Add in missing curly braces part 1.
Everything before crypto/ec.
Change-Id: Icbfab8e4ffe5cc56bf465eb57d3fdad3959a085c
Reviewed-on: https://boringssl-review.googlesource.com/3401
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/bio/buffer.c b/crypto/bio/buffer.c
index 5e423a1..5fbce7e 100644
--- a/crypto/bio/buffer.c
+++ b/crypto/bio/buffer.c
@@ -315,8 +315,9 @@
case BIO_CTRL_WPENDING:
ret = (long)ctx->obuf_len;
if (ret == 0) {
- if (b->next_bio == NULL)
+ if (b->next_bio == NULL) {
return 0;
+ }
ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
}
break;
diff --git a/crypto/bio/connect.c b/crypto/bio/connect.c
index 66ac3a7..16cfd60 100644
--- a/crypto/bio/connect.c
+++ b/crypto/bio/connect.c
@@ -397,10 +397,11 @@
break;
case BIO_C_DO_STATE_MACHINE:
/* use this one to start the connection */
- if (data->state != BIO_CONN_S_OK)
+ if (data->state != BIO_CONN_S_OK) {
ret = (long)conn_state(bio, data);
- else
+ } else {
ret = 1;
+ }
break;
case BIO_C_GET_CONNECT:
/* TODO(fork): can this be removed? (Or maybe this whole file). */
diff --git a/crypto/bio/socket.c b/crypto/bio/socket.c
index 590447f..3f3884c 100644
--- a/crypto/bio/socket.c
+++ b/crypto/bio/socket.c
@@ -150,11 +150,13 @@
case BIO_C_GET_FD:
if (b->init) {
ip = (int *)ptr;
- if (ip != NULL)
+ if (ip != NULL) {
*ip = b->num;
+ }
ret = b->num;
- } else
+ } else {
ret = -1;
+ }
break;
case BIO_CTRL_GET_CLOSE:
ret = b->shutdown;
diff --git a/crypto/bn/asm/x86_64-gcc.c b/crypto/bn/asm/x86_64-gcc.c
index b3d1965..ac63934 100644
--- a/crypto/bn/asm/x86_64-gcc.c
+++ b/crypto/bn/asm/x86_64-gcc.c
@@ -100,8 +100,9 @@
BN_ULONG w) {
BN_ULONG c1 = 0;
- if (num <= 0)
+ if (num <= 0) {
return (c1);
+ }
while (num & ~3) {
mul_add(rp[0], ap[0], w, c1);
@@ -114,23 +115,26 @@
}
if (num) {
mul_add(rp[0], ap[0], w, c1);
- if (--num == 0)
+ if (--num == 0) {
return c1;
+ }
mul_add(rp[1], ap[1], w, c1);
- if (--num == 0)
+ if (--num == 0) {
return c1;
+ }
mul_add(rp[2], ap[2], w, c1);
return c1;
}
- return (c1);
+ return c1;
}
BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w) {
BN_ULONG c1 = 0;
- if (num <= 0)
- return (c1);
+ if (num <= 0) {
+ return c1;
+ }
while (num & ~3) {
mul(rp[0], ap[0], w, c1);
@@ -143,19 +147,22 @@
}
if (num) {
mul(rp[0], ap[0], w, c1);
- if (--num == 0)
+ if (--num == 0) {
return c1;
+ }
mul(rp[1], ap[1], w, c1);
- if (--num == 0)
+ if (--num == 0) {
return c1;
+ }
mul(rp[2], ap[2], w, c1);
}
- return (c1);
+ return c1;
}
void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n) {
- if (n <= 0)
+ if (n <= 0) {
return;
+ }
while (n & ~3) {
sqr(r[0], r[1], a[0]);
@@ -168,11 +175,13 @@
}
if (n) {
sqr(r[0], r[1], a[0]);
- if (--n == 0)
+ if (--n == 0) {
return;
+ }
sqr(r[2], r[3], a[1]);
- if (--n == 0)
+ if (--n == 0) {
return;
+ }
sqr(r[4], r[5], a[2]);
}
}
@@ -190,8 +199,9 @@
BN_ULONG ret;
size_t i = 0;
- if (n <= 0)
+ if (n <= 0) {
return 0;
+ }
asm volatile (
" subq %0,%0 \n" /* clear carry */
@@ -216,8 +226,9 @@
BN_ULONG ret;
size_t i = 0;
- if (n <= 0)
+ if (n <= 0) {
return 0;
+ }
asm volatile (
" subq %0,%0 \n" /* clear borrow */
@@ -242,47 +253,56 @@
BN_ULONG t1, t2;
int c = 0;
- if (n <= 0)
- return ((BN_ULONG)0);
+ if (n <= 0) {
+ return (BN_ULONG)0;
+ }
for (;;) {
t1 = a[0];
t2 = b[0];
r[0] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
- if (--n <= 0)
+ }
+ if (--n <= 0) {
break;
+ }
t1 = a[1];
t2 = b[1];
r[1] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
- if (--n <= 0)
+ }
+ if (--n <= 0) {
break;
+ }
t1 = a[2];
t2 = b[2];
r[2] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
- if (--n <= 0)
+ }
+ if (--n <= 0) {
break;
+ }
t1 = a[3];
t2 = b[3];
r[3] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
- if (--n <= 0)
+ }
+ if (--n <= 0) {
break;
+ }
a += 4;
b += 4;
r += 4;
}
- return (c);
+ return c;
}
#endif
diff --git a/crypto/bn/bn.c b/crypto/bn/bn.c
index 368c4f1..f89b6f1 100644
--- a/crypto/bn/bn.c
+++ b/crypto/bn/bn.c
@@ -200,13 +200,15 @@
if (l & 0xffff000000000000L) {
if (l & 0xff00000000000000L) {
return (bits[(int)(l >> 56)] + 56);
- } else
+ } else {
return (bits[(int)(l >> 48)] + 48);
+ }
} else {
if (l & 0x0000ff0000000000L) {
return (bits[(int)(l >> 40)] + 40);
- } else
+ } else {
return (bits[(int)(l >> 32)] + 32);
+ }
}
} else
#endif
diff --git a/crypto/bn/bn_test.c b/crypto/bn/bn_test.c
index e342ed8..46f50ec 100644
--- a/crypto/bn/bn_test.c
+++ b/crypto/bn/bn_test.c
@@ -145,11 +145,12 @@
argc--;
argv++;
while (argc >= 1) {
- if (strcmp(*argv, "-results") == 0)
+ if (strcmp(*argv, "-results") == 0) {
results = 1;
- else if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
+ } else if (strcmp(*argv, "-out") == 0) {
+ if (--argc < 1) {
break;
+ }
outfile = *(++argv);
}
argc--;
@@ -158,8 +159,9 @@
ctx = BN_CTX_new();
- if (ctx == NULL)
+ if (ctx == NULL) {
return 1;
+ }
out = BIO_new(BIO_s_file());
if (out == NULL) {
@@ -175,82 +177,98 @@
}
}
- if (!results)
+ if (!results) {
BIO_puts(out, "obase=16\nibase=16\n");
+ }
message(out, "BN_add");
- if (!test_add(out))
+ if (!test_add(out)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_sub");
- if (!test_sub(out))
+ if (!test_sub(out)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_lshift1");
- if (!test_lshift1(out))
+ if (!test_lshift1(out)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_lshift (fixed)");
- if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL)))
+ if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL))) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_lshift");
- if (!test_lshift(out, ctx, NULL))
+ if (!test_lshift(out, ctx, NULL)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_rshift1");
- if (!test_rshift1(out))
+ if (!test_rshift1(out)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_rshift");
- if (!test_rshift(out, ctx))
+ if (!test_rshift(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_sqr");
- if (!test_sqr(out, ctx))
+ if (!test_sqr(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_mul");
- if (!test_mul(out))
+ if (!test_mul(out)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_div");
- if (!test_div(out, ctx))
+ if (!test_div(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_div_word");
- if (!test_div_word(out))
+ if (!test_div_word(out)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_mod");
- if (!test_mod(out, ctx))
+ if (!test_mod(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_mod_mul");
- if (!test_mod_mul(out, ctx))
+ if (!test_mod_mul(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_mont");
- if (!test_mont(out, ctx))
+ if (!test_mont(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_mod_exp");
- if (!test_mod_exp(out, ctx))
+ if (!test_mod_exp(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_mod_exp_mont_consttime");
@@ -268,23 +286,27 @@
(void)BIO_flush(out);
message(out, "BN_mod_sqrt");
- if (!test_mod_sqrt(out, ctx))
+ if (!test_mod_sqrt(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "Small prime generation");
- if (!test_small_prime(out, ctx))
+ if (!test_small_prime(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_sqrt");
- if (!test_sqrt(out, ctx))
+ if (!test_sqrt(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
message(out, "BN_bn2bin_padded");
- if (!test_bn2bin_padded(out, ctx))
+ if (!test_bn2bin_padded(out, ctx)) {
goto err;
+ }
(void)BIO_flush(out);
BN_CTX_free(ctx);
@@ -352,8 +374,9 @@
if (i < num1) {
BN_rand(&a, 512, 0, 0);
BN_copy(&b, &a);
- if (BN_set_bit(&a, i) == 0)
+ if (BN_set_bit(&a, i) == 0) {
return (0);
+ }
BN_add_word(&b, i);
} else {
BN_rand(&b, 400 + i - num1, 0, 0);
@@ -400,8 +423,9 @@
BN_copy(&b, &a);
BN_lshift(&a, &a, i);
BN_add_word(&a, i);
- } else
+ } else {
BN_rand(&b, 50 + 3 * (i - num1), 0, 0);
+ }
a.neg = rand_neg();
b.neg = rand_neg();
BN_div(&d, &c, &a, &b, ctx);
@@ -561,9 +585,9 @@
d = BN_new();
BN_one(c);
- if (a_)
+ if (a_) {
a = a_;
- else {
+ } else {
a = BN_new();
BN_rand(a, 200, 0, 0); /**/
a->neg = rand_neg();
@@ -610,8 +634,9 @@
BN_CTX *ctx;
ctx = BN_CTX_new();
- if (ctx == NULL)
+ if (ctx == NULL) {
abort();
+ }
BN_init(&a);
BN_init(&b);
@@ -623,8 +648,9 @@
if (i <= num1) {
BN_rand(&a, 100, 0, 0);
BN_rand(&b, 100, 0, 0);
- } else
+ } else {
BN_rand(&b, i - num1, 0, 0);
+ }
a.neg = rand_neg();
b.neg = rand_neg();
BN_mul(&c, &a, &b, ctx);
@@ -826,16 +852,18 @@
BN_init(&n);
mont = BN_MONT_CTX_new();
- if (mont == NULL)
+ if (mont == NULL) {
return 0;
+ }
BN_rand(&a, 100, 0, 0); /**/
BN_rand(&b, 100, 0, 0); /**/
for (i = 0; i < num2; i++) {
int bits = (200 * (i + 1)) / num2;
- if (bits == 0)
+ if (bits == 0) {
continue;
+ }
BN_rand(&n, bits, 0, 1);
BN_MONT_CTX_set(mont, &n, ctx);
@@ -942,8 +970,9 @@
if (!BN_mod_mul(e, a, b, c, ctx)) {
unsigned long l;
- while ((l = ERR_get_error()))
+ while ((l = ERR_get_error())) {
fprintf(stderr, "ERROR:%s\n", ERR_error_string(l, NULL));
+ }
abort();
}
if (bp != NULL) {
@@ -1000,8 +1029,9 @@
BN_rand(a, 20 + i * 5, 0, 0); /**/
BN_rand(b, 2 + i, 0, 0); /**/
- if (!BN_mod_exp(d, a, b, c, ctx))
+ if (!BN_mod_exp(d, a, b, c, ctx)) {
return (0);
+ }
if (bp != NULL) {
if (!results) {
@@ -1046,8 +1076,9 @@
BN_rand(a, 20 + i * 5, 0, 0); /**/
BN_rand(b, 2 + i, 0, 0); /**/
- if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL))
+ if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) {
return (00);
+ }
if (bp != NULL) {
if (!results) {
@@ -1096,8 +1127,9 @@
/* Zero exponent */
BN_rand(a, 1024, 0, 0);
BN_zero(p);
- if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+ if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) {
return 0;
+ }
if (!BN_is_one(d)) {
fprintf(stderr, "Modular exponentiation test failed!\n");
return 0;
@@ -1105,8 +1137,9 @@
/* Zero input */
BN_rand(p, 1024, 0, 0);
BN_zero(a);
- if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+ if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) {
return 0;
+ }
if (!BN_is_zero(d)) {
fprintf(stderr, "Modular exponentiation test failed!\n");
return 0;
@@ -1128,10 +1161,10 @@
}
/* Finally, some regular test vectors. */
BN_rand(e, 1024, 0, 0);
- if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
+ if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL) ||
+ !BN_mod_exp(a, e, p, m, ctx)) {
return 0;
- if (!BN_mod_exp(a, e, p, m, ctx))
- return 0;
+ }
if (BN_cmp(a, d) != 0) {
fprintf(stderr, "Modular exponentiation test failed!\n");
return 0;
@@ -1143,7 +1176,7 @@
BN_free(m);
BN_free(d);
BN_free(e);
- return (1);
+ return 1;
}
int test_exp(BIO *bp, BN_CTX *ctx) {
@@ -1161,8 +1194,9 @@
BN_rand(a, 20 + i * 5, 0, 0); /**/
BN_rand(b, 2 + i, 0, 0); /**/
- if (BN_exp(d, a, b, ctx) <= 0)
+ if (BN_exp(d, a, b, ctx) <= 0) {
return (0);
+ }
if (bp != NULL) {
if (!results) {
@@ -1175,8 +1209,9 @@
BIO_puts(bp, "\n");
}
BN_one(e);
- for (; !BN_is_zero(b); BN_sub(b, b, one))
+ for (; !BN_is_zero(b); BN_sub(b, b, one)) {
BN_mul(e, e, a, ctx);
+ }
BN_sub(e, e, d);
if (!BN_is_zero(e)) {
fprintf(stderr, "Exponentiation test failed!\n");
@@ -1188,7 +1223,7 @@
BN_free(d);
BN_free(e);
BN_free(one);
- return (1);
+ return 1;
}
/* test_exp_mod_zero tests that x**0 mod 1 == 0. */
@@ -1230,14 +1265,15 @@
static int genprime_cb(int p, int n, BN_GENCB *arg) {
char c = '*';
- if (p == 0)
+ if (p == 0) {
c = '.';
- if (p == 1)
+ } else if (p == 1) {
c = '+';
- if (p == 2)
+ } else if (p == 2) {
c = '*';
- if (p == 3)
+ } else if (p == 3) {
c = '\n';
+ }
putc(c, stdout);
fflush(stdout);
return 1;
@@ -1252,8 +1288,9 @@
a = BN_new();
p = BN_new();
r = BN_new();
- if (a == NULL || p == NULL || r == NULL)
+ if (a == NULL || p == NULL || r == NULL) {
goto err;
+ }
BN_GENCB_set(&cb, genprime_cb, NULL);
@@ -1261,16 +1298,18 @@
if (i < 8) {
unsigned primes[8] = {2, 3, 5, 7, 11, 13, 17, 19};
- if (!BN_set_word(p, primes[i]))
+ if (!BN_set_word(p, primes[i])) {
goto err;
+ }
} else {
- if (!BN_set_word(a, 32))
+ if (!BN_set_word(a, 32) ||
+ !BN_set_word(r, 2 * i + 1)) {
goto err;
- if (!BN_set_word(r, 2 * i + 1))
- goto err;
+ }
- if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb))
+ if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) {
goto err;
+ }
putc('\n', stdout);
}
p->neg = rand_neg();
@@ -1278,31 +1317,24 @@
for (j = 0; j < num2; j++) {
/* construct 'a' such that it is a square modulo p,
* but in general not a proper square and not reduced modulo p */
- if (!BN_rand(r, 256, 0, 3))
+ if (!BN_rand(r, 256, 0, 3) ||
+ !BN_nnmod(r, r, p, ctx) ||
+ !BN_mod_sqr(r, r, p, ctx) ||
+ !BN_rand(a, 256, 0, 3) ||
+ !BN_nnmod(a, a, p, ctx) ||
+ !BN_mod_sqr(a, a, p, ctx) ||
+ !BN_mul(a, a, r, ctx)) {
goto err;
- if (!BN_nnmod(r, r, p, ctx))
- goto err;
- if (!BN_mod_sqr(r, r, p, ctx))
- goto err;
- if (!BN_rand(a, 256, 0, 3))
- goto err;
- if (!BN_nnmod(a, a, p, ctx))
- goto err;
- if (!BN_mod_sqr(a, a, p, ctx))
- goto err;
- if (!BN_mul(a, a, r, ctx))
- goto err;
- if (rand_neg())
- if (!BN_sub(a, a, p))
+ }
+ if (rand_neg() && !BN_sub(a, a, p)) {
goto err;
+ }
- if (!BN_mod_sqrt(r, a, p, ctx))
+ if (!BN_mod_sqrt(r, a, p, ctx) ||
+ !BN_mod_sqr(r, r, p, ctx) ||
+ !BN_nnmod(a, a, p, ctx)) {
goto err;
- if (!BN_mod_sqr(r, r, p, ctx))
- goto err;
-
- if (!BN_nnmod(a, a, p, ctx))
- goto err;
+ }
if (BN_cmp(a, r) != 0) {
fprintf(stderr, "BN_mod_sqrt failed: a = ");
@@ -1324,12 +1356,15 @@
}
ret = 1;
err:
- if (a != NULL)
+ if (a != NULL) {
BN_free(a);
- if (p != NULL)
+ }
+ if (p != NULL) {
BN_free(p);
- if (r != NULL)
+ }
+ if (r != NULL) {
BN_free(r);
+ }
return ret;
}
diff --git a/crypto/bn/ctx.c b/crypto/bn/ctx.c
index e54007b..e3a5c92 100644
--- a/crypto/bn/ctx.c
+++ b/crypto/bn/ctx.c
@@ -205,14 +205,14 @@
}
static void BN_STACK_finish(BN_STACK *st) {
- if (st->size)
+ if (st->size) {
OPENSSL_free(st->indexes);
+ }
}
static int BN_STACK_push(BN_STACK *st, unsigned int idx) {
- if (st->depth == st->size)
- /* Need to expand */
- {
+ if (st->depth == st->size) {
+ /* Need to expand */
unsigned int newsize =
(st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES);
unsigned int *newitems = OPENSSL_malloc(newsize * sizeof(unsigned int));
diff --git a/crypto/bn/div.c b/crypto/bn/div.c
index d65957a..2bf86de 100644
--- a/crypto/bn/div.c
+++ b/crypto/bn/div.c
@@ -278,12 +278,14 @@
t2 = (BN_ULLONG)d1 * q;
for (;;) {
- if (t2 <= ((((BN_ULLONG)rem) << BN_BITS2) | wnump[-2]))
+ if (t2 <= ((((BN_ULLONG)rem) << BN_BITS2) | wnump[-2])) {
break;
+ }
q--;
rem += d0;
- if (rem < d0)
+ if (rem < d0) {
break; /* don't let rem overflow */
+ }
t2 -= d1;
}
#else /* !BN_LLONG */
@@ -316,14 +318,17 @@
#endif
for (;;) {
- if ((t2h < rem) || ((t2h == rem) && (t2l <= wnump[-2])))
+ if ((t2h < rem) || ((t2h == rem) && (t2l <= wnump[-2]))) {
break;
+ }
q--;
rem += d0;
- if (rem < d0)
+ if (rem < d0) {
break; /* don't let rem overflow */
- if (t2l < d1)
+ }
+ if (t2l < d1) {
t2h--;
+ }
t2l -= d1;
}
#endif /* !BN_LLONG */
diff --git a/crypto/bn/exponentiation.c b/crypto/bn/exponentiation.c
index 53f3e9c..3a07704 100644
--- a/crypto/bn/exponentiation.c
+++ b/crypto/bn/exponentiation.c
@@ -685,12 +685,14 @@
j = m->top; /* borrow j */
if (m->d[j - 1] & (((BN_ULONG)1) << (BN_BITS2 - 1))) {
- if (bn_wexpand(r, j) == NULL)
+ if (bn_wexpand(r, j) == NULL) {
goto err;
+ }
/* 2^(top*BN_BITS2) - m */
r->d[0] = (0 - m->d[0]) & BN_MASK2;
- for (i = 1; i < j; i++)
+ for (i = 1; i < j; i++) {
r->d[i] = (~m->d[i]) & BN_MASK2;
+ }
r->top = j;
/* Upper words will be zero if the corresponding words of 'm'
* were 0xfff[...], so decrement r->top accordingly. */
@@ -704,9 +706,8 @@
int wend; /* The bottom bit of the window */
if (BN_is_bit_set(p, wstart) == 0) {
- if (!start) {
- if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
- goto err;
+ if (!start && !BN_mod_mul_montgomery(r, r, r, mont, ctx)) {
+ goto err;
}
if (wstart == 0) {
break;
@@ -878,13 +879,13 @@
/* Allocate a montgomery context if it was not supplied by the caller.
* If this is not done, things will break in the montgomery part.
*/
- if (in_mont != NULL)
+ if (in_mont != NULL) {
mont = in_mont;
- else {
- if ((mont = BN_MONT_CTX_new()) == NULL)
+ } else {
+ mont = BN_MONT_CTX_new();
+ if (mont == NULL || !BN_MONT_CTX_set(mont, m, ctx)) {
goto err;
- if (!BN_MONT_CTX_set(mont, m, ctx))
- goto err;
+ }
}
#ifdef RSAZ_ENABLED
@@ -893,8 +894,9 @@
* crypto/bn/rsaz_exp.c and accompanying assembly modules. */
if ((16 == a->top) && (16 == p->top) && (BN_num_bits(m) == 1024) &&
rsaz_avx2_eligible()) {
- if (NULL == bn_wexpand(rr, 16))
+ if (NULL == bn_wexpand(rr, 16)) {
goto err;
+ }
RSAZ_1024_mod_exp_avx2(rr->d, a->d, p->d, m->d, mont->RR.d, mont->n0[0]);
rr->top = 16;
rr->neg = 0;
@@ -902,8 +904,9 @@
ret = 1;
goto err;
} else if ((8 == a->top) && (8 == p->top) && (BN_num_bits(m) == 512)) {
- if (NULL == bn_wexpand(rr, 8))
+ if (NULL == bn_wexpand(rr, 8)) {
goto err;
+ }
RSAZ_512_mod_exp(rr->d, a->d, p->d, m->d, mont->n0[0], mont->RR.d);
rr->top = 8;
rr->neg = 0;
@@ -918,8 +921,9 @@
#if defined(OPENSSL_BN_ASM_MONT5)
if (window >= 5) {
window = 5; /* ~5% improvement for RSA2048 sign, and even for RSA4096 */
- if ((top & 7) == 0)
+ if ((top & 7) == 0) {
powerbufLen += 2 * top * sizeof(m->d[0]);
+ }
}
#endif
(void)0;
@@ -932,20 +936,24 @@
sizeof(m->d[0]) *
(top * numPowers + ((2 * top) > numPowers ? (2 * top) : numPowers));
#ifdef alloca
- if (powerbufLen < 3072)
+ if (powerbufLen < 3072) {
powerbufFree = alloca(powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
- else
+ } else
#endif
- if ((powerbufFree = (unsigned char *)OPENSSL_malloc(
- powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL)
- goto err;
+ {
+ if ((powerbufFree = (unsigned char *)OPENSSL_malloc(
+ powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL) {
+ goto err;
+ }
+ }
powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
memset(powerbuf, 0, powerbufLen);
#ifdef alloca
- if (powerbufLen < 3072)
+ if (powerbufLen < 3072) {
powerbufFree = NULL;
+ }
#endif
/* lay down tmp and am right after powers table */
@@ -961,20 +969,23 @@
if (m->d[top - 1] & (((BN_ULONG)1) << (BN_BITS2 - 1))) {
/* 2^(top*BN_BITS2) - m */
tmp.d[0] = (0 - m->d[0]) & BN_MASK2;
- for (i = 1; i < top; i++)
+ for (i = 1; i < top; i++) {
tmp.d[i] = (~m->d[i]) & BN_MASK2;
+ }
tmp.top = top;
- } else if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
+ } else if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx)) {
goto err;
+ }
/* prepare a^1 in Montgomery domain */
if (a->neg || BN_ucmp(a, m) >= 0) {
- if (!BN_mod(&am, a, m, ctx))
+ if (!BN_mod(&am, a, m, ctx) ||
+ !BN_to_montgomery(&am, &am, mont, ctx)) {
goto err;
- if (!BN_to_montgomery(&am, &am, mont, ctx))
- goto err;
- } else if (!BN_to_montgomery(&am, a, mont, ctx))
+ }
+ } else if (!BN_to_montgomery(&am, a, mont, ctx)) {
goto err;
+ }
#if defined(OPENSSL_BN_ASM_MONT5)
/* This optimization uses ideas from http://eprint.iacr.org/2011/239,
@@ -1001,16 +1012,20 @@
/* BN_to_montgomery can contaminate words above .top
* [in BN_DEBUG[_DEBUG] build]... */
- for (i = am.top; i < top; i++)
+ for (i = am.top; i < top; i++) {
am.d[i] = 0;
- for (i = tmp.top; i < top; i++)
+ }
+ for (i = tmp.top; i < top; i++) {
tmp.d[i] = 0;
+ }
- if (top & 7)
+ if (top & 7) {
np2 = np;
- else
- for (np2 = am.d + top, i = 0; i < top; i++)
+ } else {
+ for (np2 = am.d + top, i = 0; i < top; i++) {
np2[2 * i] = np[i];
+ }
+ }
bn_scatter5(tmp.d, top, powerbuf, 0);
bn_scatter5(am.d, am.top, powerbuf, 1);
@@ -1043,8 +1058,9 @@
}
bits--;
- for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
+ for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--) {
wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+ }
bn_gather5(tmp.d, top, powerbuf, wvalue);
/* At this point |bits| is 4 mod 5 and at least -1. (|bits| is the first bit
@@ -1056,8 +1072,9 @@
*/
if (top & 7) {
while (bits >= 0) {
- for (wvalue = 0, i = 0; i < 5; i++, bits--)
+ for (wvalue = 0, i = 0; i < 5; i++, bits--) {
wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+ }
bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
@@ -1101,17 +1118,18 @@
tmp.top = top;
bn_correct_top(&tmp);
if (ret) {
- if (!BN_copy(rr, &tmp))
+ if (!BN_copy(rr, &tmp)) {
ret = 0;
+ }
goto err; /* non-zero ret means it's not error */
}
} else
#endif
{
- if (!copy_to_prebuf(&tmp, top, powerbuf, 0, numPowers))
+ if (!copy_to_prebuf(&tmp, top, powerbuf, 0, numPowers) ||
+ !copy_to_prebuf(&am, top, powerbuf, 1, numPowers)) {
goto err;
- if (!copy_to_prebuf(&am, top, powerbuf, 1, numPowers))
- goto err;
+ }
/* If the window size is greater than 1, then calculate
* val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1)
@@ -1119,24 +1137,26 @@
* to use the slight performance advantage of sqr over mul).
*/
if (window > 1) {
- if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
+ if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx) ||
+ !copy_to_prebuf(&tmp, top, powerbuf, 2, numPowers)) {
goto err;
- if (!copy_to_prebuf(&tmp, top, powerbuf, 2, numPowers))
- goto err;
+ }
for (i = 3; i < numPowers; i++) {
/* Calculate a^i = a^(i-1) * a */
- if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
+ if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx) ||
+ !copy_to_prebuf(&tmp, top, powerbuf, i, numPowers)) {
goto err;
- if (!copy_to_prebuf(&tmp, top, powerbuf, i, numPowers))
- goto err;
+ }
}
}
bits--;
- for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
+ for (wvalue = 0, i = bits % window; i >= 0; i--, bits--) {
wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
- if (!copy_from_prebuf(&tmp, top, powerbuf, wvalue, numPowers))
+ }
+ if (!copy_from_prebuf(&tmp, top, powerbuf, wvalue, numPowers)) {
goto err;
+ }
/* Scan the exponent one window at a time starting from the most
* significant bits.
@@ -1146,32 +1166,38 @@
/* Scan the window, squaring the result as we go */
for (i = 0; i < window; i++, bits--) {
- if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
+ if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx)) {
goto err;
+ }
wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
}
/* Fetch the appropriate pre-computed value from the pre-buf */
- if (!copy_from_prebuf(&am, top, powerbuf, wvalue, numPowers))
+ if (!copy_from_prebuf(&am, top, powerbuf, wvalue, numPowers)) {
goto err;
+ }
/* Multiply the result into the intermediate result */
- if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
+ if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx)) {
goto err;
+ }
}
}
/* Convert the final result from montgomery to standard format */
- if (!BN_from_montgomery(rr, &tmp, mont, ctx))
+ if (!BN_from_montgomery(rr, &tmp, mont, ctx)) {
goto err;
+ }
ret = 1;
err:
- if ((in_mont == NULL) && (mont != NULL))
+ if ((in_mont == NULL) && (mont != NULL)) {
BN_MONT_CTX_free(mont);
+ }
if (powerbuf != NULL) {
OPENSSL_cleanse(powerbuf, powerbufLen);
- if (powerbufFree)
+ if (powerbufFree) {
OPENSSL_free(powerbufFree);
+ }
}
BN_CTX_end(ctx);
return (ret);
@@ -1238,13 +1264,11 @@
goto err;
}
- if (in_mont != NULL)
+ if (in_mont != NULL) {
mont = in_mont;
- else {
- if ((mont = BN_MONT_CTX_new()) == NULL) {
- goto err;
- }
- if (!BN_MONT_CTX_set(mont, m, ctx)) {
+ } else {
+ mont = BN_MONT_CTX_new();
+ if (mont == NULL || !BN_MONT_CTX_set(mont, m, ctx)) {
goto err;
}
}
@@ -1477,28 +1501,33 @@
if (!wvalue1 && BN_is_bit_set(p1, b)) {
/* consider bits b-window1+1 .. b for this window */
i = b - window1 + 1;
- while (!BN_is_bit_set(p1, i)) /* works for i<0 */
+ /* works for i<0 */
+ while (!BN_is_bit_set(p1, i)) {
i++;
+ }
wpos1 = i;
wvalue1 = 1;
for (i = b - 1; i >= wpos1; i--) {
wvalue1 <<= 1;
- if (BN_is_bit_set(p1, i))
+ if (BN_is_bit_set(p1, i)) {
wvalue1++;
+ }
}
}
if (!wvalue2 && BN_is_bit_set(p2, b)) {
/* consider bits b-window2+1 .. b for this window */
i = b - window2 + 1;
- while (!BN_is_bit_set(p2, i))
+ while (!BN_is_bit_set(p2, i)) {
i++;
+ }
wpos2 = i;
wvalue2 = 1;
for (i = b - 1; i >= wpos2; i--) {
wvalue2 <<= 1;
- if (BN_is_bit_set(p2, i))
+ if (BN_is_bit_set(p2, i)) {
wvalue2++;
+ }
}
}
diff --git a/crypto/bn/gcd.c b/crypto/bn/gcd.c
index 2dce296..789a094 100644
--- a/crypto/bn/gcd.c
+++ b/crypto/bn/gcd.c
@@ -586,8 +586,9 @@
*/
pB = &local_B;
BN_with_flags(pB, B, BN_FLG_CONSTTIME);
- if (!BN_nnmod(B, pB, A, ctx))
+ if (!BN_nnmod(B, pB, A, ctx)) {
goto err;
+ }
}
sign = -1;
/* From B = a mod |n|, A = |n| it follows that
diff --git a/crypto/bn/generic.c b/crypto/bn/generic.c
index 224a47c..0e7d867 100644
--- a/crypto/bn/generic.c
+++ b/crypto/bn/generic.c
@@ -585,23 +585,27 @@
t1 = a[0];
t2 = b[0];
r[0] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
+ }
t1 = a[1];
t2 = b[1];
r[1] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
+ }
t1 = a[2];
t2 = b[2];
r[2] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
+ }
t1 = a[3];
t2 = b[3];
r[3] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
+ }
a += 4;
b += 4;
r += 4;
@@ -611,8 +615,9 @@
t1 = a[0];
t2 = b[0];
r[0] = (t1 - t2 - c) & BN_MASK2;
- if (t1 != t2)
+ if (t1 != t2) {
c = (t1 < t2);
+ }
a++;
b++;
r++;
@@ -1050,11 +1055,13 @@
#ifdef mul64
mh = HBITS(ml);
ml = LBITS(ml);
- for (j = 0; j < num; ++j)
+ for (j = 0; j < num; ++j) {
mul(tp[j], ap[j], ml, mh, c0);
+ }
#else
- for (j = 0; j < num; ++j)
+ for (j = 0; j < num; ++j) {
mul(tp[j], ap[j], ml, c0);
+ }
#endif
tp[num] = c0;
@@ -1067,11 +1074,13 @@
#ifdef mul64
mh = HBITS(ml);
ml = LBITS(ml);
- for (j = 0; j < num; ++j)
+ for (j = 0; j < num; ++j) {
mul_add(tp[j], ap[j], ml, mh, c0);
+ }
#else
- for (j = 0; j < num; ++j)
+ for (j = 0; j < num; ++j) {
mul_add(tp[j], ap[j], ml, c0);
+ }
#endif
c1 = (tp[num] + c0) & BN_MASK2;
tp[num] = c1;
@@ -1104,13 +1113,15 @@
if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
c0 = bn_sub_words(rp, tp, np, num);
if (tp[num] != 0 || c0 == 0) {
- for (i = 0; i < num + 2; i++)
+ for (i = 0; i < num + 2; i++) {
vp[i] = 0;
+ }
return 1;
}
}
- for (i = 0; i < num; i++)
+ for (i = 0; i < num; i++) {
rp[i] = tp[i], vp[i] = 0;
+ }
vp[num] = 0;
vp[num + 1] = 0;
return 1;
diff --git a/crypto/bn/montgomery.c b/crypto/bn/montgomery.c
index 65e177c..5a9d686 100644
--- a/crypto/bn/montgomery.c
+++ b/crypto/bn/montgomery.c
@@ -514,8 +514,9 @@
return 0;
}
- if (BN_copy(t, a))
+ if (BN_copy(t, a)) {
retn = BN_from_montgomery_word(ret, t, mont);
+ }
BN_CTX_end(ctx);
return retn;
diff --git a/crypto/bn/mul.c b/crypto/bn/mul.c
index 80c6288..a17d766 100644
--- a/crypto/bn/mul.c
+++ b/crypto/bn/mul.c
@@ -150,8 +150,9 @@
assert(cl >= 0);
c = bn_sub_words(r, a, b, cl);
- if (dl == 0)
+ if (dl == 0) {
return c;
+ }
r += cl;
a += cl;
@@ -330,8 +331,9 @@
/* Else do normal multiply */
if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) {
bn_mul_normal(r, a, n2 + dna, b, n2 + dnb);
- if ((dna + dnb) < 0)
+ if ((dna + dnb) < 0) {
memset(&r[2 * n2 + dna + dnb], 0, sizeof(BN_ULONG) * -(dna + dnb));
+ }
return;
}
diff --git a/crypto/bn/prime.c b/crypto/bn/prime.c
index fc9a3d5..6bdc921 100644
--- a/crypto/bn/prime.c
+++ b/crypto/bn/prime.c
@@ -682,8 +682,9 @@
for (i = 1; i < NUMPRIMES && primes[i] < rnd_word; i++) {
if ((mods[i] + delta) % primes[i] == 0) {
delta += 2;
- if (delta > maxdelta)
+ if (delta > maxdelta) {
goto again;
+ }
goto loop;
}
}
@@ -693,8 +694,9 @@
* that gcd(rnd-1,primes) == 1 (except for 2) */
if (((mods[i] + delta) % primes[i]) <= 1) {
delta += 2;
- if (delta > maxdelta)
+ if (delta > maxdelta) {
goto again;
+ }
goto loop;
}
}
diff --git a/crypto/bytestring/cbs.c b/crypto/bytestring/cbs.c
index b417716..36d64d8 100644
--- a/crypto/bytestring/cbs.c
+++ b/crypto/bytestring/cbs.c
@@ -82,8 +82,9 @@
}
int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) {
- if (len != cbs->len)
+ if (len != cbs->len) {
return 0;
+ }
return CRYPTO_memcmp(cbs->data, data, len) == 0;
}
diff --git a/crypto/cipher/cipher_test.c b/crypto/cipher/cipher_test.c
index 2b04ad5..55db93e 100644
--- a/crypto/cipher/cipher_test.c
+++ b/crypto/cipher/cipher_test.c
@@ -68,8 +68,9 @@
fprintf(f, "%s", title);
for (; n < l; ++n) {
- if ((n % 16) == 0)
+ if ((n % 16) == 0) {
fprintf(f, "\n%04x", n);
+ }
fprintf(f, " %02x", s[n]);
}
fprintf(f, "\n");
@@ -388,8 +389,9 @@
if (p[-1] == '\n') {
encdec = -1;
p[-1] = '\0';
- } else
+ } else {
encdec = atoi(sstrsep(&p, "\n"));
+ }
}
kn = convert(key);
diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c
index b8dab95..dbfe563 100644
--- a/crypto/conf/conf.c
+++ b/crypto/conf/conf.c
@@ -530,20 +530,22 @@
BIO_gets(in, p, CONFBUFSIZE - 1);
p[CONFBUFSIZE - 1] = '\0';
ii = i = strlen(p);
- if (i == 0 && !again)
+ if (i == 0 && !again) {
break;
+ }
again = 0;
while (i > 0) {
- if ((p[i - 1] != '\r') && (p[i - 1] != '\n'))
+ if ((p[i - 1] != '\r') && (p[i - 1] != '\n')) {
break;
- else
+ } else {
i--;
+ }
}
/* we removed some trailing stuff so there is a new
* line on the end. */
- if (ii && i == ii)
+ if (ii && i == ii) {
again = 1; /* long line */
- else {
+ } else {
p[i] = '\0';
eline++; /* another input line */
}
@@ -564,15 +566,17 @@
again = 1;
}
}
- if (again)
+ if (again) {
continue;
+ }
bufnum = 0;
buf = buff->data;
clear_comments(conf, buf);
s = eat_ws(conf, buf);
- if (IS_EOF(conf, *s))
+ if (IS_EOF(conf, *s)) {
continue; /* blank line */
+ }
if (*s == '[') {
char *ss;
@@ -591,10 +595,12 @@
goto err;
}
*end = '\0';
- if (!str_copy(conf, NULL, §ion, start))
+ if (!str_copy(conf, NULL, §ion, start)) {
goto err;
- if ((sv = get_section(conf, section)) == NULL)
+ }
+ if ((sv = get_section(conf, section)) == NULL) {
sv = NCONF_new_section(conf, section);
+ }
if (sv == NULL) {
OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
@@ -619,11 +625,13 @@
*end = '\0';
p++;
start = eat_ws(conf, p);
- while (!IS_EOF(conf, *p))
+ while (!IS_EOF(conf, *p)) {
p++;
+ }
p--;
- while ((p != start) && (IS_WS(conf, *p)))
+ while ((p != start) && (IS_WS(conf, *p))) {
p--;
+ }
p++;
*p = '\0';
@@ -631,8 +639,9 @@
OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (psection == NULL)
+ if (psection == NULL) {
psection = section;
+ }
v->name = (char *)OPENSSL_malloc(strlen(pname) + 1);
v->value = NULL;
if (v->name == NULL) {
@@ -640,18 +649,21 @@
goto err;
}
BUF_strlcpy(v->name, pname, strlen(pname) + 1);
- if (!str_copy(conf, psection, &(v->value), start))
+ if (!str_copy(conf, psection, &(v->value), start)) {
goto err;
+ }
if (strcmp(psection, section) != 0) {
- if ((tv = get_section(conf, psection)) == NULL)
+ if ((tv = get_section(conf, psection)) == NULL) {
tv = NCONF_new_section(conf, psection);
+ }
if (tv == NULL) {
OPENSSL_PUT_ERROR(CONF, def_load_bio, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- } else
+ } else {
tv = sv;
+ }
if (add_string(conf, tv, v) == 0) {
OPENSSL_PUT_ERROR(CONF, def_load_bio, ERR_R_MALLOC_FAILURE);
goto err;
@@ -659,29 +671,37 @@
v = NULL;
}
}
- if (buff != NULL)
+ if (buff != NULL) {
BUF_MEM_free(buff);
- if (section != NULL)
+ }
+ if (section != NULL) {
OPENSSL_free(section);
+ }
return 1;
err:
- if (buff != NULL)
+ if (buff != NULL) {
BUF_MEM_free(buff);
- if (section != NULL)
+ }
+ if (section != NULL) {
OPENSSL_free(section);
- if (out_error_line != NULL)
+ }
+ if (out_error_line != NULL) {
*out_error_line = eline;
+ }
BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
ERR_add_error_data(2, "line ", btmp);
if (v != NULL) {
- if (v->name != NULL)
+ if (v->name != NULL) {
OPENSSL_free(v->name);
- if (v->value != NULL)
+ }
+ if (v->value != NULL) {
OPENSSL_free(v->value);
- if (v != NULL)
+ }
+ if (v != NULL) {
OPENSSL_free(v);
+ }
}
return 0;
}
diff --git a/crypto/dh/dh_test.c b/crypto/dh/dh_test.c
index 3575f34..d03b1b3 100644
--- a/crypto/dh/dh_test.c
+++ b/crypto/dh/dh_test.c
@@ -70,14 +70,15 @@
static int cb(int p, int n, BN_GENCB *arg) {
char c = '*';
- if (p == 0)
+ if (p == 0) {
c = '.';
- if (p == 1)
+ } else if (p == 1) {
c = '+';
- if (p == 2)
+ } else if (p == 2) {
c = '*';
- if (p == 3)
+ } else if (p == 3) {
c = '\n';
+ }
BIO_write(arg->arg, &c, 1);
(void)BIO_flush(arg->arg);
@@ -109,16 +110,21 @@
goto err;
}
- if (!DH_check(a, &i))
+ if (!DH_check(a, &i)) {
goto err;
- if (i & DH_CHECK_P_NOT_PRIME)
+ }
+ if (i & DH_CHECK_P_NOT_PRIME) {
BIO_puts(out, "p value is not prime\n");
- if (i & DH_CHECK_P_NOT_SAFE_PRIME)
+ }
+ if (i & DH_CHECK_P_NOT_SAFE_PRIME) {
BIO_puts(out, "p value is not a safe prime\n");
- if (i & DH_CHECK_UNABLE_TO_CHECK_GENERATOR)
+ }
+ if (i & DH_CHECK_UNABLE_TO_CHECK_GENERATOR) {
BIO_puts(out, "unable to check the generator value\n");
- if (i & DH_CHECK_NOT_SUITABLE_GENERATOR)
+ }
+ if (i & DH_CHECK_NOT_SUITABLE_GENERATOR) {
BIO_puts(out, "the g value is not a generator\n");
+ }
BIO_puts(out, "\np =");
BN_print(out, a->p);
@@ -137,16 +143,18 @@
goto err;
}
- if (!DH_generate_key(a))
+ if (!DH_generate_key(a)) {
goto err;
+ }
BIO_puts(out, "pri 1=");
BN_print(out, a->priv_key);
BIO_puts(out, "\npub 1=");
BN_print(out, a->pub_key);
BIO_puts(out, "\n");
- if (!DH_generate_key(b))
+ if (!DH_generate_key(b)) {
goto err;
+ }
BIO_puts(out, "pri 2=");
BN_print(out, b->priv_key);
BIO_puts(out, "\npub 2=");
@@ -177,23 +185,29 @@
if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
fprintf(stderr, "Error in DH routines\n");
ret = 1;
- } else
+ } else {
ret = 0;
+ }
- if (!run_rfc5114_tests())
+ if (!run_rfc5114_tests()) {
ret = 1;
+ }
err:
BIO_print_errors_fp(stderr);
- if (abuf != NULL)
+ if (abuf != NULL) {
OPENSSL_free(abuf);
- if (bbuf != NULL)
+ }
+ if (bbuf != NULL) {
OPENSSL_free(bbuf);
- if (b != NULL)
+ }
+ if (b != NULL) {
DH_free(b);
- if (a != NULL)
+ }
+ if (a != NULL) {
DH_free(a);
+ }
BIO_free(out);
return ret;
}
@@ -433,8 +447,9 @@
/* Set up DH structures setting key components */
dhA = td->get_param(NULL);
dhB = td->get_param(NULL);
- if (!dhA || !dhB)
+ if (!dhA || !dhB) {
goto bad_err;
+ }
dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
@@ -442,27 +457,29 @@
dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
- if (!dhA->priv_key || !dhA->pub_key || !dhB->priv_key || !dhB->pub_key)
+ if (!dhA->priv_key || !dhA->pub_key || !dhB->priv_key || !dhB->pub_key) {
goto bad_err;
+ }
if ((td->Z_len != (size_t)DH_size(dhA)) ||
- (td->Z_len != (size_t)DH_size(dhB)))
+ (td->Z_len != (size_t)DH_size(dhB))) {
goto err;
+ }
Z1 = OPENSSL_malloc(DH_size(dhA));
Z2 = OPENSSL_malloc(DH_size(dhB));
/* Work out shared secrets using both sides and compare
* with expected values.
*/
- if (!DH_compute_key(Z1, dhB->pub_key, dhA))
+ if (!DH_compute_key(Z1, dhB->pub_key, dhA) ||
+ !DH_compute_key(Z2, dhA->pub_key, dhB)) {
goto bad_err;
- if (!DH_compute_key(Z2, dhA->pub_key, dhB))
- goto bad_err;
+ }
- if (memcmp(Z1, td->Z, td->Z_len))
+ if (memcmp(Z1, td->Z, td->Z_len) ||
+ memcmp(Z2, td->Z, td->Z_len)) {
goto err;
- if (memcmp(Z2, td->Z, td->Z_len))
- goto err;
+ }
printf("RFC5114 parameter test %d OK\n", i + 1);
diff --git a/crypto/dsa/dsa.c b/crypto/dsa/dsa.c
index 8816b63..eca073a 100644
--- a/crypto/dsa/dsa.c
+++ b/crypto/dsa/dsa.c
@@ -128,20 +128,27 @@
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, dsa, &dsa->ex_data);
- if (dsa->p != NULL)
+ if (dsa->p != NULL) {
BN_clear_free(dsa->p);
- if (dsa->q != NULL)
+ }
+ if (dsa->q != NULL) {
BN_clear_free(dsa->q);
- if (dsa->g != NULL)
+ }
+ if (dsa->g != NULL) {
BN_clear_free(dsa->g);
- if (dsa->pub_key != NULL)
+ }
+ if (dsa->pub_key != NULL) {
BN_clear_free(dsa->pub_key);
- if (dsa->priv_key != NULL)
+ }
+ if (dsa->priv_key != NULL) {
BN_clear_free(dsa->priv_key);
- if (dsa->kinv != NULL)
+ }
+ if (dsa->kinv != NULL) {
BN_clear_free(dsa->kinv);
- if (dsa->r != NULL)
+ }
+ if (dsa->r != NULL) {
BN_clear_free(dsa->r);
+ }
OPENSSL_free(dsa);
}
diff --git a/crypto/dsa/dsa_impl.c b/crypto/dsa/dsa_impl.c
index 6719758..9efd008 100644
--- a/crypto/dsa/dsa_impl.c
+++ b/crypto/dsa/dsa_impl.c
@@ -128,8 +128,9 @@
}
/* Compute r = (g^k mod p) mod q */
- if (!BN_copy(&kq, &k))
+ if (!BN_copy(&kq, &k)) {
goto err;
+ }
/* We do not want timing information to leak the length of k,
* so we compute g^k using an equivalent exponent of fixed length.
@@ -137,11 +138,11 @@
* (This is a kludge that we need because the BN_mod_exp_mont()
* does not let us specify the desired timing behaviour.) */
- if (!BN_add(&kq, &kq, dsa->q))
+ if (!BN_add(&kq, &kq, dsa->q)) {
goto err;
- if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
- if (!BN_add(&kq, &kq, dsa->q))
- goto err;
+ }
+ if (BN_num_bits(&kq) <= BN_num_bits(dsa->q) && !BN_add(&kq, &kq, dsa->q)) {
+ goto err;
}
K = &kq;