_copy(rsa->e, e_value);
/* generate p and q */
for (;;) {
- if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
+ if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb) ||
+ !BN_sub(r2, rsa->p, BN_value_one()) ||
+ !BN_gcd(r1, r2, rsa->e, ctx)) {
goto err;
- if (!BN_sub(r2, rsa->p, BN_value_one()))
- goto err;
- if (!BN_gcd(r1, r2, rsa->e, ctx))
- goto err;
- if (BN_is_one(r1))
+ }
+ if (BN_is_one(r1)) {
break;
- if (!BN_GENCB_call(cb, 2, n++))
+ }
+ if (!BN_GENCB_call(cb, 2, n++)) {
goto err;
+ }
}
- if (!BN_GENCB_call(cb, 3, 0))
+ if (!BN_GENCB_call(cb, 3, 0)) {
goto err;
+ }
for (;;) {
/* When generating ridiculously small keys, we can get stuck
* continually regenerating the same prime values. Check for
* this and bail if it happens 3 times. */
unsigned int degenerate = 0;
do {
- if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
+ if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) {
goto err;
+ }
} while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
if (degenerate == 3) {
ok = 0; /* we set our own err */
OPENSSL_PUT_ERROR(RSA, keygen, RSA_R_KEY_SIZE_TOO_SMALL);
goto err;
}
- if (!BN_sub(r2, rsa->q, BN_value_one()))
+ if (!BN_sub(r2, rsa->q, BN_value_one()) ||
+ !BN_gcd(r1, r2, rsa->e, ctx)) {
goto err;
- if (!BN_gcd(r1, r2, rsa->e, ctx))
- goto err;
- if (BN_is_one(r1))
+ }
+ if (BN_is_one(r1)) {
break;
- if (!BN_GENCB_call(cb, 2, n++))
+ }
+ if (!BN_GENCB_call(cb, 2, n++)) {
goto err;
+ }
}
- if (!BN_GENCB_call(cb, 3, 1))
+ if (!BN_GENCB_call(cb, 3, 1)) {
goto err;
+ }
if (BN_cmp(rsa->p, rsa->q) < 0) {
tmp = rsa->p;
rsa->p = rsa->q;
@@ -880,39 +894,47 @@
}
/* calculate n */
- if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx))
+ if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx)) {
goto err;
+ }
/* calculate d */
- if (!BN_sub(r1, rsa->p, BN_value_one()))
+ if (!BN_sub(r1, rsa->p, BN_value_one())) {
goto err; /* p-1 */
- if (!BN_sub(r2, rsa->q, BN_value_one()))
+ }
+ if (!BN_sub(r2, rsa->q, BN_value_one())) {
goto err; /* q-1 */
- if (!BN_mul(r0, r1, r2, ctx))
+ }
+ if (!BN_mul(r0, r1, r2, ctx)) {
goto err; /* (p-1)(q-1) */
+ }
pr0 = &local_r0;
BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
- if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx))
+ if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx)) {
goto err; /* d */
+ }
/* set up d for correct BN_FLG_CONSTTIME flag */
d = &local_d;
BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
/* calculate d mod (p-1) */
- if (!BN_mod(rsa->dmp1, d, r1, ctx))
+ if (!BN_mod(rsa->dmp1, d, r1, ctx)) {
goto err;
+ }
/* calculate d mod (q-1) */
- if (!BN_mod(rsa->dmq1, d, r2, ctx))
+ if (!BN_mod(rsa->dmq1, d, r2, ctx)) {
goto err;
+ }
/* calculate inverse of q mod p */
p = &local_p;
BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
- if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx))
+ if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx)) {
goto err;
+ }
ok = 1;
diff --git a/crypto/rsa/rsa_test.c b/crypto/rsa/rsa_test.c
index 75489e0..386ecac 100644
--- a/crypto/rsa/rsa_test.c
+++ b/crypto/rsa/rsa_test.c
@@ -478,8 +478,9 @@
int b;
unsigned char saved = ctext[n];
for (b = 0; b < 256; ++b) {
- if (b == saved)
+ if (b == saved) {
continue;
+ }
ctext[n] = b;
num =
RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING);
diff --git a/crypto/sha/sha1.c b/crypto/sha/sha1.c
index 7595bc8..60d09f6 100644
--- a/crypto/sha/sha1.c
+++ b/crypto/sha/sha1.c
@@ -367,8 +367,9 @@
c->h3 = (c->h3 + B) & 0xffffffffL;
c->h4 = (c->h4 + C) & 0xffffffffL;
- if (--num == 0)
+ if (--num == 0) {
break;
+ }
A = c->h0;
B = c->h1;
diff --git a/crypto/sha/sha512.c b/crypto/sha/sha512.c
index 59be8c1..2acefb1 100644
--- a/crypto/sha/sha512.c
+++ b/crypto/sha/sha512.c
@@ -189,8 +189,9 @@
uint8_t *p = c->u.p;
const uint8_t *data = (const uint8_t *)in_data;
- if (len == 0)
+ if (len == 0) {
return 1;
+ }
l = (c->Nl + (((uint64_t)len) << 3)) & OPENSSL_U64(0xffffffffffffffff);
if (l < c->Nl) {
@@ -218,14 +219,21 @@
if (len >= sizeof(c->u)) {
#ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
- if ((size_t)data % sizeof(c->u.d[0]) != 0)
- while (len >= sizeof(c->u))
- memcpy(p, data, sizeof(c->u)), sha512_block_data_order(c, p, 1),
- len -= sizeof(c->u), data += sizeof(c->u);
- else
+ if ((size_t)data % sizeof(c->u.d[0]) != 0) {
+ while (len >= sizeof(c->u)) {
+ memcpy(p, data, sizeof(c->u));
+ sha512_block_data_order(c, p, 1);
+ len -= sizeof(c->u);
+ data += sizeof(c->u);
+ }
+ } else
#endif
- sha512_block_data_order(c, data, len / sizeof(c->u)), data += len,
- len %= sizeof(c->u), data -= len;
+ {
+ sha512_block_data_order(c, data, len / sizeof(c->u));
+ data += len;
+ len %= sizeof(c->u);
+ data -= len;
+ }
}
if (len != 0) {
diff --git a/crypto/time_support.c b/crypto/time_support.c
index bbfe303..0f2787c 100644
--- a/crypto/time_support.c
+++ b/crypto/time_support.c
@@ -129,8 +129,9 @@
/* Work out Julian day of new date */
time_jd += offset_day;
- if (time_jd < 0)
+ if (time_jd < 0) {
return 0;
+ }
*pday = time_jd;
*psec = offset_hms;
@@ -142,15 +143,17 @@
long time_jd;
/* Convert time and offset into julian day and seconds */
- if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec))
+ if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec)) {
return 0;
+ }
/* Convert Julian day back to date */
julian_to_date(time_jd, &time_year, &time_month, &time_day);
- if (time_year < 1900 || time_year > 9999)
+ if (time_year < 1900 || time_year > 9999) {
return 0;
+ }
/* Update tm structure */
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 3f9e814..ae6f36d 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -490,8 +490,9 @@
ret = 1;
s->ctx->stats.sess_connect_good++;
- if (cb != NULL)
+ if (cb != NULL) {
cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+ }
/* done with handshaking */
s->d1->handshake_read_seq = 0;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 42be93a..f3bdefd 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -199,8 +199,9 @@
/* fallthrough */
case SSL_ST_CONNECT:
case SSL_ST_BEFORE | SSL_ST_CONNECT:
- if (cb != NULL)
+ if (cb != NULL) {
cb(s, SSL_CB_HANDSHAKE_START, 1);
+ }
if (s->init_buf == NULL) {
buf = BUF_MEM_new();
@@ -445,8 +446,9 @@
* hashes. */
if (s->s3->tlsext_channel_id_new) {
ret = tls1_record_handshake_hashes_for_channel_id(s);
- if (ret <= 0)
+ if (ret <= 0) {
goto end;
+ }
}
if ((SSL_get_mode(s) & SSL_MODE_HANDSHAKE_CUTTHROUGH) &&
ssl3_can_cutthrough(s) &&
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 6ecca21..2045590 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -394,8 +394,9 @@
if (ssl_cipher_requires_server_key_exchange(s->s3->tmp.new_cipher) ||
((alg_a & SSL_aPSK) && s->psk_identity_hint)) {
ret = ssl3_send_server_key_exchange(s);
- if (ret <= 0)
+ if (ret <= 0) {
goto end;
+ }
} else {
skip = 1;
}
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 624c41a..f0f8da5 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -1050,8 +1050,9 @@
}
cpk->chain = chain;
- if (rv == 0)
+ if (rv == 0) {
rv = 1;
+ }
err:
if (flags & SSL_BUILD_CHAIN_FLAG_CHECK) {
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
index c950ce8..3c13609 100644
--- a/ssl/ssl_txt.c
+++ b/ssl/ssl_txt.c
@@ -145,8 +145,9 @@
}
for (i = 0; i < x->session_id_length; i++) {
- if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
+ if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0) {
goto err;
+ }
}
if (BIO_puts(bp, "\n Session-ID-ctx: ") <= 0) {
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index e26351b..19e52a4 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -255,8 +255,9 @@
ret = 1;
done:
- if (extension_types)
+ if (extension_types) {
OPENSSL_free(extension_types);
+ }
return ret;
}
