Apply modernize-use-nullptr fixes in all .cc files Just fix these all in one go. This was done with the following command: find crypto/ decrepit/ pki/ ssl/ -name '*.cc' | xargs clang-tidy --checks=-*,modernize-use-nullptr -p . --fix Then I ran git cl format, after wrestling with CHROMIUM_BUILDTOOLS_PATH a bit to get it to run. (That mode seems to be broken? I had to add a symlink somewhere.) Change-Id: I471b12f3f59cabfddc5b3b979b6353f08fdf0ec3 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/83067 Reviewed-by: Lily Chen <chlily@google.com> Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Lily Chen <chlily@google.com>
diff --git a/crypto/asn1/a_bitstr.cc b/crypto/asn1/a_bitstr.cc index ba205a7..3c97ccb 100644 --- a/crypto/asn1/a_bitstr.cc +++ b/crypto/asn1/a_bitstr.cc
@@ -70,7 +70,7 @@ } int i2c_ASN1_BIT_STRING(const ASN1_BIT_STRING *a, unsigned char **pp) { - if (a == NULL) { + if (a == nullptr) { return 0; } @@ -81,7 +81,7 @@ return 0; } int ret = 1 + len; - if (pp == NULL) { + if (pp == nullptr) { return ret; } @@ -215,22 +215,22 @@ v = 0; } - if (a == NULL) { + if (a == nullptr) { return 0; } a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); // clear, set on write - if ((a->length < (w + 1)) || (a->data == NULL)) { + if ((a->length < (w + 1)) || (a->data == nullptr)) { if (!value) { return 1; // Don't need to set } - if (a->data == NULL) { + if (a->data == nullptr) { c = (unsigned char *)OPENSSL_malloc(w + 1); } else { c = (unsigned char *)OPENSSL_realloc(a->data, w + 1); } - if (c == NULL) { + if (c == nullptr) { return 0; } if (w + 1 - a->length > 0) { @@ -251,7 +251,7 @@ w = n / 8; v = 1 << (7 - (n & 0x07)); - if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL)) { + if ((a == nullptr) || (a->length < (w + 1)) || (a->data == nullptr)) { return 0; } return ((a->data[w] & v) != 0);
diff --git a/crypto/asn1/a_bool.cc b/crypto/asn1/a_bool.cc index d068343..9294688 100644 --- a/crypto/asn1/a_bool.cc +++ b/crypto/asn1/a_bool.cc
@@ -42,7 +42,7 @@ } ASN1_BOOLEAN ret = val ? ASN1_BOOLEAN_TRUE : ASN1_BOOLEAN_FALSE; - if (out != NULL) { + if (out != nullptr) { *out = ret; } *inp = CBS_data(&cbs);
diff --git a/crypto/asn1/a_d2i_fp.cc b/crypto/asn1/a_d2i_fp.cc index 66bf8d4..36eee34 100644 --- a/crypto/asn1/a_d2i_fp.cc +++ b/crypto/asn1/a_d2i_fp.cc
@@ -27,7 +27,7 @@ // Historically, this function did not impose a limit in OpenSSL and is used // to read CRLs, so we leave this without an external bound. if (!BIO_read_asn1(in, &data, &len, INT_MAX)) { - return NULL; + return nullptr; } const uint8_t *ptr = data; void *ret = ASN1_item_d2i(reinterpret_cast<ASN1_VALUE **>(x), &ptr, len, it); @@ -37,9 +37,9 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) { BIO *b = BIO_new_fp(in, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); - return NULL; + return nullptr; } void *ret = ASN1_item_d2i_bio(it, b, x); BIO_free(b);
diff --git a/crypto/asn1/a_dup.cc b/crypto/asn1/a_dup.cc index df2b9be..b98a0e8 100644 --- a/crypto/asn1/a_dup.cc +++ b/crypto/asn1/a_dup.cc
@@ -22,21 +22,21 @@ // directly dup the underlying structure instead of doing and encode and // decode. void *ASN1_item_dup(const ASN1_ITEM *it, void *x) { - unsigned char *b = NULL; + unsigned char *b = nullptr; const unsigned char *p; long i; void *ret; - if (x == NULL) { - return NULL; + if (x == nullptr) { + return nullptr; } i = ASN1_item_i2d(reinterpret_cast<ASN1_VALUE *>(x), &b, it); - if (b == NULL) { - return NULL; + if (b == nullptr) { + return nullptr; } p = b; - ret = ASN1_item_d2i(NULL, &p, i, it); + ret = ASN1_item_d2i(nullptr, &p, i, it); OPENSSL_free(b); return ret; }
diff --git a/crypto/asn1/a_gentm.cc b/crypto/asn1/a_gentm.cc index 7596a1f..56b6ba4 100644 --- a/crypto/asn1/a_gentm.cc +++ b/crypto/asn1/a_gentm.cc
@@ -54,18 +54,18 @@ } int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *d) { - return asn1_generalizedtime_to_tm(NULL, d); + return asn1_generalizedtime_to_tm(nullptr, d); } int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) { size_t len = strlen(str); CBS cbs; CBS_init(&cbs, (const uint8_t *)str, len); - if (!CBS_parse_generalized_time(&cbs, /*out_tm=*/NULL, + if (!CBS_parse_generalized_time(&cbs, /*out_tm=*/nullptr, /*allow_timezone_offset=*/0)) { return 0; } - if (s != NULL) { + if (s != nullptr) { if (!ASN1_STRING_set(s, str, len)) { return 0; } @@ -85,18 +85,18 @@ long offset_sec) { struct tm data; if (!OPENSSL_posix_to_tm(posix_time, &data)) { - return NULL; + return nullptr; } if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(&data, offset_day, offset_sec)) { - return NULL; + return nullptr; } } if (data.tm_year < 0 - 1900 || data.tm_year > 9999 - 1900) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TIME_VALUE); - return NULL; + return nullptr; } char buf[16]; @@ -107,11 +107,11 @@ BSSL_CHECK(ret == static_cast<int>(sizeof(buf) - 1)); int free_s = 0; - if (s == NULL) { + if (s == nullptr) { free_s = 1; s = ASN1_UTCTIME_new(); - if (s == NULL) { - return NULL; + if (s == nullptr) { + return nullptr; } } @@ -119,7 +119,7 @@ if (free_s) { ASN1_UTCTIME_free(s); } - return NULL; + return nullptr; } s->type = V_ASN1_GENERALIZEDTIME; return s;
diff --git a/crypto/asn1/a_i2d_fp.cc b/crypto/asn1/a_i2d_fp.cc index f583d35..30385cf 100644 --- a/crypto/asn1/a_i2d_fp.cc +++ b/crypto/asn1/a_i2d_fp.cc
@@ -21,7 +21,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, const void *x) { BIO *b = BIO_new_fp(out, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(ASN1, ERR_R_BUF_LIB); return 0; } @@ -31,10 +31,10 @@ } int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, const void *x) { - unsigned char *b = NULL; + unsigned char *b = nullptr; int n = ASN1_item_i2d(reinterpret_cast<ASN1_VALUE *>(const_cast<void *>(x)), &b, it); - if (b == NULL) { + if (b == nullptr) { return 0; }
diff --git a/crypto/asn1/a_int.cc b/crypto/asn1/a_int.cc index 3f2bc24..5e6d3ff 100644 --- a/crypto/asn1/a_int.cc +++ b/crypto/asn1/a_int.cc
@@ -89,7 +89,7 @@ } int i2c_ASN1_INTEGER(const ASN1_INTEGER *in, unsigned char **outp) { - if (in == NULL) { + if (in == nullptr) { return 0; } @@ -129,7 +129,7 @@ } int len = (int)(pad + CBS_len(&cbs)); assert(len > 0); - if (outp == NULL) { + if (outp == nullptr) { return len; } @@ -374,7 +374,7 @@ } static long asn1_string_get_long(const ASN1_STRING *a, int type) { - if (a == NULL) { + if (a == nullptr) { return 0; } @@ -400,13 +400,13 @@ static ASN1_STRING *bn_to_asn1_string(const BIGNUM *bn, ASN1_STRING *ai, int type) { ASN1_INTEGER *ret; - if (ai == NULL) { + if (ai == nullptr) { ret = ASN1_STRING_type_new(type); } else { ret = ai; } int len; - if (ret == NULL) { + if (ret == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; } @@ -418,7 +418,7 @@ } len = BN_num_bytes(bn); - if (!ASN1_STRING_set(ret, NULL, len) || + if (!ASN1_STRING_set(ret, nullptr, len) || !BN_bn2bin_padded(ret->data, len, bn)) { goto err; } @@ -428,7 +428,7 @@ if (ret != ai) { ASN1_STRING_free(ret); } - return NULL; + return nullptr; } ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) { @@ -442,11 +442,11 @@ static BIGNUM *asn1_string_to_bn(const ASN1_STRING *ai, BIGNUM *bn, int type) { if ((ai->type & ~V_ASN1_NEG) != type) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_INTEGER_TYPE); - return NULL; + return nullptr; } BIGNUM *ret; - if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL) { + if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_BN_LIB); } else if (ai->type & V_ASN1_NEG) { BN_set_negative(ret, 1);
diff --git a/crypto/asn1/a_mbstr.cc b/crypto/asn1/a_mbstr.cc index 7c64b15..ddea75e 100644 --- a/crypto/asn1/a_mbstr.cc +++ b/crypto/asn1/a_mbstr.cc
@@ -184,7 +184,7 @@ CBB cbb; CBB_zero(&cbb); // If both the same type just copy across - uint8_t *data = NULL; + uint8_t *data = nullptr; size_t data_len = 0; if (inform == outform) { if (!ASN1_STRING_set(dest, in, len)) {
diff --git a/crypto/asn1/a_object.cc b/crypto/asn1/a_object.cc index 102a9f0..fabd918 100644 --- a/crypto/asn1/a_object.cc +++ b/crypto/asn1/a_object.cc
@@ -28,7 +28,7 @@ int asn1_marshal_object(CBB *out, const ASN1_OBJECT *in, CBS_ASN1_TAG tag) { - if (in == NULL) { + if (in == nullptr) { OPENSSL_PUT_ERROR(ASN1, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -64,17 +64,17 @@ } int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a) { - if (a == NULL || a->data == NULL) { + if (a == nullptr || a->data == nullptr) { return write_str(bp, "NULL"); } - char buf[80], *allocated = NULL; + char buf[80], *allocated = nullptr; const char *str = buf; int len = i2t_ASN1_OBJECT(buf, sizeof(buf), a); if (len > (int)sizeof(buf) - 1) { // The input was truncated. Allocate a buffer that fits. allocated = reinterpret_cast<char *>(OPENSSL_malloc(len + 1)); - if (allocated == NULL) { + if (allocated == nullptr) { return -1; } len = i2t_ASN1_OBJECT(allocated, len + 1, a); @@ -139,30 +139,30 @@ ASN1_OBJECT *ret; ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->length = 0; - ret->data = NULL; + ret->data = nullptr; ret->nid = 0; - ret->sn = NULL; - ret->ln = NULL; + ret->sn = nullptr; + ret->ln = nullptr; ret->flags = ASN1_OBJECT_FLAG_DYNAMIC; return ret; } void ASN1_OBJECT_free(ASN1_OBJECT *a) { - if (a == NULL) { + if (a == nullptr) { return; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) { OPENSSL_free((void *)a->sn); OPENSSL_free((void *)a->ln); - a->sn = a->ln = NULL; + a->sn = a->ln = nullptr; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { OPENSSL_free((void *)a->data); - a->data = NULL; + a->data = nullptr; a->length = 0; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) { @@ -174,7 +174,7 @@ const char *sn, const char *ln) { if (len > INT_MAX) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_STRING_TOO_LONG); - return NULL; + return nullptr; } ASN1_OBJECT o;
diff --git a/crypto/asn1/a_strex.cc b/crypto/asn1/a_strex.cc index a2d5e2c..3c9978a 100644 --- a/crypto/asn1/a_strex.cc +++ b/crypto/asn1/a_strex.cc
@@ -36,7 +36,7 @@ static int maybe_write(BIO *out, const void *buf, int len) { // If |out| is NULL, ignore the output but report the length. - return out == NULL || BIO_write(out, buf, len) == len; + return out == nullptr || BIO_write(out, buf, len) == len; } static int is_control_character(unsigned char c) { return c < 32 || c == 127; } @@ -65,7 +65,7 @@ (is_last && (c == ' '))) { if (flags & ASN1_STRFLGS_ESC_QUOTE) { // No need to escape, just tell the caller to quote. - if (do_quotes != NULL) { + if (do_quotes != nullptr) { *do_quotes = 1; } return maybe_write(out, &u8, 1) ? 1 : -1; @@ -199,7 +199,7 @@ ASN1_TYPE t; OPENSSL_memset(&t, 0, sizeof(ASN1_TYPE)); asn1_type_set0_string(&t, (ASN1_STRING *)str); - unsigned char *der_buf = NULL; + unsigned char *der_buf = nullptr; int der_len = i2d_ASN1_TYPE(&t, &der_buf); if (der_len < 0) { return -1; @@ -281,7 +281,7 @@ // Measure the length. char quotes = 0; - int len = do_buf(str->data, str->length, encoding, flags, "es, NULL); + int len = do_buf(str->data, str->length, encoding, flags, "es, nullptr); if (len < 0) { return -1; } @@ -295,7 +295,7 @@ // Encode the value. if ((quotes && !maybe_write(out, "\"", 1)) || - do_buf(str->data, str->length, encoding, flags, NULL, out) < 0 || + do_buf(str->data, str->length, encoding, flags, nullptr, out) < 0 || (quotes && !maybe_write(out, "\"", 1))) { return -1; } @@ -304,12 +304,12 @@ int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags) { - BIO *bio = NULL; - if (fp != NULL) { + BIO *bio = nullptr; + if (fp != nullptr) { // If |fp| is NULL, this function returns the number of bytes without // writing. bio = BIO_new_fp(fp, BIO_NOCLOSE); - if (bio == NULL) { + if (bio == nullptr) { return -1; } } @@ -328,7 +328,7 @@ return -1; } ASN1_STRING stmp, *str = &stmp; - stmp.data = NULL; + stmp.data = nullptr; stmp.length = 0; stmp.flags = 0; int ret = @@ -345,7 +345,7 @@ char buf[80]; const char *p; - if (v == NULL) { + if (v == nullptr) { return 0; } n = 0;
diff --git a/crypto/asn1/a_strnid.cc b/crypto/asn1/a_strnid.cc index bbd5673..13cf951 100644 --- a/crypto/asn1/a_strnid.cc +++ b/crypto/asn1/a_strnid.cc
@@ -31,7 +31,7 @@ DEFINE_LHASH_OF(ASN1_STRING_TABLE) -static LHASH_OF(ASN1_STRING_TABLE) *string_tables = NULL; +static LHASH_OF(ASN1_STRING_TABLE) *string_tables = nullptr; static CRYPTO_MUTEX string_tables_lock = CRYPTO_MUTEX_INIT; void ASN1_STRING_set_default_mask(unsigned long mask) {} @@ -48,13 +48,13 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, ossl_ssize_t len, int inform, int nid) { - ASN1_STRING *str = NULL; + ASN1_STRING *str = nullptr; int ret; if (!out) { out = &str; } const ASN1_STRING_TABLE *tbl = asn1_string_table_get(nid); - if (tbl != NULL) { + if (tbl != nullptr) { unsigned long mask = tbl->mask; if (!(tbl->flags & STABLE_NO_MASK)) { mask &= B_ASN1_UTF8STRING; @@ -65,7 +65,7 @@ ret = ASN1_mbstring_copy(out, in, len, inform, B_ASN1_UTF8STRING); } if (ret <= 0) { - return NULL; + return nullptr; } return *out; } @@ -133,12 +133,12 @@ const ASN1_STRING_TABLE *tbl = reinterpret_cast<ASN1_STRING_TABLE *>( bsearch(&key, tbl_standard, std::size(tbl_standard), sizeof(ASN1_STRING_TABLE), table_cmp_void)); - if (tbl != NULL) { + if (tbl != nullptr) { return tbl; } CRYPTO_MUTEX_lock_read(&string_tables_lock); - if (string_tables != NULL) { + if (string_tables != nullptr) { tbl = lh_ASN1_STRING_TABLE_retrieve(string_tables, &key); } CRYPTO_MUTEX_unlock_read(&string_tables_lock); @@ -151,7 +151,7 @@ int ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize, unsigned long mask, unsigned long flags) { // Existing entries cannot be overwritten. - if (asn1_string_table_get(nid) != NULL) { + if (asn1_string_table_get(nid) != nullptr) { OPENSSL_PUT_ERROR(ASN1, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -159,10 +159,10 @@ int ret = 0; CRYPTO_MUTEX_lock_write(&string_tables_lock); - ASN1_STRING_TABLE *tbl = NULL; - if (string_tables == NULL) { + ASN1_STRING_TABLE *tbl = nullptr; + if (string_tables == nullptr) { string_tables = lh_ASN1_STRING_TABLE_new(table_hash, table_cmp); - if (string_tables == NULL) { + if (string_tables == nullptr) { goto err; } } else { @@ -170,7 +170,7 @@ // unlocked. ASN1_STRING_TABLE key; key.nid = nid; - if (lh_ASN1_STRING_TABLE_retrieve(string_tables, &key) != NULL) { + if (lh_ASN1_STRING_TABLE_retrieve(string_tables, &key) != nullptr) { OPENSSL_PUT_ERROR(ASN1, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); goto err; } @@ -178,7 +178,7 @@ tbl = reinterpret_cast<ASN1_STRING_TABLE *>( OPENSSL_malloc(sizeof(ASN1_STRING_TABLE))); - if (tbl == NULL) { + if (tbl == nullptr) { goto err; } tbl->nid = nid; @@ -191,7 +191,7 @@ OPENSSL_free(tbl); goto err; } - assert(old_tbl == NULL); + assert(old_tbl == nullptr); ret = 1; err:
diff --git a/crypto/asn1/a_time.cc b/crypto/asn1/a_time.cc index d77a99a..5adf49d 100644 --- a/crypto/asn1/a_time.cc +++ b/crypto/asn1/a_time.cc
@@ -51,11 +51,11 @@ if (!OPENSSL_posix_to_tm(posix_time, &tm)) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_ERROR_GETTING_TIME); - return NULL; + return nullptr; } if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(&tm, offset_day, offset_sec)) { - return NULL; + return nullptr; } } if (fits_in_utc_time(&tm)) { @@ -77,10 +77,10 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *in, ASN1_GENERALIZEDTIME **out) { if (!ASN1_TIME_check(in)) { - return NULL; + return nullptr; } - ASN1_GENERALIZEDTIME *ret = NULL; + ASN1_GENERALIZEDTIME *ret = nullptr; if (!out || !*out) { if (!(ret = ASN1_GENERALIZEDTIME_new())) { goto err; @@ -98,7 +98,7 @@ } // Grow the string to accomodate the two-digit century. - if (!ASN1_STRING_set(ret, NULL, in->length + 2)) { + if (!ASN1_STRING_set(ret, nullptr, in->length + 2)) { goto err; } @@ -116,16 +116,16 @@ } done: - if (out != NULL && *out == NULL) { + if (out != nullptr && *out == nullptr) { *out = ret; } return ret; err: - if (out == NULL || *out != ret) { + if (out == nullptr || *out != ret) { ASN1_GENERALIZEDTIME_free(ret); } - return NULL; + return nullptr; } int ASN1_TIME_set_string(ASN1_TIME *s, const char *str) { @@ -138,7 +138,7 @@ CBS_init(&cbs, (const uint8_t *)str, strlen(str)); int type; struct tm tm; - if (CBS_parse_utc_time(&cbs, /*out_tm=*/NULL, + if (CBS_parse_utc_time(&cbs, /*out_tm=*/nullptr, /*allow_timezone_offset=*/0)) { type = V_ASN1_UTCTIME; } else if (CBS_parse_generalized_time(&cbs, &tm, @@ -152,7 +152,7 @@ return 0; } - if (s != NULL) { + if (s != nullptr) { if (!ASN1_STRING_set(s, CBS_data(&cbs), CBS_len(&cbs))) { return 0; } @@ -163,8 +163,8 @@ static int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *t, int allow_timezone_offset) { - if (t == NULL) { - if (OPENSSL_posix_to_tm(time(NULL), tm)) { + if (t == nullptr) { + if (OPENSSL_posix_to_tm(time(nullptr), tm)) { return 1; } return 0;
diff --git a/crypto/asn1/a_type.cc b/crypto/asn1/a_type.cc index 26d8e26..c6f066f 100644 --- a/crypto/asn1/a_type.cc +++ b/crypto/asn1/a_type.cc
@@ -30,18 +30,18 @@ case V_ASN1_BOOLEAN: return a->type; case V_ASN1_OBJECT: - return a->value.object != NULL ? a->type : 0; + return a->value.object != nullptr ? a->type : 0; default: - return a->value.asn1_string != NULL ? a->type : 0; + return a->value.asn1_string != nullptr ? a->type : 0; } } const void *asn1_type_value_as_pointer(const ASN1_TYPE *a) { switch (a->type) { case V_ASN1_NULL: - return NULL; + return nullptr; case V_ASN1_BOOLEAN: - return a->value.boolean ? (void *)0xff : NULL; + return a->value.boolean ? (void *)0xff : nullptr; case V_ASN1_OBJECT: return a->value.object; default: @@ -69,18 +69,18 @@ void asn1_type_cleanup(ASN1_TYPE *a) { switch (a->type) { case V_ASN1_NULL: - a->value.ptr = NULL; + a->value.ptr = nullptr; break; case V_ASN1_BOOLEAN: a->value.boolean = ASN1_BOOLEAN_NONE; break; case V_ASN1_OBJECT: ASN1_OBJECT_free(a->value.object); - a->value.object = NULL; + a->value.object = nullptr; break; default: ASN1_STRING_free(a->value.asn1_string); - a->value.asn1_string = NULL; + a->value.asn1_string = nullptr; break; } } @@ -90,7 +90,7 @@ a->type = type; switch (type) { case V_ASN1_NULL: - a->value.ptr = NULL; + a->value.ptr = nullptr; break; case V_ASN1_BOOLEAN: a->value.boolean = value ? ASN1_BOOLEAN_TRUE : ASN1_BOOLEAN_FALSE;
diff --git a/crypto/asn1/a_utctm.cc b/crypto/asn1/a_utctm.cc index a0298a2..c45220c 100644 --- a/crypto/asn1/a_utctm.cc +++ b/crypto/asn1/a_utctm.cc
@@ -54,7 +54,7 @@ } int ASN1_UTCTIME_check(const ASN1_UTCTIME *d) { - return asn1_utctime_to_tm(NULL, d, /*allow_timezone_offset=*/1); + return asn1_utctime_to_tm(nullptr, d, /*allow_timezone_offset=*/1); } int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) { @@ -64,11 +64,11 @@ size_t len = strlen(str); CBS cbs; CBS_init(&cbs, (const uint8_t *)str, len); - if (!CBS_parse_utc_time(&cbs, /*out_tm=*/NULL, + if (!CBS_parse_utc_time(&cbs, /*out_tm=*/nullptr, /*allow_timezone_offset=*/0)) { return 0; } - if (s != NULL) { + if (s != nullptr) { if (!ASN1_STRING_set(s, str, len)) { return 0; } @@ -85,17 +85,17 @@ int offset_day, long offset_sec) { struct tm data; if (!OPENSSL_posix_to_tm(posix_time, &data)) { - return NULL; + return nullptr; } if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(&data, offset_day, offset_sec)) { - return NULL; + return nullptr; } } if (data.tm_year < 50 || data.tm_year >= 150) { - return NULL; + return nullptr; } char buf[14]; @@ -106,11 +106,11 @@ BSSL_CHECK(ret == static_cast<int>(sizeof(buf) - 1)); int free_s = 0; - if (s == NULL) { + if (s == nullptr) { free_s = 1; s = ASN1_UTCTIME_new(); - if (s == NULL) { - return NULL; + if (s == nullptr) { + return nullptr; } } @@ -118,7 +118,7 @@ if (free_s) { ASN1_UTCTIME_free(s); } - return NULL; + return nullptr; } s->type = V_ASN1_UTCTIME; return s;
diff --git a/crypto/asn1/asn1_lib.cc b/crypto/asn1/asn1_lib.cc index 16cc512..c31c8c3 100644 --- a/crypto/asn1/asn1_lib.cc +++ b/crypto/asn1/asn1_lib.cc
@@ -201,7 +201,7 @@ } int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) { - if (str == NULL) { + if (str == nullptr) { return 0; } if (dst == str) { @@ -218,15 +218,15 @@ ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str) { ASN1_STRING *ret; if (!str) { - return NULL; + return nullptr; } ret = ASN1_STRING_new(); if (!ret) { - return NULL; + return nullptr; } if (!ASN1_STRING_copy(ret, str)) { ASN1_STRING_free(ret); - return NULL; + return nullptr; } return ret; } @@ -235,7 +235,7 @@ const char *data = reinterpret_cast<const char *>(_data); size_t len; if (len_s < 0) { - if (data == NULL) { + if (data == nullptr) { return 0; } len = strlen(data); @@ -249,21 +249,21 @@ return 0; } - if (str->length <= (int)len || str->data == NULL) { + if (str->length <= (int)len || str->data == nullptr) { unsigned char *c = str->data; - if (c == NULL) { + if (c == nullptr) { str->data = reinterpret_cast<uint8_t *>(OPENSSL_malloc(len + 1)); } else { str->data = reinterpret_cast<uint8_t *>(OPENSSL_realloc(c, len + 1)); } - if (str->data == NULL) { + if (str->data == nullptr) { str->data = c; return 0; } } str->length = (int)len; - if (data != NULL) { + if (data != nullptr) { OPENSSL_memcpy(str->data, data, len); // Historically, OpenSSL would NUL-terminate most (but not all) // |ASN1_STRING|s, in case anyone accidentally passed |str->data| into a @@ -288,12 +288,12 @@ ASN1_STRING *ret; ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->length = 0; ret->type = type; - ret->data = NULL; + ret->data = nullptr; ret->flags = 0; return ret; } @@ -309,7 +309,7 @@ } void ASN1_STRING_free(ASN1_STRING *str) { - if (str == NULL) { + if (str == nullptr) { return; } asn1_string_cleanup(str);
diff --git a/crypto/asn1/asn1_test.cc b/crypto/asn1/asn1_test.cc index 9136c0e..a4ea5fd 100644 --- a/crypto/asn1/asn1_test.cc +++ b/crypto/asn1/asn1_test.cc
@@ -724,7 +724,7 @@ EXPECT_TRUE(val->value.ptr); // Set |val| to a BOOLEAN containing FALSE. - ASN1_TYPE_set(val.get(), V_ASN1_BOOLEAN, NULL); + ASN1_TYPE_set(val.get(), V_ASN1_BOOLEAN, nullptr); EXPECT_EQ(V_ASN1_BOOLEAN, val->type); EXPECT_FALSE(val->value.ptr); }
diff --git a/crypto/asn1/asn_pack.cc b/crypto/asn1/asn_pack.cc index 2d66061..e2d85f9 100644 --- a/crypto/asn1/asn_pack.cc +++ b/crypto/asn1/asn_pack.cc
@@ -19,26 +19,26 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **out) { - uint8_t *new_data = NULL; + uint8_t *new_data = nullptr; int len = ASN1_item_i2d(reinterpret_cast<ASN1_VALUE *>(obj), &new_data, it); if (len <= 0) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_ENCODE_ERROR); - return NULL; + return nullptr; } - ASN1_STRING *ret = NULL; - if (out == NULL || *out == NULL) { + ASN1_STRING *ret = nullptr; + if (out == nullptr || *out == nullptr) { ret = ASN1_STRING_new(); - if (ret == NULL) { + if (ret == nullptr) { OPENSSL_free(new_data); - return NULL; + return nullptr; } } else { ret = *out; } ASN1_STRING_set0(ret, new_data, len); - if (out != NULL) { + if (out != nullptr) { *out = ret; } return ret; @@ -46,11 +46,11 @@ void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it) { const unsigned char *p = oct->data; - void *ret = ASN1_item_d2i(NULL, &p, oct->length, it); - if (ret == NULL || p != oct->data + oct->length) { + void *ret = ASN1_item_d2i(nullptr, &p, oct->length, it); + if (ret == nullptr || p != oct->data + oct->length) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_DECODE_ERROR); ASN1_item_free(reinterpret_cast<ASN1_VALUE *>(ret), it); - return NULL; + return nullptr; } return ret; }
diff --git a/crypto/asn1/f_int.cc b/crypto/asn1/f_int.cc index e842e79..2774d17 100644 --- a/crypto/asn1/f_int.cc +++ b/crypto/asn1/f_int.cc
@@ -21,7 +21,7 @@ static const char *h = "0123456789ABCDEF"; char buf[2]; - if (a == NULL) { + if (a == nullptr) { return 0; }
diff --git a/crypto/asn1/f_string.cc b/crypto/asn1/f_string.cc index 04cf751..38cc7c2 100644 --- a/crypto/asn1/f_string.cc +++ b/crypto/asn1/f_string.cc
@@ -21,7 +21,7 @@ static const char *h = "0123456789ABCDEF"; char buf[2]; - if (a == NULL) { + if (a == nullptr) { return 0; }
diff --git a/crypto/asn1/posix_time.cc b/crypto/asn1/posix_time.cc index 1dd2ee4..6361a0e 100644 --- a/crypto/asn1/posix_time.cc +++ b/crypto/asn1/posix_time.cc
@@ -189,7 +189,7 @@ "time_t is broken"); int64_t posix_time = *time; if (!OPENSSL_posix_to_tm(posix_time, out_tm)) { - return NULL; + return nullptr; } return out_tm; }
diff --git a/crypto/asn1/tasn_dec.cc b/crypto/asn1/tasn_dec.cc index 525edd5..8928bf4 100644 --- a/crypto/asn1/tasn_dec.cc +++ b/crypto/asn1/tasn_dec.cc
@@ -96,7 +96,7 @@ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it) { - ASN1_VALUE *ret = NULL; + ASN1_VALUE *ret = nullptr; if (asn1_item_ex_d2i(&ret, in, len, it, /*tag=*/-1, /*aclass=*/0, /*opt=*/0, /*depth=*/0) <= 0) { // Clean up, in case the caller left a partial object. @@ -110,7 +110,7 @@ // with |ret|. This differs from OpenSSL slightly in that we don't support // object reuse. We run this on both success and failure. On failure, even // with object reuse, OpenSSL destroys the previous object. - if (pval != NULL) { + if (pval != nullptr) { ASN1_item_ex_free(pval, it); *pval = ret; } @@ -129,8 +129,8 @@ static int asn1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it, int tag, int aclass, char opt, int depth) { - const ASN1_TEMPLATE *tt, *errtt = NULL; - const unsigned char *p = NULL, *q; + const ASN1_TEMPLATE *tt, *errtt = nullptr; + const unsigned char *p = nullptr, *q; unsigned char oclass; char cst, isopt; int i; @@ -181,7 +181,8 @@ p = *in; // Just read in tag and class - ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, &p, len, -1, 0, 1); + ret = + asn1_check_tlen(nullptr, &otag, &oclass, nullptr, &p, len, -1, 0, 1); if (!ret) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; @@ -238,8 +239,8 @@ } const ASN1_AUX *aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); - ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL; - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) { + ASN1_aux_cb *asn1_cb = aux != nullptr ? aux->asn1_cb : nullptr; + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, nullptr)) { goto auxerr; } @@ -289,7 +290,7 @@ } asn1_set_choice_selector(pval, i, it); - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) { + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, nullptr)) { goto auxerr; } *in = p; @@ -305,7 +306,8 @@ aclass = V_ASN1_UNIVERSAL; } // Get SEQUENCE length and update len, p - ret = asn1_check_tlen(&len, NULL, NULL, &cst, &p, len, tag, aclass, opt); + ret = asn1_check_tlen(&len, nullptr, nullptr, &cst, &p, len, tag, aclass, + opt); if (!ret) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); goto err; @@ -323,8 +325,8 @@ } const ASN1_AUX *aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); - ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL; - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) { + ASN1_aux_cb *asn1_cb = aux != nullptr ? aux->asn1_cb : nullptr; + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, nullptr)) { goto auxerr; } @@ -334,7 +336,7 @@ const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 0); - if (seqtt == NULL) { + if (seqtt == nullptr) { continue; } pseqval = asn1_get_field_ptr(pval, seqtt); @@ -347,7 +349,7 @@ const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; seqtt = asn1_do_adb(pval, tt, 1); - if (seqtt == NULL) { + if (seqtt == nullptr) { goto err; } pseqval = asn1_get_field_ptr(pval, seqtt); @@ -392,7 +394,7 @@ for (; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; seqtt = asn1_do_adb(pval, tt, 1); - if (seqtt == NULL) { + if (seqtt == nullptr) { goto err; } if (seqtt->flags & ASN1_TFLG_OPTIONAL) { @@ -409,7 +411,7 @@ if (!asn1_enc_save(pval, *in, p - *in, it)) { goto auxerr; } - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) { + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, nullptr)) { goto auxerr; } *in = p; @@ -459,8 +461,8 @@ char cst; // Need to work out amount of data available to the inner content and // where it starts: so read in EXPLICIT header to get the info. - ret = asn1_check_tlen(&len, NULL, NULL, &cst, &p, inlen, tt->tag, aclass, - opt); + ret = asn1_check_tlen(&len, nullptr, nullptr, &cst, &p, inlen, tt->tag, + aclass, opt); q = p; if (!ret) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); @@ -527,8 +529,8 @@ } } // Get the tag - ret = - asn1_check_tlen(&len, NULL, NULL, NULL, &p, len, sktag, skaclass, opt); + ret = asn1_check_tlen(&len, nullptr, nullptr, nullptr, &p, len, sktag, + skaclass, opt); if (!ret) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_NESTED_ASN1_ERROR); return 0; @@ -555,7 +557,7 @@ while (len > 0) { ASN1_VALUE *skfield; const unsigned char *q = p; - skfield = NULL; + skfield = nullptr; if (!asn1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), /*tag=*/-1, /*aclass=*/0, /*opt=*/0, depth)) { ASN1_item_ex_free(&skfield, ASN1_ITEM_ptr(tt->item)); @@ -636,7 +638,7 @@ char opt) { // Historically, |it->funcs| for primitive types contained an // |ASN1_PRIMITIVE_FUNCS| table of callbacks. - assert(it->funcs == NULL); + assert(it->funcs == nullptr); int utype; assert(it->itype == ASN1_ITYPE_PRIMITIVE || it->itype == ASN1_ITYPE_MSTRING); @@ -660,7 +662,7 @@ ASN1_TYPE *typ; if (!*pval) { typ = ASN1_TYPE_new(); - if (typ == NULL) { + if (typ == nullptr) { return 0; } *pval = (ASN1_VALUE *)typ;
diff --git a/crypto/asn1/tasn_enc.cc b/crypto/asn1/tasn_enc.cc index 7db1ead..e935b34 100644 --- a/crypto/asn1/tasn_enc.cc +++ b/crypto/asn1/tasn_enc.cc
@@ -44,7 +44,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) { if (out && !*out) { unsigned char *p, *buf; - int len = ASN1_item_ex_i2d(&val, NULL, it, /*tag=*/-1, /*aclass=*/0); + int len = ASN1_item_ex_i2d(&val, nullptr, it, /*tag=*/-1, /*aclass=*/0); if (len <= 0) { return len; } @@ -81,7 +81,7 @@ int asn1_item_ex_i2d_opt(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass, int optional) { - const ASN1_TEMPLATE *tt = NULL; + const ASN1_TEMPLATE *tt = nullptr; int i, seqcontlen, seqlen; // Historically, |aclass| was repurposed to pass additional flags into the @@ -189,8 +189,8 @@ return -1; } pseqval = asn1_get_field_ptr(pval, seqtt); - tmplen = - asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, 0, /*optional=*/0); + tmplen = asn1_template_ex_i2d(pseqval, nullptr, seqtt, -1, 0, + /*optional=*/0); if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen)) { return -1; } @@ -315,7 +315,8 @@ for (j = 0; j < sk_ASN1_VALUE_num(sk); j++) { int tmplen; skitem = sk_ASN1_VALUE_value(sk, j); - tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), -1, 0); + tmplen = + ASN1_item_ex_i2d(&skitem, nullptr, ASN1_ITEM_ptr(tt->item), -1, 0); if (tmplen == -1 || (skcontlen > INT_MAX - tmplen)) { return -1; } @@ -353,7 +354,7 @@ if (flags & ASN1_TFLG_EXPTAG) { // EXPLICIT tagging // Find length of tagged item - i = asn1_item_ex_i2d_opt(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, 0, + i = asn1_item_ex_i2d_opt(pval, nullptr, ASN1_ITEM_ptr(tt->item), -1, 0, optional); if (i <= 0) { return i; @@ -417,7 +418,7 @@ DER_ENC *encoded = reinterpret_cast<DER_ENC *>( OPENSSL_calloc(sk_ASN1_VALUE_num(sk), sizeof(*encoded))); uint8_t *p = buf; - if (encoded == NULL || buf == NULL) { + if (encoded == nullptr || buf == nullptr) { goto err; } @@ -458,7 +459,7 @@ // Get length of content octets and maybe find out the underlying type. int omit; int utype = it->utype; - int len = asn1_ex_i2c(pval, NULL, &omit, &utype, it); + int len = asn1_ex_i2c(pval, nullptr, &omit, &utype, it); if (len < 0) { return -1; } @@ -519,7 +520,7 @@ // without omitting the element. ASN.1 values may have empty contents. static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *out_omit, int *putype, const ASN1_ITEM *it) { - ASN1_BOOLEAN *tbool = NULL; + ASN1_BOOLEAN *tbool = nullptr; ASN1_STRING *strtmp; ASN1_OBJECT *otmp; int utype; @@ -530,7 +531,7 @@ assert(it->itype == ASN1_ITYPE_PRIMITIVE || it->itype == ASN1_ITYPE_MSTRING); // Historically, |it->funcs| for primitive types contained an // |ASN1_PRIMITIVE_FUNCS| table of callbacks. - assert(it->funcs == NULL); + assert(it->funcs == nullptr); *out_omit = 0; @@ -589,7 +590,7 @@ break; case V_ASN1_NULL: - cont = NULL; + cont = nullptr; len = 0; break; @@ -613,7 +614,7 @@ case V_ASN1_BIT_STRING: { int ret = - i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL); + i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : nullptr); // |i2c_ASN1_BIT_STRING| returns zero on error instead of -1. return ret <= 0 ? -1 : ret; } @@ -621,7 +622,7 @@ case V_ASN1_INTEGER: case V_ASN1_ENUMERATED: { // |i2c_ASN1_INTEGER| also handles ENUMERATED. - int ret = i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL); + int ret = i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : nullptr); // |i2c_ASN1_INTEGER| returns zero on error instead of -1. return ret <= 0 ? -1 : ret; }
diff --git a/crypto/asn1/tasn_fre.cc b/crypto/asn1/tasn_fre.cc index 8d1fefe..c9138af 100644 --- a/crypto/asn1/tasn_fre.cc +++ b/crypto/asn1/tasn_fre.cc
@@ -50,9 +50,9 @@ case ASN1_ITYPE_CHOICE: { const ASN1_AUX *aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); - ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL; + ASN1_aux_cb *asn1_cb = aux != nullptr ? aux->asn1_cb : nullptr; if (asn1_cb) { - if (asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL) == 2) { + if (asn1_cb(ASN1_OP_FREE_PRE, pval, it, nullptr) == 2) { return; } } @@ -63,10 +63,10 @@ ASN1_template_free(pchval, tt); } if (asn1_cb) { - asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); + asn1_cb(ASN1_OP_FREE_POST, pval, it, nullptr); } OPENSSL_free(*pval); - *pval = NULL; + *pval = nullptr; break; } @@ -84,9 +84,9 @@ return; } const ASN1_AUX *aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); - ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL; + ASN1_aux_cb *asn1_cb = aux != nullptr ? aux->asn1_cb : nullptr; if (asn1_cb) { - if (asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL) == 2) { + if (asn1_cb(ASN1_OP_FREE_PRE, pval, it, nullptr) == 2) { return; } } @@ -103,10 +103,10 @@ ASN1_template_free(pseqval, seqtt); } if (asn1_cb) { - asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); + asn1_cb(ASN1_OP_FREE_POST, pval, it, nullptr); } OPENSSL_free(*pval); - *pval = NULL; + *pval = nullptr; break; } } @@ -120,7 +120,7 @@ ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item)); } sk_ASN1_VALUE_free(sk); - *pval = NULL; + *pval = nullptr; } else { ASN1_item_ex_free(pval, ASN1_ITEM_ptr(tt->item)); } @@ -129,7 +129,7 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) { // Historically, |it->funcs| for primitive types contained an // |ASN1_PRIMITIVE_FUNCS| table of calbacks. - assert(it->funcs == NULL); + assert(it->funcs == nullptr); int utype = it->itype == ASN1_ITYPE_MSTRING ? -1 : it->utype; switch (utype) { @@ -149,7 +149,7 @@ break; case V_ASN1_ANY: - if (*pval != NULL) { + if (*pval != nullptr) { asn1_type_cleanup((ASN1_TYPE *)*pval); OPENSSL_free(*pval); } @@ -157,8 +157,8 @@ default: ASN1_STRING_free((ASN1_STRING *)*pval); - *pval = NULL; + *pval = nullptr; break; } - *pval = NULL; + *pval = nullptr; }
diff --git a/crypto/asn1/tasn_new.cc b/crypto/asn1/tasn_new.cc index 13bdbb8..0739a4d 100644 --- a/crypto/asn1/tasn_new.cc +++ b/crypto/asn1/tasn_new.cc
@@ -32,17 +32,17 @@ static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it) { - ASN1_VALUE *ret = NULL; + ASN1_VALUE *ret = nullptr; if (ASN1_item_ex_new(&ret, it) > 0) { return ret; } - return NULL; + return nullptr; } // Allocate an ASN1 structure int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) { - const ASN1_TEMPLATE *tt = NULL; + const ASN1_TEMPLATE *tt = nullptr; const ASN1_EXTERN_FUNCS *ef; ASN1_VALUE **pseqval; int i; @@ -75,9 +75,9 @@ case ASN1_ITYPE_CHOICE: { const ASN1_AUX *aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); - ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL; + ASN1_aux_cb *asn1_cb = aux != nullptr ? aux->asn1_cb : nullptr; if (asn1_cb) { - i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); + i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, nullptr); if (!i) { goto auxerr; } @@ -90,7 +90,7 @@ goto memerr; } asn1_set_choice_selector(pval, -1, it); - if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) { + if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, nullptr)) { goto auxerr2; } break; @@ -98,9 +98,9 @@ case ASN1_ITYPE_SEQUENCE: { const ASN1_AUX *aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); - ASN1_aux_cb *asn1_cb = aux != NULL ? aux->asn1_cb : NULL; + ASN1_aux_cb *asn1_cb = aux != nullptr ? aux->asn1_cb : nullptr; if (asn1_cb) { - i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); + i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, nullptr); if (!i) { goto auxerr; } @@ -120,7 +120,7 @@ goto memerr2; } } - if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL)) { + if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, nullptr)) { goto auxerr2; } break; @@ -143,7 +143,7 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) { switch (it->itype) { case ASN1_ITYPE_EXTERN: - *pval = NULL; + *pval = nullptr; break; case ASN1_ITYPE_PRIMITIVE: @@ -160,7 +160,7 @@ case ASN1_ITYPE_CHOICE: case ASN1_ITYPE_SEQUENCE: - *pval = NULL; + *pval = nullptr; break; } } @@ -175,7 +175,7 @@ // If ANY DEFINED BY nothing to do if (tt->flags & ASN1_TFLG_ADB_MASK) { - *pval = NULL; + *pval = nullptr; return 1; } // If SET OF or SEQUENCE OF, its a STACK @@ -199,7 +199,7 @@ static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) { // If ADB or STACK just NULL the field if (tt->flags & (ASN1_TFLG_ADB_MASK | ASN1_TFLG_SK_MASK)) { - *pval = NULL; + *pval = nullptr; } else { asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item)); } @@ -215,7 +215,7 @@ // Historically, |it->funcs| for primitive types contained an // |ASN1_PRIMITIVE_FUNCS| table of calbacks. - assert(it->funcs == NULL); + assert(it->funcs == nullptr); int utype; if (it->itype == ASN1_ITYPE_MSTRING) { @@ -242,7 +242,7 @@ if (!typ) { return 0; } - typ->value.ptr = NULL; + typ->value.ptr = nullptr; typ->type = -1; *pval = (ASN1_VALUE *)typ; break; @@ -262,7 +262,7 @@ int utype; // Historically, |it->funcs| for primitive types contained an // |ASN1_PRIMITIVE_FUNCS| table of calbacks. - assert(it == NULL || it->funcs == NULL); + assert(it == nullptr || it->funcs == nullptr); if (!it || (it->itype == ASN1_ITYPE_MSTRING)) { utype = -1; } else { @@ -271,6 +271,6 @@ if (utype == V_ASN1_BOOLEAN) { *(ASN1_BOOLEAN *)pval = (ASN1_BOOLEAN)it->size; } else { - *pval = NULL; + *pval = nullptr; } }
diff --git a/crypto/asn1/tasn_utl.cc b/crypto/asn1/tasn_utl.cc index f7233f5..981fba4 100644 --- a/crypto/asn1/tasn_utl.cc +++ b/crypto/asn1/tasn_utl.cc
@@ -51,11 +51,11 @@ static CRYPTO_refcount_t *asn1_get_references(ASN1_VALUE **pval, const ASN1_ITEM *it) { if (it->itype != ASN1_ITYPE_SEQUENCE) { - return NULL; + return nullptr; } const ASN1_AUX *aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) { - return NULL; + return nullptr; } return reinterpret_cast<CRYPTO_refcount_t *>( offset2ptr(*pval, aux->ref_offset)); @@ -63,14 +63,14 @@ void asn1_refcount_set_one(ASN1_VALUE **pval, const ASN1_ITEM *it) { CRYPTO_refcount_t *references = asn1_get_references(pval, it); - if (references != NULL) { + if (references != nullptr) { *references = 1; } } int asn1_refcount_dec_and_test_zero(ASN1_VALUE **pval, const ASN1_ITEM *it) { CRYPTO_refcount_t *references = asn1_get_references(pval, it); - if (references != NULL) { + if (references != nullptr) { return CRYPTO_refcount_dec_and_test_zero(references); } return 1; @@ -80,11 +80,11 @@ assert(it->itype == ASN1_ITYPE_SEQUENCE); const ASN1_AUX *aux; if (!pval || !*pval) { - return NULL; + return nullptr; } aux = reinterpret_cast<const ASN1_AUX *>(it->funcs); if (!aux || !(aux->flags & ASN1_AFLG_ENCODING)) { - return NULL; + return nullptr; } return reinterpret_cast<ASN1_ENCODING *>(offset2ptr(*pval, aux->enc_offset)); } @@ -92,7 +92,7 @@ void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) { ASN1_ENCODING *enc = asn1_get_enc_ptr(pval, it); if (enc) { - enc->enc = NULL; + enc->enc = nullptr; enc->len = 0; } } @@ -124,7 +124,7 @@ void asn1_encoding_clear(ASN1_ENCODING *enc) { OPENSSL_free(enc->enc); - enc->enc = NULL; + enc->enc = nullptr; enc->len = 0; } @@ -173,7 +173,7 @@ // Check if NULL int selector; - if (*sfld == NULL) { + if (*sfld == nullptr) { if (!adb->null_tt) { goto err; } @@ -210,5 +210,5 @@ if (nullerr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); } - return NULL; + return nullptr; }
diff --git a/crypto/base64/base64.cc b/crypto/base64/base64.cc index 1fbd23c..00581c1 100644 --- a/crypto/base64/base64.cc +++ b/crypto/base64/base64.cc
@@ -54,7 +54,7 @@ return ret; } -static_assert(sizeof(((EVP_ENCODE_CTX *)(NULL))->data) % 3 == 0, +static_assert(sizeof(((EVP_ENCODE_CTX *)nullptr)->data) % 3 == 0, "data length must be a multiple of base64 chunk size"); int EVP_EncodedLength(size_t *out_len, size_t len) {
diff --git a/crypto/bio/bio.cc b/crypto/bio/bio.cc index f585d68..67d1124 100644 --- a/crypto/bio/bio.cc +++ b/crypto/bio/bio.cc
@@ -32,8 +32,8 @@ BIO *BIO_new(const BIO_METHOD *method) { BIO *ret = reinterpret_cast<BIO *>(OPENSSL_zalloc(sizeof(BIO))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->method = method; @@ -41,9 +41,9 @@ ret->references = 1; CRYPTO_new_ex_data(&ret->ex_data); - if (method->create != NULL && !method->create(ret)) { + if (method->create != nullptr && !method->create(ret)) { OPENSSL_free(ret); - return NULL; + return nullptr; } return ret; @@ -52,14 +52,14 @@ int BIO_free(BIO *bio) { BIO *next_bio; - for (; bio != NULL; bio = next_bio) { + for (; bio != nullptr; bio = next_bio) { if (!CRYPTO_refcount_dec_and_test_zero(&bio->references)) { return 0; } next_bio = BIO_pop(bio); - if (bio->method != NULL && bio->method->destroy != NULL) { + if (bio->method != nullptr && bio->method->destroy != nullptr) { bio->method->destroy(bio); } @@ -79,7 +79,8 @@ void BIO_free_all(BIO *bio) { BIO_free(bio); } int BIO_read(BIO *bio, void *buf, int len) { - if (bio == NULL || bio->method == NULL || bio->method->bread == NULL) { + if (bio == nullptr || bio->method == nullptr || + bio->method->bread == nullptr) { OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -98,7 +99,8 @@ } int BIO_gets(BIO *bio, char *buf, int len) { - if (bio == NULL || bio->method == NULL || bio->method->bgets == NULL) { + if (bio == nullptr || bio->method == nullptr || + bio->method->bgets == nullptr) { OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -117,7 +119,8 @@ } int BIO_write(BIO *bio, const void *in, int inl) { - if (bio == NULL || bio->method == NULL || bio->method->bwrite == NULL) { + if (bio == nullptr || bio->method == nullptr || + bio->method->bwrite == nullptr) { OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -158,14 +161,16 @@ return BIO_write(bio, in, (int)len); } -int BIO_flush(BIO *bio) { return (int)BIO_ctrl(bio, BIO_CTRL_FLUSH, 0, NULL); } +int BIO_flush(BIO *bio) { + return (int)BIO_ctrl(bio, BIO_CTRL_FLUSH, 0, nullptr); +} long BIO_ctrl(BIO *bio, int cmd, long larg, void *parg) { - if (bio == NULL) { + if (bio == nullptr) { return 0; } - if (bio->method == NULL || bio->method->ctrl == NULL) { + if (bio->method == nullptr || bio->method->ctrl == nullptr) { OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return -2; } @@ -174,10 +179,10 @@ } char *BIO_ptr_ctrl(BIO *b, int cmd, long larg) { - char *p = NULL; + char *p = nullptr; if (BIO_ctrl(b, cmd, larg, (void *)&p) <= 0) { - return NULL; + return nullptr; } return p; @@ -189,9 +194,11 @@ return BIO_ctrl(b, cmd, larg, (void *)&i); } -int BIO_reset(BIO *bio) { return (int)BIO_ctrl(bio, BIO_CTRL_RESET, 0, NULL); } +int BIO_reset(BIO *bio) { + return (int)BIO_ctrl(bio, BIO_CTRL_RESET, 0, nullptr); +} -int BIO_eof(BIO *bio) { return (int)BIO_ctrl(bio, BIO_CTRL_EOF, 0, NULL); } +int BIO_eof(BIO *bio) { return (int)BIO_ctrl(bio, BIO_CTRL_EOF, 0, nullptr); } void BIO_set_flags(BIO *bio, int flags) { bio->flags |= flags; } @@ -245,11 +252,11 @@ } long BIO_callback_ctrl(BIO *bio, int cmd, BIO_info_cb *fp) { - if (bio == NULL) { + if (bio == nullptr) { return 0; } - if (bio->method == NULL || bio->method->callback_ctrl == NULL) { + if (bio->method == nullptr || bio->method->callback_ctrl == nullptr) { OPENSSL_PUT_ERROR(BIO, BIO_R_UNSUPPORTED_METHOD); return 0; } @@ -258,7 +265,7 @@ } size_t BIO_pending(const BIO *bio) { - const long r = BIO_ctrl((BIO *)bio, BIO_CTRL_PENDING, 0, NULL); + const long r = BIO_ctrl((BIO *)bio, BIO_CTRL_PENDING, 0, nullptr); assert(r >= 0); if (r < 0) { @@ -270,7 +277,7 @@ size_t BIO_ctrl_pending(const BIO *bio) { return BIO_pending(bio); } size_t BIO_wpending(const BIO *bio) { - const long r = BIO_ctrl((BIO *)bio, BIO_CTRL_WPENDING, 0, NULL); + const long r = BIO_ctrl((BIO *)bio, BIO_CTRL_WPENDING, 0, nullptr); assert(r >= 0); if (r < 0) { @@ -280,7 +287,7 @@ } int BIO_set_close(BIO *bio, int close_flag) { - return (int)BIO_ctrl(bio, BIO_CTRL_SET_CLOSE, close_flag, NULL); + return (int)BIO_ctrl(bio, BIO_CTRL_SET_CLOSE, close_flag, nullptr); } OPENSSL_EXPORT uint64_t BIO_number_read(const BIO *bio) { @@ -294,12 +301,12 @@ BIO *BIO_push(BIO *bio, BIO *appended_bio) { BIO *last_bio; - if (bio == NULL) { + if (bio == nullptr) { return bio; } last_bio = bio; - while (last_bio->next_bio != NULL) { + while (last_bio->next_bio != nullptr) { last_bio = last_bio->next_bio; } @@ -310,17 +317,17 @@ BIO *BIO_pop(BIO *bio) { BIO *ret; - if (bio == NULL) { - return NULL; + if (bio == nullptr) { + return nullptr; } ret = bio->next_bio; - bio->next_bio = NULL; + bio->next_bio = nullptr; return ret; } BIO *BIO_next(BIO *bio) { if (!bio) { - return NULL; + return nullptr; } return bio->next_bio; } @@ -329,12 +336,12 @@ int method_type, mask; if (!bio) { - return NULL; + return nullptr; } mask = type & 0xff; do { - if (bio->method != NULL) { + if (bio->method != nullptr) { method_type = bio->method->type; if (!mask) { @@ -346,9 +353,9 @@ } } bio = bio->next_bio; - } while (bio != NULL); + } while (bio != nullptr); - return NULL; + return nullptr; } int BIO_indent(BIO *bio, unsigned indent, unsigned max_indent) { @@ -391,7 +398,7 @@ return 0; } *out = reinterpret_cast<uint8_t *>(OPENSSL_malloc(len)); - if (*out == NULL) { + if (*out == nullptr) { return 0; } OPENSSL_memcpy(*out, prefix, prefix_len); @@ -423,7 +430,7 @@ } uint8_t *new_buf = reinterpret_cast<uint8_t *>(OPENSSL_realloc(*out, len)); - if (new_buf == NULL) { + if (new_buf == nullptr) { OPENSSL_free(*out); return 0; } @@ -444,7 +451,7 @@ int todo = len <= INT_MAX ? (int)len : INT_MAX; int ret = BIO_read(bio, out, todo); if (ret <= 0) { - if (out_eof_on_first_read != NULL) { + if (out_eof_on_first_read != nullptr) { *out_eof_on_first_read = first_read && ret == 0; } return 0; @@ -513,7 +520,7 @@ return 0; } - if (!bio_read_full(bio, header + kInitialHeaderLen, NULL, num_bytes)) { + if (!bio_read_full(bio, header + kInitialHeaderLen, nullptr, num_bytes)) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); return 0; } @@ -548,11 +555,11 @@ *out_len = len; *out = reinterpret_cast<uint8_t *>(OPENSSL_malloc(len)); - if (*out == NULL) { + if (*out == nullptr) { return 0; } OPENSSL_memcpy(*out, header, header_len); - if (!bio_read_full(bio, (*out) + header_len, NULL, len - header_len)) { + if (!bio_read_full(bio, (*out) + header_len, nullptr, len - header_len)) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); OPENSSL_free(*out); return 0; @@ -581,8 +588,8 @@ BIO_METHOD *BIO_meth_new(int type, const char *name) { BIO_METHOD *method = reinterpret_cast<BIO_METHOD *>(OPENSSL_zalloc(sizeof(BIO_METHOD))); - if (method == NULL) { - return NULL; + if (method == nullptr) { + return nullptr; } method->type = type; method->name = name;
diff --git a/crypto/bio/bio_mem.cc b/crypto/bio/bio_mem.cc index 5f8c6cf..aee5f7d 100644 --- a/crypto/bio/bio_mem.cc +++ b/crypto/bio/bio_mem.cc
@@ -32,12 +32,12 @@ if (!buf && len != 0) { OPENSSL_PUT_ERROR(BIO, BIO_R_NULL_PARAMETER); - return NULL; + return nullptr; } ret = BIO_new(BIO_s_mem()); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } b = (BUF_MEM *)ret->ptr; @@ -60,7 +60,7 @@ BUF_MEM *b; b = BUF_MEM_new(); - if (b == NULL) { + if (b == nullptr) { return 0; } @@ -75,16 +75,16 @@ } static int mem_free(BIO *bio) { - if (!bio->shutdown || !bio->init || bio->ptr == NULL) { + if (!bio->shutdown || !bio->init || bio->ptr == nullptr) { return 1; } BUF_MEM *b = (BUF_MEM *)bio->ptr; if (bio->flags & BIO_FLAGS_MEM_RDONLY) { - b->data = NULL; + b->data = nullptr; } BUF_MEM_free(b); - bio->ptr = NULL; + bio->ptr = nullptr; return 1; } @@ -153,7 +153,7 @@ // Stop at the first newline. const char *newline = reinterpret_cast<char *>(OPENSSL_memchr(b->data, '\n', ret)); - if (newline != NULL) { + if (newline != nullptr) { ret = (int)(newline - b->data + 1); } @@ -168,7 +168,7 @@ BUF_MEM *b = static_cast<BUF_MEM *>(bio->ptr); switch (cmd) { case BIO_CTRL_RESET: - if (b->data != NULL) { + if (b->data != nullptr) { // For read only case reset to the start again if (bio->flags & BIO_FLAGS_MEM_RDONLY) { b->data -= b->max - b->length; @@ -198,7 +198,7 @@ bio->ptr = ptr; return 1; case BIO_C_GET_BUF_MEM_PTR: - if (ptr != NULL) { + if (ptr != nullptr) { BUF_MEM **out = reinterpret_cast<BUF_MEM **>(ptr); *out = b; } @@ -254,5 +254,5 @@ } int BIO_set_mem_eof_return(BIO *bio, int eof_value) { - return (int)BIO_ctrl(bio, BIO_C_SET_BUF_MEM_EOF_RETURN, eof_value, NULL); + return (int)BIO_ctrl(bio, BIO_C_SET_BUF_MEM_EOF_RETURN, eof_value, nullptr); }
diff --git a/crypto/bio/connect.cc b/crypto/bio/connect.cc index b6f5228..2ef74be 100644 --- a/crypto/bio/connect.cc +++ b/crypto/bio/connect.cc
@@ -75,15 +75,15 @@ // successful, |*out_port| may be NULL on return if no port was specified. static int split_host_and_port(char **out_host, char **out_port, const char *name) { - const char *host, *port = NULL; + const char *host, *port = nullptr; size_t host_len = 0; - *out_host = NULL; - *out_port = NULL; + *out_host = nullptr; + *out_port = nullptr; if (name[0] == '[') { // bracketed IPv6 address const char *close = strchr(name, ']'); - if (close == NULL) { + if (close == nullptr) { return 0; } host = name + 1; @@ -95,7 +95,8 @@ } } else { const char *colon = strchr(name, ':'); - if (colon == NULL || strchr(colon + 1, ':') != NULL) { // IPv6 address + if (colon == nullptr || + strchr(colon + 1, ':') != nullptr) { // IPv6 address host = name; host_len = strlen(name); } else { // host:port @@ -106,17 +107,17 @@ } *out_host = OPENSSL_strndup(host, host_len); - if (*out_host == NULL) { + if (*out_host == nullptr) { return 0; } - if (port == NULL) { - *out_port = NULL; + if (port == nullptr) { + *out_port = nullptr; return 1; } *out_port = OPENSSL_strdup(port); - if (*out_port == NULL) { + if (*out_port == nullptr) { OPENSSL_free(*out_host); - *out_host = NULL; + *out_host = nullptr; return 0; } return 1; @@ -124,9 +125,9 @@ static int conn_state(BIO *bio, BIO_CONNECT *c) { int ret = -1, i; - int (*cb)(BIO *, int, int) = NULL; + int (*cb)(BIO *, int, int) = nullptr; - if (c->info_callback != NULL) { + if (c->info_callback != nullptr) { cb = c->info_callback; } @@ -137,15 +138,15 @@ // exactly what they say. If there is only a hostname, try // (just once) to split it into a hostname and port. - if (c->param_hostname == NULL) { + if (c->param_hostname == nullptr) { OPENSSL_PUT_ERROR(BIO, BIO_R_NO_HOSTNAME_SPECIFIED); goto exit_loop; } - if (c->param_port == NULL) { + if (c->param_port == nullptr) { char *host, *port; if (!split_host_and_port(&host, &port, c->param_hostname) || - port == NULL) { + port == nullptr) { OPENSSL_free(host); OPENSSL_free(port); OPENSSL_PUT_ERROR(BIO, BIO_R_NO_PORT_SPECIFIED); @@ -235,7 +236,7 @@ goto exit_loop; } - if (cb != NULL) { + if (cb != nullptr) { ret = cb((BIO *)bio, c->state, ret); if (ret == 0) { goto end; @@ -244,7 +245,7 @@ } exit_loop: - if (cb != NULL) { + if (cb != nullptr) { ret = cb((BIO *)bio, c->state, ret); } @@ -255,8 +256,8 @@ static BIO_CONNECT *BIO_CONNECT_new(void) { BIO_CONNECT *ret = reinterpret_cast<BIO_CONNECT *>(OPENSSL_zalloc(sizeof(BIO_CONNECT))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->state = BIO_CONN_S_BEFORE; return ret; @@ -276,7 +277,7 @@ bio->num = -1; bio->flags = 0; bio->ptr = BIO_CONNECT_new(); - return bio->ptr != NULL; + return bio->ptr != nullptr; } static void conn_close_socket(BIO *bio) { @@ -434,12 +435,12 @@ BIO *ret; ret = BIO_new(BIO_s_connect()); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } if (!BIO_set_conn_hostname(ret, hostname)) { BIO_free(ret); - return NULL; + return nullptr; } return ret; } @@ -467,11 +468,11 @@ } int BIO_set_nbio(BIO *bio, int on) { - return (int)BIO_ctrl(bio, BIO_C_SET_NBIO, on, NULL); + return (int)BIO_ctrl(bio, BIO_C_SET_NBIO, on, nullptr); } int BIO_do_connect(BIO *bio) { - return (int)BIO_ctrl(bio, BIO_C_DO_STATE_MACHINE, 0, NULL); + return (int)BIO_ctrl(bio, BIO_C_DO_STATE_MACHINE, 0, nullptr); } #endif // OPENSSL_NO_SOCK
diff --git a/crypto/bio/fd.cc b/crypto/bio/fd.cc index c5dc64a..bbbd8a1 100644 --- a/crypto/bio/fd.cc +++ b/crypto/bio/fd.cc
@@ -46,8 +46,8 @@ BIO *BIO_new_fd(int fd, int close_flag) { BIO *ret = BIO_new(BIO_s_fd()); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } BIO_set_fd(ret, fd, close_flag); return ret;
diff --git a/crypto/bio/file.cc b/crypto/bio/file.cc index 8c05156..1c6bbab 100644 --- a/crypto/bio/file.cc +++ b/crypto/bio/file.cc
@@ -65,7 +65,7 @@ FILE *file; file = fopen_if_available(filename, mode); - if (file == NULL) { + if (file == nullptr) { OPENSSL_PUT_SYSTEM_ERROR(); ERR_add_error_data(5, "fopen('", filename, "','", mode, "')"); @@ -74,13 +74,13 @@ } else { OPENSSL_PUT_ERROR(BIO, BIO_R_SYS_LIB); } - return NULL; + return nullptr; } ret = BIO_new_fp(file, BIO_CLOSE); - if (ret == NULL) { + if (ret == nullptr) { fclose(file); - return NULL; + return nullptr; } return ret; @@ -88,8 +88,8 @@ BIO *BIO_new_fp(FILE *stream, int flags) { BIO *ret = BIO_new(BIO_s_file()); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } BIO_set_fp(ret, stream, flags); @@ -101,9 +101,9 @@ return 1; } - if (bio->init && bio->ptr != NULL) { + if (bio->init && bio->ptr != nullptr) { fclose(reinterpret_cast<FILE *>(bio->ptr)); - bio->ptr = NULL; + bio->ptr = nullptr; } bio->init = 0; @@ -270,8 +270,8 @@ (char *)filename); } -long BIO_tell(BIO *bio) { return BIO_ctrl(bio, BIO_C_FILE_TELL, 0, NULL); } +long BIO_tell(BIO *bio) { return BIO_ctrl(bio, BIO_C_FILE_TELL, 0, nullptr); } long BIO_seek(BIO *bio, long offset) { - return BIO_ctrl(bio, BIO_C_FILE_SEEK, offset, NULL); + return BIO_ctrl(bio, BIO_C_FILE_SEEK, offset, nullptr); }
diff --git a/crypto/bio/pair.cc b/crypto/bio/pair.cc index 50058e8..5004c6b 100644 --- a/crypto/bio/pair.cc +++ b/crypto/bio/pair.cc
@@ -48,7 +48,7 @@ static int bio_new(BIO *bio) { struct bio_bio_st *b = reinterpret_cast<bio_bio_st *>(OPENSSL_zalloc(sizeof *b)); - if (b == NULL) { + if (b == nullptr) { return 0; } @@ -62,29 +62,29 @@ BIO *peer_bio; struct bio_bio_st *peer_b; - if (b == NULL) { + if (b == nullptr) { return; } peer_bio = b->peer; - if (peer_bio == NULL) { + if (peer_bio == nullptr) { return; } peer_b = reinterpret_cast<bio_bio_st *>(peer_bio->ptr); - assert(peer_b != NULL); + assert(peer_b != nullptr); assert(peer_b->peer == bio); - peer_b->peer = NULL; + peer_b->peer = nullptr; peer_bio->init = 0; - assert(peer_b->buf != NULL); + assert(peer_b->buf != nullptr); peer_b->len = 0; peer_b->offset = 0; - b->peer = NULL; + b->peer = nullptr; bio->init = 0; - assert(b->buf != NULL); + assert(b->buf != nullptr); b->len = 0; b->offset = 0; } @@ -92,7 +92,7 @@ static int bio_free(BIO *bio) { struct bio_bio_st *b = reinterpret_cast<bio_bio_st *>(bio->ptr); - assert(b != NULL); + assert(b != nullptr); if (b->peer) { bio_destroy_pair(bio); @@ -116,15 +116,15 @@ } b = reinterpret_cast<bio_bio_st *>(bio->ptr); - assert(b != NULL); - assert(b->peer != NULL); + assert(b != nullptr); + assert(b->peer != nullptr); peer_b = reinterpret_cast<bio_bio_st *>(b->peer->ptr); - assert(peer_b != NULL); - assert(peer_b->buf != NULL); + assert(peer_b != nullptr); + assert(peer_b->buf != nullptr); peer_b->request = 0; // will be set in "retry_read" situation - if (buf == NULL || size == 0) { + if (buf == nullptr || size == 0) { return 0; } @@ -195,14 +195,14 @@ BIO_clear_retry_flags(bio); - if (!bio->init || buf == NULL || num == 0) { + if (!bio->init || buf == nullptr || num == 0) { return 0; } b = reinterpret_cast<bio_bio_st *>(bio->ptr); - assert(b != NULL); - assert(b->peer != NULL); - assert(b->buf != NULL); + assert(b != nullptr); + assert(b->peer != nullptr); + assert(b->buf != nullptr); b->request = 0; if (b->closed) { @@ -265,35 +265,35 @@ size_t writebuf2_len) { struct bio_bio_st *b1, *b2; - assert(bio1 != NULL); - assert(bio2 != NULL); + assert(bio1 != nullptr); + assert(bio2 != nullptr); b1 = reinterpret_cast<bio_bio_st *>(bio1->ptr); b2 = reinterpret_cast<bio_bio_st *>(bio2->ptr); - if (b1->peer != NULL || b2->peer != NULL) { + if (b1->peer != nullptr || b2->peer != nullptr) { OPENSSL_PUT_ERROR(BIO, BIO_R_IN_USE); return 0; } - if (b1->buf == NULL) { + if (b1->buf == nullptr) { if (writebuf1_len) { b1->size = writebuf1_len; } b1->buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(b1->size)); - if (b1->buf == NULL) { + if (b1->buf == nullptr) { return 0; } b1->len = 0; b1->offset = 0; } - if (b2->buf == NULL) { + if (b2->buf == nullptr) { if (writebuf2_len) { b2->size = writebuf2_len; } b2->buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(b2->size)); - if (b2->buf == NULL) { + if (b2->buf == nullptr) { return 0; } b2->len = 0; @@ -414,12 +414,12 @@ size_t writebuf2_len) { BIO *bio1 = BIO_new(bio_s_bio()); BIO *bio2 = BIO_new(bio_s_bio()); - if (bio1 == NULL || bio2 == NULL || + if (bio1 == nullptr || bio2 == nullptr || !bio_make_pair(bio1, bio2, writebuf1_len, writebuf2_len)) { BIO_free(bio1); BIO_free(bio2); - *bio1_p = NULL; - *bio2_p = NULL; + *bio1_p = nullptr; + *bio2_p = nullptr; return 0; } @@ -429,13 +429,13 @@ } size_t BIO_ctrl_get_read_request(BIO *bio) { - return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL); + return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, nullptr); } size_t BIO_ctrl_get_write_guarantee(BIO *bio) { - return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL); + return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, nullptr); } int BIO_shutdown_wr(BIO *bio) { - return (int)BIO_ctrl(bio, BIO_C_SHUTDOWN_WR, 0, NULL); + return (int)BIO_ctrl(bio, BIO_C_SHUTDOWN_WR, 0, nullptr); }
diff --git a/crypto/bio/printf.cc b/crypto/bio/printf.cc index ca74f95..0837ee5 100644 --- a/crypto/bio/printf.cc +++ b/crypto/bio/printf.cc
@@ -39,7 +39,7 @@ // include a trailing NUL, but the buffer must be sized for it. out = reinterpret_cast<char *>(OPENSSL_malloc(requested_len + 1)); out_malloced = 1; - if (out == NULL) { + if (out == nullptr) { return -1; } va_start(args, format);
diff --git a/crypto/bio/socket.cc b/crypto/bio/socket.cc index 65d91b2..acf595a 100644 --- a/crypto/bio/socket.cc +++ b/crypto/bio/socket.cc
@@ -47,7 +47,7 @@ } static int sock_read(BIO *b, char *out, int outl) { - if (out == NULL) { + if (out == nullptr) { return 0; } @@ -129,8 +129,8 @@ BIO *ret; ret = BIO_new(BIO_s_socket()); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } BIO_set_fd(ret, fd, close_flag); return ret;
diff --git a/crypto/bn/bn_asn1.cc b/crypto/bn/bn_asn1.cc index 38b03eb..71b7ae1 100644 --- a/crypto/bn/bn_asn1.cc +++ b/crypto/bn/bn_asn1.cc
@@ -32,7 +32,7 @@ return 0; } - return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != NULL; + return BN_bin2bn(CBS_data(&child), CBS_len(&child), ret) != nullptr; } int BN_marshal_asn1(CBB *cbb, const BIGNUM *bn) {
diff --git a/crypto/bn/convert.cc b/crypto/bn/convert.cc index 59ea6d4..6996ee0 100644 --- a/crypto/bn/convert.cc +++ b/crypto/bn/convert.cc
@@ -41,8 +41,8 @@ char *buf = reinterpret_cast<char *>( OPENSSL_malloc(1 /* leading '-' */ + 1 /* zero is non-empty */ + width * BN_BYTES * 2 + 1 /* trailing NUL */)); - if (buf == NULL) { - return NULL; + if (buf == nullptr) { + return nullptr; } char *p = buf; @@ -139,11 +139,11 @@ static int bn_x2bn(BIGNUM **outp, const char *in, decode_func decode, char_test_func want_char) { - BIGNUM *ret = NULL; + BIGNUM *ret = nullptr; int neg = 0, i; int num; - if (in == NULL || *in == 0) { + if (in == nullptr || *in == 0) { return 0; } @@ -156,14 +156,14 @@ } num = i + neg; - if (outp == NULL) { + if (outp == nullptr) { return num; } // in is the start of the hex digits, and it is 'i' long - if (*outp == NULL) { + if (*outp == nullptr) { ret = BN_new(); - if (ret == NULL) { + if (ret == nullptr) { return 0; } } else { @@ -184,7 +184,7 @@ return num; err: - if (*outp == NULL) { + if (*outp == nullptr) { BN_free(ret); } @@ -300,7 +300,7 @@ int BN_print_fp(FILE *fp, const BIGNUM *a) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { return 0; } @@ -330,7 +330,7 @@ return 4; } - if (out == NULL) { + if (out == nullptr) { return 4 + len; } @@ -351,7 +351,7 @@ BIGNUM *BN_mpi2bn(const uint8_t *in, size_t len, BIGNUM *out) { if (len < 4) { OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); - return NULL; + return nullptr; } const size_t in_len = ((size_t)in[0] << 24) | // ((size_t)in[1] << 16) | // @@ -359,14 +359,14 @@ ((size_t)in[3]); if (in_len != len - 4) { OPENSSL_PUT_ERROR(BN, BN_R_BAD_ENCODING); - return NULL; + return nullptr; } int out_is_alloced = 0; - if (out == NULL) { + if (out == nullptr) { out = BN_new(); - if (out == NULL) { - return NULL; + if (out == nullptr) { + return nullptr; } out_is_alloced = 1; } @@ -377,11 +377,11 @@ } in += 4; - if (BN_bin2bn(in, in_len, out) == NULL) { + if (BN_bin2bn(in, in_len, out) == nullptr) { if (out_is_alloced) { BN_free(out); } - return NULL; + return nullptr; } out->neg = ((*in) & 0x80) != 0; if (out->neg) {
diff --git a/crypto/bn/div.cc b/crypto/bn/div.cc index 868a2a3..ce4c4c6 100644 --- a/crypto/bn/div.cc +++ b/crypto/bn/div.cc
@@ -30,7 +30,7 @@ // If |a| definitely has less than |e| bits, just BN_copy. if ((size_t)a->width < num_words) { - return BN_copy(r, a) != NULL; + return BN_copy(r, a) != nullptr; } // Otherwise, first make sure we have enough space in |r|.
diff --git a/crypto/bn/exponentiation.cc b/crypto/bn/exponentiation.cc index 07f9ec6..fcae5fe 100644 --- a/crypto/bn/exponentiation.cc +++ b/crypto/bn/exponentiation.cc
@@ -31,17 +31,17 @@ } BIGNUM *v = BN_CTX_get(ctx); - if (rr == NULL || v == NULL) { + if (rr == nullptr || v == nullptr) { return 0; } - if (BN_copy(v, a) == NULL) { + if (BN_copy(v, a) == nullptr) { return 0; } int bits = BN_num_bits(p); if (BN_is_odd(p)) { - if (BN_copy(rr, a) == NULL) { + if (BN_copy(rr, a) == nullptr) { return 0; } } else { @@ -114,7 +114,7 @@ } if (BN_is_odd(m)) { - return BN_mod_exp_mont(r, a, p, m, ctx, NULL); + return BN_mod_exp_mont(r, a, p, m, ctx, nullptr); } return mod_exp_even(r, a, p, m, ctx);
diff --git a/crypto/bn/sqrt.cc b/crypto/bn/sqrt.cc index e23f1a3..56a0f00 100644 --- a/crypto/bn/sqrt.cc +++ b/crypto/bn/sqrt.cc
@@ -39,7 +39,8 @@ tmp = BN_CTX_get(ctx); last_delta = BN_CTX_get(ctx); delta = BN_CTX_get(ctx); - if (estimate == NULL || tmp == NULL || last_delta == NULL || delta == NULL) { + if (estimate == nullptr || tmp == nullptr || last_delta == nullptr || + delta == nullptr) { goto err; } @@ -52,9 +53,8 @@ // |in| = 0. for (;;) { // |estimate| = 1/2 * (|estimate| + |in|/|estimate|) - if (!BN_div(tmp, NULL, in, estimate, ctx) || - !BN_add(tmp, tmp, estimate) || - !BN_rshift1(estimate, tmp) || + if (!BN_div(tmp, nullptr, in, estimate, ctx) || + !BN_add(tmp, tmp, estimate) || !BN_rshift1(estimate, tmp) || // |tmp| = |estimate|^2 !BN_sqr(tmp, estimate, ctx) || // |delta| = |in| - |tmp|
diff --git a/crypto/buf/buf.cc b/crypto/buf/buf.cc index cb797b2..aa41e56 100644 --- a/crypto/buf/buf.cc +++ b/crypto/buf/buf.cc
@@ -53,7 +53,7 @@ char *new_buf = reinterpret_cast<char *>(OPENSSL_realloc(buf->data, alloc_size)); - if (new_buf == NULL) { + if (new_buf == nullptr) { return 0; }
diff --git a/crypto/bytestring/asn1_compat.cc b/crypto/bytestring/asn1_compat.cc index 6c9770b..387445d 100644 --- a/crypto/bytestring/asn1_compat.cc +++ b/crypto/bytestring/asn1_compat.cc
@@ -39,10 +39,10 @@ OPENSSL_free(der); return -1; } - if (outp != NULL) { - if (*outp == NULL) { + if (outp != nullptr) { + if (*outp == nullptr) { *outp = der; - der = NULL; + der = nullptr; } else { OPENSSL_memcpy(*outp, der, der_len); *outp += der_len;
diff --git a/crypto/bytestring/ber.cc b/crypto/bytestring/ber.cc index 758bf0a..ebd5310 100644 --- a/crypto/bytestring/ber.cc +++ b/crypto/bytestring/ber.cc
@@ -128,7 +128,7 @@ int indefinite; CBB *out_contents, out_contents_storage; if (!CBS_get_any_ber_asn1_element(in, &contents, &tag, &header_len, - /*out_ber_found=*/NULL, &indefinite)) { + /*out_ber_found=*/nullptr, &indefinite)) { return 0; } @@ -200,10 +200,10 @@ } if (!conversion_needed) { - if (!CBS_get_any_asn1_element(in, out, NULL, NULL)) { + if (!CBS_get_any_asn1_element(in, out, nullptr, nullptr)) { return 0; } - *out_storage = NULL; + *out_storage = nullptr; return 1; } @@ -228,7 +228,7 @@ if (CBS_peek_asn1_tag(in, outer_tag)) { // Normal implicitly-tagged string. - *out_storage = NULL; + *out_storage = nullptr; return CBS_get_asn1(in, out, outer_tag); }
diff --git a/crypto/bytestring/bytestring_test.cc b/crypto/bytestring/bytestring_test.cc index 5f3fe4b..9f6a2c4 100644 --- a/crypto/bytestring/bytestring_test.cc +++ b/crypto/bytestring/bytestring_test.cc
@@ -194,11 +194,11 @@ // wrong tag. EXPECT_FALSE(CBS_get_asn1(&data, &contents, 0x31)); - CBS_init(&data, NULL, 0); + CBS_init(&data, nullptr, 0); // peek at empty data. EXPECT_FALSE(CBS_peek_asn1_tag(&data, CBS_ASN1_SEQUENCE)); - CBS_init(&data, NULL, 0); + CBS_init(&data, nullptr, 0); // optional elements at empty data. ASSERT_TRUE(CBS_get_optional_asn1( &data, &contents, &present, @@ -210,7 +210,7 @@ EXPECT_FALSE(present); EXPECT_EQ(0u, CBS_len(&contents)); ASSERT_TRUE(CBS_get_optional_asn1_octet_string( - &data, &contents, NULL, + &data, &contents, nullptr, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)); EXPECT_EQ(0u, CBS_len(&contents)); ASSERT_TRUE(CBS_get_optional_asn1_uint64( @@ -271,15 +271,15 @@ CBS_init(&data, kData1, sizeof(kData1)); // We should be able to ignore the contents and get the tag. - ASSERT_TRUE(CBS_get_any_asn1(&data, NULL, &tag)); + ASSERT_TRUE(CBS_get_any_asn1(&data, nullptr, &tag)); EXPECT_EQ(CBS_ASN1_SEQUENCE, tag); // We should be able to ignore the tag and get the contents. CBS_init(&data, kData1, sizeof(kData1)); - ASSERT_TRUE(CBS_get_any_asn1(&data, &contents, NULL)); + ASSERT_TRUE(CBS_get_any_asn1(&data, &contents, nullptr)); EXPECT_EQ(Bytes("\x01\x02"), Bytes(CBS_data(&contents), CBS_len(&contents))); // We should be able to ignore both the tag and contents. CBS_init(&data, kData1, sizeof(kData1)); - ASSERT_TRUE(CBS_get_any_asn1(&data, NULL, NULL)); + ASSERT_TRUE(CBS_get_any_asn1(&data, nullptr, nullptr)); size_t header_len; CBS_init(&data, kData1, sizeof(kData1)); @@ -344,7 +344,7 @@ static const uint8_t kInvalid[] = {0x0a, 3, CBS_ASN1_BOOLEAN, 1, 0x01}; CBS data; - CBS_init(&data, NULL, 0); + CBS_init(&data, nullptr, 0); int val = 2; ASSERT_TRUE(CBS_get_optional_asn1_bool(&data, &val, 0x0a, 0)); EXPECT_EQ(0, val); @@ -407,9 +407,9 @@ uint8_t *out_buf; size_t out_size; - ASSERT_TRUE(CBB_init_fixed(&cbb, NULL, 0)); + ASSERT_TRUE(CBB_init_fixed(&cbb, nullptr, 0)); ASSERT_TRUE(CBB_finish(&cbb, &out_buf, &out_size)); - EXPECT_EQ(NULL, out_buf); + EXPECT_EQ(nullptr, out_buf); EXPECT_EQ(0u, out_size); ASSERT_TRUE(CBB_init_fixed(&cbb, buf, 1)); @@ -1207,7 +1207,7 @@ CBS_init(&cbs, (const uint8_t *)test.encoding, test.encoding_len); CBS child; if (CBS_get_asn1(&cbs, &child, CBS_ASN1_INTEGER)) { - EXPECT_EQ(test.overflow, !!CBS_is_valid_asn1_integer(&child, NULL)); + EXPECT_EQ(test.overflow, !!CBS_is_valid_asn1_integer(&child, nullptr)); } } @@ -1266,7 +1266,7 @@ EXPECT_EQ(buf, ptr); // Advancing under the maximum bytes is legal. ASSERT_TRUE(CBB_did_write(cbb.get(), 5)); - ASSERT_TRUE(CBB_finish(cbb.get(), NULL, &len)); + ASSERT_TRUE(CBB_finish(cbb.get(), nullptr, &len)); EXPECT_EQ(5u, len); } @@ -1820,9 +1820,10 @@ SCOPED_TRACE(t.timestring); CBS cbs; CBS_init(&cbs, (const uint8_t *)t.timestring, strlen(t.timestring)); - EXPECT_FALSE(CBS_parse_generalized_time(&cbs, NULL, + EXPECT_FALSE(CBS_parse_generalized_time(&cbs, nullptr, /*allow_timezone_offset=*/0)); - EXPECT_FALSE(CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/1)); + EXPECT_FALSE( + CBS_parse_utc_time(&cbs, nullptr, /*allow_timezone_offset=*/1)); } static const struct { const char *timestring; @@ -1834,12 +1835,13 @@ SCOPED_TRACE(t.timestring); CBS cbs; CBS_init(&cbs, (const uint8_t *)t.timestring, strlen(t.timestring)); - EXPECT_FALSE(CBS_parse_generalized_time(&cbs, NULL, + EXPECT_FALSE(CBS_parse_generalized_time(&cbs, nullptr, /*allow_timezone_offset=*/0)); - EXPECT_FALSE(CBS_parse_generalized_time(&cbs, NULL, + EXPECT_FALSE(CBS_parse_generalized_time(&cbs, nullptr, /*allow_timezone_offset=*/1)); - EXPECT_TRUE(CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/1)); - EXPECT_FALSE(CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/0)); + EXPECT_TRUE(CBS_parse_utc_time(&cbs, nullptr, /*allow_timezone_offset=*/1)); + EXPECT_FALSE( + CBS_parse_utc_time(&cbs, nullptr, /*allow_timezone_offset=*/0)); } static const struct { const char *timestring; @@ -1852,9 +1854,10 @@ SCOPED_TRACE(t.timestring); CBS cbs; CBS_init(&cbs, (const uint8_t *)t.timestring, strlen(t.timestring)); - EXPECT_FALSE(CBS_parse_generalized_time(&cbs, NULL, + EXPECT_FALSE(CBS_parse_generalized_time(&cbs, nullptr, /*allow_timezone_offset=*/0)); - EXPECT_FALSE(CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/1)); + EXPECT_FALSE( + CBS_parse_utc_time(&cbs, nullptr, /*allow_timezone_offset=*/1)); } static const struct { const char *timestring; @@ -1868,12 +1871,14 @@ SCOPED_TRACE(t.timestring); CBS cbs; CBS_init(&cbs, (const uint8_t *)t.timestring, strlen(t.timestring)); - EXPECT_FALSE(CBS_parse_generalized_time(&cbs, NULL, + EXPECT_FALSE(CBS_parse_generalized_time(&cbs, nullptr, /*allow_timezone_offset=*/0)); - EXPECT_TRUE(CBS_parse_generalized_time(&cbs, NULL, + EXPECT_TRUE(CBS_parse_generalized_time(&cbs, nullptr, /*allow_timezone_offset=*/1)); - EXPECT_FALSE(CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/1)); - EXPECT_FALSE(CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/0)); + EXPECT_FALSE( + CBS_parse_utc_time(&cbs, nullptr, /*allow_timezone_offset=*/1)); + EXPECT_FALSE( + CBS_parse_utc_time(&cbs, nullptr, /*allow_timezone_offset=*/0)); } static const struct { const char *timestring; @@ -1886,9 +1891,10 @@ SCOPED_TRACE(t.timestring); CBS cbs; CBS_init(&cbs, (const uint8_t *)t.timestring, strlen(t.timestring)); - EXPECT_FALSE(CBS_parse_generalized_time(&cbs, NULL, + EXPECT_FALSE(CBS_parse_generalized_time(&cbs, nullptr, /*allow_timezone_offset=*/0)); - EXPECT_FALSE(CBS_parse_utc_time(&cbs, NULL, /*allow_timezone_offset=*/1)); + EXPECT_FALSE( + CBS_parse_utc_time(&cbs, nullptr, /*allow_timezone_offset=*/1)); } }
diff --git a/crypto/bytestring/cbb.cc b/crypto/bytestring/cbb.cc index 86b772b..2d004bf 100644 --- a/crypto/bytestring/cbb.cc +++ b/crypto/bytestring/cbb.cc
@@ -28,7 +28,7 @@ static void cbb_init(CBB *cbb, uint8_t *buf, size_t cap, int can_resize) { cbb->is_child = 0; - cbb->child = NULL; + cbb->child = nullptr; cbb->u.base.buf = buf; cbb->u.base.len = 0; cbb->u.base.cap = cap; @@ -40,7 +40,7 @@ CBB_zero(cbb); uint8_t *buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(initial_capacity)); - if (initial_capacity > 0 && buf == NULL) { + if (initial_capacity > 0 && buf == nullptr) { return 0; } @@ -69,7 +69,7 @@ static int cbb_buffer_reserve(struct cbb_buffer_st *base, uint8_t **out, size_t len) { - if (base == NULL) { + if (base == nullptr) { return 0; } @@ -92,7 +92,7 @@ } uint8_t *newbuf = reinterpret_cast<uint8_t *>(OPENSSL_realloc(base->buf, newcap)); - if (newbuf == NULL) { + if (newbuf == nullptr) { goto err; } @@ -131,18 +131,18 @@ return 0; } - if (cbb->u.base.can_resize && (out_data == NULL || out_len == NULL)) { + if (cbb->u.base.can_resize && (out_data == nullptr || out_len == nullptr)) { // |out_data| and |out_len| can only be NULL if the CBB is fixed. return 0; } - if (out_data != NULL) { + if (out_data != nullptr) { *out_data = cbb->u.base.buf; } - if (out_len != NULL) { + if (out_len != nullptr) { *out_len = cbb->u.base.len; } - cbb->u.base.buf = NULL; + cbb->u.base.buf = nullptr; CBB_cleanup(cbb); return 1; } @@ -174,7 +174,7 @@ // Clearing the pointer is not strictly necessary, but GCC's dangling pointer // warning does not know |cbb->child| will not be read once |error| is set // above. - cbb->child = NULL; + cbb->child = nullptr; } // CBB_flush recurses and then writes out any pending length prefix. The @@ -185,11 +185,11 @@ // fail all following calls. In particular, |cbb->child| may point to invalid // memory. struct cbb_buffer_st *base = cbb_get_base(cbb); - if (base == NULL || base->error) { + if (base == nullptr || base->error) { return 0; } - if (cbb->child == NULL) { + if (cbb->child == nullptr) { // Nothing to flush. return 1; } @@ -241,7 +241,7 @@ if (len_len != 1) { // We need to move the contents along in order to make space. size_t extra_bytes = len_len - 1; - if (!cbb_buffer_add(base, NULL, extra_bytes)) { + if (!cbb_buffer_add(base, nullptr, extra_bytes)) { goto err; } OPENSSL_memmove(base->buf + child_start + extra_bytes, @@ -260,8 +260,8 @@ goto err; } - child->base = NULL; - cbb->child = NULL; + child->base = nullptr; + cbb->child = nullptr; return 1; @@ -271,7 +271,7 @@ } const uint8_t *CBB_data(const CBB *cbb) { - assert(cbb->child == NULL); + assert(cbb->child == nullptr); if (cbb->is_child) { return cbb->u.child.base->buf + cbb->u.child.offset + cbb->u.child.pending_len_len; @@ -280,7 +280,7 @@ } size_t CBB_len(const CBB *cbb) { - assert(cbb->child == NULL); + assert(cbb->child == nullptr); if (cbb->is_child) { assert(cbb->u.child.offset + cbb->u.child.pending_len_len <= cbb->u.child.base->len); @@ -292,7 +292,7 @@ static int cbb_add_child(CBB *cbb, CBB *out_child, uint8_t len_len, int is_asn1) { - assert(cbb->child == NULL); + assert(cbb->child == nullptr); assert(!is_asn1 || len_len == 1); struct cbb_buffer_st *base = cbb_get_base(cbb); size_t offset = base->len; @@ -419,7 +419,7 @@ int CBB_did_write(CBB *cbb, size_t len) { struct cbb_buffer_st *base = cbb_get_base(cbb); size_t newlen = base->len + len; - if (cbb->child != NULL || newlen < base->len || newlen > base->cap) { + if (cbb->child != nullptr || newlen < base->len || newlen > base->cap) { return 0; } base->len = newlen; @@ -476,7 +476,7 @@ } void CBB_discard_child(CBB *cbb) { - if (cbb->child == NULL) { + if (cbb->child == nullptr) { return; } @@ -484,8 +484,8 @@ assert(cbb->child->is_child); base->len = cbb->child->u.child.offset; - cbb->child->u.child.base = NULL; - cbb->child = NULL; + cbb->child->u.child.base = nullptr; + cbb->child = nullptr; } int CBB_add_asn1_element(CBB *cbb, CBS_ASN1_TAG tag, const uint8_t *data, @@ -666,7 +666,7 @@ size_t num_children = 0; CBS_init(&cbs, CBB_data(cbb), CBB_len(cbb)); while (CBS_len(&cbs) != 0) { - if (!CBS_get_any_asn1_element(&cbs, NULL, NULL, NULL)) { + if (!CBS_get_any_asn1_element(&cbs, nullptr, nullptr, nullptr)) { OPENSSL_PUT_ERROR(CRYPTO, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -687,12 +687,12 @@ reinterpret_cast<CBS *>(OPENSSL_calloc(num_children, sizeof(CBS))); uint8_t *out; size_t offset = 0; - if (buf == NULL || children == NULL) { + if (buf == nullptr || children == nullptr) { goto err; } CBS_init(&cbs, buf, buf_len); for (size_t i = 0; i < num_children; i++) { - if (!CBS_get_any_asn1_element(&cbs, &children[i], NULL, NULL)) { + if (!CBS_get_any_asn1_element(&cbs, &children[i], nullptr, nullptr)) { goto err; } }
diff --git a/crypto/bytestring/cbs.cc b/crypto/bytestring/cbs.cc index fd11c5a..55bb149 100644 --- a/crypto/bytestring/cbs.cc +++ b/crypto/bytestring/cbs.cc
@@ -44,14 +44,14 @@ int CBS_stow(const CBS *cbs, uint8_t **out_ptr, size_t *out_len) { OPENSSL_free(*out_ptr); - *out_ptr = NULL; + *out_ptr = nullptr; *out_len = 0; if (cbs->len == 0) { return 1; } *out_ptr = reinterpret_cast<uint8_t *>(OPENSSL_memdup(cbs->data, cbs->len)); - if (*out_ptr == NULL) { + if (*out_ptr == nullptr) { return 0; } *out_len = cbs->len; @@ -59,15 +59,15 @@ } int CBS_strdup(const CBS *cbs, char **out_ptr) { - if (*out_ptr != NULL) { + if (*out_ptr != nullptr) { OPENSSL_free(*out_ptr); } *out_ptr = OPENSSL_strndup((const char *)cbs->data, cbs->len); - return (*out_ptr != NULL); + return (*out_ptr != nullptr); } int CBS_contains_zero_byte(const CBS *cbs) { - return OPENSSL_memchr(cbs->data, 0, cbs->len) != NULL; + return OPENSSL_memchr(cbs->data, 0, cbs->len) != nullptr; } int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len) { @@ -207,7 +207,7 @@ int CBS_get_until_first(CBS *cbs, CBS *out, uint8_t c) { const uint8_t *split = reinterpret_cast<const uint8_t *>( OPENSSL_memchr(CBS_data(cbs), c, CBS_len(cbs))); - if (split == NULL) { + if (split == nullptr) { return 0; } return CBS_get_bytes(cbs, out, split - CBS_data(cbs)); @@ -309,22 +309,22 @@ CBS header = *cbs; CBS throwaway; - if (out == NULL) { + if (out == nullptr) { out = &throwaway; } if (ber_ok) { *out_ber_found = 0; *out_indefinite = 0; } else { - assert(out_ber_found == NULL); - assert(out_indefinite == NULL); + assert(out_ber_found == nullptr); + assert(out_indefinite == nullptr); } CBS_ASN1_TAG tag; if (!parse_asn1_tag(&header, &tag)) { return 0; } - if (out_tag != NULL) { + if (out_tag != nullptr) { *out_tag = tag; } @@ -341,7 +341,7 @@ if ((length_byte & 0x80) == 0) { // Short form length. len = ((size_t)length_byte) + header_len; - if (out_header_len != NULL) { + if (out_header_len != nullptr) { *out_header_len = header_len; } } else { @@ -353,7 +353,7 @@ if (ber_ok && (tag & CBS_ASN1_CONSTRUCTED) != 0 && num_bytes == 0) { // indefinite length - if (out_header_len != NULL) { + if (out_header_len != nullptr) { *out_header_len = header_len; } *out_ber_found = 1; @@ -396,7 +396,7 @@ return 0; } len += header_len + num_bytes; - if (out_header_len != NULL) { + if (out_header_len != nullptr) { *out_header_len = header_len + num_bytes; } } @@ -420,7 +420,8 @@ int CBS_get_any_asn1_element(CBS *cbs, CBS *out, CBS_ASN1_TAG *out_tag, size_t *out_header_len) { - return cbs_get_any_asn1_element(cbs, out, out_tag, out_header_len, NULL, NULL, + return cbs_get_any_asn1_element(cbs, out, out_tag, out_header_len, nullptr, + nullptr, /*ber_ok=*/0); } @@ -440,7 +441,7 @@ CBS_ASN1_TAG tag; CBS throwaway; - if (out == NULL) { + if (out == nullptr) { out = &throwaway; } @@ -546,7 +547,7 @@ present = 1; } - if (out_present != NULL) { + if (out_present != nullptr) { *out_present = present; } @@ -567,7 +568,7 @@ return 0; } } else { - CBS_init(out, NULL, 0); + CBS_init(out, nullptr, 0); } if (out_present) { *out_present = present; @@ -663,7 +664,7 @@ if (!CBS_get_u8(©, &first_byte)) { return 0; // INTEGERs may not be empty. } - if (out_is_negative != NULL) { + if (out_is_negative != nullptr) { *out_is_negative = (first_byte & 0x80) != 0; } if (!CBS_get_u8(©, &second_byte)) { @@ -750,7 +751,7 @@ err: CBB_cleanup(&cbb); - return NULL; + return nullptr; } static int cbs_get_two_digits(CBS *cbs, int *out) { @@ -886,7 +887,7 @@ return 0; // Reject invalid lengths. } - if (out_tm != NULL) { + if (out_tm != nullptr) { // Fill in the tm fields corresponding to what we validated. out_tm->tm_year = year - 1900; out_tm->tm_mon = month - 1;
diff --git a/crypto/cipher/aead_test.cc b/crypto/cipher/aead_test.cc index 5aa22a8..a84e67d 100644 --- a/crypto/cipher/aead_test.cc +++ b/crypto/cipher/aead_test.cc
@@ -455,13 +455,13 @@ EVP_AEAD_CTX ctx; ASSERT_FALSE(EVP_AEAD_CTX_init( &ctx, aead(), key, key_len, - 9999 /* a silly tag length to trigger an error */, NULL /* ENGINE */)); + 9999 /* a silly tag length to trigger an error */, nullptr /* ENGINE */)); ERR_clear_error(); // Running a second, failed _init should not cause a memory leak. ASSERT_FALSE(EVP_AEAD_CTX_init( &ctx, aead(), key, key_len, - 9999 /* a silly tag length to trigger an error */, NULL /* ENGINE */)); + 9999 /* a silly tag length to trigger an error */, nullptr /* ENGINE */)); ERR_clear_error(); // Calling _cleanup on an |EVP_AEAD_CTX| after a failed _init should be a @@ -487,7 +487,7 @@ const size_t tag_len = MinimumTagLength(GetParam().flags); bssl::ScopedEVP_AEAD_CTX ctx; ASSERT_TRUE(EVP_AEAD_CTX_init(ctx.get(), aead(), key, key_len, tag_len, - NULL /* ENGINE */)); + nullptr /* ENGINE */)); const uint8_t plaintext[1] = {'A'};
diff --git a/crypto/cipher/e_aesctrhmac.cc b/crypto/cipher/e_aesctrhmac.cc index 3f624e2..0970a49 100644 --- a/crypto/cipher/e_aesctrhmac.cc +++ b/crypto/cipher/e_aesctrhmac.cc
@@ -39,7 +39,7 @@ SHA256_CTX outer_init_state; }; -static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= +static_assert(sizeof(((EVP_AEAD_CTX *)nullptr)->state) >= sizeof(struct aead_aes_ctr_hmac_sha256_ctx), "AEAD state is too small"); static_assert(alignof(union evp_aead_ctx_st_state) >= @@ -96,8 +96,8 @@ return 0; } - aes_ctx->ctr = - aes_ctr_set_key(&aes_ctx->ks.ks, NULL, &aes_ctx->block, key, aes_key_len); + aes_ctx->ctr = aes_ctr_set_key(&aes_ctx->ks.ks, nullptr, &aes_ctx->block, key, + aes_key_len); ctx->tag_len = tag_len; hmac_init(&aes_ctx->inner_init_state, &aes_ctx->outer_init_state, key + aes_key_len); @@ -244,13 +244,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_ctr_hmac_sha256_init, - NULL /* init_with_direction */, + nullptr /* init_with_direction */, aead_aes_ctr_hmac_sha256_cleanup, - NULL /* open */, + nullptr /* open */, aead_aes_ctr_hmac_sha256_seal_scatter, aead_aes_ctr_hmac_sha256_open_gather, - NULL /* get_iv */, - NULL /* tag_len */, + nullptr /* get_iv */, + nullptr /* tag_len */, }; static const EVP_AEAD aead_aes_256_ctr_hmac_sha256 = { @@ -261,13 +261,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_ctr_hmac_sha256_init, - NULL /* init_with_direction */, + nullptr /* init_with_direction */, aead_aes_ctr_hmac_sha256_cleanup, - NULL /* open */, + nullptr /* open */, aead_aes_ctr_hmac_sha256_seal_scatter, aead_aes_ctr_hmac_sha256_open_gather, - NULL /* get_iv */, - NULL /* tag_len */, + nullptr /* get_iv */, + nullptr /* tag_len */, }; const EVP_AEAD *EVP_aead_aes_128_ctr_hmac_sha256(void) {
diff --git a/crypto/cipher/e_aeseax.cc b/crypto/cipher/e_aeseax.cc index e4c8781..0a567ad 100644 --- a/crypto/cipher/e_aeseax.cc +++ b/crypto/cipher/e_aeseax.cc
@@ -258,13 +258,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_eax_init, - NULL, // init_with_direction + nullptr, // init_with_direction aead_aes_eax_cleanup, - NULL, // open + nullptr, // open aead_aes_eax_seal_scatter, aead_aes_eax_open_gather, - NULL, // get_iv - NULL, // tag_len + nullptr, // get_iv + nullptr, // tag_len }; static const EVP_AEAD aead_aes_256_eax = { @@ -275,13 +275,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_eax_init, - NULL, // init_with_direction + nullptr, // init_with_direction aead_aes_eax_cleanup, - NULL, // open + nullptr, // open aead_aes_eax_seal_scatter, aead_aes_eax_open_gather, - NULL, // get_iv - NULL, // tag_len + nullptr, // get_iv + nullptr, // tag_len }; const EVP_AEAD *EVP_aead_aes_128_eax(void) { return &aead_aes_128_eax; }
diff --git a/crypto/cipher/e_aesgcmsiv.cc b/crypto/cipher/e_aesgcmsiv.cc index a7b38c6..37fb18c 100644 --- a/crypto/cipher/e_aesgcmsiv.cc +++ b/crypto/cipher/e_aesgcmsiv.cc
@@ -44,7 +44,7 @@ // The assembly code assumes 8-byte alignment of the EVP_AEAD_CTX's state, and // aligns to 16 bytes itself. -static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) + 8 >= +static_assert(sizeof(((EVP_AEAD_CTX *)nullptr)->state) + 8 >= sizeof(struct aead_aes_gcm_siv_asm_ctx), "AEAD state is too small"); static_assert(alignof(union evp_aead_ctx_st_state) >= 8, @@ -504,13 +504,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_gcm_siv_asm_init, - NULL /* init_with_direction */, + nullptr /* init_with_direction */, aead_aes_gcm_siv_asm_cleanup, - NULL /* open */, + nullptr /* open */, aead_aes_gcm_siv_asm_seal_scatter, aead_aes_gcm_siv_asm_open_gather, - NULL /* get_iv */, - NULL /* tag_len */, + nullptr /* get_iv */, + nullptr /* tag_len */, }; const EVP_AEAD aead_aes_256_gcm_siv_asm = { @@ -521,13 +521,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_gcm_siv_asm_init, - NULL /* init_with_direction */, + nullptr /* init_with_direction */, aead_aes_gcm_siv_asm_cleanup, - NULL /* open */, + nullptr /* open */, aead_aes_gcm_siv_asm_seal_scatter, aead_aes_gcm_siv_asm_open_gather, - NULL /* get_iv */, - NULL /* tag_len */, + nullptr /* get_iv */, + nullptr /* tag_len */, }; #endif // X86_64 && !NO_ASM && !WINDOWS @@ -542,7 +542,7 @@ unsigned is_256 : 1; }; -static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= +static_assert(sizeof(((EVP_AEAD_CTX *)nullptr)->state) >= sizeof(struct aead_aes_gcm_siv_ctx), "AEAD state is too small"); static_assert(alignof(union evp_aead_ctx_st_state) >= @@ -570,7 +570,7 @@ (struct aead_aes_gcm_siv_ctx *)&ctx->state; OPENSSL_memset(gcm_siv_ctx, 0, sizeof(struct aead_aes_gcm_siv_ctx)); - aes_ctr_set_key(&gcm_siv_ctx->ks.ks, NULL, &gcm_siv_ctx->kgk_block, key, + aes_ctr_set_key(&gcm_siv_ctx->ks.ks, nullptr, &gcm_siv_ctx->kgk_block, key, key_len); gcm_siv_ctx->is_256 = (key_len == 32); ctx->tag_len = tag_len; @@ -772,7 +772,7 @@ // We currently do not consider AES-GCM-SIV to be performance-sensitive on // client hardware. If this changes, we can write little-endian |ctr128_f| // functions. - aes_ctr_set_key(&out_keys->enc_key.ks, NULL, &out_keys->enc_block, + aes_ctr_set_key(&out_keys->enc_key.ks, nullptr, &out_keys->enc_block, key_material + 16, gcm_siv_ctx->is_256 ? 32 : 16); } @@ -870,13 +870,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_gcm_siv_init, - NULL /* init_with_direction */, + nullptr /* init_with_direction */, aead_aes_gcm_siv_cleanup, - NULL /* open */, + nullptr /* open */, aead_aes_gcm_siv_seal_scatter, aead_aes_gcm_siv_open_gather, - NULL /* get_iv */, - NULL /* tag_len */, + nullptr /* get_iv */, + nullptr /* tag_len */, }; const EVP_AEAD aead_aes_256_gcm_siv = { @@ -887,13 +887,13 @@ 0, // seal_scatter_supports_extra_in aead_aes_gcm_siv_init, - NULL /* init_with_direction */, + nullptr /* init_with_direction */, aead_aes_gcm_siv_cleanup, - NULL /* open */, + nullptr /* open */, aead_aes_gcm_siv_seal_scatter, aead_aes_gcm_siv_open_gather, - NULL /* get_iv */, - NULL /* tag_len */, + nullptr /* get_iv */, + nullptr /* tag_len */, }; } // namespace
diff --git a/crypto/cipher/e_chacha20poly1305.cc b/crypto/cipher/e_chacha20poly1305.cc index d1a9b34..f13999c 100644 --- a/crypto/cipher/e_chacha20poly1305.cc +++ b/crypto/cipher/e_chacha20poly1305.cc
@@ -32,7 +32,7 @@ uint8_t key[32]; }; -static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= +static_assert(sizeof(((EVP_AEAD_CTX *)nullptr)->state) >= sizeof(struct aead_chacha20_poly1305_ctx), "AEAD state is too small"); static_assert(alignof(union evp_aead_ctx_st_state) >= @@ -251,7 +251,7 @@ OPENSSL_memcpy(data.in.nonce, nonce, 12); chacha20_poly1305_open(out, in, in_len, ad, ad_len, &data); } else { - calc_tag(data.out.tag, key, nonce, ad, ad_len, in, in_len, NULL, 0); + calc_tag(data.out.tag, key, nonce, ad, ad_len, in, in_len, nullptr, 0); CRYPTO_chacha_20(out, in, in_len, key, nonce, 1); } @@ -306,13 +306,13 @@ 1, // seal_scatter_supports_extra_in aead_chacha20_poly1305_init, - NULL, // init_with_direction + nullptr, // init_with_direction aead_chacha20_poly1305_cleanup, - NULL /* open */, + nullptr /* open */, aead_chacha20_poly1305_seal_scatter, aead_chacha20_poly1305_open_gather, - NULL, // get_iv - NULL, // tag_len + nullptr, // get_iv + nullptr, // tag_len }; static const EVP_AEAD aead_xchacha20_poly1305 = { @@ -323,13 +323,13 @@ 1, // seal_scatter_supports_extra_in aead_chacha20_poly1305_init, - NULL, // init_with_direction + nullptr, // init_with_direction aead_chacha20_poly1305_cleanup, - NULL /* open */, + nullptr /* open */, aead_xchacha20_poly1305_seal_scatter, aead_xchacha20_poly1305_open_gather, - NULL, // get_iv - NULL, // tag_len + nullptr, // get_iv + nullptr, // tag_len }; const EVP_AEAD *EVP_aead_chacha20_poly1305(void) {
diff --git a/crypto/cipher/e_tls.cc b/crypto/cipher/e_tls.cc index d803ea6..39aaa2f 100644 --- a/crypto/cipher/e_tls.cc +++ b/crypto/cipher/e_tls.cc
@@ -43,7 +43,7 @@ static_assert(EVP_MAX_MD_SIZE < 256, "mac_key_len does not fit in uint8_t"); -static_assert(sizeof(((EVP_AEAD_CTX *)NULL)->state) >= sizeof(AEAD_TLS_CTX), +static_assert(sizeof(((EVP_AEAD_CTX *)nullptr)->state) >= sizeof(AEAD_TLS_CTX), "AEAD state is too small"); static_assert(alignof(union evp_aead_ctx_st_state) >= alignof(AEAD_TLS_CTX), "AEAD state has insufficient alignment"); @@ -85,10 +85,11 @@ tls_ctx->mac_key_len = (uint8_t)mac_key_len; tls_ctx->implicit_iv = implicit_iv; - if (!EVP_CipherInit_ex(&tls_ctx->cipher_ctx, cipher, NULL, &key[mac_key_len], - implicit_iv ? &key[mac_key_len + enc_key_len] : NULL, - dir == evp_aead_seal) || - !HMAC_Init_ex(tls_ctx->hmac_ctx, key, mac_key_len, md, NULL)) { + if (!EVP_CipherInit_ex( + &tls_ctx->cipher_ctx, cipher, nullptr, &key[mac_key_len], + implicit_iv ? &key[mac_key_len + enc_key_len] : nullptr, + dir == evp_aead_seal) || + !HMAC_Init_ex(tls_ctx->hmac_ctx, key, mac_key_len, md, nullptr)) { aead_tls_cleanup(ctx); return 0; } @@ -163,7 +164,7 @@ // in-place. uint8_t mac[EVP_MAX_MD_SIZE]; unsigned mac_len; - if (!HMAC_Init_ex(tls_ctx->hmac_ctx, NULL, 0, NULL, NULL) || + if (!HMAC_Init_ex(tls_ctx->hmac_ctx, nullptr, 0, nullptr, nullptr) || !HMAC_Update(tls_ctx->hmac_ctx, ad, ad_len) || !HMAC_Update(tls_ctx->hmac_ctx, ad_extra, sizeof(ad_extra)) || !HMAC_Update(tls_ctx->hmac_ctx, in, in_len) || @@ -174,7 +175,8 @@ // Configure the explicit IV. if (EVP_CIPHER_CTX_mode(&tls_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE && !tls_ctx->implicit_iv && - !EVP_EncryptInit_ex(&tls_ctx->cipher_ctx, NULL, NULL, NULL, nonce)) { + !EVP_EncryptInit_ex(&tls_ctx->cipher_ctx, nullptr, nullptr, nullptr, + nonce)) { return 0; } @@ -280,7 +282,8 @@ // Configure the explicit IV. if (EVP_CIPHER_CTX_mode(&tls_ctx->cipher_ctx) == EVP_CIPH_CBC_MODE && !tls_ctx->implicit_iv && - !EVP_DecryptInit_ex(&tls_ctx->cipher_ctx, NULL, NULL, NULL, nonce)) { + !EVP_DecryptInit_ex(&tls_ctx->cipher_ctx, nullptr, nullptr, nullptr, + nonce)) { return 0; } @@ -356,7 +359,7 @@ assert(EVP_CIPHER_CTX_mode(&tls_ctx->cipher_ctx) != EVP_CIPH_CBC_MODE); unsigned mac_len_u; - if (!HMAC_Init_ex(tls_ctx->hmac_ctx, NULL, 0, NULL, NULL) || + if (!HMAC_Init_ex(tls_ctx->hmac_ctx, nullptr, 0, nullptr, nullptr) || !HMAC_Update(tls_ctx->hmac_ctx, ad_fixed, ad_len) || !HMAC_Update(tls_ctx->hmac_ctx, out, data_len) || !HMAC_Final(tls_ctx->hmac_ctx, mac, &mac_len_u)) { @@ -462,13 +465,13 @@ SHA_DIGEST_LENGTH, // max tag length 0, // seal_scatter_supports_extra_in - NULL, // init + nullptr, // init aead_aes_128_cbc_sha1_tls_init, aead_tls_cleanup, aead_tls_open, aead_tls_seal_scatter, - NULL, // open_gather - NULL, // get_iv + nullptr, // open_gather + nullptr, // get_iv aead_tls_tag_len, }; @@ -479,12 +482,12 @@ SHA_DIGEST_LENGTH, // max tag length 0, // seal_scatter_supports_extra_in - NULL, // init + nullptr, // init aead_aes_128_cbc_sha1_tls_implicit_iv_init, aead_tls_cleanup, aead_tls_open, aead_tls_seal_scatter, - NULL, // open_gather + nullptr, // open_gather aead_tls_get_iv, // get_iv aead_tls_tag_len, }; @@ -496,13 +499,13 @@ SHA256_DIGEST_LENGTH, // max tag length 0, // seal_scatter_supports_extra_in - NULL, // init + nullptr, // init aead_aes_128_cbc_sha256_tls_init, aead_tls_cleanup, aead_tls_open, aead_tls_seal_scatter, - NULL, // open_gather - NULL, // get_iv + nullptr, // open_gather + nullptr, // get_iv aead_tls_tag_len, }; @@ -513,13 +516,13 @@ SHA_DIGEST_LENGTH, // max tag length 0, // seal_scatter_supports_extra_in - NULL, // init + nullptr, // init aead_aes_256_cbc_sha1_tls_init, aead_tls_cleanup, aead_tls_open, aead_tls_seal_scatter, - NULL, // open_gather - NULL, // get_iv + nullptr, // open_gather + nullptr, // get_iv aead_tls_tag_len, }; @@ -530,12 +533,12 @@ SHA_DIGEST_LENGTH, // max tag length 0, // seal_scatter_supports_extra_in - NULL, // init + nullptr, // init aead_aes_256_cbc_sha1_tls_implicit_iv_init, aead_tls_cleanup, aead_tls_open, aead_tls_seal_scatter, - NULL, // open_gather + nullptr, // open_gather aead_tls_get_iv, // get_iv aead_tls_tag_len, }; @@ -547,13 +550,13 @@ SHA_DIGEST_LENGTH, // max tag length 0, // seal_scatter_supports_extra_in - NULL, // init + nullptr, // init aead_des_ede3_cbc_sha1_tls_init, aead_tls_cleanup, aead_tls_open, aead_tls_seal_scatter, - NULL, // open_gather - NULL, // get_iv + nullptr, // open_gather + nullptr, // get_iv aead_tls_tag_len, }; @@ -564,12 +567,12 @@ SHA_DIGEST_LENGTH, // max tag length 0, // seal_scatter_supports_extra_in - NULL, // init + nullptr, // init aead_des_ede3_cbc_sha1_tls_implicit_iv_init, aead_tls_cleanup, aead_tls_open, aead_tls_seal_scatter, - NULL, // open_gather + nullptr, // open_gather aead_tls_get_iv, // get_iv aead_tls_tag_len, };
diff --git a/crypto/cms/cms.cc b/crypto/cms/cms.cc index b2f1953..e7211e6 100644 --- a/crypto/cms/cms.cc +++ b/crypto/cms/cms.cc
@@ -66,7 +66,7 @@ // |CMS_sign| and OpenSSL interprets it as an alias for |CMS_PARTIAL| in this // context. if ((flags & (CMS_PARTIAL | CMS_STREAM)) == 0 && - !CMS_final(cms.get(), data, NULL, flags)) { + !CMS_final(cms.get(), data, nullptr, flags)) { return nullptr; }
diff --git a/crypto/compiler_test.cc b/crypto/compiler_test.cc index 04978d2..d703a71 100644 --- a/crypto/compiler_test.cc +++ b/crypto/compiler_test.cc
@@ -220,7 +220,7 @@ static uintptr_t aba(uintptr_t *a, void **b) { *a = (uintptr_t)1; - *b = NULL; + *b = nullptr; return *a; // 0 if a == b, 1 if a and b are disjoint }
diff --git a/crypto/conf/conf.cc b/crypto/conf/conf.cc index 9af2a87..63001d8 100644 --- a/crypto/conf/conf.cc +++ b/crypto/conf/conf.cc
@@ -59,20 +59,20 @@ } CONF *NCONF_new(void *method) { - if (method != NULL) { - return NULL; + if (method != nullptr) { + return nullptr; } CONF *conf = reinterpret_cast<CONF *>(OPENSSL_malloc(sizeof(CONF))); - if (conf == NULL) { - return NULL; + if (conf == nullptr) { + return nullptr; } conf->sections = lh_CONF_SECTION_new(conf_section_hash, conf_section_cmp); conf->values = lh_CONF_VALUE_new(conf_value_hash, conf_value_cmp); - if (conf->sections == NULL || conf->values == NULL) { + if (conf->sections == nullptr || conf->values == nullptr) { NCONF_free(conf); - return NULL; + return nullptr; } return conf; @@ -83,7 +83,7 @@ } static void value_free(CONF_VALUE *value) { - if (value == NULL) { + if (value == nullptr) { return; } OPENSSL_free(value->section); @@ -93,7 +93,7 @@ } static void section_free(CONF_SECTION *section) { - if (section == NULL) { + if (section == nullptr) { return; } OPENSSL_free(section->name); @@ -108,13 +108,13 @@ } void NCONF_free(CONF *conf) { - if (conf == NULL) { + if (conf == nullptr) { return; } - lh_CONF_SECTION_doall_arg(conf->sections, section_free_arg, NULL); + lh_CONF_SECTION_doall_arg(conf->sections, section_free_arg, nullptr); lh_CONF_SECTION_free(conf->sections); - lh_CONF_VALUE_doall_arg(conf->values, value_free_arg, NULL); + lh_CONF_VALUE_doall_arg(conf->values, value_free_arg, nullptr); lh_CONF_VALUE_free(conf->values); OPENSSL_free(conf); } @@ -123,11 +123,11 @@ CONF_SECTION *s = reinterpret_cast<CONF_SECTION *>(OPENSSL_malloc(sizeof(CONF_SECTION))); if (!s) { - return NULL; + return nullptr; } s->name = OPENSSL_strdup(section); s->values = sk_CONF_VALUE_new_null(); - if (s->name == NULL || s->values == NULL) { + if (s->name == nullptr || s->values == nullptr) { goto err; } @@ -140,7 +140,7 @@ err: section_free(s); - return NULL; + return nullptr; } static int is_comment(char c) { return c == '#'; } @@ -169,7 +169,7 @@ BUF_MEM *buf; buf = BUF_MEM_new(); - if (buf == NULL) { + if (buf == nullptr) { return 0; } @@ -244,8 +244,8 @@ const STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section) { const CONF_SECTION *section_obj = get_section(conf, section); - if (section_obj == NULL) { - return NULL; + if (section_obj == nullptr) { + return nullptr; } return section_obj->values; } @@ -254,7 +254,7 @@ const char *name) { CONF_VALUE templ, *value; - if (section == NULL) { + if (section == nullptr) { section = kDefaultSectionName; } @@ -262,8 +262,8 @@ templ.section = (char *)section; templ.name = (char *)name; value = lh_CONF_VALUE_retrieve(conf->values, &templ); - if (value == NULL) { - return NULL; + if (value == nullptr) { + return nullptr; } return value->value; } @@ -271,7 +271,7 @@ static int add_string(const CONF *conf, CONF_SECTION *section, CONF_VALUE *value) { value->section = OPENSSL_strdup(section->name); - if (value->section == NULL) { + if (value->section == nullptr) { return 0; } @@ -286,7 +286,7 @@ sk_CONF_VALUE_pop(section->values); return 0; } - if (old_value != NULL) { + if (old_value != nullptr) { (void)sk_CONF_VALUE_delete_ptr(section->values, old_value); value_free(old_value); } @@ -370,27 +370,27 @@ int NCONF_load_bio(CONF *conf, BIO *in, long *out_error_line) { static const size_t CONFBUFSIZE = 512; int bufnum = 0, i, ii; - BUF_MEM *buff = NULL; + BUF_MEM *buff = nullptr; char *s, *p, *end; int again; long eline = 0; - CONF_VALUE *v = NULL; - CONF_SECTION *sv = NULL; - char *section = NULL, *buf; + CONF_VALUE *v = nullptr; + CONF_SECTION *sv = nullptr; + char *section = nullptr, *buf; char *start, *psection, *pname; - if ((buff = BUF_MEM_new()) == NULL) { + if ((buff = BUF_MEM_new()) == nullptr) { OPENSSL_PUT_ERROR(CONF, ERR_R_BUF_LIB); goto err; } section = OPENSSL_strdup(kDefaultSectionName); - if (section == NULL) { + if (section == nullptr) { goto err; } sv = NCONF_new_section(conf, section); - if (sv == NULL) { + if (sv == nullptr) { OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -432,7 +432,7 @@ // i is the number of bytes bufnum += i; - v = NULL; + v = nullptr; // check for line continuation if (bufnum >= 1) { // If we have bytes and the last char '\\' and @@ -472,20 +472,20 @@ goto err; } *end = '\0'; - if (!str_copy(conf, NULL, §ion, start)) { + if (!str_copy(conf, nullptr, §ion, start)) { goto err; } - if ((sv = get_section(conf, section)) == NULL) { + if ((sv = get_section(conf, section)) == nullptr) { sv = NCONF_new_section(conf, section); } - if (sv == NULL) { + if (sv == nullptr) { OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } continue; } else { pname = s; - psection = NULL; + psection = nullptr; end = eat_name(s); if ((end[0] == ':') && (end[1] == ':')) { *end = '\0'; @@ -515,11 +515,11 @@ if (!(v = CONF_VALUE_new())) { goto err; } - if (psection == NULL) { + if (psection == nullptr) { psection = section; } v->name = OPENSSL_strdup(pname); - if (v->name == NULL) { + if (v->name == nullptr) { goto err; } if (!str_copy(conf, psection, &(v->value), start)) { @@ -528,10 +528,10 @@ CONF_SECTION *tv; if (strcmp(psection, section) != 0) { - if ((tv = get_section(conf, psection)) == NULL) { + if ((tv = get_section(conf, psection)) == nullptr) { tv = NCONF_new_section(conf, psection); } - if (tv == NULL) { + if (tv == nullptr) { OPENSSL_PUT_ERROR(CONF, CONF_R_UNABLE_TO_CREATE_NEW_SECTION); goto err; } @@ -541,7 +541,7 @@ if (add_string(conf, tv, v) == 0) { goto err; } - v = NULL; + v = nullptr; } } BUF_MEM_free(buff); @@ -551,7 +551,7 @@ err: BUF_MEM_free(buff); OPENSSL_free(section); - if (out_error_line != NULL) { + if (out_error_line != nullptr) { *out_error_line = eline; } ERR_add_error_dataf("line %ld", eline); @@ -563,7 +563,7 @@ BIO *in = BIO_new_file(filename, "rb"); int ret; - if (in == NULL) { + if (in == nullptr) { OPENSSL_PUT_ERROR(CONF, ERR_R_SYS_LIB); return 0; } @@ -580,7 +580,7 @@ int ret; const char *lstart, *tmpend, *p; - if (list == NULL) { + if (list == nullptr) { OPENSSL_PUT_ERROR(CONF, CONF_R_LIST_CANNOT_BE_NULL); return 0; } @@ -594,7 +594,7 @@ } p = strchr(lstart, sep); if (p == lstart || !*lstart) { - ret = list_cb(NULL, 0, arg); + ret = list_cb(nullptr, 0, arg); } else { if (p) { tmpend = p - 1; @@ -611,7 +611,7 @@ if (ret <= 0) { return ret; } - if (p == NULL) { + if (p == nullptr) { return 1; } lstart = p + 1;
diff --git a/crypto/curve25519/spake25519.cc b/crypto/curve25519/spake25519.cc index cf149bf..4421f9b 100644 --- a/crypto/curve25519/spake25519.cc +++ b/crypto/curve25519/spake25519.cc
@@ -280,8 +280,8 @@ size_t their_name_len) { SPAKE2_CTX *ctx = reinterpret_cast<SPAKE2_CTX *>(OPENSSL_zalloc(sizeof(SPAKE2_CTX))); - if (ctx == NULL) { - return NULL; + if (ctx == nullptr) { + return nullptr; } ctx->my_role = my_role; @@ -292,14 +292,14 @@ if (!CBS_stow(&my_name_cbs, &ctx->my_name, &ctx->my_name_len) || !CBS_stow(&their_name_cbs, &ctx->their_name, &ctx->their_name_len)) { SPAKE2_CTX_free(ctx); - return NULL; + return nullptr; } return ctx; } void SPAKE2_CTX_free(SPAKE2_CTX *ctx) { - if (ctx == NULL) { + if (ctx == nullptr) { return; }
diff --git a/crypto/dh/dh_asn1.cc b/crypto/dh/dh_asn1.cc index 8b1ec11..606b302 100644 --- a/crypto/dh/dh_asn1.cc +++ b/crypto/dh/dh_asn1.cc
@@ -26,16 +26,16 @@ static int parse_integer(CBS *cbs, BIGNUM **out) { - assert(*out == NULL); + assert(*out == nullptr); *out = BN_new(); - if (*out == NULL) { + if (*out == nullptr) { return 0; } return BN_parse_asn1_unsigned(cbs, *out); } static int marshal_integer(CBB *cbb, BIGNUM *bn) { - if (bn == NULL) { + if (bn == nullptr) { // A DH object may be missing some components. OPENSSL_PUT_ERROR(DH, ERR_R_PASSED_NULL_PARAMETER); return 0;
diff --git a/crypto/dh/dh_test.cc b/crypto/dh/dh_test.cc index bbd1d34..11a1ebc 100644 --- a/crypto/dh/dh_test.cc +++ b/crypto/dh/dh_test.cc
@@ -199,7 +199,7 @@ } static bool BIGNUMEqualsHex(const BIGNUM *bn, const char *hex) { - BIGNUM *hex_bn = NULL; + BIGNUM *hex_bn = nullptr; if (!BN_hex2bn(&hex_bn, hex)) { return false; } @@ -406,7 +406,7 @@ bssl::UniquePtr<DH> key2(DHparams_dup(key1.get())); ASSERT_TRUE(key2); bssl::UniquePtr<BIGNUM> priv_key(BN_dup(DH_get0_priv_key(key1.get()))); - ASSERT_TRUE(DH_set0_key(key2.get(), /*pub_key=*/NULL, priv_key.get())); + ASSERT_TRUE(DH_set0_key(key2.get(), /*pub_key=*/nullptr, priv_key.get())); priv_key.release(); // This time, calling |DH_generate_key| preserves the old key and recomputes
diff --git a/crypto/dh/params.cc b/crypto/dh/params.cc index 9c1e857..bb62428 100644 --- a/crypto/dh/params.cc +++ b/crypto/dh/params.cc
@@ -24,18 +24,18 @@ static BIGNUM *get_params(BIGNUM *ret, bssl::Span<const BN_ULONG> words) { - BIGNUM *alloc = NULL; - if (ret == NULL) { + BIGNUM *alloc = nullptr; + if (ret == nullptr) { alloc = BN_new(); - if (alloc == NULL) { - return NULL; + if (alloc == nullptr) { + return nullptr; } ret = alloc; } if (!bn_set_words(ret, words.data(), words.size())) { BN_free(alloc); - return NULL; + return nullptr; } return ret; @@ -306,16 +306,16 @@ } // Make sure |dh| has the necessary elements - if (dh->p == NULL) { + if (dh->p == nullptr) { dh->p = BN_new(); - if (dh->p == NULL) { + if (dh->p == nullptr) { OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); return 0; } } - if (dh->g == NULL) { + if (dh->g == nullptr) { dh->g = BN_new(); - if (dh->g == NULL) { + if (dh->g == nullptr) { OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB); return 0; } @@ -359,7 +359,7 @@ } static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src) { - BIGNUM *a = NULL; + BIGNUM *a = nullptr; if (src) { a = BN_dup(src); @@ -396,12 +396,12 @@ DH *DHparams_dup(const DH *dh) { DH *ret = DH_new(); if (!ret) { - return NULL; + return nullptr; } if (!int_dh_param_copy(ret, dh, -1)) { DH_free(ret); - return NULL; + return nullptr; } return ret;
diff --git a/crypto/digest/digest_extra.cc b/crypto/digest/digest_extra.cc index 345c94f..ea1709a 100644 --- a/crypto/digest/digest_extra.cc +++ b/crypto/digest/digest_extra.cc
@@ -54,7 +54,7 @@ // consumers so we retain it there. {NID_undef, EVP_sha1, SN_dsaWithSHA, LN_dsaWithSHA}, {NID_undef, EVP_sha1, SN_dsaWithSHA1, LN_dsaWithSHA1}, - {NID_undef, EVP_sha1, SN_ecdsa_with_SHA1, NULL}, + {NID_undef, EVP_sha1, SN_ecdsa_with_SHA1, nullptr}, {NID_undef, EVP_md5, SN_md5WithRSAEncryption, LN_md5WithRSAEncryption}, {NID_undef, EVP_sha1, SN_sha1WithRSAEncryption, LN_sha1WithRSAEncryption}, {NID_undef, EVP_sha224, SN_sha224WithRSAEncryption, @@ -70,7 +70,7 @@ const EVP_MD *EVP_get_digestbynid(int nid) { if (nid == NID_undef) { // Skip the |NID_undef| entries in |nid_to_digest_mapping|. - return NULL; + return nullptr; } for (const auto &mapping : nid_to_digest_mapping) { @@ -79,7 +79,7 @@ } } - return NULL; + return nullptr; } static const struct {
diff --git a/crypto/dsa/dsa.cc b/crypto/dsa/dsa.cc index c1dcd3b..f0af469 100644 --- a/crypto/dsa/dsa.cc +++ b/crypto/dsa/dsa.cc
@@ -47,8 +47,8 @@ DSA *DSA_new(void) { DSA *dsa = reinterpret_cast<DSA *>(OPENSSL_zalloc(sizeof(DSA))); - if (dsa == NULL) { - return NULL; + if (dsa == nullptr) { + return nullptr; } dsa->references = 1; @@ -58,7 +58,7 @@ } void DSA_free(DSA *dsa) { - if (dsa == NULL) { + if (dsa == nullptr) { return; } @@ -98,37 +98,37 @@ void DSA_get0_key(const DSA *dsa, const BIGNUM **out_pub_key, const BIGNUM **out_priv_key) { - if (out_pub_key != NULL) { + if (out_pub_key != nullptr) { *out_pub_key = dsa->pub_key; } - if (out_priv_key != NULL) { + if (out_priv_key != nullptr) { *out_priv_key = dsa->priv_key; } } void DSA_get0_pqg(const DSA *dsa, const BIGNUM **out_p, const BIGNUM **out_q, const BIGNUM **out_g) { - if (out_p != NULL) { + if (out_p != nullptr) { *out_p = dsa->p; } - if (out_q != NULL) { + if (out_q != nullptr) { *out_q = dsa->q; } - if (out_g != NULL) { + if (out_g != nullptr) { *out_g = dsa->g; } } int DSA_set0_key(DSA *dsa, BIGNUM *pub_key, BIGNUM *priv_key) { - if (dsa->pub_key == NULL && pub_key == NULL) { + if (dsa->pub_key == nullptr && pub_key == nullptr) { return 0; } - if (pub_key != NULL) { + if (pub_key != nullptr) { BN_free(dsa->pub_key); dsa->pub_key = pub_key; } - if (priv_key != NULL) { + if (priv_key != nullptr) { BN_free(dsa->priv_key); dsa->priv_key = priv_key; } @@ -137,28 +137,29 @@ } int DSA_set0_pqg(DSA *dsa, BIGNUM *p, BIGNUM *q, BIGNUM *g) { - if ((dsa->p == NULL && p == NULL) || (dsa->q == NULL && q == NULL) || - (dsa->g == NULL && g == NULL)) { + if ((dsa->p == nullptr && p == nullptr) || + (dsa->q == nullptr && q == nullptr) || + (dsa->g == nullptr && g == nullptr)) { return 0; } - if (p != NULL) { + if (p != nullptr) { BN_free(dsa->p); dsa->p = p; } - if (q != NULL) { + if (q != nullptr) { BN_free(dsa->q); dsa->q = q; } - if (g != NULL) { + if (g != nullptr) { BN_free(dsa->g); dsa->g = g; } BN_MONT_CTX_free(dsa->method_mont_p); - dsa->method_mont_p = NULL; + dsa->method_mont_p = nullptr; BN_MONT_CTX_free(dsa->method_mont_q); - dsa->method_mont_q = NULL; + dsa->method_mont_q = nullptr; return 1; } @@ -174,7 +175,7 @@ unsigned char md[SHA256_DIGEST_LENGTH]; unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH]; BIGNUM *r0, *W, *X, *c, *test; - BIGNUM *g = NULL, *q = NULL, *p = NULL; + BIGNUM *g = nullptr, *q = nullptr, *p = nullptr; int k, n = 0, m = 0; int counter = 0; int r = 0; @@ -190,7 +191,7 @@ bits = (bits + 63) / 64 * 64; - if (seed_in != NULL) { + if (seed_in != nullptr) { if (seed_len < qsize) { return 0; } @@ -216,7 +217,7 @@ p = BN_CTX_get(ctx.get()); test = BN_CTX_get(ctx.get()); - if (test == NULL || !BN_lshift(test, BN_value_one(), bits - 1)) { + if (test == nullptr || !BN_lshift(test, BN_value_one(), bits - 1)) { return 0; } @@ -228,7 +229,7 @@ return 0; } - int use_random_seed = (seed_in == NULL); + int use_random_seed = (seed_in == nullptr); if (use_random_seed) { if (!RAND_bytes(seed, qsize)) { return 0; @@ -237,7 +238,7 @@ CONSTTIME_DECLASSIFY(seed, qsize); } else { // If we come back through, use random seed next time. - seed_in = NULL; + seed_in = nullptr; } OPENSSL_memcpy(buf, seed, qsize); OPENSSL_memcpy(buf2, seed, qsize); @@ -250,8 +251,8 @@ } // step 2 - if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL) || - !EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL)) { + if (!EVP_Digest(seed, qsize, md, nullptr, evpmd, nullptr) || + !EVP_Digest(buf, qsize, buf2, nullptr, evpmd, nullptr)) { return 0; } for (size_t i = 0; i < qsize; i++) { @@ -306,7 +307,7 @@ } } - if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL)) { + if (!EVP_Digest(buf, qsize, md, nullptr, evpmd, nullptr)) { return 0; } @@ -358,7 +359,7 @@ // We now need to generate g // Set r0=(p-1)/q if (!BN_sub(test, p, BN_value_one()) || - !BN_div(r0, NULL, test, q, ctx.get())) { + !BN_div(r0, nullptr, test, q, ctx.get())) { return 0; } @@ -391,13 +392,13 @@ dsa->p = BN_dup(p); dsa->q = BN_dup(q); dsa->g = BN_dup(g); - if (dsa->p == NULL || dsa->q == NULL || dsa->g == NULL) { + if (dsa->p == nullptr || dsa->q == nullptr || dsa->g == nullptr) { return 0; } - if (out_counter != NULL) { + if (out_counter != nullptr) { *out_counter = counter; } - if (out_h != NULL) { + if (out_h != nullptr) { *out_h = h; } @@ -406,15 +407,15 @@ DSA *DSAparams_dup(const DSA *dsa) { DSA *ret = DSA_new(); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->p = BN_dup(dsa->p); ret->q = BN_dup(dsa->q); ret->g = BN_dup(dsa->g); - if (ret->p == NULL || ret->q == NULL || ret->g == NULL) { + if (ret->p == nullptr || ret->q == nullptr || ret->g == nullptr) { DSA_free(ret); - return NULL; + return nullptr; } return ret; } @@ -492,16 +493,16 @@ void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **out_r, const BIGNUM **out_s) { - if (out_r != NULL) { + if (out_r != nullptr) { *out_r = sig->r; } - if (out_s != NULL) { + if (out_s != nullptr) { *out_s = sig->s; } } int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) { - if (r == NULL || s == NULL) { + if (r == nullptr || s == nullptr) { return 0; } BN_free(sig->r); @@ -527,29 +528,29 @@ DSA_SIG *DSA_do_sign(const uint8_t *digest, size_t digest_len, const DSA *dsa) { if (!dsa_check_key(dsa)) { - return NULL; + return nullptr; } - if (dsa->priv_key == NULL) { + if (dsa->priv_key == nullptr) { OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); - return NULL; + return nullptr; } - BIGNUM *kinv = NULL, *r = NULL, *s = NULL; + BIGNUM *kinv = nullptr, *r = nullptr, *s = nullptr; BIGNUM m; BIGNUM xr; - BN_CTX *ctx = NULL; - DSA_SIG *ret = NULL; + BN_CTX *ctx = nullptr; + DSA_SIG *ret = nullptr; BN_init(&m); BN_init(&xr); s = BN_new(); { - if (s == NULL) { + if (s == nullptr) { goto err; } ctx = BN_CTX_new(); - if (ctx == NULL) { + if (ctx == nullptr) { goto err; } @@ -573,7 +574,7 @@ digest_len = BN_num_bytes(dsa->q); } - if (BN_bin2bn(digest, digest_len, &m) == NULL) { + if (BN_bin2bn(digest, digest_len, &m) == nullptr) { goto err; } @@ -612,7 +613,7 @@ } ret = DSA_SIG_new(); - if (ret == NULL) { + if (ret == nullptr) { goto err; } ret->r = r; @@ -620,7 +621,7 @@ } err: - if (ret == NULL) { + if (ret == nullptr) { OPENSSL_PUT_ERROR(DSA, ERR_R_BN_LIB); BN_free(r); BN_free(s); @@ -650,7 +651,7 @@ return 0; } - if (dsa->pub_key == NULL) { + if (dsa->pub_key == nullptr) { OPENSSL_PUT_ERROR(DSA, DSA_R_MISSING_PARAMETERS); return 0; } @@ -662,7 +663,7 @@ BN_init(&t1); BN_CTX *ctx = BN_CTX_new(); { - if (ctx == NULL) { + if (ctx == nullptr) { goto err; } @@ -703,7 +704,7 @@ digest_len = (q_bits >> 3); } - if (BN_bin2bn(digest, digest_len, &u1) == NULL) { + if (BN_bin2bn(digest, digest_len, &u1) == nullptr) { goto err; } @@ -752,7 +753,7 @@ DSA_SIG *s; s = DSA_do_sign(digest, digest_len, dsa); - if (s == NULL) { + if (s == nullptr) { *out_siglen = 0; return 0; } @@ -774,18 +775,18 @@ int DSA_check_signature(int *out_valid, const uint8_t *digest, size_t digest_len, const uint8_t *sig, size_t sig_len, const DSA *dsa) { - DSA_SIG *s = NULL; + DSA_SIG *s = nullptr; int ret = 0; - uint8_t *der = NULL; + uint8_t *der = nullptr; s = DSA_SIG_new(); { - if (s == NULL) { + if (s == nullptr) { goto err; } const uint8_t *sigp = sig; - if (d2i_DSA_SIG(&s, &sigp, sig_len) == NULL || sigp != sig + sig_len) { + if (d2i_DSA_SIG(&s, &sigp, sig_len) == nullptr || sigp != sig + sig_len) { goto err; } @@ -820,7 +821,7 @@ } int DSA_size(const DSA *dsa) { - if (dsa->q == NULL) { + if (dsa->q == nullptr) { return 0; } @@ -851,7 +852,7 @@ BN_init(&k); BIGNUM *r = BN_new(); BIGNUM *kinv = BN_new(); - if (r == NULL || kinv == NULL || + if (r == nullptr || kinv == nullptr || // Get random k !BN_rand_range_ex(&k, 1, dsa->q) || !BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p, @@ -884,11 +885,11 @@ BN_clear_free(*out_kinv); *out_kinv = kinv; - kinv = NULL; + kinv = nullptr; BN_clear_free(*out_r); *out_r = r; - r = NULL; + r = nullptr; ret = 1;
diff --git a/crypto/dsa/dsa_asn1.cc b/crypto/dsa/dsa_asn1.cc index 456c03b..b4ad573 100644 --- a/crypto/dsa/dsa_asn1.cc +++ b/crypto/dsa/dsa_asn1.cc
@@ -65,7 +65,7 @@ return 0; } - if (dsa->pub_key != NULL) { + if (dsa->pub_key != nullptr) { // The public key is also in the multiplicative group of |p|. if (BN_is_negative(dsa->pub_key) || BN_is_zero(dsa->pub_key) || BN_cmp(dsa->pub_key, dsa->p) >= 0) { @@ -74,7 +74,7 @@ } } - if (dsa->priv_key != NULL) { + if (dsa->priv_key != nullptr) { // The private key is a non-zero element of the scalar field, determined by // |q|. if (BN_is_negative(dsa->priv_key) || @@ -89,16 +89,16 @@ } static int parse_integer(CBS *cbs, BIGNUM **out) { - assert(*out == NULL); + assert(*out == nullptr); *out = BN_new(); - if (*out == NULL) { + if (*out == nullptr) { return 0; } return BN_parse_asn1_unsigned(cbs, *out); } static int marshal_integer(CBB *cbb, BIGNUM *bn) { - if (bn == NULL) { + if (bn == nullptr) { // A DSA object may be missing some components. OPENSSL_PUT_ERROR(DSA, ERR_R_PASSED_NULL_PARAMETER); return 0; @@ -108,8 +108,8 @@ DSA_SIG *DSA_SIG_parse(CBS *cbs) { DSA_SIG *ret = DSA_SIG_new(); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } CBS child; if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || @@ -118,7 +118,7 @@ CBS_len(&child) != 0) { OPENSSL_PUT_ERROR(DSA, DSA_R_DECODE_ERROR); DSA_SIG_free(ret); - return NULL; + return nullptr; } return ret; }
diff --git a/crypto/ec/ec_asn1.cc b/crypto/ec/ec_asn1.cc index c28da4a..d394584 100644 --- a/crypto/ec/ec_asn1.cc +++ b/crypto/ec/ec_asn1.cc
@@ -175,7 +175,7 @@ int EC_KEY_marshal_private_key(CBB *cbb, const EC_KEY *key, unsigned enc_flags) { - if (key == NULL || key->group == NULL || key->priv_key == NULL) { + if (key == nullptr || key->group == nullptr || key->priv_key == nullptr) { OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -202,7 +202,7 @@ } // TODO(fork): replace this flexibility with sensible default? - if (!(enc_flags & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) { + if (!(enc_flags & EC_PKEY_NO_PUBKEY) && key->pub_key != nullptr) { CBB child, public_key; if (!CBB_add_asn1(&ec_private_key, &child, kPublicKeyTag) || !CBB_add_asn1(&child, &public_key, CBS_ASN1_BITSTRING) || @@ -210,7 +210,7 @@ // encoded as a BIT STRING with bits ordered as in the DER encoding. !CBB_add_u8(&public_key, 0 /* padding */) || !EC_POINT_point2cbb(&public_key, key->group, key->pub_key, - key->conv_form, NULL) || + key->conv_form, nullptr) || !CBB_flush(&ec_private_key)) { OPENSSL_PUT_ERROR(EC, EC_R_ENCODE_ERROR); return 0; @@ -256,7 +256,7 @@ !CBS_get_asn1(&curve, &out->a, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&curve, &out->b, CBS_ASN1_OCTETSTRING) || // |curve| has an optional BIT STRING seed which we ignore. - !CBS_get_optional_asn1(&curve, NULL, NULL, CBS_ASN1_BITSTRING) || + !CBS_get_optional_asn1(&curve, nullptr, nullptr, CBS_ASN1_BITSTRING) || CBS_len(&curve) != 0 || !CBS_get_asn1(¶ms, &base, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(¶ms, &out->order, CBS_ASN1_INTEGER) || @@ -415,7 +415,7 @@ int EC_POINT_point2cbb(CBB *out, const EC_GROUP *group, const EC_POINT *point, point_conversion_form_t form, BN_CTX *ctx) { - size_t len = EC_POINT_point2oct(group, point, form, NULL, 0, ctx); + size_t len = EC_POINT_point2oct(group, point, form, nullptr, 0, ctx); if (len == 0) { return 0; } @@ -427,8 +427,8 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **out, const uint8_t **inp, long len) { // This function treats its |out| parameter differently from other |d2i| // functions. If supplied, take the group from |*out|. - const EC_GROUP *group = NULL; - if (out != NULL && *out != NULL) { + const EC_GROUP *group = nullptr; + if (out != nullptr && *out != nullptr) { group = EC_KEY_get0_group(*out); } @@ -449,7 +449,7 @@ } int i2d_ECPKParameters(const EC_GROUP *group, uint8_t **outp) { - if (group == NULL) { + if (group == nullptr) { OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return -1; } @@ -474,7 +474,7 @@ } int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) { - if (key == NULL || key->group == NULL) { + if (key == nullptr || key->group == nullptr) { OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return -1; } @@ -485,20 +485,20 @@ } EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) { - EC_KEY *ret = NULL; + EC_KEY *ret = nullptr; - if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) { + if (keyp == nullptr || *keyp == nullptr || (*keyp)->group == nullptr) { OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); - return NULL; + return nullptr; } ret = *keyp; - if (ret->pub_key == NULL && - (ret->pub_key = EC_POINT_new(ret->group)) == NULL) { - return NULL; + if (ret->pub_key == nullptr && + (ret->pub_key = EC_POINT_new(ret->group)) == nullptr) { + return nullptr; } - if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) { + if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, nullptr)) { OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); - return NULL; + return nullptr; } // save the point conversion form ret->conv_form = (point_conversion_form_t)(*inp[0] & ~0x01); @@ -507,7 +507,7 @@ } int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { - if (key == NULL) { + if (key == nullptr) { OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return 0; }
diff --git a/crypto/ec/ec_derive.cc b/crypto/ec/ec_derive.cc index 74fbfcc..6f6f786 100644 --- a/crypto/ec/ec_derive.cc +++ b/crypto/ec/ec_derive.cc
@@ -30,7 +30,7 @@ size_t secret_len) { #define EC_KEY_DERIVE_MAX_NAME_LEN 16 const char *name = EC_curve_nid2nist(EC_GROUP_get_curve_name(group)); - if (name == NULL || strlen(name) > EC_KEY_DERIVE_MAX_NAME_LEN) { + if (name == nullptr || strlen(name) > EC_KEY_DERIVE_MAX_NAME_LEN) { OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); return nullptr; }
diff --git a/crypto/ec/hash_to_curve.cc b/crypto/ec/hash_to_curve.cc index a046ca6..65481a5 100644 --- a/crypto/ec/hash_to_curve.cc +++ b/crypto/ec/hash_to_curve.cc
@@ -455,7 +455,7 @@ int EC_hash_to_curve_p256_xmd_sha256_sswu(const EC_GROUP *group, EC_POINT *out, const uint8_t *dst, size_t dst_len, const uint8_t *msg, size_t msg_len) { - if (EC_GROUP_cmp(group, out->group, NULL) != 0) { + if (EC_GROUP_cmp(group, out->group, nullptr) != 0) { OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; } @@ -488,7 +488,7 @@ int EC_hash_to_curve_p384_xmd_sha384_sswu(const EC_GROUP *group, EC_POINT *out, const uint8_t *dst, size_t dst_len, const uint8_t *msg, size_t msg_len) { - if (EC_GROUP_cmp(group, out->group, NULL) != 0) { + if (EC_GROUP_cmp(group, out->group, nullptr) != 0) { OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return 0; }
diff --git a/crypto/ecdh/ecdh.cc b/crypto/ecdh/ecdh.cc index 7305177..3d61e60 100644 --- a/crypto/ecdh/ecdh.cc +++ b/crypto/ecdh/ecdh.cc
@@ -30,13 +30,13 @@ const EC_KEY *priv_key, void *(*kdf)(const void *in, size_t inlen, void *out, size_t *out_len)) { - if (priv_key->priv_key == NULL) { + if (priv_key->priv_key == nullptr) { OPENSSL_PUT_ERROR(ECDH, ECDH_R_NO_PRIVATE_VALUE); return -1; } const EC_SCALAR *const priv = &priv_key->priv_key->scalar; const EC_GROUP *const group = EC_KEY_get0_group(priv_key); - if (EC_GROUP_cmp(group, pub_key->group, NULL) != 0) { + if (EC_GROUP_cmp(group, pub_key->group, nullptr) != 0) { OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); return -1; } @@ -51,8 +51,8 @@ return -1; } - if (kdf != NULL) { - if (kdf(buf, buf_len, out, &out_len) == NULL) { + if (kdf != nullptr) { + if (kdf(buf, buf_len, out, &out_len) == nullptr) { OPENSSL_PUT_ERROR(ECDH, ECDH_R_KDF_FAILED); return -1; }
diff --git a/crypto/ecdsa/ecdsa_asn1.cc b/crypto/ecdsa/ecdsa_asn1.cc index cf932fb..98fa520 100644 --- a/crypto/ecdsa/ecdsa_asn1.cc +++ b/crypto/ecdsa/ecdsa_asn1.cc
@@ -31,20 +31,20 @@ static ECDSA_SIG *ecdsa_sig_from_fixed(const EC_KEY *key, const uint8_t *in, size_t len) { const EC_GROUP *group = EC_KEY_get0_group(key); - if (group == NULL) { + if (group == nullptr) { OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); - return NULL; + return nullptr; } size_t scalar_len = BN_num_bytes(EC_GROUP_get0_order(group)); if (len != 2 * scalar_len) { OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); - return NULL; + return nullptr; } ECDSA_SIG *ret = ECDSA_SIG_new(); - if (ret == NULL || !BN_bin2bn(in, scalar_len, ret->r) || + if (ret == nullptr || !BN_bin2bn(in, scalar_len, ret->r) || !BN_bin2bn(in + scalar_len, scalar_len, ret->s)) { ECDSA_SIG_free(ret); - return NULL; + return nullptr; } return ret; } @@ -52,7 +52,7 @@ static int ecdsa_sig_to_fixed(const EC_KEY *key, uint8_t *out, size_t *out_len, size_t max_out, const ECDSA_SIG *sig) { const EC_GROUP *group = EC_KEY_get0_group(key); - if (group == NULL) { + if (group == nullptr) { OPENSSL_PUT_ERROR(ECDSA, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -138,12 +138,12 @@ size_t ECDSA_size(const EC_KEY *key) { - if (key == NULL) { + if (key == nullptr) { return 0; } const EC_GROUP *group = EC_KEY_get0_group(key); - if (group == NULL) { + if (group == nullptr) { return 0; } @@ -154,20 +154,20 @@ ECDSA_SIG *ECDSA_SIG_new(void) { ECDSA_SIG *sig = reinterpret_cast<ECDSA_SIG *>(OPENSSL_malloc(sizeof(ECDSA_SIG))); - if (sig == NULL) { - return NULL; + if (sig == nullptr) { + return nullptr; } sig->r = BN_new(); sig->s = BN_new(); - if (sig->r == NULL || sig->s == NULL) { + if (sig->r == nullptr || sig->s == nullptr) { ECDSA_SIG_free(sig); - return NULL; + return nullptr; } return sig; } void ECDSA_SIG_free(ECDSA_SIG *sig) { - if (sig == NULL) { + if (sig == nullptr) { return; } @@ -182,16 +182,16 @@ void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **out_r, const BIGNUM **out_s) { - if (out_r != NULL) { + if (out_r != nullptr) { *out_r = sig->r; } - if (out_s != NULL) { + if (out_s != nullptr) { *out_s = sig->s; } } int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s) { - if (r == NULL || s == NULL) { + if (r == nullptr || s == nullptr) { return 0; } BN_free(sig->r); @@ -219,7 +219,7 @@ if (!ecdsa_sign_fixed_with_nonce_for_known_answer_test( digest, digest_len, sig, &sig_len, sizeof(sig), eckey, nonce, nonce_len)) { - return NULL; + return nullptr; } return ecdsa_sig_from_fixed(eckey, sig, sig_len); @@ -231,7 +231,7 @@ size_t sig_len; if (!ecdsa_sign_fixed(digest, digest_len, sig, &sig_len, sizeof(sig), eckey)) { - return NULL; + return nullptr; } return ecdsa_sig_from_fixed(eckey, sig, sig_len); @@ -239,8 +239,8 @@ ECDSA_SIG *ECDSA_SIG_parse(CBS *cbs) { ECDSA_SIG *ret = ECDSA_SIG_new(); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } CBS child; if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || @@ -248,7 +248,7 @@ !BN_parse_asn1_unsigned(&child, ret->s) || CBS_len(&child) != 0) { OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); ECDSA_SIG_free(ret); - return NULL; + return nullptr; } return ret; } @@ -257,10 +257,10 @@ CBS cbs; CBS_init(&cbs, in, in_len); ECDSA_SIG *ret = ECDSA_SIG_parse(&cbs); - if (ret == NULL || CBS_len(&cbs) != 0) { + if (ret == nullptr || CBS_len(&cbs) != 0) { OPENSSL_PUT_ERROR(ECDSA, ECDSA_R_BAD_SIGNATURE); ECDSA_SIG_free(ret); - return NULL; + return nullptr; } return ret; }
diff --git a/crypto/ecdsa/ecdsa_p1363.cc b/crypto/ecdsa/ecdsa_p1363.cc index 3617468..2913df3 100644 --- a/crypto/ecdsa/ecdsa_p1363.cc +++ b/crypto/ecdsa/ecdsa_p1363.cc
@@ -38,12 +38,12 @@ } size_t ECDSA_size_p1363(const EC_KEY *key) { - if (key == NULL) { + if (key == nullptr) { return 0; } const EC_GROUP *group = EC_KEY_get0_group(key); - if (group == NULL) { + if (group == nullptr) { return 0; }
diff --git a/crypto/engine/engine.cc b/crypto/engine/engine.cc index 3f207ba..06b3692 100644 --- a/crypto/engine/engine.cc +++ b/crypto/engine/engine.cc
@@ -85,7 +85,7 @@ struct openssl_method_common_st *method = reinterpret_cast<openssl_method_common_st *>(method_in); - if (method == NULL) { + if (method == nullptr) { return; } assert(method->is_static);
diff --git a/crypto/err/err.cc b/crypto/err/err.cc index 64caf27..ab7bf56 100644 --- a/crypto/err/err.cc +++ b/crypto/err/err.cc
@@ -74,7 +74,7 @@ // glibc and musl gate it on a feature macro. Reimplementing it is easier. size_t len = strlen(str); char *ret = reinterpret_cast<char *>(malloc(len + 1)); - if (ret != NULL) { + if (ret != nullptr) { memcpy(ret, str, len + 1); } return ret; @@ -89,7 +89,7 @@ static void err_copy(struct err_error_st *dst, const struct err_error_st *src) { err_clear(dst); dst->file = src->file; - if (src->data != NULL) { + if (src->data != nullptr) { // We can't use OPENSSL_strdup because we don't want to call OPENSSL_malloc, // which can affect the error stack. dst->data = strdup_libc_malloc(src->data); @@ -109,7 +109,7 @@ static void err_state_free(void *statep) { ERR_STATE *state = reinterpret_cast<ERR_STATE *>(statep); - if (state == NULL) { + if (state == nullptr) { return; } @@ -124,15 +124,15 @@ static ERR_STATE *err_get_state(void) { ERR_STATE *state = reinterpret_cast<ERR_STATE *>( CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_ERR)); - if (state == NULL) { + if (state == nullptr) { state = reinterpret_cast<ERR_STATE *>(malloc(sizeof(ERR_STATE))); - if (state == NULL) { - return NULL; + if (state == nullptr) { + return nullptr; } OPENSSL_memset(state, 0, sizeof(ERR_STATE)); if (!CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_ERR, state, err_state_free)) { - return NULL; + return nullptr; } } @@ -147,7 +147,7 @@ uint32_t ret; state = err_get_state(); - if (state == NULL || state->bottom == state->top) { + if (state == nullptr || state->bottom == state->top) { return 0; } @@ -162,8 +162,8 @@ error = &state->errors[i]; ret = error->packed; - if (file != NULL && line != NULL) { - if (error->file == NULL) { + if (file != nullptr && line != nullptr) { + if (error->file == nullptr) { *file = "NA"; *line = 0; } else { @@ -172,15 +172,15 @@ } } - if (data != NULL) { - if (error->data == NULL) { + if (data != nullptr) { + if (error->data == nullptr) { *data = ""; - if (flags != NULL) { + if (flags != nullptr) { *flags = 0; } } else { *data = error->data; - if (flags != NULL) { + if (flags != nullptr) { // Without |ERR_FLAG_MALLOCED|, rust-openssl assumes the string has a // static lifetime. In both cases, we retain ownership of the string, // and the caller is not expected to free it. @@ -192,11 +192,11 @@ // ownership and retains it until the next call that affects the // error queue. if (inc) { - if (error->data != NULL) { + if (error->data != nullptr) { free(state->to_free); state->to_free = error->data; } - error->data = NULL; + error->data = nullptr; } } } @@ -211,11 +211,13 @@ } uint32_t ERR_get_error(void) { - return get_error_values(1 /* inc */, 0 /* bottom */, NULL, NULL, NULL, NULL); + return get_error_values(1 /* inc */, 0 /* bottom */, nullptr, nullptr, + nullptr, nullptr); } uint32_t ERR_get_error_line(const char **file, int *line) { - return get_error_values(1 /* inc */, 0 /* bottom */, file, line, NULL, NULL); + return get_error_values(1 /* inc */, 0 /* bottom */, file, line, nullptr, + nullptr); } uint32_t ERR_get_error_line_data(const char **file, int *line, @@ -224,11 +226,13 @@ } uint32_t ERR_peek_error(void) { - return get_error_values(0 /* peek */, 0 /* bottom */, NULL, NULL, NULL, NULL); + return get_error_values(0 /* peek */, 0 /* bottom */, nullptr, nullptr, + nullptr, nullptr); } uint32_t ERR_peek_error_line(const char **file, int *line) { - return get_error_values(0 /* peek */, 0 /* bottom */, file, line, NULL, NULL); + return get_error_values(0 /* peek */, 0 /* bottom */, file, line, nullptr, + nullptr); } uint32_t ERR_peek_error_line_data(const char **file, int *line, @@ -238,11 +242,13 @@ } uint32_t ERR_peek_last_error(void) { - return get_error_values(0 /* peek */, 1 /* top */, NULL, NULL, NULL, NULL); + return get_error_values(0 /* peek */, 1 /* top */, nullptr, nullptr, nullptr, + nullptr); } uint32_t ERR_peek_last_error_line(const char **file, int *line) { - return get_error_values(0 /* peek */, 1 /* top */, file, line, NULL, NULL); + return get_error_values(0 /* peek */, 1 /* top */, file, line, nullptr, + nullptr); } uint32_t ERR_peek_last_error_line_data(const char **file, int *line, @@ -254,7 +260,7 @@ ERR_STATE *const state = err_get_state(); unsigned i; - if (state == NULL) { + if (state == nullptr) { return; } @@ -262,13 +268,13 @@ err_clear(&state->errors[i]); } free(state->to_free); - state->to_free = NULL; + state->to_free = nullptr; state->top = state->bottom = 0; } void ERR_remove_thread_state(const CRYPTO_THREADID *tid) { - if (tid != NULL) { + if (tid != nullptr) { assert(0); return; } @@ -324,13 +330,13 @@ // Values are sorted based on treating the |lib| and |key| part as an // unsigned integer. if (lib >= (1 << 6) || key >= (1 << 11)) { - return NULL; + return nullptr; } uint32_t search_key = lib << 26 | key << 15; const uint32_t *result = reinterpret_cast<const uint32_t *>(bsearch( &search_key, values, num_values, sizeof(uint32_t), err_string_cmp)); - if (result == NULL) { - return NULL; + if (result == nullptr) { + return nullptr; } return &string_data[(*result) & 0x7fff]; @@ -345,7 +351,7 @@ } // namespace static const LIBRARY_NAME kLibraryNames[ERR_NUM_LIBS] = { - {"invalid library (0)", NULL, NULL}, + {"invalid library (0)", nullptr, nullptr}, {"unknown library", "NONE", "NONE_LIB"}, {"system library", "SYS", "SYS_LIB"}, {"bignum routines", "BN", "BN_LIB"}, @@ -383,17 +389,17 @@ static const char *err_lib_error_string(uint32_t packed_error) { const uint32_t lib = ERR_GET_LIB(packed_error); - return lib >= ERR_NUM_LIBS ? NULL : kLibraryNames[lib].str; + return lib >= ERR_NUM_LIBS ? nullptr : kLibraryNames[lib].str; } const char *ERR_lib_error_string(uint32_t packed_error) { const char *ret = err_lib_error_string(packed_error); - return ret == NULL ? "unknown library" : ret; + return ret == nullptr ? "unknown library" : ret; } const char *ERR_lib_symbol_name(uint32_t packed_error) { const uint32_t lib = ERR_GET_LIB(packed_error); - return lib >= ERR_NUM_LIBS ? NULL : kLibraryNames[lib].symbol; + return lib >= ERR_NUM_LIBS ? nullptr : kLibraryNames[lib].symbol; } const char *ERR_func_error_string(uint32_t packed_error) { @@ -408,7 +414,7 @@ if (!symbol && reason < 127) { return strerror(reason); } - return NULL; + return nullptr; } if (reason < ERR_NUM_LIBS) { @@ -433,7 +439,7 @@ case ERR_R_OVERFLOW: return symbol ? "OVERFLOW" : "overflow"; default: - return NULL; + return nullptr; } } @@ -445,7 +451,7 @@ const char *ERR_reason_error_string(uint32_t packed_error) { const char *ret = err_reason_error_string(packed_error, /*symbol=*/0); - return ret == NULL ? "unknown error" : ret; + return ret == nullptr ? "unknown error" : ret; } const char *ERR_reason_symbol_name(uint32_t packed_error) { @@ -455,7 +461,7 @@ char *ERR_error_string(uint32_t packed_error, char *ret) { static char buf[ERR_ERROR_STRING_BUF_LEN]; - if (ret == NULL) { + if (ret == nullptr) { // TODO(fork): remove this. ret = buf; } @@ -471,7 +477,7 @@ char *ERR_error_string_n(uint32_t packed_error, char *buf, size_t len) { if (len == 0) { - return NULL; + return nullptr; } unsigned lib = ERR_GET_LIB(packed_error); @@ -481,12 +487,12 @@ const char *reason_str = err_reason_error_string(packed_error, /*symbol=*/0); char lib_buf[32], reason_buf[32]; - if (lib_str == NULL) { + if (lib_str == nullptr) { snprintf(lib_buf, sizeof(lib_buf), "lib(%u)", lib); lib_str = lib_buf; } - if (reason_str == NULL) { + if (reason_str == nullptr) { snprintf(reason_buf, sizeof(reason_buf), "reason(%u)", reason); reason_str = reason_buf; } @@ -510,7 +516,7 @@ char *colon = strchr(s, ':'); char *last_pos = &buf[len - 1] - num_colons + i; - if (colon == NULL || colon > last_pos) { + if (colon == nullptr || colon > last_pos) { // set colon |i| at last possible position (buf[len-1] is the // terminating 0). If we're setting this colon, then all whole of the // rest of the string must be colons in order to have the correct @@ -568,7 +574,7 @@ ERR_STATE *const state = err_get_state(); struct err_error_st *error; - if (state == NULL || state->top == state->bottom) { + if (state == nullptr || state->top == state->bottom) { free(data); return; } @@ -584,7 +590,7 @@ ERR_STATE *const state = err_get_state(); struct err_error_st *error; - if (state == NULL) { + if (state == nullptr) { return; } @@ -620,7 +626,7 @@ va_copy(args_copy, args); for (size_t i = 0; i < num; i++) { substr = va_arg(args_copy, const char *); - if (substr == NULL) { + if (substr == nullptr) { continue; } size_t substr_len = strlen(substr); @@ -634,13 +640,13 @@ return; // Would overflow. } total_size += 1; // NUL terminator. - if ((buf = reinterpret_cast<char *>(malloc(total_size))) == NULL) { + if ((buf = reinterpret_cast<char *>(malloc(total_size))) == nullptr) { return; } buf[0] = '\0'; for (size_t i = 0; i < num; i++) { substr = va_arg(args, const char *); - if (substr == NULL) { + if (substr == nullptr) { continue; } if (OPENSSL_strlcat(buf, substr, total_size) >= total_size) { @@ -658,7 +664,7 @@ } void ERR_add_error_dataf(const char *format, ...) { - char *buf = NULL; + char *buf = nullptr; va_list ap; va_start(ap, format); @@ -679,7 +685,7 @@ // We can not use OPENSSL_strdup because we don't want to call OPENSSL_malloc, // which can affect the error stack. char *copy = strdup_libc_malloc(data); - if (copy != NULL) { + if (copy != nullptr) { err_set_error_data(copy); } if (flags & ERR_FLAG_MALLOCED) { @@ -692,7 +698,7 @@ int ERR_set_mark(void) { ERR_STATE *const state = err_get_state(); - if (state == NULL || state->bottom == state->top) { + if (state == nullptr || state->bottom == state->top) { return 0; } state->errors[state->top].mark = 1; @@ -702,7 +708,7 @@ int ERR_pop_to_mark(void) { ERR_STATE *const state = err_get_state(); - if (state == NULL) { + if (state == nullptr) { return 0; } @@ -741,7 +747,7 @@ }; void ERR_SAVE_STATE_free(ERR_SAVE_STATE *state) { - if (state == NULL) { + if (state == nullptr) { return; } for (size_t i = 0; i < state->num_errors; i++) { @@ -753,14 +759,14 @@ ERR_SAVE_STATE *ERR_save_state(void) { ERR_STATE *const state = err_get_state(); - if (state == NULL || state->top == state->bottom) { - return NULL; + if (state == nullptr || state->top == state->bottom) { + return nullptr; } ERR_SAVE_STATE *ret = reinterpret_cast<ERR_SAVE_STATE *>(malloc(sizeof(ERR_SAVE_STATE))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } // Errors are stored in the range (bottom, top]. @@ -770,9 +776,9 @@ assert(num_errors < ERR_NUM_ERRORS); ret->errors = reinterpret_cast<err_error_st *>( malloc(num_errors * sizeof(struct err_error_st))); - if (ret->errors == NULL) { + if (ret->errors == nullptr) { free(ret); - return NULL; + return nullptr; } OPENSSL_memset(ret->errors, 0, num_errors * sizeof(struct err_error_st)); ret->num_errors = num_errors; @@ -785,7 +791,7 @@ } void ERR_restore_state(const ERR_SAVE_STATE *state) { - if (state == NULL || state->num_errors == 0) { + if (state == nullptr || state->num_errors == 0) { ERR_clear_error(); return; } @@ -795,7 +801,7 @@ } ERR_STATE *const dst = err_get_state(); - if (dst == NULL) { + if (dst == nullptr) { return; }
diff --git a/crypto/err/err_test.cc b/crypto/err/err_test.cc index d62d07f..77e9c9f 100644 --- a/crypto/err/err_test.cc +++ b/crypto/err/err_test.cc
@@ -112,7 +112,7 @@ TEST(ErrTest, Release) { ERR_put_error(1, 0 /* unused */, 2, "test", 4); - ERR_remove_thread_state(NULL); + ERR_remove_thread_state(nullptr); // The error queue should be cleared. EXPECT_EQ(0u, ERR_get_error());
diff --git a/crypto/evp/evp.cc b/crypto/evp/evp.cc index 7f11ca8..3376b6a 100644 --- a/crypto/evp/evp.cc +++ b/crypto/evp/evp.cc
@@ -37,8 +37,8 @@ EVP_PKEY *EVP_PKEY_new(void) { EVP_PKEY *ret = reinterpret_cast<EVP_PKEY *>(OPENSSL_zalloc(sizeof(EVP_PKEY))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->references = 1; @@ -46,7 +46,7 @@ } void EVP_PKEY_free(EVP_PKEY *pkey) { - if (pkey == NULL) { + if (pkey == nullptr) { return; } @@ -274,7 +274,7 @@ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, uint8_t *out, size_t *out_len) { - if (pkey->ameth->get_priv_raw == NULL) { + if (pkey->ameth->get_priv_raw == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -284,7 +284,7 @@ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, uint8_t *out, size_t *out_len) { - if (pkey->ameth->get_pub_raw == NULL) { + if (pkey->ameth->get_pub_raw == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -320,7 +320,7 @@ // rather than reading |pkey->pkey| directly. This avoids problems if our // internal representation does not match the type the caller expects from // OpenSSL. - return NULL; + return nullptr; } void OpenSSL_add_all_algorithms(void) {} @@ -335,7 +335,7 @@ int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, const uint8_t *in, size_t len) { - if (pkey->ameth->set1_tls_encodedpoint == NULL) { + if (pkey->ameth->set1_tls_encodedpoint == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -344,7 +344,7 @@ } size_t EVP_PKEY_get1_tls_encodedpoint(const EVP_PKEY *pkey, uint8_t **out_ptr) { - if (pkey->ameth->get1_tls_encodedpoint == NULL) { + if (pkey->ameth->get1_tls_encodedpoint == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; }
diff --git a/crypto/evp/evp_asn1.cc b/crypto/evp/evp_asn1.cc index 21f62bf..4bd8524 100644 --- a/crypto/evp/evp_asn1.cc +++ b/crypto/evp/evp_asn1.cc
@@ -81,7 +81,7 @@ } int EVP_marshal_public_key(CBB *cbb, const EVP_PKEY *key) { - if (key->ameth == NULL || key->ameth->pub_encode == NULL) { + if (key->ameth == nullptr || key->ameth->pub_encode == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); return 0; } @@ -133,7 +133,7 @@ } int EVP_marshal_private_key(CBB *cbb, const EVP_PKEY *key) { - if (key->ameth == NULL || key->ameth->priv_encode == NULL) { + if (key->ameth == nullptr || key->ameth->priv_encode == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); return 0; } @@ -238,7 +238,7 @@ size_t count = 0; while (CBS_len(&sequence) > 0) { - if (!CBS_get_any_asn1_element(&sequence, NULL, NULL, NULL)) { + if (!CBS_get_any_asn1_element(&sequence, nullptr, nullptr, nullptr)) { return 0; } @@ -251,15 +251,15 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **out, const uint8_t **inp, long len) { if (len < 0) { OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); - return NULL; + return nullptr; } // Parse the input as a PKCS#8 PrivateKeyInfo. CBS cbs; CBS_init(&cbs, *inp, (size_t)len); EVP_PKEY *ret = EVP_parse_private_key(&cbs); - if (ret != NULL) { - if (out != NULL) { + if (ret != nullptr) { + if (out != nullptr) { EVP_PKEY_free(*out); *out = ret; } @@ -416,7 +416,7 @@ } int i2d_EC_PUBKEY(const EC_KEY *ec_key, uint8_t **outp) { - if (ec_key == NULL) { + if (ec_key == nullptr) { return 0; }
diff --git a/crypto/evp/evp_ctx.cc b/crypto/evp/evp_ctx.cc index 53c8b8d..9be71d9 100644 --- a/crypto/evp/evp_ctx.cc +++ b/crypto/evp/evp_ctx.cc
@@ -63,16 +63,16 @@ } EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e) { - if (pkey == NULL || pkey->ameth == NULL) { + if (pkey == nullptr || pkey->ameth == nullptr) { OPENSSL_PUT_ERROR(EVP, ERR_R_PASSED_NULL_PARAMETER); - return NULL; + return nullptr; } const EVP_PKEY_CTX_METHOD *pkey_method = pkey->ameth->pkey_method; - if (pkey_method == NULL) { + if (pkey_method == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); ERR_add_error_dataf("algorithm %d", pkey->ameth->pkey_id); - return NULL; + return nullptr; } return evp_pkey_ctx_new(pkey, pkey_method); @@ -80,13 +80,13 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e) { const EVP_PKEY_CTX_METHOD *pkey_method = evp_pkey_meth_find(id); - if (pkey_method == NULL) { + if (pkey_method == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_UNSUPPORTED_ALGORITHM); ERR_add_error_dataf("algorithm %d", id); - return NULL; + return nullptr; } - return evp_pkey_ctx_new(NULL, pkey_method); + return evp_pkey_ctx_new(nullptr, pkey_method); } evp_pkey_ctx_st::~evp_pkey_ctx_st() { @@ -147,8 +147,8 @@ } int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx) { - if (ctx == NULL || ctx->pmeth == NULL || - (ctx->pmeth->sign == NULL && ctx->pmeth->sign_message == NULL)) { + if (ctx == nullptr || ctx->pmeth == nullptr || + (ctx->pmeth->sign == nullptr && ctx->pmeth->sign_message == nullptr)) { OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -171,8 +171,9 @@ } int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx) { - if (ctx == NULL || ctx->pmeth == NULL || - (ctx->pmeth->verify == NULL && ctx->pmeth->verify_message == NULL)) { + if (ctx == nullptr || ctx->pmeth == nullptr || + (ctx->pmeth->verify == nullptr && + ctx->pmeth->verify_message == nullptr)) { OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } @@ -369,7 +370,7 @@ if (!ctx->pmeth->keygen(ctx, *out_pkey)) { EVP_PKEY_free(*out_pkey); - *out_pkey = NULL; + *out_pkey = nullptr; return 0; } return 1; @@ -408,7 +409,7 @@ if (!ctx->pmeth->paramgen(ctx, *out_pkey)) { EVP_PKEY_free(*out_pkey); - *out_pkey = NULL; + *out_pkey = nullptr; return 0; } return 1;
diff --git a/crypto/evp/evp_extra_test.cc b/crypto/evp/evp_extra_test.cc index 0372570..fdc96ab 100644 --- a/crypto/evp/evp_extra_test.cc +++ b/crypto/evp/evp_extra_test.cc
@@ -382,13 +382,13 @@ bssl::UniquePtr<EVP_PKEY> pkey = LoadExampleRSAKey(); ASSERT_TRUE(pkey); bssl::ScopedEVP_MD_CTX md_ctx; - ASSERT_TRUE( - EVP_DigestSignInit(md_ctx.get(), NULL, EVP_sha256(), NULL, pkey.get())); + ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), nullptr, EVP_sha256(), nullptr, + pkey.get())); ASSERT_TRUE(EVP_DigestSignUpdate(md_ctx.get(), kMsg, sizeof(kMsg))); // Determine the size of the signature. size_t sig_len = 0; - ASSERT_TRUE(EVP_DigestSignFinal(md_ctx.get(), NULL, &sig_len)); + ASSERT_TRUE(EVP_DigestSignFinal(md_ctx.get(), nullptr, &sig_len)); // Sanity check for testing. EXPECT_EQ(static_cast<size_t>(EVP_PKEY_size(pkey.get())), sig_len); @@ -400,8 +400,8 @@ // Ensure that the signature round-trips. md_ctx.Reset(); - ASSERT_TRUE( - EVP_DigestVerifyInit(md_ctx.get(), NULL, EVP_sha256(), NULL, pkey.get())); + ASSERT_TRUE(EVP_DigestVerifyInit(md_ctx.get(), nullptr, EVP_sha256(), nullptr, + pkey.get())); ASSERT_TRUE(EVP_DigestVerifyUpdate(md_ctx.get(), kMsg, sizeof(kMsg))); ASSERT_TRUE(EVP_DigestVerifyFinal(md_ctx.get(), sig.data(), sig_len)); } @@ -410,8 +410,8 @@ bssl::UniquePtr<EVP_PKEY> pkey = LoadExampleRSAKey(); bssl::ScopedEVP_MD_CTX md_ctx; ASSERT_TRUE(pkey); - ASSERT_TRUE( - EVP_DigestVerifyInit(md_ctx.get(), NULL, EVP_sha256(), NULL, pkey.get())); + ASSERT_TRUE(EVP_DigestVerifyInit(md_ctx.get(), nullptr, EVP_sha256(), nullptr, + pkey.get())); ASSERT_TRUE(EVP_DigestVerifyUpdate(md_ctx.get(), kMsg, sizeof(kMsg))); ASSERT_TRUE( EVP_DigestVerifyFinal(md_ctx.get(), kSignature, sizeof(kSignature))); @@ -457,7 +457,7 @@ static void TestValidPrivateKey(const uint8_t *input, size_t input_len, int expected_id) { const uint8_t *p = input; - bssl::UniquePtr<EVP_PKEY> pkey(d2i_AutoPrivateKey(NULL, &p, input_len)); + bssl::UniquePtr<EVP_PKEY> pkey(d2i_AutoPrivateKey(nullptr, &p, input_len)); ASSERT_TRUE(pkey); EXPECT_EQ(input + input_len, p); EXPECT_EQ(expected_id, EVP_PKEY_id(pkey.get())); @@ -478,7 +478,7 @@ const uint8_t *p = kInvalidPrivateKey; bssl::UniquePtr<EVP_PKEY> pkey( - d2i_AutoPrivateKey(NULL, &p, sizeof(kInvalidPrivateKey))); + d2i_AutoPrivateKey(nullptr, &p, sizeof(kInvalidPrivateKey))); EXPECT_FALSE(pkey) << "Parsed invalid private key"; ERR_clear_error(); } @@ -630,7 +630,7 @@ TEST(EVPExtraTest, BadECKey) { const uint8_t *derp = kExampleBadECKeyDER; bssl::UniquePtr<PKCS8_PRIV_KEY_INFO> p8inf( - d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, sizeof(kExampleBadECKeyDER))); + d2i_PKCS8_PRIV_KEY_INFO(nullptr, &derp, sizeof(kExampleBadECKeyDER))); ASSERT_TRUE(p8inf); EXPECT_EQ(kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER), derp);
diff --git a/crypto/evp/p_dh.cc b/crypto/evp/p_dh.cc index 3cc877b..2308c88 100644 --- a/crypto/evp/p_dh.cc +++ b/crypto/evp/p_dh.cc
@@ -32,7 +32,7 @@ static int pkey_dh_init(EVP_PKEY_CTX *ctx) { DH_PKEY_CTX *dctx = reinterpret_cast<DH_PKEY_CTX *>(OPENSSL_zalloc(sizeof(DH_PKEY_CTX))); - if (dctx == NULL) { + if (dctx == nullptr) { return 0; } @@ -53,17 +53,18 @@ static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx) { OPENSSL_free(ctx->data); - ctx->data = NULL; + ctx->data = nullptr; } static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { DH *dh = DH_new(); - if (dh == NULL || !EVP_PKEY_assign_DH(pkey, dh)) { + if (dh == nullptr || !EVP_PKEY_assign_DH(pkey, dh)) { DH_free(dh); return 0; } - if (ctx->pkey != NULL && !EVP_PKEY_copy_parameters(pkey, ctx->pkey.get())) { + if (ctx->pkey != nullptr && + !EVP_PKEY_copy_parameters(pkey, ctx->pkey.get())) { return 0; } @@ -72,25 +73,25 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len) { DH_PKEY_CTX *dctx = reinterpret_cast<DH_PKEY_CTX *>(ctx->data); - if (ctx->pkey == NULL || ctx->peerkey == NULL) { + if (ctx->pkey == nullptr || ctx->peerkey == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } DH *our_key = reinterpret_cast<DH *>(ctx->pkey->pkey); DH *peer_key = reinterpret_cast<DH *>(ctx->peerkey->pkey); - if (our_key == NULL || peer_key == NULL) { + if (our_key == nullptr || peer_key == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } const BIGNUM *pub_key = DH_get0_pub_key(peer_key); - if (pub_key == NULL) { + if (pub_key == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } - if (out == NULL) { + if (out == nullptr) { *out_len = DH_size(our_key); return 1; } @@ -149,5 +150,5 @@ int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad) { return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_DH_PAD, pad, NULL); + EVP_PKEY_CTRL_DH_PAD, pad, nullptr); }
diff --git a/crypto/evp/p_dh_asn1.cc b/crypto/evp/p_dh_asn1.cc index 8622de0..a18cad0 100644 --- a/crypto/evp/p_dh_asn1.cc +++ b/crypto/evp/p_dh_asn1.cc
@@ -24,7 +24,7 @@ static void dh_free(EVP_PKEY *pkey) { DH_free(reinterpret_cast<DH *>(pkey->pkey)); - pkey->pkey = NULL; + pkey->pkey = nullptr; } static int dh_size(const EVP_PKEY *pkey) { @@ -37,7 +37,7 @@ static int dh_param_missing(const EVP_PKEY *pkey) { const DH *dh = reinterpret_cast<const DH *>(pkey->pkey); - return dh == NULL || DH_get0_p(dh) == NULL || DH_get0_g(dh) == NULL; + return dh == nullptr || DH_get0_p(dh) == nullptr || DH_get0_g(dh) == nullptr; } static int dh_param_copy(EVP_PKEY *to, const EVP_PKEY *from) { @@ -49,9 +49,9 @@ const DH *dh = reinterpret_cast<DH *>(from->pkey); const BIGNUM *q_old = DH_get0_q(dh); BIGNUM *p = BN_dup(DH_get0_p(dh)); - BIGNUM *q = q_old == NULL ? NULL : BN_dup(q_old); + BIGNUM *q = q_old == nullptr ? nullptr : BN_dup(q_old); BIGNUM *g = BN_dup(DH_get0_g(dh)); - if (p == NULL || (q_old != NULL && q == NULL) || g == NULL || + if (p == nullptr || (q_old != nullptr && q == nullptr) || g == nullptr || !DH_set0_pqg(reinterpret_cast<DH *>(to->pkey), p, q, g)) { BN_free(p); BN_free(q); @@ -130,14 +130,14 @@ DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey) { if (EVP_PKEY_id(pkey) != EVP_PKEY_DH) { OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_DH_KEY); - return NULL; + return nullptr; } return reinterpret_cast<DH *>(const_cast<EVP_PKEY *>(pkey)->pkey); } DH *EVP_PKEY_get1_DH(const EVP_PKEY *pkey) { DH *dh = EVP_PKEY_get0_DH(pkey); - if (dh != NULL) { + if (dh != nullptr) { DH_up_ref(dh); } return dh;
diff --git a/crypto/evp/p_ec.cc b/crypto/evp/p_ec.cc index 2fd93cc..415459a 100644 --- a/crypto/evp/p_ec.cc +++ b/crypto/evp/p_ec.cc
@@ -115,7 +115,7 @@ // NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is // not an error, the result is truncated. size_t outlen = *keylen; - int ret = ECDH_compute_key(key, outlen, pubkey, eckey, 0); + int ret = ECDH_compute_key(key, outlen, pubkey, eckey, nullptr); if (ret < 0) { return 0; } @@ -162,15 +162,16 @@ static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { EC_PKEY_CTX *dctx = reinterpret_cast<EC_PKEY_CTX *>(ctx->data); const EC_GROUP *group = dctx->gen_group; - if (group == NULL) { - if (ctx->pkey == NULL) { + if (group == nullptr) { + if (ctx->pkey == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } group = EC_KEY_get0_group(reinterpret_cast<EC_KEY *>(ctx->pkey->pkey)); } EC_KEY *ec = EC_KEY_new(); - if (ec == NULL || !EC_KEY_set_group(ec, group) || !EC_KEY_generate_key(ec)) { + if (ec == nullptr || !EC_KEY_set_group(ec, group) || + !EC_KEY_generate_key(ec)) { EC_KEY_free(ec); return 0; } @@ -180,12 +181,12 @@ static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { EC_PKEY_CTX *dctx = reinterpret_cast<EC_PKEY_CTX *>(ctx->data); - if (dctx->gen_group == NULL) { + if (dctx->gen_group == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_NO_PARAMETERS_SET); return 0; } EC_KEY *ec = EC_KEY_new(); - if (ec == NULL || !EC_KEY_set_group(ec, dctx->gen_group)) { + if (ec == nullptr || !EC_KEY_set_group(ec, dctx->gen_group)) { EC_KEY_free(ec); return 0; } @@ -200,12 +201,12 @@ pkey_ec_cleanup, pkey_ec_keygen, pkey_ec_sign, - NULL /* sign_message */, + nullptr /* sign_message */, pkey_ec_verify, - NULL /* verify_message */, - NULL /* verify_recover */, - NULL /* encrypt */, - NULL /* decrypt */, + nullptr /* verify_message */, + nullptr /* verify_recover */, + nullptr /* encrypt */, + nullptr /* decrypt */, pkey_ec_derive, pkey_ec_paramgen, pkey_ec_ctrl,
diff --git a/crypto/evp/p_ec_asn1.cc b/crypto/evp/p_ec_asn1.cc index debc6c5..42d4494 100644 --- a/crypto/evp/p_ec_asn1.cc +++ b/crypto/evp/p_ec_asn1.cc
@@ -49,7 +49,7 @@ !CBB_add_asn1(&spki, &key_bitstring, CBS_ASN1_BITSTRING) || !CBB_add_u8(&key_bitstring, 0 /* padding */) || !EC_POINT_point2cbb(&key_bitstring, group, public_key, - POINT_CONVERSION_UNCOMPRESSED, NULL) || + POINT_CONVERSION_UNCOMPRESSED, nullptr) || !CBB_flush(out)) { OPENSSL_PUT_ERROR(EVP, EVP_R_ENCODE_ERROR); return 0; @@ -95,7 +95,7 @@ const EC_GROUP *group = EC_KEY_get0_group(b_ec); const EC_POINT *pa = EC_KEY_get0_public_key(a_ec), *pb = EC_KEY_get0_public_key(b_ec); - int r = EC_POINT_cmp(group, pa, pb, NULL); + int r = EC_POINT_cmp(group, pa, pb, nullptr); if (r == 0) { return 1; } else if (r == 1) { @@ -163,23 +163,24 @@ static int eckey_set1_tls_encodedpoint(EVP_PKEY *pkey, const uint8_t *in, size_t len) { EC_KEY *ec_key = reinterpret_cast<EC_KEY *>(pkey->pkey); - if (ec_key == NULL) { + if (ec_key == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); return 0; } - return EC_KEY_oct2key(ec_key, in, len, NULL); + return EC_KEY_oct2key(ec_key, in, len, nullptr); } static size_t eckey_get1_tls_encodedpoint(const EVP_PKEY *pkey, uint8_t **out_ptr) { const EC_KEY *ec_key = reinterpret_cast<const EC_KEY *>(pkey->pkey); - if (ec_key == NULL) { + if (ec_key == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); return 0; } - return EC_KEY_key2buf(ec_key, POINT_CONVERSION_UNCOMPRESSED, out_ptr, NULL); + return EC_KEY_key2buf(ec_key, POINT_CONVERSION_UNCOMPRESSED, out_ptr, + nullptr); } static int int_ec_size(const EVP_PKEY *pkey) { @@ -190,7 +191,7 @@ static int ec_bits(const EVP_PKEY *pkey) { const EC_KEY *ec_key = reinterpret_cast<const EC_KEY *>(pkey->pkey); const EC_GROUP *group = EC_KEY_get0_group(ec_key); - if (group == NULL) { + if (group == nullptr) { ERR_clear_error(); return 0; } @@ -199,23 +200,23 @@ static int ec_missing_parameters(const EVP_PKEY *pkey) { const EC_KEY *ec_key = reinterpret_cast<const EC_KEY *>(pkey->pkey); - return ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL; + return ec_key == nullptr || EC_KEY_get0_group(ec_key) == nullptr; } static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { const EC_KEY *from_key = reinterpret_cast<const EC_KEY *>(from->pkey); - if (from_key == NULL) { + if (from_key == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); return 0; } const EC_GROUP *group = EC_KEY_get0_group(from_key); - if (group == NULL) { + if (group == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); return 0; } - if (to->pkey == NULL) { + if (to->pkey == nullptr) { to->pkey = EC_KEY_new(); - if (to->pkey == NULL) { + if (to->pkey == nullptr) { return 0; } } @@ -225,15 +226,15 @@ static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { const EC_KEY *a_ec = reinterpret_cast<const EC_KEY *>(a->pkey); const EC_KEY *b_ec = reinterpret_cast<const EC_KEY *>(b->pkey); - if (a_ec == NULL || b_ec == NULL) { + if (a_ec == nullptr || b_ec == nullptr) { return -2; } const EC_GROUP *group_a = EC_KEY_get0_group(a_ec), *group_b = EC_KEY_get0_group(b_ec); - if (group_a == NULL || group_b == NULL) { + if (group_a == nullptr || group_b == nullptr) { return -2; } - if (EC_GROUP_cmp(group_a, group_b, NULL) != 0) { + if (EC_GROUP_cmp(group_a, group_b, nullptr) != 0) { // mismatch return 0; } @@ -242,7 +243,7 @@ static void int_ec_free(EVP_PKEY *pkey) { EC_KEY_free(reinterpret_cast<EC_KEY *>(pkey->pkey)); - pkey->pkey = NULL; + pkey->pkey = nullptr; } static int eckey_opaque(const EVP_PKEY *pkey) { @@ -267,10 +268,10 @@ eckey_priv_decode, eckey_priv_encode, - /*set_priv_raw=*/NULL, - /*set_pub_raw=*/NULL, - /*get_priv_raw=*/NULL, - /*get_pub_raw=*/NULL, + /*set_priv_raw=*/nullptr, + /*set_pub_raw=*/nullptr, + /*get_priv_raw=*/nullptr, + /*get_pub_raw=*/nullptr, eckey_set1_tls_encodedpoint, eckey_get1_tls_encodedpoint, @@ -325,14 +326,14 @@ EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey) { if (EVP_PKEY_id(pkey) != EVP_PKEY_EC) { OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_A_EC_KEY); - return NULL; + return nullptr; } return reinterpret_cast<EC_KEY *>(pkey->pkey); } EC_KEY *EVP_PKEY_get1_EC_KEY(const EVP_PKEY *pkey) { EC_KEY *ec_key = EVP_PKEY_get0_EC_KEY(pkey); - if (ec_key != NULL) { + if (ec_key != nullptr) { EC_KEY_up_ref(ec_key); } return ec_key;
diff --git a/crypto/evp/p_ed25519.cc b/crypto/evp/p_ed25519.cc index 540146a..50ea776 100644 --- a/crypto/evp/p_ed25519.cc +++ b/crypto/evp/p_ed25519.cc
@@ -27,7 +27,7 @@ static int pkey_ed25519_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { ED25519_KEY *key = reinterpret_cast<ED25519_KEY *>(OPENSSL_malloc(sizeof(ED25519_KEY))); - if (key == NULL) { + if (key == nullptr) { return 0; } @@ -49,7 +49,7 @@ return 0; } - if (sig == NULL) { + if (sig == nullptr) { *siglen = 64; return 1; }
diff --git a/crypto/evp/p_ed25519_asn1.cc b/crypto/evp/p_ed25519_asn1.cc index 15b4002..c87b7ba 100644 --- a/crypto/evp/p_ed25519_asn1.cc +++ b/crypto/evp/p_ed25519_asn1.cc
@@ -25,7 +25,7 @@ static void ed25519_free(EVP_PKEY *pkey) { OPENSSL_free(pkey->pkey); - pkey->pkey = NULL; + pkey->pkey = nullptr; } static int ed25519_set_priv_raw(EVP_PKEY *pkey, const uint8_t *in, size_t len) { @@ -36,7 +36,7 @@ ED25519_KEY *key = reinterpret_cast<ED25519_KEY *>(OPENSSL_malloc(sizeof(ED25519_KEY))); - if (key == NULL) { + if (key == nullptr) { return 0; } @@ -57,7 +57,7 @@ ED25519_KEY *key = reinterpret_cast<ED25519_KEY *>(OPENSSL_malloc(sizeof(ED25519_KEY))); - if (key == NULL) { + if (key == nullptr) { return 0; } @@ -75,7 +75,7 @@ return 0; } - if (out == NULL) { + if (out == nullptr) { *out_len = 32; return 1; } @@ -94,7 +94,7 @@ static int ed25519_get_pub_raw(const EVP_PKEY *pkey, uint8_t *out, size_t *out_len) { const ED25519_KEY *key = reinterpret_cast<const ED25519_KEY *>(pkey->pkey); - if (out == NULL) { + if (out == nullptr) { *out_len = 32; return 1; } @@ -217,14 +217,14 @@ ed25519_set_pub_raw, ed25519_get_priv_raw, ed25519_get_pub_raw, - /*set1_tls_encodedpoint=*/NULL, - /*get1_tls_encodedpoint=*/NULL, - /*pkey_opaque=*/NULL, + /*set1_tls_encodedpoint=*/nullptr, + /*get1_tls_encodedpoint=*/nullptr, + /*pkey_opaque=*/nullptr, ed25519_size, ed25519_bits, - /*param_missing=*/NULL, - /*param_copy=*/NULL, - /*param_cmp=*/NULL, + /*param_missing=*/nullptr, + /*param_copy=*/nullptr, + /*param_cmp=*/nullptr, ed25519_free, };
diff --git a/crypto/evp/p_hkdf.cc b/crypto/evp/p_hkdf.cc index 2c7f6d8..f0d793d 100644 --- a/crypto/evp/p_hkdf.cc +++ b/crypto/evp/p_hkdf.cc
@@ -37,7 +37,7 @@ static int pkey_hkdf_init(EVP_PKEY_CTX *ctx) { HKDF_PKEY_CTX *hctx = reinterpret_cast<HKDF_PKEY_CTX *>(OPENSSL_zalloc(sizeof(HKDF_PKEY_CTX))); - if (hctx == NULL) { + if (hctx == nullptr) { return 0; } @@ -64,7 +64,7 @@ if (hctx_src->key_len != 0) { hctx_dst->key = reinterpret_cast<uint8_t *>( OPENSSL_memdup(hctx_src->key, hctx_src->key_len)); - if (hctx_dst->key == NULL) { + if (hctx_dst->key == nullptr) { return 0; } hctx_dst->key_len = hctx_src->key_len; @@ -73,7 +73,7 @@ if (hctx_src->salt_len != 0) { hctx_dst->salt = reinterpret_cast<uint8_t *>( OPENSSL_memdup(hctx_src->salt, hctx_src->salt_len)); - if (hctx_dst->salt == NULL) { + if (hctx_dst->salt == nullptr) { return 0; } hctx_dst->salt_len = hctx_src->salt_len; @@ -89,18 +89,18 @@ static void pkey_hkdf_cleanup(EVP_PKEY_CTX *ctx) { HKDF_PKEY_CTX *hctx = reinterpret_cast<HKDF_PKEY_CTX *>(ctx->data); - if (hctx != NULL) { + if (hctx != nullptr) { OPENSSL_free(hctx->key); OPENSSL_free(hctx->salt); CBB_cleanup(&hctx->info); OPENSSL_free(hctx); - ctx->data = NULL; + ctx->data = nullptr; } } static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len) { HKDF_PKEY_CTX *hctx = reinterpret_cast<HKDF_PKEY_CTX *>(ctx->data); - if (hctx->md == NULL) { + if (hctx->md == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_MISSING_PARAMETERS); return 0; } @@ -109,7 +109,7 @@ return 0; } - if (out == NULL) { + if (out == nullptr) { if (hctx->mode == EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) { *out_len = EVP_MD_size(hctx->md); } @@ -184,26 +184,22 @@ } const EVP_PKEY_CTX_METHOD hkdf_pkey_meth = { - /*pkey_id=*/EVP_PKEY_HKDF, - pkey_hkdf_init, - pkey_hkdf_copy, + /*pkey_id=*/EVP_PKEY_HKDF, pkey_hkdf_init, pkey_hkdf_copy, pkey_hkdf_cleanup, - /*keygen=*/NULL, - /*sign=*/NULL, - /*sign_message=*/NULL, - /*verify=*/NULL, - /*verify_message=*/NULL, - /*verify_recover=*/NULL, - /*encrypt=*/NULL, - /*decrypt=*/NULL, - pkey_hkdf_derive, - /*paramgen=*/NULL, - pkey_hkdf_ctrl, + /*keygen=*/nullptr, + /*sign=*/nullptr, + /*sign_message=*/nullptr, + /*verify=*/nullptr, + /*verify_message=*/nullptr, + /*verify_recover=*/nullptr, + /*encrypt=*/nullptr, + /*decrypt=*/nullptr, pkey_hkdf_derive, + /*paramgen=*/nullptr, pkey_hkdf_ctrl, }; int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode) { return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_HKDF, EVP_PKEY_OP_DERIVE, - EVP_PKEY_CTRL_HKDF_MODE, mode, NULL); + EVP_PKEY_CTRL_HKDF_MODE, mode, nullptr); } int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) {
diff --git a/crypto/evp/p_rsa.cc b/crypto/evp/p_rsa.cc index 871bb77..4c75459 100644 --- a/crypto/evp/p_rsa.cc +++ b/crypto/evp/p_rsa.cc
@@ -193,7 +193,7 @@ RSA *rsa = reinterpret_cast<RSA *>(ctx->pkey->pkey); const size_t key_len = EVP_PKEY_size(ctx->pkey.get()); - if (out == NULL) { + if (out == nullptr) { *out_len = key_len; return 1; } @@ -203,7 +203,7 @@ return 0; } - if (rctx->md == NULL) { + if (rctx->md == nullptr) { return RSA_verify_raw(rsa, out_len, out, *out_len, sig, sig_len, rctx->pad_mode); } @@ -238,7 +238,7 @@ return 0; } - if (out != NULL) { + if (out != nullptr) { OPENSSL_memcpy(out, tbuf.data() + rslen - hash_len, hash_len); } *out_len = hash_len; @@ -354,7 +354,7 @@ OPENSSL_PUT_ERROR(EVP, EVP_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); return 0; } - if (p1 == RSA_PKCS1_OAEP_PADDING && rctx->md == NULL) { + if (p1 == RSA_PKCS1_OAEP_PADDING && rctx->md == nullptr) { rctx->md = EVP_sha1(); } rctx->pad_mode = p1;
diff --git a/crypto/evp/p_rsa_asn1.cc b/crypto/evp/p_rsa_asn1.cc index cc68849..cbced0e 100644 --- a/crypto/evp/p_rsa_asn1.cc +++ b/crypto/evp/p_rsa_asn1.cc
@@ -241,7 +241,7 @@ static void int_rsa_free(EVP_PKEY *pkey) { RSA_free(reinterpret_cast<RSA *>(pkey->pkey)); - pkey->pkey = NULL; + pkey->pkey = nullptr; } } // namespace @@ -358,14 +358,14 @@ int pkey_id = EVP_PKEY_id(pkey); if (pkey_id != EVP_PKEY_RSA && pkey_id != EVP_PKEY_RSA_PSS) { OPENSSL_PUT_ERROR(EVP, EVP_R_EXPECTING_AN_RSA_KEY); - return NULL; + return nullptr; } return reinterpret_cast<RSA *>(pkey->pkey); } RSA *EVP_PKEY_get1_RSA(const EVP_PKEY *pkey) { RSA *rsa = EVP_PKEY_get0_RSA(pkey); - if (rsa != NULL) { + if (rsa != nullptr) { RSA_up_ref(rsa); } return rsa;
diff --git a/crypto/evp/p_x25519.cc b/crypto/evp/p_x25519.cc index aa63ddc..0fd0881 100644 --- a/crypto/evp/p_x25519.cc +++ b/crypto/evp/p_x25519.cc
@@ -27,7 +27,7 @@ static int pkey_x25519_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { X25519_KEY *key = reinterpret_cast<X25519_KEY *>(OPENSSL_malloc(sizeof(X25519_KEY))); - if (key == NULL) { + if (key == nullptr) { return 0; } @@ -39,7 +39,7 @@ static int pkey_x25519_derive(EVP_PKEY_CTX *ctx, uint8_t *out, size_t *out_len) { - if (ctx->pkey == NULL || ctx->peerkey == NULL) { + if (ctx->pkey == nullptr || ctx->peerkey == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } @@ -48,7 +48,7 @@ reinterpret_cast<const X25519_KEY *>(ctx->pkey->pkey); const X25519_KEY *peer_key = reinterpret_cast<const X25519_KEY *>(ctx->peerkey->pkey); - if (our_key == NULL || peer_key == NULL) { + if (our_key == nullptr || peer_key == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_KEYS_NOT_SET); return 0; } @@ -58,7 +58,7 @@ return 0; } - if (out != NULL) { + if (out != nullptr) { if (*out_len < 32) { OPENSSL_PUT_ERROR(EVP, EVP_R_BUFFER_TOO_SMALL); return 0; @@ -88,18 +88,18 @@ const EVP_PKEY_CTX_METHOD x25519_pkey_meth = { /*pkey_id=*/EVP_PKEY_X25519, - /*init=*/NULL, + /*init=*/nullptr, /*copy=*/pkey_x25519_copy, - /*cleanup=*/NULL, + /*cleanup=*/nullptr, /*keygen=*/pkey_x25519_keygen, - /*sign=*/NULL, - /*sign_message=*/NULL, - /*verify=*/NULL, - /*verify_message=*/NULL, - /*verify_recover=*/NULL, - /*encrypt=*/NULL, - /*decrypt=*/NULL, + /*sign=*/nullptr, + /*sign_message=*/nullptr, + /*verify=*/nullptr, + /*verify_message=*/nullptr, + /*verify_recover=*/nullptr, + /*encrypt=*/nullptr, + /*decrypt=*/nullptr, /*derive=*/pkey_x25519_derive, - /*paramgen=*/NULL, + /*paramgen=*/nullptr, /*ctrl=*/pkey_x25519_ctrl, };
diff --git a/crypto/evp/p_x25519_asn1.cc b/crypto/evp/p_x25519_asn1.cc index 05f294a..62ef92c 100644 --- a/crypto/evp/p_x25519_asn1.cc +++ b/crypto/evp/p_x25519_asn1.cc
@@ -25,7 +25,7 @@ static void x25519_free(EVP_PKEY *pkey) { OPENSSL_free(pkey->pkey); - pkey->pkey = NULL; + pkey->pkey = nullptr; } static int x25519_set_priv_raw(EVP_PKEY *pkey, const uint8_t *in, size_t len) { @@ -36,7 +36,7 @@ X25519_KEY *key = reinterpret_cast<X25519_KEY *>(OPENSSL_malloc(sizeof(X25519_KEY))); - if (key == NULL) { + if (key == nullptr) { return 0; } @@ -56,7 +56,7 @@ X25519_KEY *key = reinterpret_cast<X25519_KEY *>(OPENSSL_malloc(sizeof(X25519_KEY))); - if (key == NULL) { + if (key == nullptr) { return 0; } @@ -75,7 +75,7 @@ return 0; } - if (out == NULL) { + if (out == nullptr) { *out_len = 32; return 1; } @@ -93,7 +93,7 @@ static int x25519_get_pub_raw(const EVP_PKEY *pkey, uint8_t *out, size_t *out_len) { const X25519_KEY *key = reinterpret_cast<X25519_KEY *>(pkey->pkey); - if (out == NULL) { + if (out == nullptr) { *out_len = 32; return 1; } @@ -116,13 +116,13 @@ static size_t x25519_get1_tls_encodedpoint(const EVP_PKEY *pkey, uint8_t **out_ptr) { const X25519_KEY *key = reinterpret_cast<X25519_KEY *>(pkey->pkey); - if (key == NULL) { + if (key == nullptr) { OPENSSL_PUT_ERROR(EVP, EVP_R_NO_KEY_SET); return 0; } *out_ptr = reinterpret_cast<uint8_t *>(OPENSSL_memdup(key->pub, 32)); - return *out_ptr == NULL ? 0 : 32; + return *out_ptr == nullptr ? 0 : 32; } static evp_decode_result_t x25519_pub_decode(const EVP_PKEY_ALG *alg, @@ -233,12 +233,12 @@ x25519_get_pub_raw, x25519_set1_tls_encodedpoint, x25519_get1_tls_encodedpoint, - /*pkey_opaque=*/NULL, + /*pkey_opaque=*/nullptr, x25519_size, x25519_bits, - /*param_missing=*/NULL, - /*param_copy=*/NULL, - /*param_cmp=*/NULL, + /*param_missing=*/nullptr, + /*param_copy=*/nullptr, + /*param_cmp=*/nullptr, x25519_free, };
diff --git a/crypto/evp/pbkdf.cc b/crypto/evp/pbkdf.cc index cce0fd0..38a8876 100644 --- a/crypto/evp/pbkdf.cc +++ b/crypto/evp/pbkdf.cc
@@ -26,7 +26,7 @@ const EVP_MD *digest, size_t key_len, uint8_t *out_key) { // See RFC 8018, section 5.2. bssl::ScopedHMAC_CTX hctx; - if (!HMAC_Init_ex(hctx.get(), password, password_len, digest, NULL)) { + if (!HMAC_Init_ex(hctx.get(), password, password_len, digest, nullptr)) { return 0; } @@ -46,19 +46,19 @@ // Compute U_1. uint8_t digest_tmp[EVP_MAX_MD_SIZE]; - if (!HMAC_Init_ex(hctx.get(), NULL, 0, NULL, NULL) || + if (!HMAC_Init_ex(hctx.get(), nullptr, 0, nullptr, nullptr) || !HMAC_Update(hctx.get(), salt, salt_len) || !HMAC_Update(hctx.get(), i_buf, 4) || - !HMAC_Final(hctx.get(), digest_tmp, NULL)) { + !HMAC_Final(hctx.get(), digest_tmp, nullptr)) { return 0; } OPENSSL_memcpy(out_key, digest_tmp, todo); for (uint32_t j = 1; j < iterations; j++) { // Compute the remaining U_* values and XOR. - if (!HMAC_Init_ex(hctx.get(), NULL, 0, NULL, NULL) || + if (!HMAC_Init_ex(hctx.get(), nullptr, 0, nullptr, nullptr) || !HMAC_Update(hctx.get(), digest_tmp, md_len) || - !HMAC_Final(hctx.get(), digest_tmp, NULL)) { + !HMAC_Final(hctx.get(), digest_tmp, nullptr)) { return 0; } for (size_t k = 0; k < todo; k++) {
diff --git a/crypto/evp/pbkdf_test.cc b/crypto/evp/pbkdf_test.cc index 4db5d63..d6a321f 100644 --- a/crypto/evp/pbkdf_test.cc +++ b/crypto/evp/pbkdf_test.cc
@@ -29,7 +29,7 @@ 0x5d, 0x36, 0xea, 0x43, 0x63, 0xa2}; uint8_t key[sizeof(kKey)]; - ASSERT_TRUE(PKCS5_PBKDF2_HMAC(NULL, 0, (const uint8_t *)"salt", 4, 1, + ASSERT_TRUE(PKCS5_PBKDF2_HMAC(nullptr, 0, (const uint8_t *)"salt", 4, 1, EVP_sha1(), sizeof(kKey), key)); EXPECT_EQ(Bytes(kKey), Bytes(key)); @@ -47,7 +47,7 @@ 0x5e, 0x22, 0xdb, 0xea, 0xfa, 0x46, 0x34, 0xf6}; uint8_t key[sizeof(kKey)]; - ASSERT_TRUE(PKCS5_PBKDF2_HMAC("password", 8, NULL, 0, 2, EVP_sha256(), + ASSERT_TRUE(PKCS5_PBKDF2_HMAC("password", 8, nullptr, 0, 2, EVP_sha256(), sizeof(kKey), key)); EXPECT_EQ(Bytes(kKey), Bytes(key));
diff --git a/crypto/evp/print.cc b/crypto/evp/print.cc index 9464e36..50d158d 100644 --- a/crypto/evp/print.cc +++ b/crypto/evp/print.cc
@@ -45,7 +45,7 @@ } static int bn_print(BIO *bp, const char *name, const BIGNUM *num, int off) { - if (num == NULL) { + if (num == nullptr) { return 1; } @@ -78,7 +78,7 @@ // and negative values are never valid in keys anyway. size_t len = BN_num_bytes(num); uint8_t *buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(len + 1)); - if (buf == NULL) { + if (buf == nullptr) { return 0; } @@ -101,7 +101,7 @@ static int do_rsa_print(BIO *out, const RSA *rsa, int off, int include_private) { int mod_len = 0; - if (rsa->n != NULL) { + if (rsa->n != nullptr) { mod_len = BN_num_bits(rsa->n); } @@ -154,7 +154,7 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) { const EC_GROUP *group; - if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) { + if (x == nullptr || (group = EC_KEY_get0_group(x)) == nullptr) { OPENSSL_PUT_ERROR(EVP, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -181,15 +181,15 @@ if (ktype == 2) { const BIGNUM *priv_key = EC_KEY_get0_private_key(x); - if (priv_key != NULL && // + if (priv_key != nullptr && // !bn_print(bp, "priv:", priv_key, off)) { return 0; } } - if (ktype > 0 && EC_KEY_get0_public_key(x) != NULL) { - uint8_t *pub = NULL; - size_t pub_len = EC_KEY_key2buf(x, EC_KEY_get_conv_form(x), &pub, NULL); + if (ktype > 0 && EC_KEY_get0_public_key(x) != nullptr) { + uint8_t *pub = nullptr; + size_t pub_len = EC_KEY_key2buf(x, EC_KEY_get_conv_form(x), &pub, nullptr); if (pub_len == 0) { return 0; } @@ -260,7 +260,7 @@ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) { const EVP_PKEY_PRINT_METHOD *method = find_method(EVP_PKEY_id(pkey)); - if (method != NULL && method->pub_print != NULL) { + if (method != nullptr && method->pub_print != nullptr) { return method->pub_print(out, pkey, indent); } return print_unsupported(out, pkey, indent, "Public Key"); @@ -269,7 +269,7 @@ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) { const EVP_PKEY_PRINT_METHOD *method = find_method(EVP_PKEY_id(pkey)); - if (method != NULL && method->priv_print != NULL) { + if (method != nullptr && method->priv_print != nullptr) { return method->priv_print(out, pkey, indent); } return print_unsupported(out, pkey, indent, "Private Key"); @@ -278,7 +278,7 @@ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) { const EVP_PKEY_PRINT_METHOD *method = find_method(EVP_PKEY_id(pkey)); - if (method != NULL && method->param_print != NULL) { + if (method != nullptr && method->param_print != nullptr) { return method->param_print(out, pkey, indent); } return print_unsupported(out, pkey, indent, "Parameters");
diff --git a/crypto/evp/scrypt.cc b/crypto/evp/scrypt.cc index 548a3f6..4f0f9fd 100644 --- a/crypto/evp/scrypt.cc +++ b/crypto/evp/scrypt.cc
@@ -183,7 +183,7 @@ size_t V_blocks = N * 2 * r; block_t *B = reinterpret_cast<block_t *>( OPENSSL_calloc(B_blocks + T_blocks + V_blocks, sizeof(block_t))); - if (B == NULL) { + if (B == nullptr) { return 0; }
diff --git a/crypto/ex_data.cc b/crypto/ex_data.cc index 53f7ed9..e93f7c9 100644 --- a/crypto/ex_data.cc +++ b/crypto/ex_data.cc
@@ -39,14 +39,14 @@ void *argp, CRYPTO_EX_free *free_func) { CRYPTO_EX_DATA_FUNCS *funcs = reinterpret_cast<CRYPTO_EX_DATA_FUNCS *>( OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS))); - if (funcs == NULL) { + if (funcs == nullptr) { return -1; } funcs->argl = argl; funcs->argp = argp; funcs->free_func = free_func; - funcs->next = NULL; + funcs->next = nullptr; CRYPTO_MUTEX_lock_write(&ex_data_class->lock); @@ -59,7 +59,7 @@ } // Append |funcs| to the linked list. - if (ex_data_class->last == NULL) { + if (ex_data_class->last == nullptr) { assert(num_funcs == 0); ex_data_class->funcs = funcs; ex_data_class->last = funcs; @@ -81,16 +81,16 @@ abort(); } - if (ad->sk == NULL) { + if (ad->sk == nullptr) { ad->sk = sk_void_new_null(); - if (ad->sk == NULL) { + if (ad->sk == nullptr) { return 0; } } // Add NULL values until the stack is long enough. for (size_t i = sk_void_num(ad->sk); i <= (size_t)index; i++) { - if (!sk_void_push(ad->sk, NULL)) { + if (!sk_void_push(ad->sk, nullptr)) { return 0; } } @@ -100,17 +100,17 @@ } void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx) { - if (ad->sk == NULL || idx < 0 || (size_t)idx >= sk_void_num(ad->sk)) { - return NULL; + if (ad->sk == nullptr || idx < 0 || (size_t)idx >= sk_void_num(ad->sk)) { + return nullptr; } return sk_void_value(ad->sk, idx); } -void CRYPTO_new_ex_data(CRYPTO_EX_DATA *ad) { ad->sk = NULL; } +void CRYPTO_new_ex_data(CRYPTO_EX_DATA *ad) { ad->sk = nullptr; } void CRYPTO_free_ex_data(CRYPTO_EX_DATA_CLASS *ex_data_class, CRYPTO_EX_DATA *ad) { - if (ad->sk == NULL) { + if (ad->sk == nullptr) { // Nothing to do. return; } @@ -123,7 +123,7 @@ // after the |num_funcs| comparison to be correctly synchronized. CRYPTO_EX_DATA_FUNCS *const *funcs = &ex_data_class->funcs; for (uint32_t i = 0; i < num_funcs; i++) { - if ((*funcs)->free_func != NULL) { + if ((*funcs)->free_func != nullptr) { int index = (int)i + ex_data_class->num_reserved; void *ptr = CRYPTO_get_ex_data(ad, index); (*funcs)->free_func(/*parent=*/nullptr, ptr, /*ad*/ nullptr, index, @@ -133,7 +133,7 @@ } sk_void_free(ad->sk); - ad->sk = NULL; + ad->sk = nullptr; } void CRYPTO_cleanup_all_ex_data(void) {}
diff --git a/crypto/fipsmodule/bn/bn_test.cc b/crypto/fipsmodule/bn/bn_test.cc index 969f402..0d55149 100644 --- a/crypto/fipsmodule/bn/bn_test.cc +++ b/crypto/fipsmodule/bn/bn_test.cc
@@ -46,7 +46,7 @@ namespace { static int HexToBIGNUMWithReturn(bssl::UniquePtr<BIGNUM> *out, const char *in) { - BIGNUM *raw = NULL; + BIGNUM *raw = nullptr; int ret = BN_hex2bn(&raw, in); out->reset(raw); return ret; @@ -754,12 +754,12 @@ if (BN_is_odd(m.get())) { ASSERT_TRUE( - BN_mod_exp_mont(ret.get(), a.get(), e.get(), m.get(), ctx, NULL)); + BN_mod_exp_mont(ret.get(), a.get(), e.get(), m.get(), ctx, nullptr)); EXPECT_BIGNUMS_EQUAL("A ^ E (mod M) (Montgomery)", mod_exp.get(), ret.get()); ASSERT_TRUE(BN_mod_exp_mont_consttime(ret.get(), a.get(), e.get(), m.get(), - ctx, NULL)); + ctx, nullptr)); EXPECT_BIGNUMS_EQUAL("A ^ E (mod M) (constant-time)", mod_exp.get(), ret.get()); @@ -1048,7 +1048,7 @@ // Test edge case at 0. bssl::UniquePtr<BIGNUM> n(BN_new()); ASSERT_TRUE(n); - ASSERT_TRUE(BN_bn2bin_padded(NULL, 0, n.get())); + ASSERT_TRUE(BN_bn2bin_padded(nullptr, 0, n.get())); OPENSSL_memset(out, -1, sizeof(out)); ASSERT_TRUE(BN_bn2bin_padded(out, sizeof(out), n.get())); @@ -1062,7 +1062,7 @@ ASSERT_EQ(bytes, BN_bn2bin(n.get(), reference)); // Empty buffer should fail. - EXPECT_FALSE(BN_bn2bin_padded(NULL, 0, n.get())); + EXPECT_FALSE(BN_bn2bin_padded(nullptr, 0, n.get())); // One byte short should fail. EXPECT_FALSE(BN_bn2bin_padded(out, bytes - 1, n.get())); @@ -1137,7 +1137,7 @@ } static int DecimalToBIGNUM(bssl::UniquePtr<BIGNUM> *out, const char *in) { - BIGNUM *raw = NULL; + BIGNUM *raw = nullptr; int ret = BN_dec2bn(&raw, in); out->reset(raw); return ret; @@ -1200,7 +1200,7 @@ } static bssl::UniquePtr<BIGNUM> ASCIIToBIGNUM(const char *in) { - BIGNUM *raw = NULL; + BIGNUM *raw = nullptr; if (!BN_asc2bn(&raw, in)) { return nullptr; } @@ -1272,14 +1272,14 @@ bssl::UniquePtr<BIGNUM> bn(ASCIIToBIGNUM(test.base10)); ASSERT_TRUE(bn); - const size_t mpi_len = BN_bn2mpi(bn.get(), NULL); + const size_t mpi_len = BN_bn2mpi(bn.get(), nullptr); ASSERT_LE(mpi_len, sizeof(scratch)) << "MPI size is too large to test"; const size_t mpi_len2 = BN_bn2mpi(bn.get(), scratch); EXPECT_EQ(mpi_len, mpi_len2); EXPECT_EQ(Bytes(test.mpi, test.mpi_len), Bytes(scratch, mpi_len)); - bssl::UniquePtr<BIGNUM> bn2(BN_mpi2bn(scratch, mpi_len, NULL)); + bssl::UniquePtr<BIGNUM> bn2(BN_mpi2bn(scratch, mpi_len, nullptr)); ASSERT_TRUE(bn2) << "failed to parse"; EXPECT_BIGNUMS_EQUAL("BN_mpi2bn", bn.get(), bn2.get()); } @@ -1558,7 +1558,7 @@ ERR_clear_error(); EXPECT_FALSE(BN_mod_exp_mont(a.get(), BN_value_one(), BN_value_one(), - zero.get(), ctx(), NULL)); + zero.get(), ctx(), nullptr)); ERR_clear_error(); EXPECT_FALSE(BN_mod_exp_mont_consttime( @@ -1586,7 +1586,7 @@ ERR_clear_error(); EXPECT_FALSE(BN_mod_exp_mont(a.get(), BN_value_one(), BN_value_one(), b.get(), - ctx(), NULL)); + ctx(), nullptr)); ERR_clear_error(); EXPECT_FALSE(BN_mod_exp_mont_consttime( @@ -1636,8 +1636,8 @@ bssl::UniquePtr<BIGNUM> r(BN_new()); ASSERT_TRUE(r); - ASSERT_TRUE(BN_generate_prime_ex(r.get(), static_cast<int>(kBits), 0, NULL, - NULL, NULL)); + ASSERT_TRUE(BN_generate_prime_ex(r.get(), static_cast<int>(kBits), 0, nullptr, + nullptr, nullptr)); EXPECT_EQ(kBits, BN_num_bits(r.get())); } @@ -2508,8 +2508,8 @@ } } - EXPECT_EQ(0, bn_less_than_words(NULL, NULL, 0)); - EXPECT_EQ(0, bn_in_range_words(NULL, 0, NULL, 0)); + EXPECT_EQ(0, bn_less_than_words(nullptr, nullptr, 0)); + EXPECT_EQ(0, bn_in_range_words(nullptr, 0, nullptr, 0)); } #endif // !BORINGSSL_SHARED_LIBRARY
diff --git a/crypto/fipsmodule/cmac/cmac_test.cc b/crypto/fipsmodule/cmac/cmac_test.cc index 3351053..6aa40cb 100644 --- a/crypto/fipsmodule/cmac/cmac_test.cc +++ b/crypto/fipsmodule/cmac/cmac_test.cc
@@ -39,7 +39,7 @@ bssl::UniquePtr<CMAC_CTX> ctx(CMAC_CTX_new()); ASSERT_TRUE(ctx); - ASSERT_TRUE(CMAC_Init(ctx.get(), key, key_len, EVP_aes_128_cbc(), NULL)); + ASSERT_TRUE(CMAC_Init(ctx.get(), key, key_len, EVP_aes_128_cbc(), nullptr)); for (unsigned chunk_size = 1; chunk_size <= msg_len; chunk_size++) { SCOPED_TRACE(chunk_size); @@ -114,7 +114,7 @@ 0xfc, 0x49, 0x74, 0x17, 0x79, 0x36, 0x3c, 0xfe, }; - test("RFC 4493 #1", kKey, sizeof(kKey), NULL, 0, kOut1); + test("RFC 4493 #1", kKey, sizeof(kKey), nullptr, 0, kOut1); test("RFC 4493 #2", kKey, sizeof(kKey), kMsg2, sizeof(kMsg2), kOut2); test("RFC 4493 #3", kKey, sizeof(kKey), kMsg3, sizeof(kMsg3), kOut3); test("RFC 4493 #4", kKey, sizeof(kKey), kMsg4, sizeof(kMsg4), kOut4); @@ -157,7 +157,7 @@ uint8_t out[16]; bssl::UniquePtr<CMAC_CTX> ctx(CMAC_CTX_new()); ASSERT_TRUE(ctx); - ASSERT_TRUE(CMAC_Init(ctx.get(), key.data(), key.size(), cipher, NULL)); + ASSERT_TRUE(CMAC_Init(ctx.get(), key.data(), key.size(), cipher, nullptr)); ASSERT_TRUE(CMAC_Update(ctx.get(), msg.data(), msg.size())); size_t out_len; ASSERT_TRUE(CMAC_Final(ctx.get(), out, &out_len)); @@ -219,7 +219,7 @@ uint8_t out[16]; bssl::UniquePtr<CMAC_CTX> ctx(CMAC_CTX_new()); ASSERT_TRUE(ctx); - ASSERT_TRUE(CMAC_Init(ctx.get(), key.data(), key.size(), cipher, NULL)); + ASSERT_TRUE(CMAC_Init(ctx.get(), key.data(), key.size(), cipher, nullptr)); ASSERT_TRUE(CMAC_Update(ctx.get(), msg.data(), msg.size())); size_t out_len; ASSERT_TRUE(CMAC_Final(ctx.get(), out, &out_len));
diff --git a/crypto/fipsmodule/ec/ec_test.cc b/crypto/fipsmodule/ec/ec_test.cc index 1e4e7c7..67c5a59 100644 --- a/crypto/fipsmodule/ec/ec_test.cc +++ b/crypto/fipsmodule/ec/ec_test.cc
@@ -130,7 +130,7 @@ size_t in_len) { CBS cbs; CBS_init(&cbs, in, in_len); - bssl::UniquePtr<EC_KEY> ret(EC_KEY_parse_private_key(&cbs, NULL)); + bssl::UniquePtr<EC_KEY> ret(EC_KEY_parse_private_key(&cbs, nullptr)); if (!ret || CBS_len(&cbs) != 0) { return nullptr; } @@ -187,7 +187,7 @@ ASSERT_TRUE(x); ASSERT_TRUE(y); ASSERT_TRUE(EC_POINT_get_affine_coordinates_GFp( - EC_KEY_get0_group(key.get()), pub_key, x.get(), y.get(), NULL)); + EC_KEY_get0_group(key.get()), pub_key, x.get(), y.get(), nullptr)); bssl::UniquePtr<char> x_hex(BN_bn2hex(x.get())); bssl::UniquePtr<char> y_hex(BN_bn2hex(y.get())); ASSERT_TRUE(x_hex); @@ -370,8 +370,8 @@ ASSERT_TRUE(EC_GROUP_set_generator(group2.get(), generator2.get(), order.get(), BN_value_one())); - EXPECT_EQ(0, EC_GROUP_cmp(group.get(), group.get(), NULL)); - EXPECT_EQ(0, EC_GROUP_cmp(group2.get(), group.get(), NULL)); + EXPECT_EQ(0, EC_GROUP_cmp(group.get(), group.get(), nullptr)); + EXPECT_EQ(0, EC_GROUP_cmp(group2.get(), group.get(), nullptr)); // group3 uses the wrong generator. bssl::UniquePtr<EC_GROUP> group3( @@ -384,7 +384,7 @@ ASSERT_TRUE(EC_GROUP_set_generator(group3.get(), generator3.get(), order.get(), BN_value_one())); - EXPECT_NE(0, EC_GROUP_cmp(group.get(), group3.get(), NULL)); + EXPECT_NE(0, EC_GROUP_cmp(group.get(), group3.get(), nullptr)); #if !defined(BORINGSSL_SHARED_LIBRARY) // group4 has non-minimal components that do not fit in |EC_SCALAR| and the @@ -406,7 +406,7 @@ ASSERT_TRUE(EC_GROUP_set_generator(group4.get(), generator4.get(), order.get(), BN_value_one())); - EXPECT_EQ(0, EC_GROUP_cmp(group.get(), group4.get(), NULL)); + EXPECT_EQ(0, EC_GROUP_cmp(group.get(), group4.get(), nullptr)); #endif // group5 is the same group, but the curve coefficients are passed in @@ -414,7 +414,7 @@ ASSERT_TRUE(BN_sub(a.get(), a.get(), p.get())); ASSERT_TRUE(BN_add(b.get(), b.get(), p.get())); bssl::UniquePtr<EC_GROUP> group5( - EC_GROUP_new_curve_GFp(p.get(), a.get(), b.get(), NULL)); + EC_GROUP_new_curve_GFp(p.get(), a.get(), b.get(), nullptr)); ASSERT_TRUE(group5); bssl::UniquePtr<EC_POINT> generator5(EC_POINT_new(group5.get())); ASSERT_TRUE(generator5); @@ -423,8 +423,8 @@ ASSERT_TRUE(EC_GROUP_set_generator(group5.get(), generator5.get(), order.get(), BN_value_one())); - EXPECT_EQ(0, EC_GROUP_cmp(group.get(), group.get(), NULL)); - EXPECT_EQ(0, EC_GROUP_cmp(group5.get(), group.get(), NULL)); + EXPECT_EQ(0, EC_GROUP_cmp(group.get(), group.get(), nullptr)); + EXPECT_EQ(0, EC_GROUP_cmp(group5.get(), group.get(), nullptr)); } TEST(ECTest, SetKeyWithoutGroup) { @@ -1217,7 +1217,7 @@ auto hash_to_curve_p384_sha512_draft07 = [](const EC_GROUP *group, EC_POINT *out, const uint8_t *dst, size_t dst_len, const uint8_t *msg, size_t msg_len) -> int { - if (EC_GROUP_cmp(group, out->group, NULL) != 0) { + if (EC_GROUP_cmp(group, out->group, nullptr) != 0) { return 0; } return ec_hash_to_curve_p384_xmd_sha512_sswu_draft07(group, &out->raw, dst,
diff --git a/crypto/hpke/hpke.cc b/crypto/hpke/hpke.cc index 53b7e92..ace4328 100644 --- a/crypto/hpke/hpke.cc +++ b/crypto/hpke/hpke.cc
@@ -144,7 +144,7 @@ static_cast<uint8_t>(kem_id & 0xff)}; uint8_t prk[EVP_MAX_MD_SIZE]; size_t prk_len; - return hpke_labeled_extract(hkdf_md, prk, &prk_len, NULL, 0, suite_id, + return hpke_labeled_extract(hkdf_md, prk, &prk_len, nullptr, 0, suite_id, sizeof(suite_id), "eae_prk", dh, dh_len) && hpke_labeled_expand(hkdf_md, out_key, out_len, prk, prk_len, suite_id, sizeof(suite_id), "shared_secret", kem_context, @@ -373,7 +373,7 @@ uint8_t dkp_prk[32]; size_t dkp_prk_len; - if (!hpke_labeled_extract(EVP_sha256(), dkp_prk, &dkp_prk_len, NULL, 0, + if (!hpke_labeled_extract(EVP_sha256(), dkp_prk, &dkp_prk_len, nullptr, 0, suite_id, sizeof(suite_id), "dkp_prk", seed, P256_SEED_LEN)) { return 0; @@ -898,15 +898,15 @@ EVP_HPKE_KEY *EVP_HPKE_KEY_new(void) { EVP_HPKE_KEY *key = reinterpret_cast<EVP_HPKE_KEY *>(OPENSSL_malloc(sizeof(EVP_HPKE_KEY))); - if (key == NULL) { - return NULL; + if (key == nullptr) { + return nullptr; } EVP_HPKE_KEY_zero(key); return key; } void EVP_HPKE_KEY_free(EVP_HPKE_KEY *key) { - if (key != NULL) { + if (key != nullptr) { EVP_HPKE_KEY_cleanup(key); OPENSSL_free(key); } @@ -932,7 +932,7 @@ EVP_HPKE_KEY_zero(key); key->kem = kem; if (!kem->init_key(key, priv_key, priv_key_len)) { - key->kem = NULL; + key->kem = nullptr; return 0; } return 1; @@ -942,7 +942,7 @@ EVP_HPKE_KEY_zero(key); key->kem = kem; if (!kem->generate_key(key)) { - key->kem = NULL; + key->kem = nullptr; return 0; } return 1; @@ -1047,8 +1047,8 @@ const EVP_MD *hkdf_md = ctx->kdf->hkdf_md_func(); uint8_t psk_id_hash[EVP_MAX_MD_SIZE]; size_t psk_id_hash_len; - if (!hpke_labeled_extract(hkdf_md, psk_id_hash, &psk_id_hash_len, NULL, 0, - suite_id, sizeof(suite_id), "psk_id_hash", NULL, + if (!hpke_labeled_extract(hkdf_md, psk_id_hash, &psk_id_hash_len, nullptr, 0, + suite_id, sizeof(suite_id), "psk_id_hash", nullptr, 0)) { return 0; } @@ -1056,7 +1056,7 @@ // info_hash = LabeledExtract("", "info_hash", info) uint8_t info_hash[EVP_MAX_MD_SIZE]; size_t info_hash_len; - if (!hpke_labeled_extract(hkdf_md, info_hash, &info_hash_len, NULL, 0, + if (!hpke_labeled_extract(hkdf_md, info_hash, &info_hash_len, nullptr, 0, suite_id, sizeof(suite_id), "info_hash", info, info_len)) { return 0; @@ -1070,7 +1070,7 @@ if (!CBB_add_u8(&context_cbb, mode) || !CBB_add_bytes(&context_cbb, psk_id_hash, psk_id_hash_len) || !CBB_add_bytes(&context_cbb, info_hash, info_hash_len) || - !CBB_finish(&context_cbb, NULL, &context_len)) { + !CBB_finish(&context_cbb, nullptr, &context_len)) { return 0; } @@ -1079,7 +1079,7 @@ size_t secret_len; if (!hpke_labeled_extract(hkdf_md, secret, &secret_len, shared_secret, shared_secret_len, suite_id, sizeof(suite_id), - "secret", NULL, 0)) { + "secret", nullptr, 0)) { return 0; } @@ -1090,7 +1090,7 @@ if (!hpke_labeled_expand(hkdf_md, key, kKeyLen, secret, secret_len, suite_id, sizeof(suite_id), "key", context, context_len) || !EVP_AEAD_CTX_init(&ctx->aead_ctx, aead, key, kKeyLen, - EVP_AEAD_DEFAULT_TAG_LENGTH, NULL)) { + EVP_AEAD_DEFAULT_TAG_LENGTH, nullptr)) { return 0; } @@ -1124,15 +1124,15 @@ EVP_HPKE_CTX *EVP_HPKE_CTX_new(void) { EVP_HPKE_CTX *ctx = reinterpret_cast<EVP_HPKE_CTX *>(OPENSSL_malloc(sizeof(EVP_HPKE_CTX))); - if (ctx == NULL) { - return NULL; + if (ctx == nullptr) { + return nullptr; } EVP_HPKE_CTX_zero(ctx); return ctx; } void EVP_HPKE_CTX_free(EVP_HPKE_CTX *ctx) { - if (ctx != NULL) { + if (ctx != nullptr) { EVP_HPKE_CTX_cleanup(ctx); OPENSSL_free(ctx); } @@ -1216,7 +1216,7 @@ const uint8_t *peer_public_key, size_t peer_public_key_len, const uint8_t *info, size_t info_len, const uint8_t *seed, size_t seed_len) { - if (key->kem->auth_encap_with_seed == NULL) { + if (key->kem->auth_encap_with_seed == nullptr) { // Not all HPKE KEMs support AuthEncap. OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; @@ -1245,7 +1245,7 @@ const EVP_HPKE_AEAD *aead, const uint8_t *enc, size_t enc_len, const uint8_t *info, size_t info_len, const uint8_t *peer_public_key, size_t peer_public_key_len) { - if (key->kem->auth_decap == NULL) { + if (key->kem->auth_decap == nullptr) { // Not all HPKE KEMs support AuthDecap. OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0;
diff --git a/crypto/hrss/hrss.cc b/crypto/hrss/hrss.cc index c9cfcc5..7451290 100644 --- a/crypto/hrss/hrss.cc +++ b/crypto/hrss/hrss.cc
@@ -1885,8 +1885,8 @@ static void *malloc_align32(void **out_ptr, size_t size) { void *ptr = OPENSSL_malloc(size + 31); if (!ptr) { - *out_ptr = NULL; - return NULL; + *out_ptr = nullptr; + return nullptr; } *out_ptr = ptr;
diff --git a/crypto/lhash/lhash.cc b/crypto/lhash/lhash.cc index 28fde70..7fab7fa 100644 --- a/crypto/lhash/lhash.cc +++ b/crypto/lhash/lhash.cc
@@ -61,16 +61,16 @@ _LHASH *OPENSSL_lh_new(lhash_hash_func hash, lhash_cmp_func comp) { _LHASH *ret = reinterpret_cast<_LHASH *>(OPENSSL_zalloc(sizeof(_LHASH))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->num_buckets = kMinNumBuckets; ret->buckets = reinterpret_cast<LHASH_ITEM **>( OPENSSL_calloc(ret->num_buckets, sizeof(LHASH_ITEM *))); - if (ret->buckets == NULL) { + if (ret->buckets == nullptr) { OPENSSL_free(ret); - return NULL; + return nullptr; } ret->comp = comp; @@ -79,13 +79,13 @@ } void OPENSSL_lh_free(_LHASH *lh) { - if (lh == NULL) { + if (lh == nullptr) { return; } for (size_t i = 0; i < lh->num_buckets; i++) { LHASH_ITEM *next; - for (LHASH_ITEM *n = lh->buckets[i]; n != NULL; n = next) { + for (LHASH_ITEM *n = lh->buckets[i]; n != nullptr; n = next) { next = n->next; OPENSSL_free(n); } @@ -109,12 +109,12 @@ lhash_hash_func_helper call_hash_func, lhash_cmp_func_helper call_cmp_func) { const uint32_t hash = call_hash_func(lh->hash, data); - if (out_hash != NULL) { + if (out_hash != nullptr) { *out_hash = hash; } LHASH_ITEM **ret = &lh->buckets[hash % lh->num_buckets]; - for (LHASH_ITEM *cur = *ret; cur != NULL; cur = *ret) { + for (LHASH_ITEM *cur = *ret; cur != nullptr; cur = *ret) { if (call_cmp_func(lh->comp, cur->data, data) == 0) { break; } @@ -131,7 +131,7 @@ int (*cmp_key)(const void *key, const void *value)) { LHASH_ITEM **ret = &lh->buckets[key_hash % lh->num_buckets]; - for (LHASH_ITEM *cur = *ret; cur != NULL; cur = *ret) { + for (LHASH_ITEM *cur = *ret; cur != nullptr; cur = *ret) { if (cmp_key(key, cur->data) == 0) { break; } @@ -145,8 +145,8 @@ lhash_hash_func_helper call_hash_func, lhash_cmp_func_helper call_cmp_func) { LHASH_ITEM **next_ptr = - get_next_ptr_and_hash(lh, NULL, data, call_hash_func, call_cmp_func); - return *next_ptr == NULL ? NULL : (*next_ptr)->data; + get_next_ptr_and_hash(lh, nullptr, data, call_hash_func, call_cmp_func); + return *next_ptr == nullptr ? nullptr : (*next_ptr)->data; } void *OPENSSL_lh_retrieve_key(const _LHASH *lh, const void *key, @@ -154,7 +154,7 @@ int (*cmp_key)(const void *key, const void *value)) { LHASH_ITEM **next_ptr = get_next_ptr_by_key(lh, key, key_hash, cmp_key); - return *next_ptr == NULL ? NULL : (*next_ptr)->data; + return *next_ptr == nullptr ? nullptr : (*next_ptr)->data; } // lh_rebucket allocates a new array of |new_num_buckets| pointers and @@ -170,12 +170,12 @@ } new_buckets = reinterpret_cast<LHASH_ITEM **>(OPENSSL_zalloc(alloc_size)); - if (new_buckets == NULL) { + if (new_buckets == nullptr) { return; } for (i = 0; i < lh->num_buckets; i++) { - for (cur = lh->buckets[i]; cur != NULL; cur = next) { + for (cur = lh->buckets[i]; cur != nullptr; cur = next) { const size_t new_bucket = cur->hash % new_num_buckets; next = cur->next; cur->next = new_buckets[new_bucket]; @@ -225,12 +225,12 @@ uint32_t hash; LHASH_ITEM **next_ptr, *item; - *old_data = NULL; + *old_data = nullptr; next_ptr = get_next_ptr_and_hash(lh, &hash, data, call_hash_func, call_cmp_func); - if (*next_ptr != NULL) { + if (*next_ptr != nullptr) { // An element equal to |data| already exists in the hash table. It will be // replaced. *old_data = (*next_ptr)->data; @@ -240,13 +240,13 @@ // An element equal to |data| doesn't exist in the hash table yet. item = reinterpret_cast<LHASH_ITEM *>(OPENSSL_malloc(sizeof(LHASH_ITEM))); - if (item == NULL) { + if (item == nullptr) { return 0; } item->data = data; item->hash = hash; - item->next = NULL; + item->next = nullptr; *next_ptr = item; lh->num_items++; lh_maybe_resize(lh); @@ -260,11 +260,11 @@ LHASH_ITEM **next_ptr, *item, *ret; next_ptr = - get_next_ptr_and_hash(lh, NULL, data, call_hash_func, call_cmp_func); + get_next_ptr_and_hash(lh, nullptr, data, call_hash_func, call_cmp_func); - if (*next_ptr == NULL) { + if (*next_ptr == nullptr) { // No such element. - return NULL; + return nullptr; } item = *next_ptr; @@ -279,7 +279,7 @@ } void OPENSSL_lh_doall_arg(_LHASH *lh, void (*func)(void *, void *), void *arg) { - if (lh == NULL) { + if (lh == nullptr) { return; } @@ -290,7 +290,7 @@ for (size_t i = 0; i < lh->num_buckets; i++) { LHASH_ITEM *next; - for (LHASH_ITEM *cur = lh->buckets[i]; cur != NULL; cur = next) { + for (LHASH_ITEM *cur = lh->buckets[i]; cur != nullptr; cur = next) { next = cur->next; func(cur->data, arg); }
diff --git a/crypto/mem.cc b/crypto/mem.cc index 83a1af7..5001ab3 100644 --- a/crypto/mem.cc +++ b/crypto/mem.cc
@@ -77,7 +77,7 @@ // allocator with |sdallocx| is imported which does. WEAK_SYMBOL_FUNC(void, sdallocx, (void *ptr, size_t size, int flags)) #else -static void (*const sdallocx)(void *ptr, size_t size, int flags) = NULL; +static void (*const sdallocx)(void *ptr, size_t size, int flags) = nullptr; #endif // The following three functions can be defined to override default heap @@ -188,11 +188,11 @@ goto err; } - if (OPENSSL_memory_alloc != NULL) { - assert(OPENSSL_memory_free != NULL); - assert(OPENSSL_memory_get_size != NULL); + if (OPENSSL_memory_alloc != nullptr) { + assert(OPENSSL_memory_free != nullptr); + assert(OPENSSL_memory_get_size != nullptr); void *ptr2 = OPENSSL_memory_alloc(size); - if (ptr2 == NULL && size != 0) { + if (ptr2 == nullptr && size != 0) { goto err; } return ptr2; @@ -203,7 +203,7 @@ } ptr = malloc(size + OPENSSL_MALLOC_PREFIX); - if (ptr == NULL) { + if (ptr == nullptr) { goto err; } @@ -215,12 +215,12 @@ err: // This only works because ERR does not call OPENSSL_malloc. OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); - return NULL; + return nullptr; } void *OPENSSL_zalloc(size_t size) { void *ret = OPENSSL_malloc(size); - if (ret != NULL) { + if (ret != nullptr) { OPENSSL_memset(ret, 0, size); } return ret; @@ -229,18 +229,18 @@ void *OPENSSL_calloc(size_t num, size_t size) { if (size != 0 && num > SIZE_MAX / size) { OPENSSL_PUT_ERROR(CRYPTO, ERR_R_OVERFLOW); - return NULL; + return nullptr; } return OPENSSL_zalloc(num * size); } void OPENSSL_free(void *orig_ptr) { - if (orig_ptr == NULL) { + if (orig_ptr == nullptr) { return; } - if (OPENSSL_memory_free != NULL) { + if (OPENSSL_memory_free != nullptr) { OPENSSL_memory_free(orig_ptr); return; } @@ -265,12 +265,12 @@ } void *OPENSSL_realloc(void *orig_ptr, size_t new_size) { - if (orig_ptr == NULL) { + if (orig_ptr == nullptr) { return OPENSSL_malloc(new_size); } size_t old_size; - if (OPENSSL_memory_get_size != NULL) { + if (OPENSSL_memory_get_size != nullptr) { old_size = OPENSSL_memory_get_size(orig_ptr); } else { void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; @@ -280,8 +280,8 @@ } void *ret = OPENSSL_malloc(new_size); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } size_t to_copy = new_size; @@ -365,8 +365,8 @@ } char *OPENSSL_strdup(const char *s) { - if (s == NULL) { - return NULL; + if (s == nullptr) { + return nullptr; } // Copy the NUL terminator. return reinterpret_cast<char *>(OPENSSL_memdup(s, strlen(s) + 1)); @@ -462,11 +462,12 @@ void (*deallocate)(void *) = system_malloc ? free : OPENSSL_free; void *(*reallocate)(void *, size_t) = system_malloc ? realloc : OPENSSL_realloc; - char *candidate = NULL; + char *candidate = nullptr; size_t candidate_len = 64; // TODO(bbe) what's the best initial size? int ret; - if ((candidate = reinterpret_cast<char *>(allocate(candidate_len))) == NULL) { + if ((candidate = reinterpret_cast<char *>(allocate(candidate_len))) == + nullptr) { goto err; } va_list args_copy; @@ -482,7 +483,7 @@ candidate_len = (size_t)ret + 1; if ((tmp = reinterpret_cast<char *>( - reallocate(candidate, candidate_len))) == NULL) { + reallocate(candidate, candidate_len))) == nullptr) { goto err; } candidate = tmp; @@ -497,7 +498,7 @@ err: deallocate(candidate); - *str = NULL; + *str = nullptr; errno = ENOMEM; return -1; } @@ -521,11 +522,11 @@ if (alloc_size < size) { // overflow OPENSSL_PUT_ERROR(CRYPTO, ERR_R_MALLOC_FAILURE); - return NULL; + return nullptr; } char *ret = reinterpret_cast<char *>(OPENSSL_malloc(alloc_size)); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } OPENSSL_memcpy(ret, str, size); @@ -558,12 +559,12 @@ void *OPENSSL_memdup(const void *data, size_t size) { if (size == 0) { - return NULL; + return nullptr; } void *ret = OPENSSL_malloc(size); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } OPENSSL_memcpy(ret, data, size);
diff --git a/crypto/obj/obj.cc b/crypto/obj/obj.cc index a0723d9..6eaadf6 100644 --- a/crypto/obj/obj.cc +++ b/crypto/obj/obj.cc
@@ -37,10 +37,10 @@ static CRYPTO_MUTEX global_added_lock = CRYPTO_MUTEX_INIT; // These globals are protected by |global_added_lock|. -static LHASH_OF(ASN1_OBJECT) *global_added_by_data = NULL; -static LHASH_OF(ASN1_OBJECT) *global_added_by_nid = NULL; -static LHASH_OF(ASN1_OBJECT) *global_added_by_short_name = NULL; -static LHASH_OF(ASN1_OBJECT) *global_added_by_long_name = NULL; +static LHASH_OF(ASN1_OBJECT) *global_added_by_data = nullptr; +static LHASH_OF(ASN1_OBJECT) *global_added_by_nid = nullptr; +static LHASH_OF(ASN1_OBJECT) *global_added_by_short_name = nullptr; +static LHASH_OF(ASN1_OBJECT) *global_added_by_long_name = nullptr; static CRYPTO_MUTEX global_next_nid_lock = CRYPTO_MUTEX_INIT; static unsigned global_next_nid = NUM_NID; @@ -54,11 +54,11 @@ ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o) { ASN1_OBJECT *r; - unsigned char *data = NULL; - char *sn = NULL, *ln = NULL; + unsigned char *data = nullptr; + char *sn = nullptr, *ln = nullptr; - if (o == NULL) { - return NULL; + if (o == nullptr) { + return nullptr; } if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) { @@ -67,31 +67,31 @@ } r = ASN1_OBJECT_new(); - if (r == NULL) { + if (r == nullptr) { OPENSSL_PUT_ERROR(OBJ, ERR_R_ASN1_LIB); - return NULL; + return nullptr; } - r->ln = r->sn = NULL; + r->ln = r->sn = nullptr; // once data is attached to an object, it remains const r->data = reinterpret_cast<uint8_t *>(OPENSSL_memdup(o->data, o->length)); - if (o->length != 0 && r->data == NULL) { + if (o->length != 0 && r->data == nullptr) { goto err; } r->length = o->length; r->nid = o->nid; - if (o->ln != NULL) { + if (o->ln != nullptr) { ln = OPENSSL_strdup(o->ln); - if (ln == NULL) { + if (ln == nullptr) { goto err; } } - if (o->sn != NULL) { + if (o->sn != nullptr) { sn = OPENSSL_strdup(o->sn); - if (sn == NULL) { + if (sn == nullptr) { goto err; } } @@ -109,7 +109,7 @@ OPENSSL_free(sn); OPENSSL_free(data); OPENSSL_free(r); - return NULL; + return nullptr; } int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b) { @@ -122,15 +122,15 @@ } const uint8_t *OBJ_get0_data(const ASN1_OBJECT *obj) { - if (obj == NULL) { - return NULL; + if (obj == nullptr) { + return nullptr; } return obj->data; } size_t OBJ_length(const ASN1_OBJECT *obj) { - if (obj == NULL || obj->length < 0) { + if (obj == nullptr || obj->length < 0) { return 0; } @@ -154,7 +154,7 @@ } int OBJ_obj2nid(const ASN1_OBJECT *obj) { - if (obj == NULL) { + if (obj == nullptr) { return NID_undef; } @@ -163,11 +163,11 @@ } CRYPTO_MUTEX_lock_read(&global_added_lock); - if (global_added_by_data != NULL) { + if (global_added_by_data != nullptr) { ASN1_OBJECT *match; match = lh_ASN1_OBJECT_retrieve(global_added_by_data, obj); - if (match != NULL) { + if (match != nullptr) { CRYPTO_MUTEX_unlock_read(&global_added_lock); return match->nid; } @@ -177,7 +177,7 @@ const uint16_t *nid_ptr = reinterpret_cast<const uint16_t *>( bsearch(obj, kNIDsInOIDOrder, std::size(kNIDsInOIDOrder), sizeof(kNIDsInOIDOrder[0]), obj_cmp)); - if (nid_ptr == NULL) { + if (nid_ptr == nullptr) { return NID_undef; } @@ -209,12 +209,12 @@ int OBJ_sn2nid(const char *short_name) { CRYPTO_MUTEX_lock_read(&global_added_lock); - if (global_added_by_short_name != NULL) { + if (global_added_by_short_name != nullptr) { ASN1_OBJECT *match, templ; templ.sn = short_name; match = lh_ASN1_OBJECT_retrieve(global_added_by_short_name, &templ); - if (match != NULL) { + if (match != nullptr) { CRYPTO_MUTEX_unlock_read(&global_added_lock); return match->nid; } @@ -224,7 +224,7 @@ const uint16_t *nid_ptr = reinterpret_cast<const uint16_t *>(bsearch( short_name, kNIDsInShortNameOrder, std::size(kNIDsInShortNameOrder), sizeof(kNIDsInShortNameOrder[0]), short_name_cmp)); - if (nid_ptr == NULL) { + if (nid_ptr == nullptr) { return NID_undef; } @@ -243,12 +243,12 @@ int OBJ_ln2nid(const char *long_name) { CRYPTO_MUTEX_lock_read(&global_added_lock); - if (global_added_by_long_name != NULL) { + if (global_added_by_long_name != nullptr) { ASN1_OBJECT *match, templ; templ.ln = long_name; match = lh_ASN1_OBJECT_retrieve(global_added_by_long_name, &templ); - if (match != NULL) { + if (match != nullptr) { CRYPTO_MUTEX_unlock_read(&global_added_lock); return match->nid; } @@ -258,7 +258,7 @@ const uint16_t *nid_ptr = reinterpret_cast<const uint16_t *>( bsearch(long_name, kNIDsInLongNameOrder, std::size(kNIDsInLongNameOrder), sizeof(kNIDsInLongNameOrder[0]), long_name_cmp)); - if (nid_ptr == NULL) { + if (nid_ptr == nullptr) { return NID_undef; } @@ -277,7 +277,7 @@ OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid) { const ASN1_OBJECT *obj = OBJ_nid2obj(nid); - return obj != NULL && + return obj != nullptr && CBB_add_asn1_element(out, CBS_ASN1_OBJECT, obj->data, obj->length); } @@ -287,7 +287,7 @@ /*ln=*/LN_undef, /*nid=*/NID_undef, /*length=*/0, - /*data=*/NULL, + /*data=*/nullptr, /*flags=*/0, }; return &kUndef; @@ -307,12 +307,12 @@ } CRYPTO_MUTEX_lock_read(&global_added_lock); - if (global_added_by_nid != NULL) { + if (global_added_by_nid != nullptr) { ASN1_OBJECT *match, templ; templ.nid = nid; match = lh_ASN1_OBJECT_retrieve(global_added_by_nid, &templ); - if (match != NULL) { + if (match != nullptr) { CRYPTO_MUTEX_unlock_read(&global_added_lock); return match; } @@ -321,13 +321,13 @@ err: OPENSSL_PUT_ERROR(OBJ, OBJ_R_UNKNOWN_NID); - return NULL; + return nullptr; } const char *OBJ_nid2sn(int nid) { const ASN1_OBJECT *obj = OBJ_nid2obj(nid); - if (obj == NULL) { - return NULL; + if (obj == nullptr) { + return nullptr; } return obj->sn; @@ -335,8 +335,8 @@ const char *OBJ_nid2ln(int nid) { const ASN1_OBJECT *obj = OBJ_nid2obj(nid); - if (obj == NULL) { - return NULL; + if (obj == nullptr) { + return nullptr; } return obj->ln; @@ -354,7 +354,7 @@ !CBB_finish(&cbb, &buf, &len)) { OPENSSL_PUT_ERROR(OBJ, OBJ_R_INVALID_OID_STRING); CBB_cleanup(&cbb); - return NULL; + return nullptr; } ASN1_OBJECT *ret = ASN1_OBJECT_create(get_nid ? get_nid() : NID_undef, buf, @@ -375,7 +375,7 @@ } } - return create_object_with_text_oid(NULL, s, NULL, NULL); + return create_object_with_text_oid(nullptr, s, nullptr, nullptr); } static int strlcpy_int(char *dst, const char *src, int dst_size) { @@ -391,7 +391,7 @@ int always_return_oid) { // Python depends on the empty OID successfully encoding as the empty // string. - if (obj == NULL || obj->length == 0) { + if (obj == nullptr || obj->length == 0) { return strlcpy_int(out, "", out_len); } @@ -399,10 +399,10 @@ int nid = OBJ_obj2nid(obj); if (nid != NID_undef) { const char *name = OBJ_nid2ln(nid); - if (name == NULL) { + if (name == nullptr) { name = OBJ_nid2sn(nid); } - if (name != NULL) { + if (name != nullptr) { return strlcpy_int(out, name, out_len); } } @@ -411,7 +411,7 @@ CBS cbs; CBS_init(&cbs, obj->data, obj->length); char *txt = CBS_asn1_oid_to_text(&cbs); - if (txt == NULL) { + if (txt == nullptr) { if (out_len > 0) { out[0] = '\0'; } @@ -456,26 +456,26 @@ ASN1_OBJECT_FLAG_DYNAMIC_DATA); CRYPTO_MUTEX_lock_write(&global_added_lock); - if (global_added_by_nid == NULL) { + if (global_added_by_nid == nullptr) { global_added_by_nid = lh_ASN1_OBJECT_new(hash_nid, cmp_nid); } - if (global_added_by_data == NULL) { + if (global_added_by_data == nullptr) { global_added_by_data = lh_ASN1_OBJECT_new(hash_data, OBJ_cmp); } - if (global_added_by_short_name == NULL) { + if (global_added_by_short_name == nullptr) { global_added_by_short_name = lh_ASN1_OBJECT_new(hash_short_name, cmp_short_name); } - if (global_added_by_long_name == NULL) { + if (global_added_by_long_name == nullptr) { global_added_by_long_name = lh_ASN1_OBJECT_new(hash_long_name, cmp_long_name); } int ok = 0; - if (global_added_by_nid == NULL || // - global_added_by_data == NULL || // - global_added_by_short_name == NULL || // - global_added_by_long_name == NULL) { + if (global_added_by_nid == nullptr || // + global_added_by_data == nullptr || // + global_added_by_short_name == nullptr || // + global_added_by_long_name == nullptr) { goto err; } @@ -485,13 +485,13 @@ // should always have objects in |global_added_by_nid|. ASN1_OBJECT *old_object; ok = lh_ASN1_OBJECT_insert(global_added_by_nid, &old_object, obj); - if (obj->length != 0 && obj->data != NULL) { + if (obj->length != 0 && obj->data != nullptr) { ok &= lh_ASN1_OBJECT_insert(global_added_by_data, &old_object, obj); } - if (obj->sn != NULL) { + if (obj->sn != nullptr) { ok &= lh_ASN1_OBJECT_insert(global_added_by_short_name, &old_object, obj); } - if (obj->ln != NULL) { + if (obj->ln != nullptr) { ok &= lh_ASN1_OBJECT_insert(global_added_by_long_name, &old_object, obj); } @@ -503,7 +503,7 @@ int OBJ_create(const char *oid, const char *short_name, const char *long_name) { ASN1_OBJECT *op = create_object_with_text_oid(obj_next_nid, oid, short_name, long_name); - if (op == NULL || !obj_add_object(op)) { + if (op == nullptr || !obj_add_object(op)) { return NID_undef; } return op->nid;
diff --git a/crypto/obj/obj_test.cc b/crypto/obj/obj_test.cc index 5fd0db4..87eb212 100644 --- a/crypto/obj/obj_test.cc +++ b/crypto/obj/obj_test.cc
@@ -47,7 +47,7 @@ ASSERT_EQ(NID_undef, OBJ_ln2nid("this is not an OID")); ASSERT_EQ(NID_undef, OBJ_txt2nid("this is not an OID")); - CBS_init(&cbs, NULL, 0); + CBS_init(&cbs, nullptr, 0); ASSERT_EQ(NID_undef, OBJ_cbs2nid(&cbs)); // 1.2.840.113554.4.1.72585.2 (https://davidben.net/oid). @@ -179,7 +179,7 @@ ASN1_OBJECT_create(NID_undef, kNonMinimalOID, sizeof(kNonMinimalOID), /*sn=*/nullptr, /*ln=*/nullptr)); ASSERT_TRUE(obj); - ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, obj.get(), 0)); + ASSERT_EQ(-1, OBJ_obj2txt(nullptr, 0, obj.get(), 0)); // kOverflowOID is the DER representation of // 1.2.840.113554.4.1.72585.18446744073709551616. (The final value is 2^64.) @@ -190,7 +190,7 @@ obj.reset(ASN1_OBJECT_create(NID_undef, kOverflowOID, sizeof(kOverflowOID), /*sn=*/nullptr, /*ln=*/nullptr)); ASSERT_TRUE(obj); - ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, obj.get(), 0)); + ASSERT_EQ(-1, OBJ_obj2txt(nullptr, 0, obj.get(), 0)); // kInvalidOID is a mis-encoded version of kBasicConstraints with the final // octet having the high bit set. @@ -198,5 +198,5 @@ obj.reset(ASN1_OBJECT_create(NID_undef, kInvalidOID, sizeof(kInvalidOID), /*sn=*/nullptr, /*ln=*/nullptr)); ASSERT_TRUE(obj); - ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, obj.get(), 0)); + ASSERT_EQ(-1, OBJ_obj2txt(nullptr, 0, obj.get(), 0)); }
diff --git a/crypto/obj/obj_xref.cc b/crypto/obj/obj_xref.cc index 8df2b4e..a322a3f 100644 --- a/crypto/obj/obj_xref.cc +++ b/crypto/obj/obj_xref.cc
@@ -52,10 +52,10 @@ int OBJ_find_sigid_algs(int sign_nid, int *out_digest_nid, int *out_pkey_nid) { for (const auto &triple : kTriples) { if (triple.sign_nid == sign_nid) { - if (out_digest_nid != NULL) { + if (out_digest_nid != nullptr) { *out_digest_nid = triple.digest_nid; } - if (out_pkey_nid != NULL) { + if (out_pkey_nid != nullptr) { *out_pkey_nid = triple.pkey_nid; } return 1; @@ -69,7 +69,7 @@ for (const auto &triple : kTriples) { if (triple.digest_nid == digest_nid && triple.pkey_nid == pkey_nid) { - if (out_sign_nid != NULL) { + if (out_sign_nid != nullptr) { *out_sign_nid = triple.sign_nid; } return 1;
diff --git a/crypto/pem/pem_all.cc b/crypto/pem/pem_all.cc index 278f703..f03b608 100644 --- a/crypto/pem/pem_all.cc +++ b/crypto/pem/pem_all.cc
@@ -77,12 +77,12 @@ static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) { DSA *dtmp; if (!key) { - return NULL; + return nullptr; } dtmp = EVP_PKEY_get1_DSA(key); EVP_PKEY_free(key); if (!dtmp) { - return NULL; + return nullptr; } if (dsa) { DSA_free(*dsa); @@ -94,7 +94,7 @@ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, void *u) { EVP_PKEY *pktmp; - pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); + pktmp = PEM_read_bio_PrivateKey(bp, nullptr, cb, u); return pkey_get_dsa(pktmp, dsa); // will free pktmp } @@ -103,7 +103,7 @@ IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u) { EVP_PKEY *pktmp; - pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); + pktmp = PEM_read_PrivateKey(fp, nullptr, cb, u); return pkey_get_dsa(pktmp, dsa); // will free pktmp } @@ -112,12 +112,12 @@ static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) { EC_KEY *dtmp; if (!key) { - return NULL; + return nullptr; } dtmp = EVP_PKEY_get1_EC_KEY(key); EVP_PKEY_free(key); if (!dtmp) { - return NULL; + return nullptr; } if (eckey) { EC_KEY_free(*eckey); @@ -129,7 +129,7 @@ EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, void *u) { EVP_PKEY *pktmp; - pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); + pktmp = PEM_read_bio_PrivateKey(bp, nullptr, cb, u); return pkey_get_eckey(pktmp, key); // will free pktmp } @@ -140,7 +140,7 @@ EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, void *u) { EVP_PKEY *pktmp; - pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); + pktmp = PEM_read_PrivateKey(fp, nullptr, cb, u); return pkey_get_eckey(pktmp, eckey); // will free pktmp }
diff --git a/crypto/pem/pem_info.cc b/crypto/pem/pem_info.cc index acf035c..0813813 100644 --- a/crypto/pem/pem_info.cc +++ b/crypto/pem/pem_info.cc
@@ -34,7 +34,7 @@ } static void X509_PKEY_free(X509_PKEY *x) { - if (x == NULL) { + if (x == nullptr) { return; } @@ -47,7 +47,7 @@ } void X509_INFO_free(X509_INFO *x) { - if (x == NULL) { + if (x == nullptr) { return; } @@ -62,9 +62,9 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); - return 0; + return nullptr; } STACK_OF(X509_INFO) *ret = PEM_X509_INFO_read_bio(b, sk, cb, u); BIO_free(b); @@ -79,57 +79,57 @@ static enum parse_result_t parse_x509(X509_INFO *info, const uint8_t *data, size_t len, int key_type) { - if (info->x509 != NULL) { + if (info->x509 != nullptr) { return parse_new_entry; } - info->x509 = d2i_X509(NULL, &data, len); - return info->x509 != NULL ? parse_ok : parse_error; + info->x509 = d2i_X509(nullptr, &data, len); + return info->x509 != nullptr ? parse_ok : parse_error; } static enum parse_result_t parse_x509_aux(X509_INFO *info, const uint8_t *data, size_t len, int key_type) { - if (info->x509 != NULL) { + if (info->x509 != nullptr) { return parse_new_entry; } - info->x509 = d2i_X509_AUX(NULL, &data, len); - return info->x509 != NULL ? parse_ok : parse_error; + info->x509 = d2i_X509_AUX(nullptr, &data, len); + return info->x509 != nullptr ? parse_ok : parse_error; } static enum parse_result_t parse_crl(X509_INFO *info, const uint8_t *data, size_t len, int key_type) { - if (info->crl != NULL) { + if (info->crl != nullptr) { return parse_new_entry; } - info->crl = d2i_X509_CRL(NULL, &data, len); - return info->crl != NULL ? parse_ok : parse_error; + info->crl = d2i_X509_CRL(nullptr, &data, len); + return info->crl != nullptr ? parse_ok : parse_error; } static enum parse_result_t parse_key(X509_INFO *info, const uint8_t *data, size_t len, int key_type) { - if (info->x_pkey != NULL) { + if (info->x_pkey != nullptr) { return parse_new_entry; } info->x_pkey = X509_PKEY_new(); - if (info->x_pkey == NULL) { + if (info->x_pkey == nullptr) { return parse_error; } - info->x_pkey->dec_pkey = d2i_PrivateKey(key_type, NULL, &data, len); - return info->x_pkey->dec_pkey != NULL ? parse_ok : parse_error; + info->x_pkey->dec_pkey = d2i_PrivateKey(key_type, nullptr, &data, len); + return info->x_pkey->dec_pkey != nullptr ? parse_ok : parse_error; } STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { - X509_INFO *info = NULL; - char *name = NULL, *header = NULL; - unsigned char *data = NULL; + X509_INFO *info = nullptr; + char *name = nullptr, *header = nullptr; + unsigned char *data = nullptr; long len; int ok = 0; - STACK_OF(X509_INFO) *ret = NULL; + STACK_OF(X509_INFO) *ret = nullptr; - if (sk == NULL) { + if (sk == nullptr) { ret = sk_X509_INFO_new_null(); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } } else { ret = sk; @@ -137,7 +137,7 @@ size_t orig_num = sk_X509_INFO_num(ret); info = X509_INFO_new(); - if (info == NULL) { + if (info == nullptr) { goto err; } @@ -151,7 +151,7 @@ } enum parse_result_t (*parse_function)(X509_INFO *, const uint8_t *, size_t, - int) = NULL; + int) = nullptr; int key_type = EVP_PKEY_NONE; if (strcmp(name, PEM_STRING_X509) == 0 || strcmp(name, PEM_STRING_X509_OLD) == 0) { @@ -174,25 +174,25 @@ // If a private key has a header, assume it is encrypted. This function does // not decrypt private keys. if (key_type != EVP_PKEY_NONE && strlen(header) > 10) { - if (info->x_pkey != NULL) { + if (info->x_pkey != nullptr) { if (!sk_X509_INFO_push(ret, info)) { goto err; } info = X509_INFO_new(); - if (info == NULL) { + if (info == nullptr) { goto err; } } // Use an empty key as a placeholder. info->x_pkey = X509_PKEY_new(); - if (info->x_pkey == NULL || + if (info->x_pkey == nullptr || !PEM_get_EVP_CIPHER_INFO(header, &info->enc_cipher)) { goto err; } info->enc_data = (char *)data; info->enc_len = (int)len; - data = NULL; - } else if (parse_function != NULL) { + data = nullptr; + } else if (parse_function != nullptr) { EVP_CIPHER_INFO cipher; if (!PEM_get_EVP_CIPHER_INFO(header, &cipher) || !PEM_do_header(&cipher, data, &len, cb, u)) { @@ -204,7 +204,7 @@ goto err; } info = X509_INFO_new(); - if (info == NULL) { + if (info == nullptr) { goto err; } result = parse_function(info, data, len, key_type); @@ -217,18 +217,18 @@ OPENSSL_free(name); OPENSSL_free(header); OPENSSL_free(data); - name = NULL; - header = NULL; - data = NULL; + name = nullptr; + header = nullptr; + data = nullptr; } // Push the last entry on the stack if not empty. - if (info->x509 != NULL || info->crl != NULL || info->x_pkey != NULL || - info->enc_data != NULL) { + if (info->x509 != nullptr || info->crl != nullptr || + info->x_pkey != nullptr || info->enc_data != nullptr) { if (!sk_X509_INFO_push(ret, info)) { goto err; } - info = NULL; + info = nullptr; } ok = 1; @@ -242,7 +242,7 @@ if (ret != sk) { sk_X509_INFO_free(ret); } - ret = NULL; + ret = nullptr; } OPENSSL_free(name);
diff --git a/crypto/pem/pem_lib.cc b/crypto/pem/pem_lib.cc index d8872fd..3f142bd 100644 --- a/crypto/pem/pem_lib.cc +++ b/crypto/pem/pem_lib.cc
@@ -86,9 +86,9 @@ void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x, pem_password_cb *cb, void *u) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); - return NULL; + return nullptr; } void *ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u); BIO_free(b); @@ -167,7 +167,7 @@ } else if (name == SN_aes_256_cbc) { return EVP_aes_256_cbc(); } else { - return NULL; + return nullptr; } } @@ -175,8 +175,8 @@ const char *name, BIO *bp, pem_password_cb *cb, void *u) { EVP_CIPHER_INFO cipher; - char *nm = NULL, *header = NULL; - unsigned char *data = NULL; + char *nm = nullptr, *header = nullptr; + unsigned char *data = nullptr; long len; int ret = 0; @@ -225,7 +225,7 @@ const EVP_CIPHER *enc, const unsigned char *pass, int pass_len, pem_password_cb *callback, void *u) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return 0; } @@ -240,22 +240,22 @@ int pass_len, pem_password_cb *callback, void *u) { bssl::ScopedEVP_CIPHER_CTX ctx; int dsize = 0, i, j, ret = 0; - unsigned char *p, *data = NULL; - const char *objstr = NULL; + unsigned char *p, *data = nullptr; + const char *objstr = nullptr; char buf[PEM_BUFSIZE]; unsigned char key[EVP_MAX_KEY_LENGTH]; unsigned char iv[EVP_MAX_IV_LENGTH]; - if (enc != NULL) { + if (enc != nullptr) { objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc)); - if (objstr == NULL || cipher_by_name(objstr) == NULL || + if (objstr == nullptr || cipher_by_name(objstr) == nullptr || EVP_CIPHER_iv_length(enc) < 8) { OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_CIPHER); goto err; } } - if ((dsize = i2d(x, NULL)) < 0) { + if ((dsize = i2d(x, nullptr)) < 0) { OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); dsize = 0; goto err; @@ -263,16 +263,16 @@ // dzise + 8 bytes are needed // actually it needs the cipher block size extra... data = (unsigned char *)OPENSSL_malloc((unsigned int)dsize + 20); - if (data == NULL) { + if (data == nullptr) { goto err; } p = data; i = i2d(x, &p); - if (enc != NULL) { + if (enc != nullptr) { const unsigned iv_len = EVP_CIPHER_iv_length(enc); - if (pass == NULL) { + if (pass == nullptr) { if (!callback) { callback = PEM_def_callback; } @@ -289,7 +289,7 @@ } // The 'iv' is used as the iv and as a salt. It is NOT taken from // the BytesToKey function - if (!EVP_BytesToKey(enc, EVP_md5(), iv, pass, pass_len, 1, key, NULL)) { + if (!EVP_BytesToKey(enc, EVP_md5(), iv, pass, pass_len, 1, key, nullptr)) { goto err; } @@ -305,7 +305,7 @@ // k=strlen(buf); ret = 1; - if (!EVP_EncryptInit_ex(ctx.get(), enc, NULL, key, iv) || + if (!EVP_EncryptInit_ex(ctx.get(), enc, nullptr, key, iv) || !EVP_EncryptUpdate(ctx.get(), data, &j, data, i) || !EVP_EncryptFinal_ex(ctx.get(), &(data[j]), &i)) { ret = 0; @@ -341,7 +341,7 @@ len = *plen; - if (cipher->cipher == NULL) { + if (cipher->cipher == nullptr) { return 1; } @@ -356,12 +356,12 @@ } if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), cipher->iv, - (unsigned char *)buf, pass_len, 1, key, NULL)) { + (unsigned char *)buf, pass_len, 1, key, nullptr)) { return 0; } j = (int)len; - o = EVP_DecryptInit_ex(ctx.get(), cipher->cipher, NULL, key, cipher->iv); + o = EVP_DecryptInit_ex(ctx.get(), cipher->cipher, nullptr, key, cipher->iv); if (o) { o = EVP_DecryptUpdate(ctx.get(), data, &i, data, j); } @@ -380,9 +380,9 @@ } int PEM_get_EVP_CIPHER_INFO(const char *header, EVP_CIPHER_INFO *cipher) { - cipher->cipher = NULL; + cipher->cipher = nullptr; OPENSSL_memset(cipher->iv, 0, sizeof(cipher->iv)); - if ((header == NULL) || (*header == '\0') || (*header == '\n')) { + if ((header == nullptr) || (*header == '\0') || (*header == '\n')) { return 1; } if (strncmp(header, "Proc-Type: ", 11) != 0) { @@ -423,7 +423,7 @@ } cipher->cipher = cipher_by_name(std::string_view(p, header - p)); header++; - if (cipher->cipher == NULL) { + if (cipher->cipher == nullptr) { OPENSSL_PUT_ERROR(PEM, PEM_R_UNSUPPORTED_ENCRYPTION); return 0; } @@ -467,7 +467,7 @@ int PEM_write(FILE *fp, const char *name, const char *header, const unsigned char *data, long len) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return 0; } @@ -479,7 +479,7 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, const unsigned char *data, long len) { int nlen, n, i, j, outl; - unsigned char *buf = NULL; + unsigned char *buf = nullptr; EVP_ENCODE_CTX ctx; int reason = ERR_R_BUF_LIB; int retval = 0; @@ -501,7 +501,7 @@ } buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(PEM_BUFSIZE * 8)); - if (buf == NULL) { + if (buf == nullptr) { goto err; } @@ -538,7 +538,7 @@ int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, long *len) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return 0; } @@ -559,7 +559,7 @@ nameB = BUF_MEM_new(); headerB = BUF_MEM_new(); dataB = BUF_MEM_new(); - if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) { + if ((nameB == nullptr) || (headerB == nullptr) || (dataB == nullptr)) { BUF_MEM_free(nameB); BUF_MEM_free(headerB); BUF_MEM_free(dataB);
diff --git a/crypto/pem/pem_oth.cc b/crypto/pem/pem_oth.cc index 86ab947..c19a78e 100644 --- a/crypto/pem/pem_oth.cc +++ b/crypto/pem/pem_oth.cc
@@ -27,17 +27,17 @@ void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x, pem_password_cb *cb, void *u) { - const unsigned char *p = NULL; - unsigned char *data = NULL; + const unsigned char *p = nullptr; + unsigned char *data = nullptr; long len; - char *ret = NULL; + char *ret = nullptr; - if (!PEM_bytes_read_bio(&data, &len, NULL, name, bp, cb, u)) { - return NULL; + if (!PEM_bytes_read_bio(&data, &len, nullptr, name, bp, cb, u)) { + return nullptr; } p = data; ret = reinterpret_cast<char *>(d2i(x, &p, len)); - if (ret == NULL) { + if (ret == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); } OPENSSL_free(data);
diff --git a/crypto/pem/pem_pk8.cc b/crypto/pem/pem_pk8.cc index fb09f62..9f477e9 100644 --- a/crypto/pem/pem_pk8.cc +++ b/crypto/pem/pem_pk8.cc
@@ -37,7 +37,7 @@ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, const EVP_PKEY *x, int nid, const char *pass, int pass_len, pem_password_cb *cb, void *u) { - return do_pk8pkey(bp, x, 0, nid, NULL, pass, pass_len, cb, u); + return do_pk8pkey(bp, x, 0, nid, nullptr, pass, pass_len, cb, u); } int PEM_write_bio_PKCS8PrivateKey(BIO *bp, const EVP_PKEY *x, @@ -55,7 +55,7 @@ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x, int nid, const char *pass, int pass_len, pem_password_cb *cb, void *u) { - return do_pk8pkey(bp, x, 1, nid, NULL, pass, pass_len, cb, u); + return do_pk8pkey(bp, x, 1, nid, nullptr, pass, pass_len, cb, u); } static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid, @@ -83,7 +83,7 @@ pass = buf; } - p8 = PKCS8_encrypt(nid, enc, pass, pass_len, NULL, 0, 0, p8inf); + p8 = PKCS8_encrypt(nid, enc, pass, pass_len, nullptr, 0, 0, p8inf); if (pass == buf) { OPENSSL_cleanse(buf, pass_len); } @@ -108,14 +108,14 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) { - PKCS8_PRIV_KEY_INFO *p8inf = NULL; - X509_SIG *p8 = NULL; + PKCS8_PRIV_KEY_INFO *p8inf = nullptr; + X509_SIG *p8 = nullptr; int pass_len; EVP_PKEY *ret; char psbuf[PEM_BUFSIZE]; - p8 = d2i_PKCS8_bio(bp, NULL); + p8 = d2i_PKCS8_bio(bp, nullptr); if (!p8) { - return NULL; + return nullptr; } pass_len = 0; @@ -126,18 +126,18 @@ if (pass_len < 0) { OPENSSL_PUT_ERROR(PEM, PEM_R_BAD_PASSWORD_READ); X509_SIG_free(p8); - return NULL; + return nullptr; } p8inf = PKCS8_decrypt(p8, psbuf, pass_len); X509_SIG_free(p8); OPENSSL_cleanse(psbuf, pass_len); if (!p8inf) { - return NULL; + return nullptr; } ret = EVP_PKCS82PKEY(p8inf); PKCS8_PRIV_KEY_INFO_free(p8inf); if (!ret) { - return NULL; + return nullptr; } if (x) { if (*x) { @@ -158,13 +158,13 @@ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, const EVP_PKEY *x, int nid, const char *pass, int pass_len, pem_password_cb *cb, void *u) { - return do_pk8pkey_fp(fp, x, 1, nid, NULL, pass, pass_len, cb, u); + return do_pk8pkey_fp(fp, x, 1, nid, nullptr, pass, pass_len, cb, u); } int PEM_write_PKCS8PrivateKey_nid(FILE *fp, const EVP_PKEY *x, int nid, const char *pass, int pass_len, pem_password_cb *cb, void *u) { - return do_pk8pkey_fp(fp, x, 0, nid, NULL, pass, pass_len, cb, u); + return do_pk8pkey_fp(fp, x, 0, nid, nullptr, pass, pass_len, cb, u); } int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, @@ -193,7 +193,7 @@ EVP_PKEY *ret; if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); - return NULL; + return nullptr; } ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u); BIO_free(bp);
diff --git a/crypto/pem/pem_pkey.cc b/crypto/pem/pem_pkey.cc index c40bba4..433215e 100644 --- a/crypto/pem/pem_pkey.cc +++ b/crypto/pem/pem_pkey.cc
@@ -28,20 +28,20 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) { - char *nm = NULL; - const unsigned char *p = NULL; - unsigned char *data = NULL; + char *nm = nullptr; + const unsigned char *p = nullptr; + unsigned char *data = nullptr; long len; - EVP_PKEY *ret = NULL; + EVP_PKEY *ret = nullptr; if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u)) { - return NULL; + return nullptr; } p = data; if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) { PKCS8_PRIV_KEY_INFO *p8inf; - p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len); + p8inf = d2i_PKCS8_PRIV_KEY_INFO(nullptr, &p, len); if (!p8inf) { goto p8err; } @@ -58,7 +58,7 @@ X509_SIG *p8; int pass_len; char psbuf[PEM_BUFSIZE]; - p8 = d2i_X509_SIG(NULL, &p, len); + p8 = d2i_X509_SIG(nullptr, &p, len); if (!p8) { goto p8err; } @@ -98,7 +98,7 @@ ret = d2i_PrivateKey(EVP_PKEY_DSA, x, &p, len); } p8err: - if (ret == NULL) { + if (ret == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_ASN1_LIB); } @@ -118,9 +118,9 @@ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); - return NULL; + return nullptr; } EVP_PKEY *ret = PEM_read_bio_PrivateKey(b, x, cb, u); BIO_free(b); @@ -131,7 +131,7 @@ const unsigned char *pass, int pass_len, pem_password_cb *cb, void *u) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(PEM, ERR_R_BUF_LIB); return 0; }
diff --git a/crypto/pkcs7/pkcs7.cc b/crypto/pkcs7/pkcs7.cc index aa92cc1..2b0b879 100644 --- a/crypto/pkcs7/pkcs7.cc +++ b/crypto/pkcs7/pkcs7.cc
@@ -45,7 +45,7 @@ uint64_t version; // The input may be in BER format. - *der_bytes = NULL; + *der_bytes = nullptr; if (!CBS_asn1_ber_to_der(cbs, &in, der_bytes) || // See https://tools.ietf.org/html/rfc2315#section-7 !CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE) || @@ -64,8 +64,8 @@ CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) || !CBS_get_asn1(&wrapped_signed_data, &signed_data, CBS_ASN1_SEQUENCE) || !CBS_get_asn1_uint64(&signed_data, &version) || - !CBS_get_asn1(&signed_data, NULL /* digests */, CBS_ASN1_SET) || - !CBS_get_asn1(&signed_data, NULL /* content */, CBS_ASN1_SEQUENCE)) { + !CBS_get_asn1(&signed_data, nullptr /* digests */, CBS_ASN1_SET) || + !CBS_get_asn1(&signed_data, nullptr /* content */, CBS_ASN1_SEQUENCE)) { goto err; } @@ -79,14 +79,14 @@ err: OPENSSL_free(*der_bytes); - *der_bytes = NULL; + *der_bytes = nullptr; return 0; } int PKCS7_get_raw_certificates(STACK_OF(CRYPTO_BUFFER) *out_certs, CBS *cbs, CRYPTO_BUFFER_POOL *pool) { CBS signed_data, certificates; - uint8_t *der_bytes = NULL; + uint8_t *der_bytes = nullptr; int ret = 0, has_certificates; const size_t initial_certs_len = sk_CRYPTO_BUFFER_num(out_certs); @@ -99,7 +99,7 @@ } if (!has_certificates) { - CBS_init(&certificates, NULL, 0); + CBS_init(&certificates, nullptr, 0); } while (CBS_len(&certificates) > 0) { @@ -109,7 +109,7 @@ } CRYPTO_BUFFER *buf = CRYPTO_BUFFER_new_from_CBS(&cert, pool); - if (buf == NULL || !sk_CRYPTO_BUFFER_push(out_certs, buf)) { + if (buf == nullptr || !sk_CRYPTO_BUFFER_push(out_certs, buf)) { CRYPTO_BUFFER_free(buf); goto err; } @@ -179,14 +179,15 @@ !CBB_add_asn1(&wrapped_seq, &seq, CBS_ASN1_SEQUENCE) || !CBB_add_asn1_uint64(&seq, signed_data_version) || !CBB_add_asn1(&seq, &digest_algos_set, CBS_ASN1_SET) || - (digest_algos_cb != NULL && !digest_algos_cb(&digest_algos_set, arg)) || + (digest_algos_cb != nullptr && + !digest_algos_cb(&digest_algos_set, arg)) || !CBB_flush_asn1_set_of(&digest_algos_set) || !CBB_add_asn1(&seq, &content_info, CBS_ASN1_SEQUENCE) || !CBB_add_asn1_element(&content_info, CBS_ASN1_OBJECT, kPKCS7Data, sizeof(kPKCS7Data)) || - (cert_crl_cb != NULL && !cert_crl_cb(&seq, arg)) || + (cert_crl_cb != nullptr && !cert_crl_cb(&seq, arg)) || !CBB_add_asn1(&seq, &signer_infos, CBS_ASN1_SET) || - (signer_infos_cb != NULL && !signer_infos_cb(&signer_infos, arg)) || + (signer_infos_cb != nullptr && !signer_infos_cb(&signer_infos, arg)) || !CBB_flush_asn1_set_of(&signer_infos)) { return 0; }
diff --git a/crypto/pkcs7/pkcs7_x509.cc b/crypto/pkcs7/pkcs7_x509.cc index 8933f61..efc2f2f 100644 --- a/crypto/pkcs7/pkcs7_x509.cc +++ b/crypto/pkcs7/pkcs7_x509.cc
@@ -40,14 +40,14 @@ int ret = 0; const size_t initial_certs_len = sk_X509_num(out_certs); STACK_OF(CRYPTO_BUFFER) *raw = sk_CRYPTO_BUFFER_new_null(); - if (raw == NULL || !PKCS7_get_raw_certificates(raw, cbs, NULL)) { + if (raw == nullptr || !PKCS7_get_raw_certificates(raw, cbs, nullptr)) { goto err; } for (size_t i = 0; i < sk_CRYPTO_BUFFER_num(raw); i++) { CRYPTO_BUFFER *buf = sk_CRYPTO_BUFFER_value(raw, i); X509 *x509 = X509_parse_from_buffer(buf); - if (x509 == NULL || !sk_X509_push(out_certs, x509)) { + if (x509 == nullptr || !sk_X509_push(out_certs, x509)) { X509_free(x509); goto err; } @@ -69,7 +69,7 @@ int PKCS7_get_CRLs(STACK_OF(X509_CRL) *out_crls, CBS *cbs) { CBS signed_data, crls; - uint8_t *der_bytes = NULL; + uint8_t *der_bytes = nullptr; int ret = 0, has_crls; const size_t initial_crls_len = sk_X509_CRL_num(out_crls); @@ -78,7 +78,7 @@ // Even if only CRLs are included, there may be an empty certificates // block. OpenSSL does this, for example. !CBS_get_optional_asn1( - &signed_data, NULL, NULL, + &signed_data, nullptr, nullptr, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) || !CBS_get_optional_asn1( &signed_data, &crls, &has_crls, @@ -87,7 +87,7 @@ } if (!has_crls) { - CBS_init(&crls, NULL, 0); + CBS_init(&crls, nullptr, 0); } while (CBS_len(&crls) > 0) { @@ -103,7 +103,7 @@ goto err; } inp = CBS_data(&crl_data); - crl = d2i_X509_CRL(NULL, &inp, (long)CBS_len(&crl_data)); + crl = d2i_X509_CRL(nullptr, &inp, (long)CBS_len(&crl_data)); if (!crl) { goto err; } @@ -138,10 +138,10 @@ // Even though we pass PEM_STRING_PKCS7 as the expected PEM type here, PEM // internally will actually allow several other values too, including // "CERTIFICATE". - if (!PEM_bytes_read_bio(&data, &len, NULL /* PEM type output */, + if (!PEM_bytes_read_bio(&data, &len, nullptr /* PEM type output */, PEM_STRING_PKCS7, pem_bio, - NULL /* password callback */, - NULL /* password callback argument */)) { + nullptr /* password callback */, + nullptr /* password callback argument */)) { return 0; } @@ -160,10 +160,10 @@ // Even though we pass PEM_STRING_PKCS7 as the expected PEM type here, PEM // internally will actually allow several other values too, including // "CERTIFICATE". - if (!PEM_bytes_read_bio(&data, &len, NULL /* PEM type output */, + if (!PEM_bytes_read_bio(&data, &len, nullptr /* PEM type output */, PEM_STRING_PKCS7, pem_bio, - NULL /* password callback */, - NULL /* password callback argument */)) { + nullptr /* password callback */, + nullptr /* password callback argument */)) { return 0; } @@ -188,7 +188,7 @@ for (i = 0; i < sk_X509_num(certs); i++) { X509 *x509 = sk_X509_value(certs, i); uint8_t *buf; - int len = i2d_X509(x509, NULL); + int len = i2d_X509(x509, nullptr); if (len < 0 || !CBB_add_space(&certificates, &buf, len) || i2d_X509(x509, &buf) < 0) { @@ -221,7 +221,7 @@ for (i = 0; i < sk_X509_CRL_num(crls); i++) { X509_CRL *crl = sk_X509_CRL_value(crls, i); uint8_t *buf; - int len = i2d_X509_CRL(crl, NULL); + int len = i2d_X509_CRL(crl, nullptr); if (len < 0 || !CBB_add_space(&crl_data, &buf, len) || i2d_X509_CRL(crl, &buf) < 0) { @@ -243,18 +243,18 @@ static PKCS7 *pkcs7_new(CBS *cbs) { CBS copy = *cbs, copy2 = *cbs; PKCS7 *ret = reinterpret_cast<PKCS7 *>(OPENSSL_zalloc(sizeof(PKCS7))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->type = OBJ_nid2obj(NID_pkcs7_signed); ret->d.sign = reinterpret_cast<PKCS7_SIGNED *>(OPENSSL_malloc(sizeof(PKCS7_SIGNED))); - if (ret->d.sign == NULL) { + if (ret->d.sign == nullptr) { goto err; } ret->d.sign->cert = sk_X509_new_null(); ret->d.sign->crl = sk_X509_CRL_new_null(); - if (ret->d.sign->cert == NULL || ret->d.sign->crl == NULL || + if (ret->d.sign->cert == nullptr || ret->d.sign->crl == nullptr || !PKCS7_get_certificates(ret->d.sign->cert, ©) || !PKCS7_get_CRLs(ret->d.sign->crl, cbs)) { goto err; @@ -262,18 +262,18 @@ if (sk_X509_num(ret->d.sign->cert) == 0) { sk_X509_free(ret->d.sign->cert); - ret->d.sign->cert = NULL; + ret->d.sign->cert = nullptr; } if (sk_X509_CRL_num(ret->d.sign->crl) == 0) { sk_X509_CRL_free(ret->d.sign->crl); - ret->d.sign->crl = NULL; + ret->d.sign->crl = nullptr; } ret->ber_len = CBS_len(©2) - CBS_len(cbs); ret->ber_bytes = reinterpret_cast<uint8_t *>( OPENSSL_memdup(CBS_data(©2), ret->ber_len)); - if (ret->ber_bytes == NULL) { + if (ret->ber_bytes == nullptr) { goto err; } @@ -281,18 +281,18 @@ err: PKCS7_free(ret); - return NULL; + return nullptr; } PKCS7 *d2i_PKCS7(PKCS7 **out, const uint8_t **inp, size_t len) { CBS cbs; CBS_init(&cbs, *inp, len); PKCS7 *ret = pkcs7_new(&cbs); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } *inp = CBS_data(&cbs); - if (out != NULL) { + if (out != nullptr) { PKCS7_free(*out); *out = ret; } @@ -305,14 +305,14 @@ uint8_t *data; size_t len; if (!BIO_read_asn1(bio, &data, &len, kMaxSize)) { - return NULL; + return nullptr; } CBS cbs; CBS_init(&cbs, data, len); PKCS7 *ret = pkcs7_new(&cbs); OPENSSL_free(data); - if (out != NULL && ret != NULL) { + if (out != nullptr && ret != nullptr) { PKCS7_free(*out); *out = ret; } @@ -325,14 +325,14 @@ return -1; } - if (out == NULL) { + if (out == nullptr) { return (int)p7->ber_len; } - if (*out == NULL) { + if (*out == nullptr) { *out = reinterpret_cast<uint8_t *>(OPENSSL_memdup(p7->ber_bytes, p7->ber_len)); - if (*out == NULL) { + if (*out == nullptr) { return -1; } } else { @@ -347,14 +347,14 @@ } void PKCS7_free(PKCS7 *p7) { - if (p7 == NULL) { + if (p7 == nullptr) { return; } OPENSSL_free(p7->ber_bytes); ASN1_OBJECT_free(p7->type); // We only supported signed data. - if (p7->d.sign != NULL) { + if (p7->d.sign != nullptr) { sk_X509_pop_free(p7->d.sign->cert, X509_free); sk_X509_CRL_pop_free(p7->d.sign->crl, X509_CRL_free); OPENSSL_free(p7->d.sign);
diff --git a/crypto/pkcs8/p5_pbev2.cc b/crypto/pkcs8/p5_pbev2.cc index e70bdb5..bfb2f41 100644 --- a/crypto/pkcs8/p5_pbev2.cc +++ b/crypto/pkcs8/p5_pbev2.cc
@@ -122,7 +122,7 @@ uint8_t key[EVP_MAX_KEY_LENGTH]; int ret = PKCS5_PBKDF2_HMAC(pass, pass_len, salt, salt_len, iterations, pbkdf2_md, EVP_CIPHER_key_length(cipher), key) && - EVP_CipherInit_ex(ctx, cipher, NULL /* engine */, key, iv, enc); + EVP_CipherInit_ex(ctx, cipher, nullptr /* engine */, key, iv, enc); OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); return ret; } @@ -199,7 +199,7 @@ // See if we recognise the encryption algorithm. const EVP_CIPHER *cipher = cbs_to_cipher(&enc_obj); - if (cipher == NULL) { + if (cipher == nullptr) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_CIPHER); return 0; }
diff --git a/crypto/pkcs8/pkcs12_test.cc b/crypto/pkcs8/pkcs12_test.cc index eb1899f..05fa6ca 100644 --- a/crypto/pkcs8/pkcs12_test.cc +++ b/crypto/pkcs8/pkcs12_test.cc
@@ -369,7 +369,7 @@ int actual_name_len; const uint8_t *actual_name = X509_alias_get0(sk_X509_value(certs2.get(), 0), &actual_name_len); - if (name == NULL) { + if (name == nullptr) { EXPECT_EQ(nullptr, actual_name); } else { EXPECT_EQ(name, bssl::BytesAsStringView(
diff --git a/crypto/pkcs8/pkcs8.cc b/crypto/pkcs8/pkcs8.cc index ba29550..11ee7e9 100644 --- a/crypto/pkcs8/pkcs8.cc +++ b/crypto/pkcs8/pkcs8.cc
@@ -72,13 +72,13 @@ int ret = 0; EVP_MD_CTX ctx; EVP_MD_CTX_init(&ctx); - uint8_t *pass_raw = NULL, *I = NULL; + uint8_t *pass_raw = nullptr, *I = nullptr; size_t pass_raw_len = 0, I_len = 0; { // If |pass| is NULL, we use the empty string rather than {0, 0} as the raw // password. - if (pass != NULL && + if (pass != nullptr && !pkcs12_encode_password(pass, pass_len, &pass_raw, &pass_raw_len)) { goto err; } @@ -115,7 +115,7 @@ } I = reinterpret_cast<uint8_t *>(OPENSSL_malloc(I_len)); - if (I_len != 0 && I == NULL) { + if (I_len != 0 && I == nullptr) { goto err; } @@ -131,14 +131,14 @@ // H(H(H(... H(D||I)))) uint8_t A[EVP_MAX_MD_SIZE]; unsigned A_len; - if (!EVP_DigestInit_ex(&ctx, md, NULL) || + if (!EVP_DigestInit_ex(&ctx, md, nullptr) || !EVP_DigestUpdate(&ctx, D, block_size) || !EVP_DigestUpdate(&ctx, I, I_len) || !EVP_DigestFinal_ex(&ctx, A, &A_len)) { goto err; } for (uint32_t iter = 1; iter < iterations; iter++) { - if (!EVP_DigestInit_ex(&ctx, md, NULL) || + if (!EVP_DigestInit_ex(&ctx, md, nullptr) || !EVP_DigestUpdate(&ctx, A, A_len) || !EVP_DigestFinal_ex(&ctx, A, &A_len)) { goto err; @@ -202,7 +202,7 @@ return 0; } - int ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, is_encrypt); + int ret = EVP_CipherInit_ex(ctx, cipher, nullptr, key, iv, is_encrypt); OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); return ret; @@ -264,8 +264,8 @@ // 1.2.840.113549.1.5.13 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x05, 0x0d}, 9, - NULL, - NULL, + nullptr, + nullptr, PKCS5_pbe2_decrypt_init, }, }; @@ -296,7 +296,7 @@ } const struct pbe_suite *suite = get_pkcs12_pbe_suite(alg_nid); - if (suite == NULL) { + if (suite == nullptr) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_ALGORITHM); return 0; } @@ -323,11 +323,11 @@ const char *pass, size_t pass_len, const uint8_t *in, size_t in_len) { int ret = 0; - uint8_t *buf = NULL; + uint8_t *buf = nullptr; bssl::ScopedEVP_CIPHER_CTX ctx; CBS obj; - const struct pbe_suite *suite = NULL; + const struct pbe_suite *suite = nullptr; if (!CBS_get_asn1(algorithm, &obj, CBS_ASN1_OBJECT)) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); goto err; @@ -339,7 +339,7 @@ break; } } - if (suite == NULL) { + if (suite == nullptr) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_ALGORITHM); goto err; } @@ -350,7 +350,7 @@ } buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(in_len)); - if (buf == NULL) { + if (buf == nullptr) { goto err; } @@ -368,7 +368,7 @@ *out = buf; *out_len = n1 + n2; ret = 1; - buf = NULL; + buf = nullptr; err: OPENSSL_free(buf); @@ -384,14 +384,14 @@ !CBS_get_asn1(&epki, &ciphertext, CBS_ASN1_OCTETSTRING) || CBS_len(&epki) != 0) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); - return 0; + return nullptr; } uint8_t *out; size_t out_len; if (!pkcs8_pbe_decrypt(&out, &out_len, &algorithm, pass, pass_len, CBS_data(&ciphertext), CBS_len(&ciphertext))) { - return 0; + return nullptr; } CBS pki; @@ -407,19 +407,19 @@ const uint8_t *salt, size_t salt_len, int iterations, const EVP_PKEY *pkey) { int ret = 0; - uint8_t *plaintext = NULL, *salt_buf = NULL; + uint8_t *plaintext = nullptr, *salt_buf = nullptr; size_t plaintext_len = 0; bssl::ScopedEVP_CIPHER_CTX ctx; { // Generate a random salt if necessary. - if (salt == NULL) { + if (salt == nullptr) { if (salt_len == 0) { salt_len = PKCS5_SALT_LEN; } salt_buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(salt_len)); - if (salt_buf == NULL || !RAND_bytes(salt_buf, salt_len)) { + if (salt_buf == nullptr || !RAND_bytes(salt_buf, salt_len)) { goto err; }
diff --git a/crypto/pkcs8/pkcs8_test.cc b/crypto/pkcs8/pkcs8_test.cc index 5bcd2a4..5a3fb49 100644 --- a/crypto/pkcs8/pkcs8_test.cc +++ b/crypto/pkcs8/pkcs8_test.cc
@@ -196,7 +196,7 @@ static void TestDecrypt(const uint8_t *der, size_t der_len, const char *password) { const uint8_t *data = der; - bssl::UniquePtr<X509_SIG> sig(d2i_X509_SIG(NULL, &data, der_len)); + bssl::UniquePtr<X509_SIG> sig(d2i_X509_SIG(nullptr, &data, der_len)); ASSERT_TRUE(sig.get()); ASSERT_EQ(der + der_len, data); @@ -253,11 +253,11 @@ } TEST(PKCS8Test, DecryptNull) { - TestDecrypt(kNullPassword, sizeof(kNullPassword), NULL); + TestDecrypt(kNullPassword, sizeof(kNullPassword), nullptr); } TEST(PKCS8Test, DecryptNullNSS) { - TestDecrypt(kNullPasswordNSS, sizeof(kNullPasswordNSS), NULL); + TestDecrypt(kNullPasswordNSS, sizeof(kNullPasswordNSS), nullptr); } TEST(PKCS8Test, DecryptEmptyStringOpenSSL) {
diff --git a/crypto/pkcs8/pkcs8_x509.cc b/crypto/pkcs8/pkcs8_x509.cc index 168912b..d2ccec1 100644 --- a/crypto/pkcs8/pkcs8_x509.cc +++ b/crypto/pkcs8/pkcs8_x509.cc
@@ -62,20 +62,20 @@ IMPLEMENT_ASN1_FUNCTIONS_const(PKCS8_PRIV_KEY_INFO) EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8) { - uint8_t *der = NULL; + uint8_t *der = nullptr; int der_len = i2d_PKCS8_PRIV_KEY_INFO(p8, &der); if (der_len < 0) { - return NULL; + return nullptr; } CBS cbs; CBS_init(&cbs, der, (size_t)der_len); EVP_PKEY *ret = EVP_parse_private_key(&cbs); - if (ret == NULL || CBS_len(&cbs) != 0) { + if (ret == nullptr || CBS_len(&cbs) != 0) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); EVP_PKEY_free(ret); OPENSSL_free(der); - return NULL; + return nullptr; } OPENSSL_free(der); @@ -84,19 +84,19 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey) { CBB cbb; - uint8_t *der = NULL; + uint8_t *der = nullptr; size_t der_len; if (!CBB_init(&cbb, 0) || !EVP_marshal_private_key(&cbb, pkey) || !CBB_finish(&cbb, &der, &der_len) || der_len > LONG_MAX) { CBB_cleanup(&cbb); OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCODE_ERROR); OPENSSL_free(der); - return NULL; + return nullptr; } const uint8_t *p = der; - PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, (long)der_len); - if (p8 == NULL || p != der + der_len) { + PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(nullptr, &p, (long)der_len); + if (p8 == nullptr || p != der + der_len) { PKCS8_PRIV_KEY_INFO_free(p8); OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); goto err; @@ -107,21 +107,21 @@ err: OPENSSL_free(der); - return NULL; + return nullptr; } PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8, const char *pass, int pass_len_in) { size_t pass_len; - if (pass_len_in == -1 && pass != NULL) { + if (pass_len_in == -1 && pass != nullptr) { pass_len = strlen(pass); } else { pass_len = (size_t)pass_len_in; } - PKCS8_PRIV_KEY_INFO *ret = NULL; - EVP_PKEY *pkey = NULL; - uint8_t *in = NULL; + PKCS8_PRIV_KEY_INFO *ret = nullptr; + EVP_PKEY *pkey = nullptr; + uint8_t *in = nullptr; // Convert the legacy ASN.1 object to a byte string. int in_len = i2d_X509_SIG(pkcs8, &in); @@ -132,7 +132,7 @@ CBS cbs; CBS_init(&cbs, in, in_len); pkey = PKCS8_parse_encrypted_private_key(&cbs, pass, pass_len); - if (pkey == NULL || CBS_len(&cbs) != 0) { + if (pkey == nullptr || CBS_len(&cbs) != 0) { goto err; } @@ -148,7 +148,7 @@ int pass_len_in, const uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { size_t pass_len; - if (pass_len_in == -1 && pass != NULL) { + if (pass_len_in == -1 && pass != nullptr) { pass_len = strlen(pass); } else { pass_len = (size_t)pass_len_in; @@ -156,12 +156,12 @@ // Parse out the private key. EVP_PKEY *pkey = EVP_PKCS82PKEY(p8inf); - if (pkey == NULL) { - return NULL; + if (pkey == nullptr) { + return nullptr; } - X509_SIG *ret = NULL; - uint8_t *der = NULL; + X509_SIG *ret = nullptr; + uint8_t *der = nullptr; const uint8_t *ptr; size_t der_len; CBB cbb; @@ -176,11 +176,11 @@ // Convert back to legacy ASN.1 objects. ptr = der; - ret = d2i_X509_SIG(NULL, &ptr, der_len); - if (ret == NULL || ptr != der + der_len) { + ret = d2i_X509_SIG(nullptr, &ptr, der_len); + if (ret == nullptr || ptr != der + der_len) { OPENSSL_PUT_ERROR(PKCS8, ERR_R_INTERNAL_ERROR); X509_SIG_free(ret); - ret = NULL; + ret = nullptr; } err: @@ -201,7 +201,7 @@ static int PKCS12_handle_sequence( CBS *sequence, struct pkcs12_context *ctx, int (*handle_element)(CBS *cbs, struct pkcs12_context *ctx)) { - uint8_t *storage = NULL; + uint8_t *storage = nullptr; CBS in; int ret = 0; @@ -269,7 +269,7 @@ // success and zero on error. static int parse_bag_attributes(CBS *attrs, uint8_t **out_friendly_name, size_t *out_friendly_name_len) { - *out_friendly_name = NULL; + *out_friendly_name = nullptr; *out_friendly_name_len = 0; // See https://tools.ietf.org/html/rfc7292#section-4.2. @@ -284,7 +284,7 @@ if (CBS_mem_equal(&oid, kFriendlyName, sizeof(kFriendlyName))) { // See https://tools.ietf.org/html/rfc2985, section 5.5.1. CBS value; - if (*out_friendly_name != NULL || + if (*out_friendly_name != nullptr || !CBS_get_asn1(&values, &value, CBS_ASN1_BMPSTRING) || CBS_len(&values) != 0 || CBS_len(&value) == 0) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); @@ -314,7 +314,7 @@ err: OPENSSL_free(*out_friendly_name); - *out_friendly_name = NULL; + *out_friendly_name = nullptr; *out_friendly_name_len = 0; return 0; } @@ -330,7 +330,7 @@ return 0; } if (CBS_len(safe_bag) == 0) { - CBS_init(&bag_attrs, NULL, 0); + CBS_init(&bag_attrs, nullptr, 0); } else if (!CBS_get_asn1(safe_bag, &bag_attrs, CBS_ASN1_SET) || CBS_len(safe_bag) != 0) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); @@ -351,7 +351,7 @@ is_key_bag ? EVP_parse_private_key(&wrapped_value) : PKCS8_parse_encrypted_private_key( &wrapped_value, ctx->password, ctx->password_len); - if (pkey == NULL) { + if (pkey == nullptr) { return 0; } @@ -389,7 +389,7 @@ } const uint8_t *inp = CBS_data(&cert); - X509 *x509 = d2i_X509(NULL, &inp, (long)CBS_len(&cert)); + X509 *x509 = d2i_X509(nullptr, &inp, (long)CBS_len(&cert)); if (!x509) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; @@ -436,7 +436,7 @@ struct pkcs12_context *ctx) { CBS content_type, wrapped_contents, contents; int ret = 0; - uint8_t *storage = NULL; + uint8_t *storage = nullptr; if (!CBS_get_asn1(content_info, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(content_info, &wrapped_contents, @@ -523,8 +523,8 @@ uint8_t hmac[EVP_MAX_MD_SIZE]; unsigned hmac_len; - if (NULL == HMAC(md, hmac_key, EVP_MD_size(md), CBS_data(authsafes), - CBS_len(authsafes), hmac, &hmac_len)) { + if (nullptr == HMAC(md, hmac_key, EVP_MD_size(md), CBS_data(authsafes), + CBS_len(authsafes), hmac, &hmac_len)) { goto err; } @@ -542,7 +542,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, CBS *ber_in, const char *password) { - uint8_t *storage = NULL; + uint8_t *storage = nullptr; CBS in, pfx, mac_data, authsafe, content_type, wrapped_authsafes, authsafes; uint64_t version; int ret = 0; @@ -555,7 +555,7 @@ return 0; } - *out_key = NULL; + *out_key = nullptr; OPENSSL_memset(&ctx, 0, sizeof(ctx)); // See ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf, section @@ -610,7 +610,7 @@ ctx.out_key = out_key; ctx.out_certs = out_certs; ctx.password = password; - ctx.password_len = password != NULL ? strlen(password) : 0; + ctx.password_len = password != nullptr ? strlen(password) : 0; // Verify the MAC. { @@ -621,7 +621,7 @@ } const EVP_MD *md = EVP_parse_digest_algorithm(&mac); - if (md == NULL) { + if (md == nullptr) { goto err; } @@ -654,7 +654,7 @@ // array for "no password". OpenSSL considers a non-NULL password as {0, // 0} and a NULL password as {}. It then, in high-level PKCS#12 parsing // code, tries both options. We match this behavior. - ctx.password = ctx.password != NULL ? NULL : ""; + ctx.password = ctx.password != nullptr ? nullptr : ""; if (!pkcs12_check_mac(&mac_ok, ctx.password, ctx.password_len, &salt, iterations, md, &authsafes, &expected_mac)) { goto err; @@ -677,7 +677,7 @@ OPENSSL_free(storage); if (!ret) { EVP_PKEY_free(*out_key); - *out_key = NULL; + *out_key = nullptr; while (sk_X509_num(out_certs) > original_out_certs_len) { X509 *x509 = sk_X509_pop(out_certs); X509_free(x509); @@ -698,14 +698,14 @@ size_t ber_len) { PKCS12 *p12 = reinterpret_cast<PKCS12 *>(OPENSSL_malloc(sizeof(PKCS12))); if (!p12) { - return NULL; + return nullptr; } p12->ber_bytes = reinterpret_cast<uint8_t *>(OPENSSL_memdup(*ber_bytes, ber_len)); if (!p12->ber_bytes) { OPENSSL_free(p12); - return NULL; + return nullptr; } p12->ber_len = ber_len; @@ -724,11 +724,11 @@ BUF_MEM *buf; const uint8_t *dummy; static const size_t kMaxSize = 256 * 1024; - PKCS12 *ret = NULL; + PKCS12 *ret = nullptr; buf = BUF_MEM_new(); - if (buf == NULL) { - return NULL; + if (buf == nullptr) { + return nullptr; } if (BUF_MEM_grow(buf, 8192) == 0) { goto out; @@ -775,7 +775,7 @@ bio = BIO_new_fp(fp, 0 /* don't take ownership */); if (!bio) { - return NULL; + return nullptr; } ret = d2i_PKCS12_bio(bio, out_p12); @@ -789,14 +789,14 @@ return -1; } - if (out == NULL) { + if (out == nullptr) { return (int)p12->ber_len; } - if (*out == NULL) { + if (*out == nullptr) { *out = reinterpret_cast<uint8_t *>( OPENSSL_memdup(p12->ber_bytes, p12->ber_len)); - if (*out == NULL) { + if (*out == nullptr) { return -1; } } else { @@ -812,7 +812,7 @@ int i2d_PKCS12_fp(FILE *fp, const PKCS12 *p12) { BIO *bio = BIO_new_fp(fp, 0 /* don't take ownership */); - if (bio == NULL) { + if (bio == nullptr) { return 0; } @@ -824,16 +824,16 @@ int PKCS12_parse(const PKCS12 *p12, const char *password, EVP_PKEY **out_pkey, X509 **out_cert, STACK_OF(X509) **out_ca_certs) { CBS ber_bytes; - STACK_OF(X509) *ca_certs = NULL; + STACK_OF(X509) *ca_certs = nullptr; char ca_certs_alloced = 0; - if (out_ca_certs != NULL && *out_ca_certs != NULL) { + if (out_ca_certs != nullptr && *out_ca_certs != nullptr) { ca_certs = *out_ca_certs; } if (!ca_certs) { ca_certs = sk_X509_new_null(); - if (ca_certs == NULL) { + if (ca_certs == nullptr) { return 0; } ca_certs_alloced = 1; @@ -849,9 +849,9 @@ // OpenSSL selects the last certificate which matches the private key as // |out_cert|. - *out_cert = NULL; + *out_cert = nullptr; size_t num_certs = sk_X509_num(ca_certs); - if (*out_pkey != NULL && num_certs > 0) { + if (*out_pkey != nullptr && num_certs > 0) { for (size_t i = num_certs - 1; i < num_certs; i--) { X509 *cert = sk_X509_value(ca_certs, i); if (X509_check_private_key(cert, *out_pkey)) { @@ -874,19 +874,19 @@ int PKCS12_verify_mac(const PKCS12 *p12, const char *password, int password_len) { - if (password == NULL) { + if (password == nullptr) { if (password_len != 0) { return 0; } } else if (password_len != -1 && (password[password_len] != 0 || - OPENSSL_memchr(password, 0, password_len) != NULL)) { + OPENSSL_memchr(password, 0, password_len) != nullptr)) { return 0; } - EVP_PKEY *pkey = NULL; - X509 *cert = NULL; - if (!PKCS12_parse(p12, password, &pkey, &cert, NULL)) { + EVP_PKEY *pkey = nullptr; + X509 *cert = nullptr; + if (!PKCS12_parse(p12, password, &pkey, &cert, nullptr)) { ERR_clear_error(); return 0; } @@ -901,7 +901,7 @@ // containing the specified friendlyName and localKeyId attributes. static int add_bag_attributes(CBB *bag, const char *name, size_t name_len, const uint8_t *key_id, size_t key_id_len) { - if (name == NULL && key_id_len == 0) { + if (name == nullptr && key_id_len == 0) { return 1; // Omit the OPTIONAL SET. } // See https://tools.ietf.org/html/rfc7292#section-4.2. @@ -961,7 +961,7 @@ return 0; } uint8_t *buf; - int len = i2d_X509(cert, NULL); + int len = i2d_X509(cert, nullptr); int int_name_len = 0; const char *cert_name = (const char *)X509_alias_get0(cert, &int_name_len); @@ -990,14 +990,15 @@ const uint8_t *key_id, size_t key_id_len) { CBB safe_contents; if (!CBB_add_asn1(cbb, &safe_contents, CBS_ASN1_SEQUENCE) || - (cert != NULL && + (cert != nullptr && !add_cert_bag(&safe_contents, cert, name, key_id, key_id_len))) { return 0; } for (size_t i = 0; i < sk_X509_num(chain); i++) { // Only the leaf certificate gets attributes. - if (!add_cert_bag(&safe_contents, sk_X509_value(chain, i), NULL, NULL, 0)) { + if (!add_cert_bag(&safe_contents, sk_X509_value(chain, i), nullptr, nullptr, + 0)) { return 0; } } @@ -1088,9 +1089,9 @@ // PKCS#12 file. mac_iterations < 0 || // Don't encode empty objects. - (pkey == NULL && cert == NULL && sk_X509_num(chain) == 0)) { + (pkey == nullptr && cert == nullptr && sk_X509_num(chain) == 0)) { OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_OPTIONS); - return 0; + return nullptr; } // PKCS#12 is a very confusing recursive data format, built out of another @@ -1126,22 +1127,22 @@ // Note that |password| may be NULL to specify no password, rather than the // empty string. They are encoded differently in PKCS#12. (One is the empty // byte array and the other is NUL-terminated UCS-2.) - size_t password_len = password != NULL ? strlen(password) : 0; + size_t password_len = password != nullptr ? strlen(password) : 0; uint8_t key_id[EVP_MAX_MD_SIZE]; unsigned key_id_len = 0; - if (cert != NULL && pkey != NULL) { + if (cert != nullptr && pkey != nullptr) { if (!X509_check_private_key(cert, pkey) || // Matching OpenSSL, use the SHA-1 hash of the certificate as the local // key ID. Some PKCS#12 consumers require one to connect the private key // and certificate. !X509_digest(cert, EVP_sha1(), key_id, &key_id_len)) { - return 0; + return nullptr; } } // See https://tools.ietf.org/html/rfc7292#section-4. - PKCS12 *ret = NULL; + PKCS12 *ret = nullptr; CBB cbb, pfx, auth_safe, auth_safe_wrapper, auth_safe_data, content_infos; uint8_t mac_key[EVP_MAX_MD_SIZE]; if (!CBB_init(&cbb, 0) || !CBB_add_asn1(&cbb, &pfx, CBS_ASN1_SEQUENCE) || @@ -1162,7 +1163,7 @@ // If there are any certificates, place them in CertBags wrapped in a single // encrypted ContentInfo. - if (cert != NULL || sk_X509_num(chain) > 0) { + if (cert != nullptr || sk_X509_num(chain) > 0) { if (cert_nid < 0) { // Place the certificates in an unencrypted ContentInfo. This could be // more compactly-encoded by reusing the same ContentInfo as the key, but @@ -1208,7 +1209,7 @@ // wrapped in an unencrypted ContentInfo. (One could also place it in a KeyBag // inside an encrypted ContentInfo, but OpenSSL does not do this and some // PKCS#12 consumers do not support KeyBags.) - if (pkey != NULL) { + if (pkey != nullptr) { CBB content_info, wrapper, data, safe_contents, bag, bag_contents; if ( // Add another data ContentInfo. !CBB_add_asn1(&content_infos, &content_info, CBS_ASN1_SEQUENCE) || @@ -1244,7 +1245,7 @@ CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) || !PKCS8_marshal_encrypted_private_key( &bag_contents, key_nid, cipher, password, password_len, - NULL /* generate a random salt */, + nullptr /* generate a random salt */, 0 /* use default salt length */, iterations, pkey)) { goto err; } @@ -1300,9 +1301,9 @@ } ret = reinterpret_cast<PKCS12 *>(OPENSSL_malloc(sizeof(PKCS12))); - if (ret == NULL || !CBB_finish(&cbb, &ret->ber_bytes, &ret->ber_len)) { + if (ret == nullptr || !CBB_finish(&cbb, &ret->ber_bytes, &ret->ber_len)) { OPENSSL_free(ret); - ret = NULL; + ret = nullptr; goto err; } } @@ -1314,7 +1315,7 @@ } void PKCS12_free(PKCS12 *p12) { - if (p12 == NULL) { + if (p12 == nullptr) { return; } OPENSSL_free(p12->ber_bytes);
diff --git a/crypto/pool/pool.cc b/crypto/pool/pool.cc index 3761bfd..fb0e666 100644 --- a/crypto/pool/pool.cc +++ b/crypto/pool/pool.cc
@@ -32,7 +32,7 @@ static int CRYPTO_BUFFER_cmp(const CRYPTO_BUFFER *a, const CRYPTO_BUFFER *b) { // Only |CRYPTO_BUFFER|s from the same pool have compatible hashes. - assert(a->pool != NULL); + assert(a->pool != nullptr); assert(a->pool == b->pool); if (a->len != b->len) { return 1; @@ -43,14 +43,14 @@ CRYPTO_BUFFER_POOL *CRYPTO_BUFFER_POOL_new(void) { CRYPTO_BUFFER_POOL *pool = reinterpret_cast<CRYPTO_BUFFER_POOL *>( OPENSSL_zalloc(sizeof(CRYPTO_BUFFER_POOL))); - if (pool == NULL) { - return NULL; + if (pool == nullptr) { + return nullptr; } pool->bufs = lh_CRYPTO_BUFFER_new(CRYPTO_BUFFER_hash, CRYPTO_BUFFER_cmp); - if (pool->bufs == NULL) { + if (pool->bufs == nullptr) { OPENSSL_free(pool); - return NULL; + return nullptr; } CRYPTO_MUTEX_init(&pool->lock); @@ -60,7 +60,7 @@ } void CRYPTO_BUFFER_POOL_free(CRYPTO_BUFFER_POOL *pool) { - if (pool == NULL) { + if (pool == nullptr) { return; } @@ -85,7 +85,7 @@ static CRYPTO_BUFFER *crypto_buffer_new(const uint8_t *data, size_t len, int data_is_static, CRYPTO_BUFFER_POOL *pool) { - if (pool != NULL) { + if (pool != nullptr) { CRYPTO_BUFFER tmp; tmp.data = (uint8_t *)data; tmp.len = len; @@ -93,25 +93,25 @@ CRYPTO_MUTEX_lock_read(&pool->lock); CRYPTO_BUFFER *duplicate = lh_CRYPTO_BUFFER_retrieve(pool->bufs, &tmp); - if (data_is_static && duplicate != NULL && !duplicate->data_is_static) { + if (data_is_static && duplicate != nullptr && !duplicate->data_is_static) { // If the new |CRYPTO_BUFFER| would have static data, but the duplicate // does not, we replace the old one with the new static version. - duplicate = NULL; + duplicate = nullptr; } - if (duplicate != NULL) { + if (duplicate != nullptr) { CRYPTO_refcount_inc(&duplicate->references); } CRYPTO_MUTEX_unlock_read(&pool->lock); - if (duplicate != NULL) { + if (duplicate != nullptr) { return duplicate; } } CRYPTO_BUFFER *const buf = reinterpret_cast<CRYPTO_BUFFER *>(OPENSSL_zalloc(sizeof(CRYPTO_BUFFER))); - if (buf == NULL) { - return NULL; + if (buf == nullptr) { + return nullptr; } if (data_is_static) { @@ -119,16 +119,16 @@ buf->data_is_static = 1; } else { buf->data = reinterpret_cast<uint8_t *>(OPENSSL_memdup(data, len)); - if (len != 0 && buf->data == NULL) { + if (len != 0 && buf->data == nullptr) { OPENSSL_free(buf); - return NULL; + return nullptr; } } buf->len = len; buf->references = 1; - if (pool == NULL) { + if (pool == nullptr) { return buf; } @@ -136,14 +136,14 @@ CRYPTO_MUTEX_lock_write(&pool->lock); CRYPTO_BUFFER *duplicate = lh_CRYPTO_BUFFER_retrieve(pool->bufs, buf); - if (data_is_static && duplicate != NULL && !duplicate->data_is_static) { + if (data_is_static && duplicate != nullptr && !duplicate->data_is_static) { // If the new |CRYPTO_BUFFER| would have static data, but the duplicate does // not, we replace the old one with the new static version. - duplicate = NULL; + duplicate = nullptr; } int inserted = 0; - if (duplicate == NULL) { - CRYPTO_BUFFER *old = NULL; + if (duplicate == nullptr) { + CRYPTO_BUFFER *old = nullptr; inserted = lh_CRYPTO_BUFFER_insert(pool->bufs, &old, buf); // |old| may be non-NULL if a match was found but ignored. |pool->bufs| does // not increment refcounts, so there is no need to clean up after the @@ -171,14 +171,14 @@ CRYPTO_BUFFER *CRYPTO_BUFFER_alloc(uint8_t **out_data, size_t len) { CRYPTO_BUFFER *const buf = reinterpret_cast<CRYPTO_BUFFER *>(OPENSSL_zalloc(sizeof(CRYPTO_BUFFER))); - if (buf == NULL) { - return NULL; + if (buf == nullptr) { + return nullptr; } buf->data = reinterpret_cast<uint8_t *>(OPENSSL_malloc(len)); - if (len != 0 && buf->data == NULL) { + if (len != 0 && buf->data == nullptr) { OPENSSL_free(buf); - return NULL; + return nullptr; } buf->len = len; buf->references = 1; @@ -198,12 +198,12 @@ } void CRYPTO_BUFFER_free(CRYPTO_BUFFER *buf) { - if (buf == NULL) { + if (buf == nullptr) { return; } CRYPTO_BUFFER_POOL *const pool = buf->pool; - if (pool == NULL) { + if (pool == nullptr) { if (CRYPTO_refcount_dec_and_test_zero(&buf->references)) { // If a reference count of zero is observed, there cannot be a reference // from any pool to this buffer and thus we are able to free this
diff --git a/crypto/rand/fork_detect.cc b/crypto/rand/fork_detect.cc index 8211c2c..17e93e9 100644 --- a/crypto/rand/fork_detect.cc +++ b/crypto/rand/fork_detect.cc
@@ -54,7 +54,7 @@ return; } - void *addr = mmap(NULL, (size_t)page_size, PROT_READ | PROT_WRITE, + void *addr = mmap(nullptr, (size_t)page_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); if (addr == MAP_FAILED) { return; @@ -92,7 +92,7 @@ // before it observes this. Therefore, we must synchronize the logic below. bssl::Atomic<uint32_t> *const flag_ptr = g_fork_detect_addr; - if (flag_ptr == NULL) { + if (flag_ptr == nullptr) { // Our kernel is too old to support |MADV_WIPEONFORK| or // |g_force_madv_wipeonfork| is set. if (g_force_madv_wipeonfork && g_force_madv_wipeonfork_enabled) {
diff --git a/crypto/rand/rand.cc b/crypto/rand/rand.cc index fd82bbc..6e0ca98 100644 --- a/crypto/rand/rand.cc +++ b/crypto/rand/rand.cc
@@ -44,7 +44,7 @@ } } -const char *RAND_file_name(char *buf, size_t num) { return NULL; } +const char *RAND_file_name(char *buf, size_t num) { return nullptr; } void RAND_add(const void *buf, int num, double entropy) {}
diff --git a/crypto/rsa/rsa_asn1.cc b/crypto/rsa/rsa_asn1.cc index f2e76fe..0bb4924 100644 --- a/crypto/rsa/rsa_asn1.cc +++ b/crypto/rsa/rsa_asn1.cc
@@ -34,16 +34,16 @@ static int parse_integer(CBS *cbs, BIGNUM **out) { - assert(*out == NULL); + assert(*out == nullptr); *out = BN_new(); - if (*out == NULL) { + if (*out == nullptr) { return 0; } return BN_parse_asn1_unsigned(cbs, *out); } static int marshal_integer(CBB *cbb, BIGNUM *bn) { - if (bn == NULL) { + if (bn == nullptr) { // An RSA object may be missing some components. OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); return 0; @@ -53,8 +53,8 @@ RSA *RSA_parse_public_key(CBS *cbs) { RSA *ret = RSA_new(); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } CBS child; if (!CBS_get_asn1(cbs, &child, CBS_ASN1_SEQUENCE) || @@ -63,13 +63,13 @@ CBS_len(&child) != 0) { OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); RSA_free(ret); - return NULL; + return nullptr; } if (!RSA_check_key(ret)) { OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_RSA_PARAMETERS); RSA_free(ret); - return NULL; + return nullptr; } return ret; @@ -79,10 +79,10 @@ CBS cbs; CBS_init(&cbs, in, in_len); RSA *ret = RSA_parse_public_key(&cbs); - if (ret == NULL || CBS_len(&cbs) != 0) { + if (ret == nullptr || CBS_len(&cbs) != 0) { OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); RSA_free(ret); - return NULL; + return nullptr; } return ret; } @@ -119,8 +119,8 @@ RSA *RSA_parse_private_key(CBS *cbs) { RSA *ret = RSA_new(); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } CBS child; @@ -161,17 +161,17 @@ err: RSA_free(ret); - return NULL; + return nullptr; } RSA *RSA_private_key_from_bytes(const uint8_t *in, size_t in_len) { CBS cbs; CBS_init(&cbs, in, in_len); RSA *ret = RSA_parse_private_key(&cbs); - if (ret == NULL || CBS_len(&cbs) != 0) { + if (ret == nullptr || CBS_len(&cbs) != 0) { OPENSSL_PUT_ERROR(RSA, RSA_R_BAD_ENCODING); RSA_free(ret); - return NULL; + return nullptr; } return ret; } @@ -233,7 +233,7 @@ uint8_t *der; size_t der_len; if (!RSA_public_key_to_bytes(&der, &der_len, rsa)) { - return NULL; + return nullptr; } RSA *ret = RSA_public_key_from_bytes(der, der_len); OPENSSL_free(der); @@ -244,7 +244,7 @@ uint8_t *der; size_t der_len; if (!RSA_private_key_to_bytes(&der, &der_len, rsa)) { - return NULL; + return nullptr; } RSA *ret = RSA_private_key_from_bytes(der, der_len); OPENSSL_free(der);
diff --git a/crypto/rsa/rsa_crypt.cc b/crypto/rsa/rsa_crypt.cc index ce4ae7d..632a717 100644 --- a/crypto/rsa/rsa_crypt.cc +++ b/crypto/rsa/rsa_crypt.cc
@@ -45,10 +45,10 @@ const uint8_t *from, size_t from_len, const uint8_t *param, size_t param_len, const EVP_MD *md, const EVP_MD *mgf1md) { - if (md == NULL) { + if (md == nullptr) { md = EVP_sha1(); } - if (mgf1md == NULL) { + if (mgf1md == nullptr) { mgf1md = md; } @@ -74,9 +74,9 @@ uint8_t *seed = to + 1; uint8_t *db = to + mdlen + 1; - uint8_t *dbmask = NULL; + uint8_t *dbmask = nullptr; int ret = 0; - if (!EVP_Digest(param, param_len, db, NULL, md, NULL)) { + if (!EVP_Digest(param, param_len, db, nullptr, md, nullptr)) { goto out; } OPENSSL_memset(db + mdlen, 0, emlen - from_len - 2 * mdlen - 1); @@ -87,7 +87,7 @@ } dbmask = reinterpret_cast<uint8_t *>(OPENSSL_malloc(emlen - mdlen)); - if (dbmask == NULL) { + if (dbmask == nullptr) { goto out; } @@ -117,13 +117,13 @@ size_t from_len, const uint8_t *param, size_t param_len, const EVP_MD *md, const EVP_MD *mgf1md) { - uint8_t *db = NULL; + uint8_t *db = nullptr; { - if (md == NULL) { + if (md == nullptr) { md = EVP_sha1(); } - if (mgf1md == NULL) { + if (mgf1md == nullptr) { mgf1md = md; } @@ -140,7 +140,7 @@ size_t dblen = from_len - mdlen - 1; db = reinterpret_cast<uint8_t *>(OPENSSL_malloc(dblen)); - if (db == NULL) { + if (db == nullptr) { goto err; } @@ -163,7 +163,7 @@ } uint8_t phash[EVP_MAX_MD_SIZE]; - if (!EVP_Digest(param, param_len, phash, NULL, md, NULL)) { + if (!EVP_Digest(param, param_len, phash, nullptr, md, nullptr)) { goto err; } @@ -339,7 +339,7 @@ int RSA_encrypt(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out, const uint8_t *in, size_t in_len, int padding) { - if (rsa->n == NULL || rsa->e == NULL) { + if (rsa->n == nullptr || rsa->e == nullptr) { OPENSSL_PUT_ERROR(RSA, RSA_R_VALUE_MISSING); return 0; } @@ -424,7 +424,7 @@ size_t max_out, const uint8_t *in, size_t in_len, int padding) { const unsigned rsa_size = RSA_size(rsa); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; int ret = 0; if (max_out < rsa_size) { @@ -437,7 +437,7 @@ } else { // Allocate a temporary buffer to hold the padded plaintext. buf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(rsa_size)); - if (buf == NULL) { + if (buf == nullptr) { goto err; } } @@ -458,8 +458,8 @@ break; case RSA_PKCS1_OAEP_PADDING: // Use the default parameters: SHA-1 for both hashes and no label. - ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, out_len, rsa_size, buf, - rsa_size, NULL, 0, NULL, NULL); + ret = RSA_padding_check_PKCS1_OAEP_mgf1( + out, out_len, rsa_size, buf, rsa_size, nullptr, 0, nullptr, nullptr); break; case RSA_NO_PADDING: *out_len = rsa_size;
diff --git a/crypto/sha/sha512.cc b/crypto/sha/sha512.cc index a24f717..7b1f3a6 100644 --- a/crypto/sha/sha512.cc +++ b/crypto/sha/sha512.cc
@@ -82,7 +82,7 @@ int SHA512_Final(uint8_t out[SHA512_DIGEST_LENGTH], SHA512_CTX *sha) { // Historically this function retured failure if passed NULL, even // though other final functions do not. - if (out == NULL) { + if (out == nullptr) { return 0; } BCM_sha512_final(out, sha);
diff --git a/crypto/stack/stack.cc b/crypto/stack/stack.cc index bbe5eb7..6f0d574 100644 --- a/crypto/stack/stack.cc +++ b/crypto/stack/stack.cc
@@ -44,13 +44,13 @@ OPENSSL_STACK *OPENSSL_sk_new(OPENSSL_sk_cmp_func comp) { OPENSSL_STACK *ret = reinterpret_cast<OPENSSL_STACK *>(OPENSSL_zalloc(sizeof(OPENSSL_STACK))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->data = reinterpret_cast<void **>(OPENSSL_calloc(kMinSize, sizeof(void *))); - if (ret->data == NULL) { + if (ret->data == nullptr) { goto err; } @@ -61,20 +61,20 @@ err: OPENSSL_free(ret); - return NULL; + return nullptr; } -OPENSSL_STACK *OPENSSL_sk_new_null(void) { return OPENSSL_sk_new(NULL); } +OPENSSL_STACK *OPENSSL_sk_new_null(void) { return OPENSSL_sk_new(nullptr); } size_t OPENSSL_sk_num(const OPENSSL_STACK *sk) { - if (sk == NULL) { + if (sk == nullptr) { return 0; } return sk->num; } void OPENSSL_sk_zero(OPENSSL_STACK *sk) { - if (sk == NULL || sk->num == 0) { + if (sk == nullptr || sk->num == 0) { return; } OPENSSL_memset(sk->data, 0, sizeof(void *) * sk->num); @@ -84,20 +84,20 @@ void *OPENSSL_sk_value(const OPENSSL_STACK *sk, size_t i) { if (!sk || i >= sk->num) { - return NULL; + return nullptr; } return sk->data[i]; } void *OPENSSL_sk_set(OPENSSL_STACK *sk, size_t i, void *value) { if (!sk || i >= sk->num) { - return NULL; + return nullptr; } return sk->data[i] = value; } void OPENSSL_sk_free(OPENSSL_STACK *sk) { - if (sk == NULL) { + if (sk == nullptr) { return; } OPENSSL_free(sk->data); @@ -107,12 +107,12 @@ void OPENSSL_sk_pop_free_ex(OPENSSL_STACK *sk, OPENSSL_sk_call_free_func call_free_func, OPENSSL_sk_free_func free_func) { - if (sk == NULL) { + if (sk == nullptr) { return; } for (size_t i = 0; i < sk->num; i++) { - if (sk->data[i] != NULL) { + if (sk->data[i] != nullptr) { call_free_func(free_func, sk->data[i]); } } @@ -131,7 +131,7 @@ } size_t OPENSSL_sk_insert(OPENSSL_STACK *sk, void *p, size_t where) { - if (sk == NULL) { + if (sk == nullptr) { return 0; } @@ -158,7 +158,7 @@ } data = reinterpret_cast<void **>(OPENSSL_realloc(sk->data, alloc_size)); - if (data == NULL) { + if (data == nullptr) { return 0; } @@ -184,7 +184,7 @@ void *ret; if (!sk || where >= sk->num) { - return NULL; + return nullptr; } ret = sk->data[where]; @@ -199,8 +199,8 @@ } void *OPENSSL_sk_delete_ptr(OPENSSL_STACK *sk, const void *p) { - if (sk == NULL) { - return NULL; + if (sk == nullptr) { + return nullptr; } for (size_t i = 0; i < sk->num; i++) { @@ -209,13 +209,13 @@ } } - return NULL; + return nullptr; } void OPENSSL_sk_delete_if(OPENSSL_STACK *sk, OPENSSL_sk_call_delete_if_func call_func, OPENSSL_sk_delete_if_func func, void *data) { - if (sk == NULL) { + if (sk == nullptr) { return; } @@ -231,11 +231,11 @@ int OPENSSL_sk_find(const OPENSSL_STACK *sk, size_t *out_index, const void *p, OPENSSL_sk_call_cmp_func call_cmp_func) { - if (sk == NULL) { + if (sk == nullptr) { return 0; } - if (sk->comp == NULL) { + if (sk->comp == nullptr) { // Use pointer equality when no comparison function has been set. for (size_t i = 0; i < sk->num; i++) { if (sk->data[i] == p) { @@ -248,7 +248,7 @@ return 0; } - if (p == NULL) { + if (p == nullptr) { return 0; } @@ -282,7 +282,7 @@ // |mid| matches. However, this function returns the earliest match, so we // can only return if the range has size one. if (hi - lo == 1) { - if (out_index != NULL) { + if (out_index != nullptr) { *out_index = mid; } return 1; @@ -299,11 +299,11 @@ } void *OPENSSL_sk_shift(OPENSSL_STACK *sk) { - if (sk == NULL) { - return NULL; + if (sk == nullptr) { + return nullptr; } if (sk->num == 0) { - return NULL; + return nullptr; } return OPENSSL_sk_delete(sk, 0); } @@ -313,29 +313,29 @@ } void *OPENSSL_sk_pop(OPENSSL_STACK *sk) { - if (sk == NULL) { - return NULL; + if (sk == nullptr) { + return nullptr; } if (sk->num == 0) { - return NULL; + return nullptr; } return OPENSSL_sk_delete(sk, sk->num - 1); } OPENSSL_STACK *OPENSSL_sk_dup(const OPENSSL_STACK *sk) { - if (sk == NULL) { - return NULL; + if (sk == nullptr) { + return nullptr; } OPENSSL_STACK *ret = reinterpret_cast<OPENSSL_STACK *>(OPENSSL_zalloc(sizeof(OPENSSL_STACK))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->data = reinterpret_cast<void **>( OPENSSL_memdup(sk->data, sizeof(void *) * sk->num_alloc)); - if (ret->data == NULL) { + if (ret->data == nullptr) { goto err; } @@ -347,7 +347,7 @@ err: OPENSSL_sk_free(ret); - return NULL; + return nullptr; } static size_t parent_idx(size_t idx) { @@ -399,7 +399,7 @@ void OPENSSL_sk_sort(OPENSSL_STACK *sk, OPENSSL_sk_call_cmp_func call_cmp_func) { - if (sk == NULL || sk->comp == NULL || sk->sorted) { + if (sk == nullptr || sk->comp == nullptr || sk->sorted) { return; } @@ -432,7 +432,7 @@ return 1; } // Zero- and one-element lists are always sorted. - return sk->sorted || (sk->comp != NULL && sk->num < 2); + return sk->sorted || (sk->comp != nullptr && sk->num < 2); } OPENSSL_sk_cmp_func OPENSSL_sk_set_cmp_func(OPENSSL_STACK *sk, @@ -453,23 +453,23 @@ OPENSSL_sk_call_free_func call_free_func, OPENSSL_sk_free_func free_func) { OPENSSL_STACK *ret = OPENSSL_sk_dup(sk); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } for (size_t i = 0; i < ret->num; i++) { - if (ret->data[i] == NULL) { + if (ret->data[i] == nullptr) { continue; } ret->data[i] = call_copy_func(copy_func, ret->data[i]); - if (ret->data[i] == NULL) { + if (ret->data[i] == nullptr) { for (size_t j = 0; j < i; j++) { - if (ret->data[j] != NULL) { + if (ret->data[j] != nullptr) { call_free_func(free_func, ret->data[j]); } } OPENSSL_sk_free(ret); - return NULL; + return nullptr; } }
diff --git a/crypto/thread.cc b/crypto/thread.cc index 16c20b1..f7d2b76 100644 --- a/crypto/thread.cc +++ b/crypto/thread.cc
@@ -22,7 +22,7 @@ void (*CRYPTO_get_locking_callback(void))(int mode, int lock_num, const char *file, int line) { - return NULL; + return nullptr; } void CRYPTO_set_add_lock_callback(int (*func)(int *num, int mount, int lock_num, @@ -53,16 +53,16 @@ struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))( const char *file, int line) { - return NULL; + return nullptr; } void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line) { - return NULL; + return nullptr; } void (*CRYPTO_get_dynlock_destroy_callback(void))( struct CRYPTO_dynlock_value *l, const char *file, int line) { - return NULL; + return nullptr; }
diff --git a/crypto/thread_pthread.cc b/crypto/thread_pthread.cc index 307effb..7e57df1 100644 --- a/crypto/thread_pthread.cc +++ b/crypto/thread_pthread.cc
@@ -24,7 +24,7 @@ #include <string.h> void CRYPTO_MUTEX_init(CRYPTO_MUTEX *lock) { - if (pthread_rwlock_init(lock, NULL) != 0) { + if (pthread_rwlock_init(lock, nullptr) != 0) { abort(); } } @@ -67,7 +67,7 @@ // thread_local_destructor is called when a thread exits. It releases thread // local data for that thread only. static void thread_local_destructor(void *arg) { - if (arg == NULL) { + if (arg == nullptr) { return; } @@ -81,7 +81,7 @@ unsigned i; void **pointers = reinterpret_cast<void **>(arg); for (i = 0; i < NUM_OPENSSL_THREAD_LOCALS; i++) { - if (destructors[i] != NULL) { + if (destructors[i] != nullptr) { destructors[i](pointers[i]); } } @@ -101,13 +101,13 @@ void *CRYPTO_get_thread_local(thread_local_data_t index) { CRYPTO_once(&g_thread_local_init_once, thread_local_init); if (!g_thread_local_key_created) { - return NULL; + return nullptr; } void **pointers = reinterpret_cast<void **>(pthread_getspecific(g_thread_local_key)); - if (pointers == NULL) { - return NULL; + if (pointers == nullptr) { + return nullptr; } return pointers[index]; } @@ -122,10 +122,10 @@ void **pointers = reinterpret_cast<void **>(pthread_getspecific(g_thread_local_key)); - if (pointers == NULL) { + if (pointers == nullptr) { pointers = reinterpret_cast<void **>( malloc(sizeof(void *) * NUM_OPENSSL_THREAD_LOCALS)); - if (pointers == NULL) { + if (pointers == nullptr) { destructor(value); return 0; }
diff --git a/crypto/thread_test.cc b/crypto/thread_test.cc index c18a466..c71896e 100644 --- a/crypto/thread_test.cc +++ b/crypto/thread_test.cc
@@ -82,7 +82,7 @@ static unsigned g_destructor_called_count = 0; static void thread_local_destructor(void *arg) { - if (arg == NULL) { + if (arg == nullptr) { return; } @@ -95,7 +95,7 @@ << "Thread-local data was non-NULL at start."; std::thread thread([] { - if (CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_TEST) != NULL || + if (CRYPTO_get_thread_local(OPENSSL_THREAD_LOCAL_TEST) != nullptr || !CRYPTO_set_thread_local(OPENSSL_THREAD_LOCAL_TEST, &g_destructor_called_count, thread_local_destructor) ||
diff --git a/crypto/trust_token/pmbtoken.cc b/crypto/trust_token/pmbtoken.cc index 1cab2d4..ce910b0 100644 --- a/crypto/trust_token/pmbtoken.cc +++ b/crypto/trust_token/pmbtoken.cc
@@ -97,7 +97,7 @@ int ok = 0; CBB cbb; CBB_zero(&cbb); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !CBB_add_bytes(&cbb, kKeygenLabel, sizeof(kKeygenLabel)) || @@ -173,8 +173,8 @@ const EC_JACOBIAN *p2, const EC_SCALAR *scalar2) { EC_JACOBIAN points[3] = {*p0, *p1, *p2}; EC_SCALAR scalars[3] = {*scalar0, *scalar1, *scalar2}; - return ec_point_mul_scalar_public_batch(group, out, /*g_scalar=*/NULL, points, - scalars, 3); + return ec_point_mul_scalar_public_batch(group, out, /*g_scalar=*/nullptr, + points, scalars, 3); } static int pmbtoken_compute_keys(const PMBTOKEN_METHOD *method, @@ -185,11 +185,12 @@ const EC_GROUP *group = method->group; EC_JACOBIAN pub[3]; if (!ec_point_mul_scalar_precomp(group, &pub[0], &method->g_precomp, x0, - &method->h_precomp, y0, NULL, NULL) || + &method->h_precomp, y0, nullptr, nullptr) || !ec_point_mul_scalar_precomp(group, &pub[1], &method->g_precomp, x1, - &method->h_precomp, y1, NULL, NULL) || + &method->h_precomp, y1, nullptr, nullptr) || !ec_point_mul_scalar_precomp(method->group, &pub[2], &method->g_precomp, - xs, &method->h_precomp, ys, NULL, NULL)) { + xs, &method->h_precomp, ys, nullptr, + nullptr)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_KEYGEN_FAILURE); return 0; } @@ -299,13 +300,16 @@ EC_JACOBIAN pub[3]; EC_AFFINE pub_affine[3]; if (!ec_point_mul_scalar_precomp(group, &pub[0], &method->g_precomp, &key->x0, - &method->h_precomp, &key->y0, NULL, NULL) || + &method->h_precomp, &key->y0, nullptr, + nullptr) || !ec_init_precomp(group, &key->pub0_precomp, &pub[0]) || !ec_point_mul_scalar_precomp(group, &pub[1], &method->g_precomp, &key->x1, - &method->h_precomp, &key->y1, NULL, NULL) || + &method->h_precomp, &key->y1, nullptr, + nullptr) || !ec_init_precomp(group, &key->pub1_precomp, &pub[1]) || !ec_point_mul_scalar_precomp(group, &pub[2], &method->g_precomp, &key->xs, - &method->h_precomp, &key->ys, NULL, NULL) || + &method->h_precomp, &key->ys, nullptr, + nullptr) || !ec_init_precomp(group, &key->pubs_precomp, &pub[2]) || !ec_jacobian_to_affine_batch(group, pub_affine, pub, 3)) { return 0; @@ -325,7 +329,7 @@ const EC_GROUP *group = method->group; STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens = sk_TRUST_TOKEN_PRETOKEN_new_null(); - if (pretokens == NULL) { + if (pretokens == nullptr) { goto err; } @@ -333,7 +337,7 @@ // Insert |pretoken| into |pretokens| early to simplify error-handling. TRUST_TOKEN_PRETOKEN *pretoken = reinterpret_cast<TRUST_TOKEN_PRETOKEN *>( OPENSSL_malloc(sizeof(TRUST_TOKEN_PRETOKEN))); - if (pretoken == NULL || + if (pretoken == nullptr || !sk_TRUST_TOKEN_PRETOKEN_push(pretokens, pretoken)) { TRUST_TOKEN_PRETOKEN_free(pretoken); goto err; @@ -379,7 +383,7 @@ err: sk_TRUST_TOKEN_PRETOKEN_pop_free(pretokens, TRUST_TOKEN_PRETOKEN_free); - return NULL; + return nullptr; } static int scalar_to_cbb(CBB *out, const EC_GROUP *group, @@ -414,7 +418,7 @@ int ok = 0; CBB cbb; CBB_zero(&cbb); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !CBB_add_bytes(&cbb, kDLEQ2Label, sizeof(kDLEQ2Label)) || @@ -447,7 +451,7 @@ int ok = 0; CBB cbb; CBB_zero(&cbb); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !CBB_add_bytes(&cbb, kDLEQOR2Label, sizeof(kDLEQOR2Label)) || @@ -485,7 +489,7 @@ int ok = 0; CBB cbb; CBB_zero(&cbb); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !CBB_add_bytes(&cbb, kDLEQBatchLabel, sizeof(kDLEQBatchLabel)) || @@ -540,9 +544,9 @@ // Ks = ks0*(G;T) + ks1*(H;S) !ec_point_mul_scalar_precomp(group, &jacobians[idx_Ks0], &method->g_precomp, &ks0, &method->h_precomp, - &ks1, NULL, NULL) || + &ks1, nullptr, nullptr) || !ec_point_mul_scalar_batch(group, &jacobians[idx_Ks1], T, &ks0, S, &ks1, - NULL, NULL)) { + nullptr, nullptr)) { return 0; } @@ -564,9 +568,9 @@ // Kb = k0*(G;T) + k1*(H;S) !ec_point_mul_scalar_precomp(group, &jacobians[idx_Kb0], &method->g_precomp, &k0, &method->h_precomp, - &k1, NULL, NULL) || + &k1, nullptr, nullptr) || !ec_point_mul_scalar_batch(group, &jacobians[idx_Kb1], T, &k0, S, &k1, - NULL, NULL) || + nullptr, nullptr) || // co, uo, vo <- Zp !ec_random_nonzero_scalar(group, &minus_co, kDefaultAdditionalData) || !ec_random_nonzero_scalar(group, &uo, kDefaultAdditionalData) || @@ -832,9 +836,10 @@ EC_AFFINE affines[3]; if (!method->hash_s(group, &jacobians[0], &Tp_affine, s) || !ec_point_mul_scalar_batch(group, &jacobians[1], &Tp, &xb, - &jacobians[0], &yb, NULL, NULL) || + &jacobians[0], &yb, nullptr, nullptr) || !ec_point_mul_scalar_batch(group, &jacobians[2], &Tp, &key->xs, - &jacobians[0], &key->ys, NULL, NULL) || + &jacobians[0], &key->ys, nullptr, + nullptr) || !ec_jacobian_to_affine_batch(group, affines, jacobians, 3) || !CBB_add_bytes(cbb, s, TRUST_TOKEN_NONCE_SIZE) || !cbb_add_prefixed_point(cbb, group, &affines[1], @@ -871,16 +876,16 @@ EC_JACOBIAN Tp_batch, Sp_batch, Wp_batch, Wsp_batch; if (!ec_point_mul_scalar_public_batch(group, &Tp_batch, - /*g_scalar=*/NULL, Tps, es, + /*g_scalar=*/nullptr, Tps, es, num_to_issue) || !ec_point_mul_scalar_public_batch(group, &Sp_batch, - /*g_scalar=*/NULL, Sps, es, + /*g_scalar=*/nullptr, Sps, es, num_to_issue) || !ec_point_mul_scalar_public_batch(group, &Wp_batch, - /*g_scalar=*/NULL, Wps, es, + /*g_scalar=*/nullptr, Wps, es, num_to_issue) || !ec_point_mul_scalar_public_batch(group, &Wsp_batch, - /*g_scalar=*/NULL, Wsps, es, + /*g_scalar=*/nullptr, Wsps, es, num_to_issue)) { goto err; } @@ -924,7 +929,7 @@ const EC_GROUP *group = method->group; if (count > sk_TRUST_TOKEN_PRETOKEN_num(pretokens)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); - return NULL; + return nullptr; } int ok = 0; @@ -941,8 +946,8 @@ reinterpret_cast<EC_SCALAR *>(OPENSSL_calloc(count, sizeof(EC_SCALAR))); CBB batch_cbb; CBB_zero(&batch_cbb); - if (ret == NULL || Tps == NULL || Sps == NULL || Wps == NULL || - Wsps == NULL || es == NULL || !CBB_init(&batch_cbb, 0) || + if (ret == nullptr || Tps == nullptr || Sps == nullptr || Wps == nullptr || + Wsps == nullptr || es == nullptr || !CBB_init(&batch_cbb, 0) || !point_to_cbb(&batch_cbb, method->group, &key->pubs) || !point_to_cbb(&batch_cbb, method->group, &key->pub0) || !point_to_cbb(&batch_cbb, method->group, &key->pub1)) { @@ -1011,7 +1016,7 @@ TRUST_TOKEN *token = TRUST_TOKEN_new(CBB_data(&token_cbb), CBB_len(&token_cbb)); CBB_cleanup(&token_cbb); - if (token == NULL || !sk_TRUST_TOKEN_push(ret, token)) { + if (token == nullptr || !sk_TRUST_TOKEN_push(ret, token)) { TRUST_TOKEN_free(token); goto err; } @@ -1028,13 +1033,14 @@ EC_JACOBIAN Tp_batch, Sp_batch, Wp_batch, Wsp_batch; if (!ec_point_mul_scalar_public_batch(group, &Tp_batch, - /*g_scalar=*/NULL, Tps, es, count) || + /*g_scalar=*/nullptr, Tps, es, count) || !ec_point_mul_scalar_public_batch(group, &Sp_batch, - /*g_scalar=*/NULL, Sps, es, count) || + /*g_scalar=*/nullptr, Sps, es, count) || !ec_point_mul_scalar_public_batch(group, &Wp_batch, - /*g_scalar=*/NULL, Wps, es, count) || + /*g_scalar=*/nullptr, Wps, es, count) || !ec_point_mul_scalar_public_batch(group, &Wsp_batch, - /*g_scalar=*/NULL, Wsps, es, count)) { + /*g_scalar=*/nullptr, Wsps, es, + count)) { goto err; } @@ -1057,7 +1063,7 @@ CBB_cleanup(&batch_cbb); if (!ok) { sk_TRUST_TOKEN_pop_free(ret, TRUST_TOKEN_free); - ret = NULL; + ret = nullptr; } return ret; } @@ -1110,7 +1116,7 @@ EC_JACOBIAN Ws_calculated; // Check the validity of the token. if (!ec_point_mul_scalar_precomp(group, &Ws_calculated, &T_precomp, &key->xs, - &S_precomp, &key->ys, NULL, NULL) || + &S_precomp, &key->ys, nullptr, nullptr) || !ec_affine_jacobian_equal(group, &Ws, &Ws_calculated)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_BAD_VALIDITY_CHECK); return 0; @@ -1118,9 +1124,9 @@ EC_JACOBIAN W0, W1; if (!ec_point_mul_scalar_precomp(group, &W0, &T_precomp, &key->x0, &S_precomp, - &key->y0, NULL, NULL) || + &key->y0, nullptr, nullptr) || !ec_point_mul_scalar_precomp(group, &W1, &T_precomp, &key->x1, &S_precomp, - &key->y1, NULL, NULL)) { + &key->y1, nullptr, nullptr)) { return 0; } @@ -1153,7 +1159,7 @@ const uint8_t kHashSLabel[] = "PMBTokens Experiment V1 HashS"; int ret = 0; CBB cbb; - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !point_to_cbb(&cbb, group, t) || !CBB_add_bytes(&cbb, s, TRUST_TOKEN_NONCE_SIZE) || @@ -1259,7 +1265,7 @@ const uint8_t *msg, size_t msg_len) { if (!pmbtoken_exp1_init_method()) { - return NULL; + return nullptr; } return pmbtoken_blind(&pmbtoken_exp1_method, cbb, count, include_message, msg, msg_len); @@ -1280,7 +1286,7 @@ const STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens, CBS *cbs, size_t count, uint32_t key_id) { if (!pmbtoken_exp1_init_method()) { - return NULL; + return nullptr; } return pmbtoken_unblind(&pmbtoken_exp1_method, key, pretokens, cbs, count, key_id); @@ -1325,7 +1331,7 @@ const uint8_t kHashSLabel[] = "PMBTokens Experiment V2 HashS"; int ret = 0; CBB cbb; - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !point_to_cbb(&cbb, group, t) || !CBB_add_bytes(&cbb, s, TRUST_TOKEN_NONCE_SIZE) || @@ -1431,7 +1437,7 @@ const uint8_t *msg, size_t msg_len) { if (!pmbtoken_exp2_init_method()) { - return NULL; + return nullptr; } return pmbtoken_blind(&pmbtoken_exp2_method, cbb, count, include_message, msg, msg_len); @@ -1452,7 +1458,7 @@ const STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens, CBS *cbs, size_t count, uint32_t key_id) { if (!pmbtoken_exp2_init_method()) { - return NULL; + return nullptr; } return pmbtoken_unblind(&pmbtoken_exp2_method, key, pretokens, cbs, count, key_id); @@ -1497,7 +1503,7 @@ const uint8_t kHashSLabel[] = "PMBTokens PST V1 HashS"; int ret = 0; CBB cbb; - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !point_to_cbb(&cbb, group, t) || !CBB_add_bytes(&cbb, s, TRUST_TOKEN_NONCE_SIZE) || @@ -1603,7 +1609,7 @@ const uint8_t *msg, size_t msg_len) { if (!pmbtoken_pst1_init_method()) { - return NULL; + return nullptr; } return pmbtoken_blind(&pmbtoken_pst1_method, cbb, count, include_message, msg, msg_len); @@ -1624,7 +1630,7 @@ const STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens, CBS *cbs, size_t count, uint32_t key_id) { if (!pmbtoken_pst1_init_method()) { - return NULL; + return nullptr; } return pmbtoken_unblind(&pmbtoken_pst1_method, key, pretokens, cbs, count, key_id);
diff --git a/crypto/trust_token/trust_token.cc b/crypto/trust_token/trust_token.cc index ee1f3ec..6fa3582 100644 --- a/crypto/trust_token/trust_token.cc +++ b/crypto/trust_token/trust_token.cc
@@ -123,20 +123,20 @@ TRUST_TOKEN *TRUST_TOKEN_new(const uint8_t *data, size_t len) { TRUST_TOKEN *ret = reinterpret_cast<TRUST_TOKEN *>(OPENSSL_zalloc(sizeof(TRUST_TOKEN))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->data = reinterpret_cast<uint8_t *>(OPENSSL_memdup(data, len)); - if (len != 0 && ret->data == NULL) { + if (len != 0 && ret->data == nullptr) { OPENSSL_free(ret); - return NULL; + return nullptr; } ret->len = len; return ret; } void TRUST_TOKEN_free(TRUST_TOKEN *token) { - if (token == NULL) { + if (token == nullptr) { return; } OPENSSL_free(token->data); @@ -162,8 +162,8 @@ return 0; } - if (!CBB_finish(&priv_cbb, NULL, out_priv_key_len) || - !CBB_finish(&pub_cbb, NULL, out_pub_key_len)) { + if (!CBB_finish(&priv_cbb, nullptr, out_priv_key_len) || + !CBB_finish(&pub_cbb, nullptr, out_pub_key_len)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_BUFFER_TOO_SMALL); return 0; } @@ -191,8 +191,8 @@ return 0; } - if (!CBB_finish(&priv_cbb, NULL, out_priv_key_len) || - !CBB_finish(&pub_cbb, NULL, out_pub_key_len)) { + if (!CBB_finish(&priv_cbb, nullptr, out_priv_key_len) || + !CBB_finish(&pub_cbb, nullptr, out_pub_key_len)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_BUFFER_TOO_SMALL); return 0; } @@ -205,13 +205,13 @@ if (max_batchsize > 0xffff) { // The protocol supports only two-byte token counts. OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW); - return NULL; + return nullptr; } TRUST_TOKEN_CLIENT *ret = reinterpret_cast<TRUST_TOKEN_CLIENT *>( OPENSSL_zalloc(sizeof(TRUST_TOKEN_CLIENT))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->method = method; ret->max_batchsize = (uint16_t)max_batchsize; @@ -219,7 +219,7 @@ } void TRUST_TOKEN_CLIENT_free(TRUST_TOKEN_CLIENT *ctx) { - if (ctx == NULL) { + if (ctx == nullptr) { return; } EVP_PKEY_free(ctx->srr_key); @@ -270,14 +270,14 @@ int ret = 0; CBB request; - STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens = NULL; + STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens = nullptr; if (!CBB_init(&request, 0) || !CBB_add_u16(&request, count)) { goto err; } pretokens = ctx->method->blind(&request, count, include_message, msg, msg_len); - if (pretokens == NULL) { + if (pretokens == nullptr) { goto err; } @@ -287,7 +287,7 @@ sk_TRUST_TOKEN_PRETOKEN_pop_free(ctx->pretokens, TRUST_TOKEN_PRETOKEN_free); ctx->pretokens = pretokens; - pretokens = NULL; + pretokens = nullptr; ret = 1; err: @@ -299,7 +299,8 @@ int TRUST_TOKEN_CLIENT_begin_issuance(TRUST_TOKEN_CLIENT *ctx, uint8_t **out, size_t *out_len, size_t count) { return trust_token_client_begin_issuance_impl(ctx, out, out_len, count, - /*include_message=*/0, NULL, 0); + /*include_message=*/0, nullptr, + 0); } int TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -319,11 +320,11 @@ uint32_t key_id; if (!CBS_get_u16(&in, &count) || !CBS_get_u32(&in, &key_id)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); - return NULL; + return nullptr; } size_t key_index = 0; - const struct trust_token_client_key_st *key = NULL; + const struct trust_token_client_key_st *key = nullptr; for (size_t i = 0; i < ctx->num_keys; i++) { if (ctx->keys[i].id == key_id) { key_index = i; @@ -332,30 +333,30 @@ } } - if (key == NULL) { + if (key == nullptr) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_INVALID_KEY_ID); - return NULL; + return nullptr; } if (count > sk_TRUST_TOKEN_PRETOKEN_num(ctx->pretokens)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); - return NULL; + return nullptr; } STACK_OF(TRUST_TOKEN) *tokens = ctx->method->unblind(&key->key, ctx->pretokens, &in, count, key_id); - if (tokens == NULL) { - return NULL; + if (tokens == nullptr) { + return nullptr; } if (CBS_len(&in) != 0) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); sk_TRUST_TOKEN_pop_free(tokens, TRUST_TOKEN_free); - return NULL; + return nullptr; } sk_TRUST_TOKEN_PRETOKEN_pop_free(ctx->pretokens, TRUST_TOKEN_PRETOKEN_free); - ctx->pretokens = NULL; + ctx->pretokens = nullptr; *out_key_index = key_index; return tokens; @@ -392,7 +393,7 @@ return 0; } - *out_sig = NULL; + *out_sig = nullptr; *out_sig_len = 0; return 1; } @@ -403,16 +404,17 @@ return 0; } - if (ctx->srr_key == NULL) { + if (ctx->srr_key == nullptr) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_NO_SRR_KEY_CONFIGURED); return 0; } EVP_MD_CTX md_ctx; EVP_MD_CTX_init(&md_ctx); - int sig_ok = EVP_DigestVerifyInit(&md_ctx, NULL, NULL, NULL, ctx->srr_key) && - EVP_DigestVerify(&md_ctx, CBS_data(&sig), CBS_len(&sig), - CBS_data(&srr), CBS_len(&srr)); + int sig_ok = + EVP_DigestVerifyInit(&md_ctx, nullptr, nullptr, nullptr, ctx->srr_key) && + EVP_DigestVerify(&md_ctx, CBS_data(&sig), CBS_len(&sig), CBS_data(&srr), + CBS_len(&srr)); EVP_MD_CTX_cleanup(&md_ctx); if (!sig_ok) { @@ -420,7 +422,7 @@ return 0; } - uint8_t *srr_buf = NULL, *sig_buf = NULL; + uint8_t *srr_buf = nullptr, *sig_buf = nullptr; size_t srr_len, sig_len; if (!CBS_stow(&srr, &srr_buf, &srr_len) || !CBS_stow(&sig, &sig_buf, &sig_len)) { @@ -441,13 +443,13 @@ if (max_batchsize > 0xffff) { // The protocol supports only two-byte token counts. OPENSSL_PUT_ERROR(TRUST_TOKEN, ERR_R_OVERFLOW); - return NULL; + return nullptr; } TRUST_TOKEN_ISSUER *ret = reinterpret_cast<TRUST_TOKEN_ISSUER *>( OPENSSL_zalloc(sizeof(TRUST_TOKEN_ISSUER))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->method = method; ret->max_batchsize = (uint16_t)max_batchsize; @@ -455,7 +457,7 @@ } void TRUST_TOKEN_ISSUER_free(TRUST_TOKEN_ISSUER *ctx) { - if (ctx == NULL) { + if (ctx == nullptr) { return; } EVP_PKEY_free(ctx->srr_key); @@ -502,7 +504,7 @@ OPENSSL_free(ctx->metadata_key); ctx->metadata_key_len = 0; ctx->metadata_key = reinterpret_cast<uint8_t *>(OPENSSL_memdup(key, len)); - if (ctx->metadata_key == NULL) { + if (ctx->metadata_key == nullptr) { return 0; } ctx->metadata_key_len = len; @@ -516,7 +518,7 @@ return &ctx->keys[i]; } } - return NULL; + return nullptr; } int TRUST_TOKEN_ISSUER_issue(const TRUST_TOKEN_ISSUER *ctx, uint8_t **out, @@ -530,7 +532,7 @@ const struct trust_token_issuer_key_st *key = trust_token_issuer_get_key(ctx, public_metadata); - if (key == NULL || private_metadata > 1 || + if (key == nullptr || private_metadata > 1 || (!ctx->method->has_private_metadata && private_metadata != 0)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_INVALID_METADATA); return 0; @@ -602,7 +604,7 @@ const struct trust_token_issuer_key_st *key = trust_token_issuer_get_key(ctx, public_metadata); uint8_t nonce[TRUST_TOKEN_NONCE_SIZE]; - if (key == NULL || + if (key == nullptr || !ctx->method->read(&key->key, nonce, &private_metadata, CBS_data(&token_cbs), CBS_len(&token_cbs), include_message, msg, msg_len)) { @@ -618,7 +620,7 @@ return 0; } - uint8_t *client_data_buf = NULL; + uint8_t *client_data_buf = nullptr; size_t client_data_len = 0; TRUST_TOKEN *token; if (!CBS_stow(&client_data, &client_data_buf, &client_data_len)) { @@ -626,7 +628,7 @@ } token = TRUST_TOKEN_new(nonce, TRUST_TOKEN_NONCE_SIZE); - if (token == NULL) { + if (token == nullptr) { goto err; } *out_public = public_metadata; @@ -651,7 +653,7 @@ const uint8_t *request, size_t request_len) { return trust_token_issuer_redeem_impl(ctx, out_public, out_private, out_token, out_client_data, out_client_data_len, - request, request_len, 0, NULL, 0); + request, request_len, 0, nullptr, 0); } int TRUST_TOKEN_ISSUER_redeem_over_message(
diff --git a/crypto/trust_token/trust_token_test.cc b/crypto/trust_token/trust_token_test.cc index b90bdbb..8e8669e 100644 --- a/crypto/trust_token/trust_token_test.cc +++ b/crypto/trust_token/trust_token_test.cc
@@ -689,7 +689,7 @@ TEST_P(TrustTokenProtocolTest, InvalidToken) { ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; size_t key_index; @@ -716,9 +716,9 @@ // Corrupt the token. token->data[0] ^= 0x42; - uint8_t *redeem_msg = NULL, *redeem_resp = NULL; + uint8_t *redeem_msg = nullptr, *redeem_resp = nullptr; ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_redemption( - client.get(), &redeem_msg, &msg_len, token, NULL, 0, 0)); + client.get(), &redeem_msg, &msg_len, token, nullptr, 0, 0)); bssl::UniquePtr<uint8_t> free_redeem_msg(redeem_msg); uint32_t public_value; uint8_t private_value; @@ -741,7 +741,7 @@ TEST_P(TrustTokenProtocolTest, TruncatedIssuanceRequest) { ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -763,7 +763,7 @@ TEST_P(TrustTokenProtocolTest, TruncatedIssuanceResponse) { ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -790,7 +790,7 @@ TEST_P(TrustTokenProtocolTest, ExtraDataIssuanceResponse) { ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *request = NULL, *response = NULL; + uint8_t *request = nullptr, *response = nullptr; size_t request_len, response_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -819,7 +819,7 @@ TEST_P(TrustTokenProtocolTest, TruncatedRedemptionRequest) { ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -845,7 +845,7 @@ const uint8_t kClientData[] = "\x70TEST CLIENT DATA"; uint64_t kRedemptionTime = (method()->has_srr ? 13374242 : 0); - uint8_t *redeem_msg = NULL; + uint8_t *redeem_msg = nullptr; ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_redemption( client.get(), &redeem_msg, &msg_len, token, kClientData, sizeof(kClientData) - 1, kRedemptionTime)); @@ -912,7 +912,7 @@ sizeof(metadata_key))); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -949,7 +949,7 @@ TEST_P(TrustTokenMetadataTest, SetAndGetMetadata) { ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -980,7 +980,7 @@ const uint8_t kClientData[] = "\x70TEST CLIENT DATA"; uint64_t kRedemptionTime = (method()->has_srr ? 13374242 : 0); - uint8_t *redeem_msg = NULL; + uint8_t *redeem_msg = nullptr; ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_redemption( client.get(), &redeem_msg, &msg_len, token, kClientData, sizeof(kClientData) - 1, kRedemptionTime)); @@ -1017,7 +1017,7 @@ issuer_max_batchsize = 1; ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -1049,7 +1049,7 @@ ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -1117,7 +1117,7 @@ ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message( @@ -1212,7 +1212,7 @@ ASSERT_NO_FATAL_FAILURE(SetupContexts()); - uint8_t *issue_msg = NULL, *issue_resp = NULL; + uint8_t *issue_msg = nullptr, *issue_resp = nullptr; size_t msg_len, resp_len; if (use_message()) { ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance_over_message(
diff --git a/crypto/trust_token/voprf.cc b/crypto/trust_token/voprf.cc index 9eca4bf..2fbb49c 100644 --- a/crypto/trust_token/voprf.cc +++ b/crypto/trust_token/voprf.cc
@@ -143,7 +143,7 @@ int ok = 0; CBB cbb; CBB_zero(&cbb); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !CBB_add_bytes(&cbb, kKeygenLabel, sizeof(kKeygenLabel)) || @@ -203,7 +203,7 @@ const EC_GROUP *group = method->group_func(); STACK_OF(TRUST_TOKEN_PRETOKEN) *pretokens = sk_TRUST_TOKEN_PRETOKEN_new_null(); - if (pretokens == NULL) { + if (pretokens == nullptr) { goto err; } @@ -211,7 +211,7 @@ // Insert |pretoken| into |pretokens| early to simplify error-handling. TRUST_TOKEN_PRETOKEN *pretoken = reinterpret_cast<TRUST_TOKEN_PRETOKEN *>( OPENSSL_malloc(sizeof(TRUST_TOKEN_PRETOKEN))); - if (pretoken == NULL || + if (pretoken == nullptr || !sk_TRUST_TOKEN_PRETOKEN_push(pretokens, pretoken)) { TRUST_TOKEN_PRETOKEN_free(pretoken); goto err; @@ -257,7 +257,7 @@ err: sk_TRUST_TOKEN_PRETOKEN_pop_free(pretokens, TRUST_TOKEN_PRETOKEN_free); - return NULL; + return nullptr; } static int hash_to_scalar_dleq(const VOPRF_METHOD *method, EC_SCALAR *out, @@ -270,7 +270,7 @@ int ok = 0; CBB cbb; CBB_zero(&cbb); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !CBB_add_bytes(&cbb, kDLEQLabel, sizeof(kDLEQLabel)) || @@ -306,7 +306,7 @@ !cbb_serialize_point(&cbb, group, a2) || !cbb_serialize_point(&cbb, group, a3) || !CBB_add_bytes(&cbb, kChallengeLabel, sizeof(kChallengeLabel) - 1) || - !CBB_finish(&cbb, NULL, &len) || + !CBB_finish(&cbb, nullptr, &len) || !method->hash_to_scalar(group, out, transcript, len)) { return 0; } @@ -326,7 +326,7 @@ int ok = 0; CBB cbb; CBB_zero(&cbb); - uint8_t *buf = NULL; + uint8_t *buf = nullptr; size_t len; if (!CBB_init(&cbb, 0) || !CBB_add_bytes(&cbb, kDLEQBatchLabel, sizeof(kDLEQBatchLabel)) || @@ -405,8 +405,8 @@ const EC_JACOBIAN *p1, const EC_SCALAR *scalar1) { EC_JACOBIAN points[2] = {*p0, *p1}; EC_SCALAR scalars[2] = {*scalar0, *scalar1}; - return ec_point_mul_scalar_public_batch(group, out, /*g_scalar=*/NULL, points, - scalars, 2); + return ec_point_mul_scalar_public_batch(group, out, /*g_scalar=*/nullptr, + points, scalars, 2); } static int dleq_verify(const VOPRF_METHOD *method, CBS *cbs, @@ -529,10 +529,10 @@ EC_JACOBIAN BT_batch, Z_batch; if (!ec_point_mul_scalar_public_batch(group, &BT_batch, - /*g_scalar=*/NULL, BTs, es, + /*g_scalar=*/nullptr, BTs, es, num_to_issue) || !ec_point_mul_scalar_public_batch(group, &Z_batch, - /*g_scalar=*/NULL, Zs, es, + /*g_scalar=*/nullptr, Zs, es, num_to_issue)) { goto err; } @@ -569,7 +569,7 @@ const EC_GROUP *group = method->group_func(); if (count > sk_TRUST_TOKEN_PRETOKEN_num(pretokens)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); - return NULL; + return nullptr; } int ok = 0; @@ -582,7 +582,7 @@ reinterpret_cast<EC_SCALAR *>(OPENSSL_calloc(count, sizeof(EC_SCALAR))); CBB batch_cbb; CBB_zero(&batch_cbb); - if (ret == NULL || BTs == NULL || Zs == NULL || es == NULL || + if (ret == nullptr || BTs == nullptr || Zs == nullptr || es == nullptr || !CBB_init(&batch_cbb, 0) || !cbb_add_point(&batch_cbb, group, &key->pubs)) { goto err; @@ -631,7 +631,7 @@ TRUST_TOKEN *token = TRUST_TOKEN_new(CBB_data(&token_cbb), CBB_len(&token_cbb)); CBB_cleanup(&token_cbb); - if (token == NULL || !sk_TRUST_TOKEN_push(ret, token)) { + if (token == nullptr || !sk_TRUST_TOKEN_push(ret, token)) { TRUST_TOKEN_free(token); goto err; } @@ -648,9 +648,9 @@ EC_JACOBIAN BT_batch, Z_batch; if (!ec_point_mul_scalar_public_batch(group, &BT_batch, - /*g_scalar=*/NULL, BTs, es, count) || + /*g_scalar=*/nullptr, BTs, es, count) || !ec_point_mul_scalar_public_batch(group, &Z_batch, - /*g_scalar=*/NULL, Zs, es, count)) { + /*g_scalar=*/nullptr, Zs, es, count)) { goto err; } @@ -670,7 +670,7 @@ CBB_cleanup(&batch_cbb); if (!ok) { sk_TRUST_TOKEN_pop_free(ret, TRUST_TOKEN_free); - ret = NULL; + ret = nullptr; } return ret; } @@ -729,7 +729,7 @@ !CBB_add_u16(&cbb, index) || !cbb_serialize_point(&cbb, group, C) || !cbb_serialize_point(&cbb, group, D) || !CBB_add_bytes(&cbb, kCompositeLabel, sizeof(kCompositeLabel) - 1) || - !CBB_finish(&cbb, NULL, &len) || + !CBB_finish(&cbb, nullptr, &len) || !method->hash_to_scalar(group, di, transcript, len)) { return 0; } @@ -898,7 +898,7 @@ EC_JACOBIAN M, Z; if (!ec_point_mul_scalar_public_batch(group, &M, - /*g_scalar=*/NULL, BTs, dis, + /*g_scalar=*/nullptr, BTs, dis, num_to_issue) || !ec_point_mul_scalar(group, &Z, &M, &key->xs)) { goto err; @@ -961,7 +961,7 @@ const EC_GROUP *group = method->group_func(); if (count > sk_TRUST_TOKEN_PRETOKEN_num(pretokens)) { OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE); - return NULL; + return nullptr; } int ok = 0; @@ -972,7 +972,7 @@ OPENSSL_calloc(count, sizeof(EC_JACOBIAN))); EC_SCALAR *dis = reinterpret_cast<EC_SCALAR *>(OPENSSL_calloc(count, sizeof(EC_SCALAR))); - if (ret == NULL || !BTs || !Zs || !dis) { + if (ret == nullptr || !BTs || !Zs || !dis) { goto err; } @@ -1023,7 +1023,7 @@ TRUST_TOKEN *token = TRUST_TOKEN_new(CBB_data(&token_cbb), CBB_len(&token_cbb)); CBB_cleanup(&token_cbb); - if (token == NULL || !sk_TRUST_TOKEN_push(ret, token)) { + if (token == nullptr || !sk_TRUST_TOKEN_push(ret, token)) { TRUST_TOKEN_free(token); goto err; } @@ -1031,9 +1031,10 @@ EC_JACOBIAN M, Z; if (!ec_point_mul_scalar_public_batch(group, &M, - /*g_scalar=*/NULL, BTs, dis, count) || + /*g_scalar=*/nullptr, BTs, dis, + count) || !ec_point_mul_scalar_public_batch(group, &Z, - /*g_scalar=*/NULL, Zs, dis, count)) { + /*g_scalar=*/nullptr, Zs, dis, count)) { goto err; } @@ -1051,7 +1052,7 @@ OPENSSL_free(dis); if (!ok) { sk_TRUST_TOKEN_pop_free(ret, TRUST_TOKEN_free); - ret = NULL; + ret = nullptr; } return ret; }
diff --git a/crypto/x509/a_digest.cc b/crypto/x509/a_digest.cc index f3ddf73..9f5dde9 100644 --- a/crypto/x509/a_digest.cc +++ b/crypto/x509/a_digest.cc
@@ -24,14 +24,14 @@ int i, ret; unsigned char *str, *p; - i = i2d(data, NULL); - if ((str = (unsigned char *)OPENSSL_malloc(i)) == NULL) { + i = i2d(data, nullptr); + if ((str = (unsigned char *)OPENSSL_malloc(i)) == nullptr) { return 0; } p = str; i2d(data, &p); - ret = EVP_Digest(str, i, md, len, type, NULL); + ret = EVP_Digest(str, i, md, len, type, nullptr); OPENSSL_free(str); return ret; } @@ -39,14 +39,14 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, unsigned char *md, unsigned int *len) { int i, ret; - unsigned char *str = NULL; + unsigned char *str = nullptr; i = ASN1_item_i2d(reinterpret_cast<ASN1_VALUE *>(asn), &str, it); if (!str) { return 0; } - ret = EVP_Digest(str, i, md, len, type, NULL); + ret = EVP_Digest(str, i, md, len, type, nullptr); OPENSSL_free(str); return ret; }
diff --git a/crypto/x509/algorithm.cc b/crypto/x509/algorithm.cc index 55c3eaf..f6b3da7 100644 --- a/crypto/x509/algorithm.cc +++ b/crypto/x509/algorithm.cc
@@ -40,7 +40,7 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) { EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); - if (pkey == NULL) { + if (pkey == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); return 0; } @@ -58,13 +58,14 @@ } if (EVP_PKEY_id(pkey) == EVP_PKEY_ED25519) { - return X509_ALGOR_set0(algor, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL); + return X509_ALGOR_set0(algor, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, + nullptr); } // Default behavior: look up the OID for the algorithm/hash pair and encode // that. const EVP_MD *digest = EVP_MD_CTX_get0_md(ctx); - if (digest == NULL) { + if (digest == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_CONTEXT_NOT_INITIALISED); return 0; } @@ -81,7 +82,7 @@ // it. int paramtype = (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) ? V_ASN1_NULL : V_ASN1_UNDEF; - return X509_ALGOR_set0(algor, OBJ_nid2obj(sign_nid), paramtype, NULL); + return X509_ALGOR_set0(algor, OBJ_nid2obj(sign_nid), paramtype, nullptr); } int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg, @@ -115,11 +116,11 @@ return x509_rsa_pss_to_ctx(ctx, sigalg, pkey); } if (sigalg_nid == NID_ED25519) { - if (sigalg->parameter != NULL) { + if (sigalg->parameter != nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PARAMETER); return 0; } - return EVP_DigestVerifyInit(ctx, NULL, NULL, NULL, pkey); + return EVP_DigestVerifyInit(ctx, nullptr, nullptr, nullptr, pkey); } OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); return 0; @@ -130,17 +131,17 @@ // // TODO(davidben): Chromium's verifier allows both forms for RSA, but enforces // ECDSA more strictly. Align with Chromium and add a flag for b/167375496. - if (sigalg->parameter != NULL && sigalg->parameter->type != V_ASN1_NULL) { + if (sigalg->parameter != nullptr && sigalg->parameter->type != V_ASN1_NULL) { OPENSSL_PUT_ERROR(X509, X509_R_INVALID_PARAMETER); return 0; } // Otherwise, initialize with the digest from the OID. const EVP_MD *digest = EVP_get_digestbynid(digest_nid); - if (digest == NULL) { + if (digest == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); return 0; } - return EVP_DigestVerifyInit(ctx, NULL, digest, NULL, pkey); + return EVP_DigestVerifyInit(ctx, nullptr, digest, nullptr, pkey); }
diff --git a/crypto/x509/asn1_gen.cc b/crypto/x509/asn1_gen.cc index 6e56456..c134289 100644 --- a/crypto/x509/asn1_gen.cc +++ b/crypto/x509/asn1_gen.cc
@@ -159,7 +159,7 @@ // Modifiers end at commas. const char *comma = strchr(str, ','); - if (comma == NULL) { + if (comma == nullptr) { break; } @@ -187,7 +187,7 @@ CBS_skip(&modifier, 1); // Skip the colon. } else { name = modifier; - CBS_init(&modifier, NULL, 0); + CBS_init(&modifier, nullptr, 0); } if (cbs_str_equal(&name, "FORMAT") || cbs_str_equal(&name, "FORM")) { @@ -251,7 +251,7 @@ const char *colon = strchr(str, ':'); CBS name; const char *value; - int has_value = colon != NULL; + int has_value = colon != nullptr; if (has_value) { CBS_init(&name, (const uint8_t *)str, colon - str); value = colon + 1; @@ -344,12 +344,12 @@ OPENSSL_PUT_ERROR(ASN1, ASN1_R_INTEGER_NOT_ASCII_FORMAT); return 0; } - ASN1_INTEGER *obj = s2i_ASN1_INTEGER(NULL, value); - if (obj == NULL) { + ASN1_INTEGER *obj = s2i_ASN1_INTEGER(nullptr, value); + if (obj == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_INTEGER); return 0; } - int len = i2c_ASN1_INTEGER(obj, NULL); + int len = i2c_ASN1_INTEGER(obj, nullptr); uint8_t *out; int ok = len > 0 && // CBB_add_space(&child, &out, len) && @@ -364,7 +364,7 @@ return 0; } ASN1_OBJECT *obj = OBJ_txt2obj(value, /*dont_search_names=*/0); - if (obj == NULL || obj->length == 0) { + if (obj == nullptr || obj->length == 0) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_OBJECT); return 0; } @@ -382,9 +382,9 @@ CBS value_cbs; CBS_init(&value_cbs, (const uint8_t *)value, strlen(value)); int ok = type == CBS_ASN1_UTCTIME - ? CBS_parse_utc_time(&value_cbs, NULL, + ? CBS_parse_utc_time(&value_cbs, nullptr, /*allow_timezone_offset=*/0) - : CBS_parse_generalized_time(&value_cbs, NULL, + : CBS_parse_generalized_time(&value_cbs, nullptr, /*allow_timezone_offset=*/0); if (!ok) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_TIME_VALUE); @@ -414,7 +414,7 @@ // as a loose cap so fuzzers can exit from excessively long inputs // earlier. This limit is not load-bearing because |ASN1_mbstring_ncopy|'s // output is already linear in the input. - ASN1_STRING *obj = NULL; + ASN1_STRING *obj = nullptr; if (ASN1_mbstring_ncopy(&obj, (const uint8_t *)value, -1, encoding, ASN1_tag2bit(type), /*minsize=*/0, /*maxsize=*/ASN1_GEN_MAX_OUTPUT) <= 0) { @@ -428,7 +428,7 @@ case CBS_ASN1_BITSTRING: if (format == ASN1_GEN_FORMAT_BITLIST) { ASN1_BIT_STRING *obj = ASN1_BIT_STRING_new(); - if (obj == NULL) { + if (obj == nullptr) { return 0; } if (!CONF_parse_list(value, ',', 1, bitstr_cb, obj)) { @@ -436,7 +436,7 @@ ASN1_BIT_STRING_free(obj); return 0; } - int len = i2c_ASN1_BIT_STRING(obj, NULL); + int len = i2c_ASN1_BIT_STRING(obj, nullptr); uint8_t *out; int ok = len > 0 && // CBB_add_space(&child, &out, len) && @@ -461,7 +461,7 @@ if (format == ASN1_GEN_FORMAT_HEX) { size_t len; uint8_t *data = x509v3_hex_to_bytes(value, &len); - if (data == NULL) { + if (data == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_ILLEGAL_HEX); return 0; } @@ -476,12 +476,12 @@ case CBS_ASN1_SEQUENCE: case CBS_ASN1_SET: if (has_value) { - if (cnf == NULL) { + if (cnf == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); return 0; } const STACK_OF(CONF_VALUE) *section = X509V3_get_section(cnf, value); - if (section == NULL) { + if (section == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); return 0; }
diff --git a/crypto/x509/by_dir.cc b/crypto/x509/by_dir.cc index c6ed9e7..584ecec 100644 --- a/crypto/x509/by_dir.cc +++ b/crypto/x509/by_dir.cc
@@ -63,7 +63,7 @@ static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, char **retp) { int ret = 0; - char *dir = NULL; + char *dir = nullptr; BY_DIR *ld = reinterpret_cast<BY_DIR *>(ctx->method_data); @@ -91,10 +91,10 @@ static int new_dir(X509_LOOKUP *lu) { BY_DIR *a; - if ((a = (BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) { + if ((a = (BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == nullptr) { return 0; } - a->dirs = NULL; + a->dirs = nullptr; lu->method_data = a; return 1; } @@ -113,7 +113,7 @@ } static void by_dir_entry_free(BY_DIR_ENTRY *ent) { - if (ent != NULL) { + if (ent != nullptr) { CRYPTO_MUTEX_cleanup(&ent->lock); OPENSSL_free(ent->dir); sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free); @@ -123,7 +123,7 @@ static void free_dir(X509_LOOKUP *lu) { BY_DIR *a = reinterpret_cast<BY_DIR *>(lu->method_data); - if (a != NULL) { + if (a != nullptr) { sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free); OPENSSL_free(a); } @@ -139,7 +139,7 @@ size_t j, len; const char *s, *ss, *p; - if (dir == NULL || !*dir) { + if (dir == nullptr || !*dir) { OPENSSL_PUT_ERROR(X509, X509_R_INVALID_DIRECTORY); return 0; } @@ -164,7 +164,7 @@ if (j < sk_BY_DIR_ENTRY_num(ctx->dirs)) { continue; } - if (ctx->dirs == NULL) { + if (ctx->dirs == nullptr) { ctx->dirs = sk_BY_DIR_ENTRY_new_null(); if (!ctx->dirs) { return 0; @@ -179,7 +179,7 @@ ent->dir_type = type; ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp); ent->dir = OPENSSL_strndup(ss, len); - if (ent->dir == NULL || ent->hashes == NULL || + if (ent->dir == nullptr || ent->hashes == nullptr || !sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) { by_dir_entry_free(ent); return 0; @@ -199,11 +199,11 @@ uint32_t h; uint32_t hash_array[2]; int hash_index; - char *b = NULL; + char *b = nullptr; X509_OBJECT stmp, *tmp; const char *postfix = ""; - if (name == NULL) { + if (name == nullptr) { return 0; } @@ -246,13 +246,13 @@ hent = sk_BY_DIR_HASH_value(ent->hashes, idx); k = hent->suffix; } else { - hent = NULL; + hent = nullptr; k = 0; } CRYPTO_MUTEX_unlock_read(&ent->lock); } else { k = 0; - hent = NULL; + hent = nullptr; } for (;;) { OPENSSL_free(b); @@ -283,7 +283,7 @@ // we have added it to the cache so now pull it out again CRYPTO_MUTEX_lock_write(&xl->store_ctx->objs_lock); - tmp = NULL; + tmp = nullptr; sk_X509_OBJECT_sort(xl->store_ctx->objs); if (sk_X509_OBJECT_find(xl->store_ctx->objs, &idx, &stmp)) { tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, idx); @@ -306,7 +306,7 @@ if (!hent) { hent = reinterpret_cast<BY_DIR_HASH *>( OPENSSL_malloc(sizeof(BY_DIR_HASH))); - if (hent == NULL) { + if (hent == nullptr) { CRYPTO_MUTEX_unlock_write(&ent->lock); ok = 0; goto finish; @@ -327,7 +327,7 @@ CRYPTO_MUTEX_unlock_write(&ent->lock); } - if (tmp != NULL) { + if (tmp != nullptr) { ok = 1; ret->type = tmp->type; OPENSSL_memcpy(&ret->data, &tmp->data, sizeof(ret->data)); @@ -348,5 +348,5 @@ } int X509_LOOKUP_add_dir(X509_LOOKUP *lookup, const char *name, int type) { - return X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, name, type, NULL); + return X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, name, type, nullptr); }
diff --git a/crypto/x509/by_file.cc b/crypto/x509/by_file.cc index 511f488..c3b4d09 100644 --- a/crypto/x509/by_file.cc +++ b/crypto/x509/by_file.cc
@@ -23,10 +23,10 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); static const X509_LOOKUP_METHOD x509_file_lookup = { - NULL, // new - NULL, // free + nullptr, // new + nullptr, // free by_file_ctrl, // ctrl - NULL, // get_by_subject + nullptr, // get_by_subject }; const X509_LOOKUP_METHOD *X509_LOOKUP_file(void) { return &x509_file_lookup; } @@ -39,7 +39,7 @@ const char *file = argp; int type = argl; if (argl == X509_FILETYPE_DEFAULT) { - if ((file = getenv(X509_get_default_cert_file_env())) == NULL) { + if ((file = getenv(X509_get_default_cert_file_env())) == nullptr) { file = X509_get_default_cert_file(); } type = X509_FILETYPE_PEM; @@ -55,21 +55,21 @@ int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) { int ret = 0; - BIO *in = NULL; + BIO *in = nullptr; int i, count = 0; - X509 *x = NULL; + X509 *x = nullptr; in = BIO_new(BIO_s_file()); - if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { + if ((in == nullptr) || (BIO_read_filename(in, file) <= 0)) { OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); goto err; } if (type == X509_FILETYPE_PEM) { for (;;) { - x = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL); - if (x == NULL) { + x = PEM_read_bio_X509_AUX(in, nullptr, nullptr, nullptr); + if (x == nullptr) { if (ERR_equals(ERR_peek_last_error(), ERR_LIB_PEM, PEM_R_NO_START_LINE) && count > 0) { @@ -85,12 +85,12 @@ } count++; X509_free(x); - x = NULL; + x = nullptr; } ret = count; } else if (type == X509_FILETYPE_ASN1) { - x = d2i_X509_bio(in, NULL); - if (x == NULL) { + x = d2i_X509_bio(in, nullptr); + if (x == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); goto err; } @@ -116,21 +116,21 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) { int ret = 0; - BIO *in = NULL; + BIO *in = nullptr; int i, count = 0; - X509_CRL *x = NULL; + X509_CRL *x = nullptr; in = BIO_new(BIO_s_file()); - if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) { + if ((in == nullptr) || (BIO_read_filename(in, file) <= 0)) { OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); goto err; } if (type == X509_FILETYPE_PEM) { for (;;) { - x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL); - if (x == NULL) { + x = PEM_read_bio_X509_CRL(in, nullptr, nullptr, nullptr); + if (x == nullptr) { if (ERR_equals(ERR_peek_last_error(), ERR_LIB_PEM, PEM_R_NO_START_LINE) && count > 0) { @@ -146,12 +146,12 @@ } count++; X509_CRL_free(x); - x = NULL; + x = nullptr; } ret = count; } else if (type == X509_FILETYPE_ASN1) { - x = d2i_X509_CRL_bio(in, NULL); - if (x == NULL) { + x = d2i_X509_CRL_bio(in, nullptr); + if (x == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); goto err; } @@ -190,7 +190,7 @@ OPENSSL_PUT_ERROR(X509, ERR_R_SYS_LIB); return 0; } - inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); + inf = PEM_X509_INFO_read_bio(in, nullptr, nullptr, nullptr); BIO_free(in); if (!inf) { OPENSSL_PUT_ERROR(X509, ERR_R_PEM_LIB); @@ -222,5 +222,5 @@ } int X509_LOOKUP_load_file(X509_LOOKUP *lookup, const char *name, int type) { - return X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, name, type, NULL); + return X509_LOOKUP_ctrl(lookup, X509_L_FILE_LOAD, name, type, nullptr); }
diff --git a/crypto/x509/name_print.cc b/crypto/x509/name_print.cc index 3e41ba8..20a30cb 100644 --- a/crypto/x509/name_print.cc +++ b/crypto/x509/name_print.cc
@@ -25,7 +25,7 @@ static int maybe_write(BIO *out, const void *buf, int len) { // If |out| is NULL, ignore the output but report the length. - return out == NULL || BIO_write(out, buf, len) == len; + return out == nullptr || BIO_write(out, buf, len) == len; } // do_indent prints |indent| spaces to |out|. @@ -170,12 +170,12 @@ int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, unsigned long flags) { - BIO *bio = NULL; - if (fp != NULL) { + BIO *bio = nullptr; + if (fp != nullptr) { // If |fp| is NULL, this function returns the number of bytes without // writing. bio = BIO_new_fp(fp, BIO_NOCLOSE); - if (bio == NULL) { + if (bio == nullptr) { return -1; } }
diff --git a/crypto/x509/policy.cc b/crypto/x509/policy.cc index 1e3d406..489d49b 100644 --- a/crypto/x509/policy.cc +++ b/crypto/x509/policy.cc
@@ -90,7 +90,7 @@ } static void x509_policy_node_free(X509_POLICY_NODE *node) { - if (node != NULL) { + if (node != nullptr) { ASN1_OBJECT_free(node->policy); sk_ASN1_OBJECT_pop_free(node->parent_policies, ASN1_OBJECT_free); OPENSSL_free(node); @@ -101,14 +101,14 @@ assert(!is_any_policy(policy)); X509_POLICY_NODE *node = reinterpret_cast<X509_POLICY_NODE *>( OPENSSL_zalloc(sizeof(X509_POLICY_NODE))); - if (node == NULL) { - return NULL; + if (node == nullptr) { + return nullptr; } node->policy = OBJ_dup(policy); node->parent_policies = sk_ASN1_OBJECT_new_null(); - if (node->policy == NULL || node->parent_policies == NULL) { + if (node->policy == nullptr || node->parent_policies == nullptr) { x509_policy_node_free(node); - return NULL; + return nullptr; } return node; } @@ -119,7 +119,7 @@ } static void x509_policy_level_free(X509_POLICY_LEVEL *level) { - if (level != NULL) { + if (level != nullptr) { sk_X509_POLICY_NODE_pop_free(level->nodes, x509_policy_node_free); OPENSSL_free(level); } @@ -128,13 +128,13 @@ static X509_POLICY_LEVEL *x509_policy_level_new(void) { X509_POLICY_LEVEL *level = reinterpret_cast<X509_POLICY_LEVEL *>( OPENSSL_zalloc(sizeof(X509_POLICY_LEVEL))); - if (level == NULL) { - return NULL; + if (level == nullptr) { + return nullptr; } level->nodes = sk_X509_POLICY_NODE_new(x509_policy_node_cmp); - if (level->nodes == NULL) { + if (level->nodes == nullptr) { x509_policy_level_free(level); - return NULL; + return nullptr; } return level; } @@ -160,7 +160,7 @@ node.policy = (ASN1_OBJECT *)policy; size_t idx; if (!sk_X509_POLICY_NODE_find(level->nodes, &idx, &node)) { - return NULL; + return nullptr; } return sk_X509_POLICY_NODE_value(level->nodes, idx); } @@ -179,7 +179,7 @@ if (!sk_X509_POLICY_NODE_push(level->nodes, node)) { return 0; } - sk_X509_POLICY_NODE_set(nodes, i, NULL); + sk_X509_POLICY_NODE_set(nodes, i, nullptr); } sk_X509_POLICY_NODE_sort(level->nodes); @@ -204,7 +204,7 @@ assert(sk_POLICYINFO_is_sorted(policies)); POLICYINFO info; info.policyid = node->policy; - if (sk_POLICYINFO_find(policies, NULL, &info)) { + if (sk_POLICYINFO_find(policies, nullptr, &info)) { return 0; } x509_policy_node_free(node); @@ -223,12 +223,12 @@ int any_policy_allowed) { int ret = 0; int critical; - STACK_OF(X509_POLICY_NODE) *new_nodes = NULL; + STACK_OF(X509_POLICY_NODE) *new_nodes = nullptr; CERTIFICATEPOLICIES *policies = reinterpret_cast<CERTIFICATEPOLICIES *>( - X509_get_ext_d2i(x509, NID_certificate_policies, &critical, NULL)); + X509_get_ext_d2i(x509, NID_certificate_policies, &critical, nullptr)); { - if (policies == NULL) { + if (policies == nullptr) { if (critical != -1) { return 0; // Syntax error in the extension. } @@ -280,7 +280,7 @@ // node. if (previous_level_has_any_policy) { new_nodes = sk_X509_POLICY_NODE_new_null(); - if (new_nodes == NULL) { + if (new_nodes == nullptr) { goto err; } for (size_t i = 0; i < sk_POLICYINFO_num(policies); i++) { @@ -288,9 +288,9 @@ // Though we've reordered the steps slightly, |policy| is in |level| if // and only if it would have been a match in step (d.1.ii). if (!is_any_policy(policy->policyid) && - x509_policy_level_find(level, policy->policyid) == NULL) { + x509_policy_level_find(level, policy->policyid) == nullptr) { X509_POLICY_NODE *node = x509_policy_node_new(policy->policyid); - if (node == NULL || // + if (node == nullptr || // !sk_X509_POLICY_NODE_push(new_nodes, node)) { x509_policy_node_free(node); goto err; @@ -327,7 +327,7 @@ assert(sk_POLICY_MAPPING_is_sorted(mappings)); POLICY_MAPPING mapping; mapping.issuerDomainPolicy = node->policy; - if (!sk_POLICY_MAPPING_find(mappings, /*out_index=*/NULL, &mapping)) { + if (!sk_POLICY_MAPPING_find(mappings, /*out_index=*/nullptr, &mapping)) { return 0; } x509_policy_node_free(node); @@ -354,19 +354,19 @@ X509_POLICY_LEVEL *level, int mapping_allowed) { int ok = 0; - STACK_OF(X509_POLICY_NODE) *new_nodes = NULL; - X509_POLICY_LEVEL *next = NULL; + STACK_OF(X509_POLICY_NODE) *new_nodes = nullptr; + X509_POLICY_LEVEL *next = nullptr; int critical; POLICY_MAPPINGS *mappings = reinterpret_cast<POLICY_MAPPINGS *>( - X509_get_ext_d2i(cert, NID_policy_mappings, &critical, NULL)); + X509_get_ext_d2i(cert, NID_policy_mappings, &critical, nullptr)); { - if (mappings == NULL && critical != -1) { + if (mappings == nullptr && critical != -1) { // Syntax error in the policy mappings extension. goto err; } - if (mappings != NULL) { + if (mappings != nullptr) { // PolicyMappings may not be empty. See RFC 5280, section 4.2.1.5. // TODO(https://crbug.com/boringssl/443): Move this check into the parser. if (sk_POLICY_MAPPING_num(mappings) == 0) { @@ -391,14 +391,14 @@ // Mark nodes as mapped, and add any nodes to |level| which may be // needed as part of RFC 5280, section 6.1.4, step (b.1). new_nodes = sk_X509_POLICY_NODE_new_null(); - if (new_nodes == NULL) { + if (new_nodes == nullptr) { goto err; } - const ASN1_OBJECT *last_policy = NULL; + const ASN1_OBJECT *last_policy = nullptr; for (size_t i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) { const POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings, i); // There may be multiple mappings with the same |issuerDomainPolicy|. - if (last_policy != NULL && + if (last_policy != nullptr && OBJ_cmp(mapping->issuerDomainPolicy, last_policy) == 0) { continue; } @@ -406,12 +406,12 @@ X509_POLICY_NODE *node = x509_policy_level_find(level, mapping->issuerDomainPolicy); - if (node == NULL) { + if (node == nullptr) { if (!level->has_any_policy) { continue; } node = x509_policy_node_new(mapping->issuerDomainPolicy); - if (node == NULL || // + if (node == nullptr || // !sk_X509_POLICY_NODE_push(new_nodes, node)) { x509_policy_node_free(node); goto err; @@ -427,15 +427,15 @@ // all mapped nodes. sk_X509_POLICY_NODE_delete_if(level->nodes, delete_if_mapped, mappings); sk_POLICY_MAPPING_pop_free(mappings, POLICY_MAPPING_free); - mappings = NULL; + mappings = nullptr; } } // If a node was not mapped, it retains the original "explicit_policy_set" // value, itself. Add those to |mappings|. - if (mappings == NULL) { + if (mappings == nullptr) { mappings = sk_POLICY_MAPPING_new_null(); - if (mappings == NULL) { + if (mappings == nullptr) { goto err; } } @@ -443,13 +443,13 @@ X509_POLICY_NODE *node = sk_X509_POLICY_NODE_value(level->nodes, i); if (!node->mapped) { POLICY_MAPPING *mapping = POLICY_MAPPING_new(); - if (mapping == NULL) { + if (mapping == nullptr) { goto err; } mapping->issuerDomainPolicy = OBJ_dup(node->policy); mapping->subjectDomainPolicy = OBJ_dup(node->policy); - if (mapping->issuerDomainPolicy == NULL || - mapping->subjectDomainPolicy == NULL || + if (mapping->issuerDomainPolicy == nullptr || + mapping->subjectDomainPolicy == nullptr || !sk_POLICY_MAPPING_push(mappings, mapping)) { POLICY_MAPPING_free(mapping); goto err; @@ -463,24 +463,25 @@ // Convert |mappings| to our "expected_policy_set" representation. next = x509_policy_level_new(); - if (next == NULL) { + if (next == nullptr) { goto err; } next->has_any_policy = level->has_any_policy; - X509_POLICY_NODE *last_node = NULL; + X509_POLICY_NODE *last_node = nullptr; for (size_t i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) { POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings, i); // Skip mappings where |issuerDomainPolicy| does not appear in the graph. if (!level->has_any_policy && - x509_policy_level_find(level, mapping->issuerDomainPolicy) == NULL) { + x509_policy_level_find(level, mapping->issuerDomainPolicy) == + nullptr) { continue; } - if (last_node == NULL || + if (last_node == nullptr || OBJ_cmp(last_node->policy, mapping->subjectDomainPolicy) != 0) { last_node = x509_policy_node_new(mapping->subjectDomainPolicy); - if (last_node == NULL || + if (last_node == nullptr || !sk_X509_POLICY_NODE_push(next->nodes, last_node)) { x509_policy_node_free(last_node); goto err; @@ -491,7 +492,7 @@ mapping->issuerDomainPolicy)) { goto err; } - mapping->issuerDomainPolicy = NULL; + mapping->issuerDomainPolicy = nullptr; } sk_X509_POLICY_NODE_sort(next->nodes); @@ -501,7 +502,7 @@ err: if (!ok) { x509_policy_level_free(next); - next = NULL; + next = nullptr; } sk_POLICY_MAPPING_pop_free(mappings, POLICY_MAPPING_free); @@ -513,7 +514,7 @@ // of its current value and |skip_certs|. It returns one on success and zero if // |skip_certs| is negative. static int apply_skip_certs(const ASN1_INTEGER *skip_certs, size_t *value) { - if (skip_certs == NULL) { + if (skip_certs == nullptr) { return 1; } @@ -541,13 +542,13 @@ size_t *inhibit_any_policy) { int critical; POLICY_CONSTRAINTS *constraints = reinterpret_cast<POLICY_CONSTRAINTS *>( - X509_get_ext_d2i(x509, NID_policy_constraints, &critical, NULL)); - if (constraints == NULL && critical != -1) { + X509_get_ext_d2i(x509, NID_policy_constraints, &critical, nullptr)); + if (constraints == nullptr && critical != -1) { return 0; } - if (constraints != NULL) { - if (constraints->requireExplicitPolicy == NULL && - constraints->inhibitPolicyMapping == NULL) { + if (constraints != nullptr) { + if (constraints->requireExplicitPolicy == nullptr && + constraints->inhibitPolicyMapping == nullptr) { // Per RFC 5280, section 4.2.1.11, at least one of the fields must be // present. OPENSSL_PUT_ERROR(X509, X509_R_INVALID_POLICY_EXTENSION); @@ -564,8 +565,8 @@ } ASN1_INTEGER *inhibit_any_policy_ext = reinterpret_cast<ASN1_INTEGER *>( - X509_get_ext_d2i(x509, NID_inhibit_any_policy, &critical, NULL)); - if (inhibit_any_policy_ext == NULL && critical != -1) { + X509_get_ext_d2i(x509, NID_inhibit_any_policy, &critical, nullptr)); + if (inhibit_any_policy_ext == nullptr && critical != -1) { return 0; } int ok = apply_skip_certs(inhibit_any_policy_ext, inhibit_any_policy); @@ -580,7 +581,7 @@ // evaluation. static int has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels, const STACK_OF(ASN1_OBJECT) *user_policies) { - assert(user_policies == NULL || sk_ASN1_OBJECT_is_sorted(user_policies)); + assert(user_policies == nullptr || sk_ASN1_OBJECT_is_sorted(user_policies)); // Step (g.i). If the policy graph is empty, the intersection is empty. size_t num_levels = sk_X509_POLICY_LEVEL_num(levels); @@ -631,7 +632,7 @@ // |node|'s parent is anyPolicy and is part of "valid_policy_node_set". // If it exists in |user_policies|, the intersection is non-empty and we // can return immediately. - if (sk_ASN1_OBJECT_find(user_policies, /*out_index=*/NULL, + if (sk_ASN1_OBJECT_find(user_policies, /*out_index=*/nullptr, node->policy)) { return 1; } @@ -642,7 +643,7 @@ for (size_t k = 0; k < sk_ASN1_OBJECT_num(node->parent_policies); k++) { X509_POLICY_NODE *parent = x509_policy_level_find( prev, sk_ASN1_OBJECT_value(node->parent_policies, k)); - if (parent != NULL) { + if (parent != nullptr) { parent->reachable = 1; } } @@ -661,11 +662,11 @@ int X509_policy_check(const STACK_OF(X509) *certs, const STACK_OF(ASN1_OBJECT) *user_policies, unsigned long flags, X509 **out_current_cert) { - *out_current_cert = NULL; + *out_current_cert = nullptr; int ret = X509_V_ERR_OUT_OF_MEM; - X509_POLICY_LEVEL *level = NULL; - STACK_OF(X509_POLICY_LEVEL) *levels = NULL; - STACK_OF(ASN1_OBJECT) *user_policies_sorted = NULL; + X509_POLICY_LEVEL *level = nullptr; + STACK_OF(X509_POLICY_LEVEL) *levels = nullptr; + STACK_OF(ASN1_OBJECT) *user_policies_sorted = nullptr; size_t num_certs = sk_X509_num(certs); // Skip policy checking if the chain is just the trust anchor. @@ -681,7 +682,7 @@ size_t policy_mapping = (flags & X509_V_FLAG_INHIBIT_MAP) ? 0 : num_certs + 1; levels = sk_X509_POLICY_LEVEL_new_null(); - if (levels == NULL) { + if (levels == nullptr) { goto err; } @@ -692,10 +693,10 @@ } const int is_self_issued = (cert->ex_flags & EXFLAG_SI) != 0; - if (level == NULL) { + if (level == nullptr) { assert(i == num_certs - 2); level = x509_policy_level_new(); - if (level == NULL) { + if (level == nullptr) { goto err; } level->has_any_policy = 1; @@ -722,14 +723,14 @@ goto err; } X509_POLICY_LEVEL *current_level = level; - level = NULL; + level = nullptr; // If this is not the leaf certificate, we go to section 6.1.4. If it // is the leaf certificate, we go to section 6.1.5 instead. if (i != 0) { // RFC 5280, section 6.1.4, steps (a) and (b). level = process_policy_mappings(cert, current_level, policy_mapping > 0); - if (level == NULL) { + if (level == nullptr) { ret = X509_V_ERR_INVALID_POLICY_EXTENSION; *out_current_cert = cert; goto err; @@ -763,9 +764,9 @@ // is only necessary to check if the user-constrained-policy-set is not empty. if (explicit_policy == 0) { // Build a sorted copy of |user_policies| for more efficient lookup. - if (user_policies != NULL) { + if (user_policies != nullptr) { user_policies_sorted = sk_ASN1_OBJECT_dup(user_policies); - if (user_policies_sorted == NULL) { + if (user_policies_sorted == nullptr) { goto err; } sk_ASN1_OBJECT_set_cmp_func(user_policies_sorted, asn1_object_cmp);
diff --git a/crypto/x509/t_crl.cc b/crypto/x509/t_crl.cc index b78404f..5ef99ab 100644 --- a/crypto/x509/t_crl.cc +++ b/crypto/x509/t_crl.cc
@@ -23,7 +23,7 @@ int X509_CRL_print_fp(FILE *fp, const X509_CRL *x) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); return 0; } @@ -44,12 +44,13 @@ // Note this and the other |X509_signature_print| call both print the // outer signature algorithm, rather than printing the inner and outer // ones separately. This matches OpenSSL, though it was probably a bug. - !X509_signature_print(out, sig_alg, NULL)) { + !X509_signature_print(out, sig_alg, nullptr)) { return 0; } - char *issuer = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0); - int ok = issuer != NULL && BIO_printf(out, "%8sIssuer: %s\n", "", issuer) > 0; + char *issuer = X509_NAME_oneline(X509_CRL_get_issuer(x), nullptr, 0); + int ok = + issuer != nullptr && BIO_printf(out, "%8sIssuer: %s\n", "", issuer) > 0; OPENSSL_free(issuer); if (!ok) { return 0;
diff --git a/crypto/x509/t_req.cc b/crypto/x509/t_req.cc index 6852611..5374539 100644 --- a/crypto/x509/t_req.cc +++ b/crypto/x509/t_req.cc
@@ -26,7 +26,7 @@ int X509_REQ_print_fp(FILE *fp, const X509_REQ *x) { BIO *bio = BIO_new_fp(fp, BIO_NOCLOSE); - if (bio == NULL) { + if (bio == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); return 0; } @@ -85,11 +85,11 @@ } const EVP_PKEY *pkey = X509_REQ_get0_pubkey(x); - if (pkey == NULL) { + if (pkey == nullptr) { BIO_printf(bio, "%12sUnable to load Public Key\n", ""); ERR_print_errors(bio); } else { - EVP_PKEY_print_public(bio, pkey, 16, NULL); + EVP_PKEY_print_public(bio, pkey, 16, nullptr); } }
diff --git a/crypto/x509/t_x509.cc b/crypto/x509/t_x509.cc index d21256b..9837e38 100644 --- a/crypto/x509/t_x509.cc +++ b/crypto/x509/t_x509.cc
@@ -29,7 +29,7 @@ int X509_print_ex_fp(FILE *fp, const X509 *x, unsigned long nmflag, unsigned long cflag) { BIO *b = BIO_new_fp(fp, BIO_NOCLOSE); - if (b == NULL) { + if (b == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_BUF_LIB); return 0; } @@ -106,7 +106,7 @@ } if (!(cflag & X509_FLAG_NO_SIGNAME)) { - if (X509_signature_print(bp, &x->tbs_sig_alg, NULL) <= 0) { + if (X509_signature_print(bp, &x->tbs_sig_alg, nullptr) <= 0) { return 0; } } @@ -170,11 +170,11 @@ } const EVP_PKEY *pkey = X509_get0_pubkey(x); - if (pkey == NULL) { + if (pkey == nullptr) { BIO_printf(bp, "%12sUnable to load Public Key\n", ""); ERR_print_errors(bp); } else { - EVP_PKEY_print_public(bp, pkey, 16, NULL); + EVP_PKEY_print_public(bp, pkey, 16, nullptr); } } @@ -227,7 +227,7 @@ // RSA-PSS signatures have parameters to print. int sig_nid = OBJ_obj2nid(sigalg->algorithm); if (sig_nid == NID_rsassaPss && - !x509_print_rsa_pss_params(bp, sigalg, 9, 0)) { + !x509_print_rsa_pss_params(bp, sigalg, 9, nullptr)) { return 0; } @@ -243,7 +243,7 @@ char *s, *c, *b; int ret = 0, i; - b = X509_NAME_oneline(name, NULL, 0); + b = X509_NAME_oneline(name, nullptr, 0); if (!b) { return 0; }
diff --git a/crypto/x509/v3_akey.cc b/crypto/x509/v3_akey.cc index 6c3c6a9..e64365d 100644 --- a/crypto/x509/v3_akey.cc +++ b/crypto/x509/v3_akey.cc
@@ -36,27 +36,27 @@ NID_authority_key_identifier, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_AUTHORITY_KEYID, v2i_AUTHORITY_KEYID, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, }; static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID( const X509V3_EXT_METHOD *method, void *ext, STACK_OF(CONF_VALUE) *extlist) { const AUTHORITY_KEYID *akeyid = reinterpret_cast<const AUTHORITY_KEYID *>(ext); - int extlist_was_null = extlist == NULL; + int extlist_was_null = extlist == nullptr; if (akeyid->keyid) { char *tmp = x509v3_bytes_to_hex(akeyid->keyid->data, akeyid->keyid->length); - int ok = tmp != NULL && X509V3_add_value("keyid", tmp, &extlist); + int ok = tmp != nullptr && X509V3_add_value("keyid", tmp, &extlist); OPENSSL_free(tmp); if (!ok) { goto err; @@ -64,8 +64,8 @@ } if (akeyid->issuer) { STACK_OF(CONF_VALUE) *tmpextlist = - i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); - if (tmpextlist == NULL) { + i2v_GENERAL_NAMES(nullptr, akeyid->issuer, extlist); + if (tmpextlist == nullptr) { goto err; } extlist = tmpextlist; @@ -81,7 +81,7 @@ if (extlist_was_null) { sk_CONF_VALUE_pop_free(extlist, X509V3_conf_free); } - return NULL; + return nullptr; } // Currently two options: keyid: use the issuers subject keyid, the value @@ -95,11 +95,11 @@ const STACK_OF(CONF_VALUE) *values) { char keyid = 0, issuer = 0; int j; - ASN1_OCTET_STRING *ikeyid = NULL; - X509_NAME *isname = NULL; - GENERAL_NAMES *gens = NULL; - GENERAL_NAME *gen = NULL; - ASN1_INTEGER *serial = NULL; + ASN1_OCTET_STRING *ikeyid = nullptr; + X509_NAME *isname = nullptr; + GENERAL_NAMES *gens = nullptr; + GENERAL_NAME *gen = nullptr; + ASN1_INTEGER *serial = nullptr; const X509 *cert; AUTHORITY_KEYID *akeyid; @@ -118,7 +118,7 @@ } else { OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_OPTION); ERR_add_error_data(2, "name=", cnf->name); - return NULL; + return nullptr; } } @@ -127,7 +127,7 @@ return AUTHORITY_KEYID_new(); } OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_ISSUER_CERTIFICATE); - return NULL; + return nullptr; } cert = ctx->issuer_cert; @@ -140,7 +140,7 @@ } if (keyid == 2 && !ikeyid) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); - return NULL; + return nullptr; } } @@ -176,5 +176,5 @@ X509_NAME_free(isname); ASN1_INTEGER_free(serial); ASN1_OCTET_STRING_free(ikeyid); - return NULL; + return nullptr; }
diff --git a/crypto/x509/v3_alt.cc b/crypto/x509/v3_alt.cc index 64bd889..cb4a72a 100644 --- a/crypto/x509/v3_alt.cc +++ b/crypto/x509/v3_alt.cc
@@ -47,12 +47,12 @@ NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_GENERAL_NAMES_cb, v2i_subject_alt, nullptr, @@ -64,12 +64,12 @@ NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_GENERAL_NAMES_cb, v2i_issuer_alt, nullptr, @@ -81,31 +81,31 @@ NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_GENERAL_NAMES_cb, - NULL, - NULL, - NULL, - NULL, + nullptr, + nullptr, + nullptr, + nullptr, }; STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(const X509V3_EXT_METHOD *method, const GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret) { - int ret_was_null = ret == NULL; + int ret_was_null = ret == nullptr; for (size_t i = 0; i < sk_GENERAL_NAME_num(gens); i++) { const GENERAL_NAME *gen = sk_GENERAL_NAME_value(gens, i); STACK_OF(CONF_VALUE) *tmp = i2v_GENERAL_NAME(method, gen, ret); - if (tmp == NULL) { + if (tmp == nullptr) { if (ret_was_null) { sk_CONF_VALUE_pop_free(ret, X509V3_conf_free); } - return NULL; + return nullptr; } ret = tmp; } @@ -127,44 +127,44 @@ switch (gen->type) { case GEN_OTHERNAME: if (!X509V3_add_value("othername", "<unsupported>", &ret)) { - return NULL; + return nullptr; } break; case GEN_X400: if (!X509V3_add_value("X400Name", "<unsupported>", &ret)) { - return NULL; + return nullptr; } break; case GEN_EDIPARTY: if (!X509V3_add_value("EdiPartyName", "<unsupported>", &ret)) { - return NULL; + return nullptr; } break; case GEN_EMAIL: if (!x509V3_add_value_asn1_string("email", gen->d.ia5, &ret)) { - return NULL; + return nullptr; } break; case GEN_DNS: if (!x509V3_add_value_asn1_string("DNS", gen->d.ia5, &ret)) { - return NULL; + return nullptr; } break; case GEN_URI: if (!x509V3_add_value_asn1_string("URI", gen->d.ia5, &ret)) { - return NULL; + return nullptr; } break; case GEN_DIRNAME: - if (X509_NAME_oneline(gen->d.dirn, oline, 256) == NULL || + if (X509_NAME_oneline(gen->d.dirn, oline, 256) == nullptr || !X509V3_add_value("DirName", oline, &ret)) { - return NULL; + return nullptr; } break; @@ -185,19 +185,19 @@ } } else { if (!X509V3_add_value("IP Address", "<invalid>", &ret)) { - return NULL; + return nullptr; } break; } if (!X509V3_add_value("IP Address", oline, &ret)) { - return NULL; + return nullptr; } break; case GEN_RID: i2t_ASN1_OBJECT(oline, 256, gen->d.rid); if (!X509V3_add_value("Registered ID", oline, &ret)) { - return NULL; + return nullptr; } break; } @@ -270,8 +270,8 @@ const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { GENERAL_NAMES *gens = sk_GENERAL_NAME_new_null(); - if (gens == NULL) { - return NULL; + if (gens == nullptr) { + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) { const CONF_VALUE *cnf = sk_CONF_VALUE_value(nval, i); @@ -282,7 +282,7 @@ } } else { GENERAL_NAME *gen = v2i_GENERAL_NAME(method, ctx, cnf); - if (gen == NULL || !sk_GENERAL_NAME_push(gens, gen)) { + if (gen == nullptr || !sk_GENERAL_NAME_push(gens, gen)) { GENERAL_NAME_free(gen); goto err; } @@ -291,7 +291,7 @@ return gens; err: sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; + return nullptr; } // Append subject altname of issuer to issuer alt name of subject @@ -310,7 +310,7 @@ } int ret = 0; - GENERAL_NAMES *ialt = NULL; + GENERAL_NAMES *ialt = nullptr; X509_EXTENSION *ext; if (!(ext = X509_get_ext(ctx->issuer_cert, i)) || !(ialt = reinterpret_cast<GENERAL_NAMES *>(X509V3_EXT_d2i(ext)))) { @@ -324,7 +324,7 @@ goto err; } // Ownership of |gen| has moved from |ialt| to |gens|. - sk_GENERAL_NAME_set(ialt, j, NULL); + sk_GENERAL_NAME_set(ialt, j, nullptr); } ret = 1; @@ -338,8 +338,8 @@ const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { GENERAL_NAMES *gens = sk_GENERAL_NAME_new_null(); - if (gens == NULL) { - return NULL; + if (gens == nullptr) { + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) { const CONF_VALUE *cnf = sk_CONF_VALUE_value(nval, i); @@ -355,7 +355,7 @@ } } else { GENERAL_NAME *gen = v2i_GENERAL_NAME(method, ctx, cnf); - if (gen == NULL || !sk_GENERAL_NAME_push(gens, gen)) { + if (gen == nullptr || !sk_GENERAL_NAME_push(gens, gen)) { GENERAL_NAME_free(gen); goto err; } @@ -364,18 +364,18 @@ return gens; err: sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; + return nullptr; } // Copy any email addresses in a certificate or request to GENERAL_NAMES static int copy_email(const X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p) { X509_NAME *nm; - ASN1_IA5STRING *email = NULL; + ASN1_IA5STRING *email = nullptr; X509_NAME_ENTRY *ne; - GENERAL_NAME *gen = NULL; + GENERAL_NAME *gen = nullptr; int i; - if (ctx != NULL && ctx->flags == X509V3_CTX_TEST) { + if (ctx != nullptr && ctx->flags == X509V3_CTX_TEST) { return 1; } if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) { @@ -403,12 +403,12 @@ goto err; } gen->d.ia5 = email; - email = NULL; + email = nullptr; gen->type = GEN_EMAIL; if (!sk_GENERAL_NAME_push(gens, gen)) { goto err; } - gen = NULL; + gen = nullptr; } return 1; @@ -423,13 +423,13 @@ const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { GENERAL_NAMES *gens = sk_GENERAL_NAME_new_null(); - if (gens == NULL) { - return NULL; + if (gens == nullptr) { + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) { const CONF_VALUE *cnf = sk_CONF_VALUE_value(nval, i); GENERAL_NAME *gen = v2i_GENERAL_NAME(method, ctx, cnf); - if (gen == NULL || !sk_GENERAL_NAME_push(gens, gen)) { + if (gen == nullptr || !sk_GENERAL_NAME_push(gens, gen)) { GENERAL_NAME_free(gen); goto err; } @@ -437,12 +437,12 @@ return gens; err: sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; + return nullptr; } GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const CONF_VALUE *cnf) { - return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0); + return v2i_GENERAL_NAME_ex(nullptr, method, ctx, cnf, 0); } static GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out, @@ -451,16 +451,16 @@ const char *value, int is_nc) { if (!value) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); - return NULL; + return nullptr; } - GENERAL_NAME *gen = NULL; + GENERAL_NAME *gen = nullptr; if (out) { gen = out; } else { gen = GENERAL_NAME_new(); - if (gen == NULL) { - return NULL; + if (gen == nullptr) { + return nullptr; } } @@ -469,7 +469,7 @@ case GEN_EMAIL: case GEN_DNS: { ASN1_IA5STRING *str = ASN1_IA5STRING_new(); - if (str == NULL || !ASN1_STRING_set(str, value, strlen(value))) { + if (str == nullptr || !ASN1_STRING_set(str, value, strlen(value))) { ASN1_STRING_free(str); goto err; } @@ -497,7 +497,7 @@ } else { gen->d.ip = a2i_IPADDRESS(value); } - if (gen->d.ip == NULL) { + if (gen->d.ip == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_BAD_IP_ADDRESS); ERR_add_error_data(2, "value=", value); goto err; @@ -528,7 +528,7 @@ if (!out) { GENERAL_NAME_free(gen); } - return NULL; + return nullptr; } GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out, @@ -539,7 +539,7 @@ const char *value = cnf->value; if (!value) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); - return NULL; + return nullptr; } int type; @@ -560,7 +560,7 @@ } else { OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNSUPPORTED_OPTION); ERR_add_error_data(2, "name=", name); - return NULL; + return nullptr; } return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc); @@ -569,29 +569,29 @@ static int do_othername(GENERAL_NAME *gen, const char *value, const X509V3_CTX *ctx) { const char *semicolon = strchr(value, ';'); - if (semicolon == NULL) { + if (semicolon == nullptr) { return 0; } OTHERNAME *name = OTHERNAME_new(); - if (name == NULL) { + if (name == nullptr) { return 0; } char *objtmp = OPENSSL_strndup(value, semicolon - value); - if (objtmp == NULL) { + if (objtmp == nullptr) { goto err; } ASN1_OBJECT_free(name->type_id); name->type_id = OBJ_txt2obj(objtmp, /*dont_search_names=*/0); OPENSSL_free(objtmp); - if (name->type_id == NULL) { + if (name->type_id == nullptr) { goto err; } ASN1_TYPE_free(name->value); name->value = ASN1_generate_v3(semicolon + 1, ctx); - if (name->value == NULL) { + if (name->value == nullptr) { goto err; } @@ -609,10 +609,10 @@ int ret = 0; const STACK_OF(CONF_VALUE) *sk = X509V3_get_section(ctx, value); X509_NAME *nm = X509_NAME_new(); - if (nm == NULL) { + if (nm == nullptr) { goto err; } - if (sk == NULL) { + if (sk == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); ERR_add_error_data(2, "section=", value); goto err;
diff --git a/crypto/x509/v3_bcons.cc b/crypto/x509/v3_bcons.cc index 0399557..5d24ced 100644 --- a/crypto/x509/v3_bcons.cc +++ b/crypto/x509/v3_bcons.cc
@@ -35,17 +35,17 @@ NID_basic_constraints, 0, ASN1_ITEM_ref(BASIC_CONSTRAINTS), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_BASIC_CONSTRAINTS, v2i_BASIC_CONSTRAINTS, - NULL, - NULL, - NULL, + nullptr, + nullptr, + nullptr, }; ASN1_SEQUENCE(BASIC_CONSTRAINTS) = { @@ -67,9 +67,9 @@ static void *v2i_BASIC_CONSTRAINTS(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *values) { - BASIC_CONSTRAINTS *bcons = NULL; + BASIC_CONSTRAINTS *bcons = nullptr; if (!(bcons = BASIC_CONSTRAINTS_new())) { - return NULL; + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(values); i++) { const CONF_VALUE *val = sk_CONF_VALUE_value(values, i); @@ -90,5 +90,5 @@ return bcons; err: BASIC_CONSTRAINTS_free(bcons); - return NULL; + return nullptr; }
diff --git a/crypto/x509/v3_bitst.cc b/crypto/x509/v3_bitst.cc index eb7d0e1..57cdbec 100644 --- a/crypto/x509/v3_bitst.cc +++ b/crypto/x509/v3_bitst.cc
@@ -24,15 +24,11 @@ static const BIT_STRING_BITNAME ns_cert_type_table[] = { - {0, "SSL Client", "client"}, - {1, "SSL Server", "server"}, - {2, "S/MIME", "email"}, - {3, "Object Signing", "objsign"}, - {4, "Unused", "reserved"}, - {5, "SSL CA", "sslCA"}, - {6, "S/MIME CA", "emailCA"}, - {7, "Object Signing CA", "objCA"}, - {-1, NULL, NULL}}; + {0, "SSL Client", "client"}, {1, "SSL Server", "server"}, + {2, "S/MIME", "email"}, {3, "Object Signing", "objsign"}, + {4, "Unused", "reserved"}, {5, "SSL CA", "sslCA"}, + {6, "S/MIME CA", "emailCA"}, {7, "Object Signing CA", "objCA"}, + {-1, nullptr, nullptr}}; static const BIT_STRING_BITNAME key_usage_type_table[] = { {0, "Digital Signature", "digitalSignature"}, @@ -44,7 +40,7 @@ {6, "CRL Sign", "cRLSign"}, {7, "Encipher Only", "encipherOnly"}, {8, "Decipher Only", "decipherOnly"}, - {-1, NULL, NULL}}; + {-1, nullptr, nullptr}}; static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING( const X509V3_EXT_METHOD *method, void *ext, STACK_OF(CONF_VALUE) *ret) { @@ -53,7 +49,7 @@ for (bnam = reinterpret_cast<const BIT_STRING_BITNAME *>(method->usr_data); bnam->lname; bnam++) { if (ASN1_BIT_STRING_get_bit(bits, bnam->bitnum)) { - X509V3_add_value(bnam->lname, NULL, &ret); + X509V3_add_value(bnam->lname, nullptr, &ret); } } return ret; @@ -64,7 +60,7 @@ const STACK_OF(CONF_VALUE) *nval) { ASN1_BIT_STRING *bs; if (!(bs = ASN1_BIT_STRING_new())) { - return NULL; + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) { const CONF_VALUE *val = sk_CONF_VALUE_value(nval, i); @@ -74,7 +70,7 @@ if (!strcmp(bnam->sname, val->name) || !strcmp(bnam->lname, val->name)) { if (!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) { ASN1_BIT_STRING_free(bs); - return NULL; + return nullptr; } break; } @@ -83,7 +79,7 @@ OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); X509V3_conf_err(val); ASN1_BIT_STRING_free(bs); - return NULL; + return nullptr; } } return bs;
diff --git a/crypto/x509/v3_conf.cc b/crypto/x509/v3_conf.cc index e4cb758..33b05b1 100644 --- a/crypto/x509/v3_conf.cc +++ b/crypto/x509/v3_conf.cc
@@ -44,8 +44,8 @@ const char *name, const char *value) { // If omitted, fill in an empty |X509V3_CTX|. X509V3_CTX ctx_tmp; - if (ctx == NULL) { - X509V3_set_ctx(&ctx_tmp, NULL, NULL, NULL, NULL, 0); + if (ctx == nullptr) { + X509V3_set_ctx(&ctx_tmp, nullptr, nullptr, nullptr, nullptr, 0); X509V3_set_nconf(&ctx_tmp, conf); ctx = &ctx_tmp; } @@ -67,8 +67,8 @@ int ext_nid, const char *value) { // If omitted, fill in an empty |X509V3_CTX|. X509V3_CTX ctx_tmp; - if (ctx == NULL) { - X509V3_set_ctx(&ctx_tmp, NULL, NULL, NULL, NULL, 0); + if (ctx == nullptr) { + X509V3_set_ctx(&ctx_tmp, nullptr, nullptr, nullptr, nullptr, 0); X509V3_set_nconf(&ctx_tmp, conf); ctx = &ctx_tmp; } @@ -89,15 +89,15 @@ const X509V3_EXT_METHOD *method; X509_EXTENSION *ext; const STACK_OF(CONF_VALUE) *nval; - STACK_OF(CONF_VALUE) *nval_owned = NULL; + STACK_OF(CONF_VALUE) *nval_owned = nullptr; void *ext_struc; if (ext_nid == NID_undef) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION_NAME); - return NULL; + return nullptr; } if (!(method = X509V3_EXT_get_nid(ext_nid))) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); - return NULL; + return nullptr; } // Now get internal extension representation based on type if (method->v2i) { @@ -105,29 +105,29 @@ // TODO(davidben): This is the only place where |X509V3_EXT_nconf|'s // |conf| parameter is used. All other codepaths use the copy inside // |ctx|. Should this be switched and then the parameter ignored? - if (conf == NULL) { + if (conf == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE); - return NULL; + return nullptr; } nval = NCONF_get_section(conf, value + 1); } else { nval_owned = X509V3_parse_list(value); nval = nval_owned; } - if (nval == NULL || sk_CONF_VALUE_num(nval) <= 0) { + if (nval == nullptr || sk_CONF_VALUE_num(nval) <= 0) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_EXTENSION_STRING); ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); sk_CONF_VALUE_pop_free(nval_owned, X509V3_conf_free); - return NULL; + return nullptr; } ext_struc = method->v2i(method, ctx, nval); sk_CONF_VALUE_pop_free(nval_owned, X509V3_conf_free); if (!ext_struc) { - return NULL; + return nullptr; } } else if (method->s2i) { if (!(ext_struc = method->s2i(method, ctx, value))) { - return NULL; + return nullptr; } } else if (method->r2i) { // TODO(davidben): Should this check be removed? This matches OpenSSL, but @@ -136,15 +136,15 @@ // |X509V3_get_section| returning NULL. if (!ctx->db) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_NO_CONFIG_DATABASE); - return NULL; + return nullptr; } if (!(ext_struc = method->r2i(method, ctx, value))) { - return NULL; + return nullptr; } } else { OPENSSL_PUT_ERROR(X509V3, X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); - return NULL; + return nullptr; } ext = do_ext_i2d(method, ext_nid, crit, ext_struc); @@ -156,22 +156,22 @@ static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method, int ext_nid, int crit, void *ext_struc) { // Convert the extension's internal representation to DER. - unsigned char *ext_der = NULL; + unsigned char *ext_der = nullptr; int ext_len = ASN1_item_i2d(reinterpret_cast<ASN1_VALUE *>(ext_struc), &ext_der, ASN1_ITEM_ptr(method->it)); if (ext_len < 0) { - return NULL; + return nullptr; } ASN1_OCTET_STRING *ext_oct = ASN1_OCTET_STRING_new(); - if (ext_oct == NULL) { + if (ext_oct == nullptr) { OPENSSL_free(ext_der); - return NULL; + return nullptr; } ASN1_STRING_set0(ext_oct, ext_der, ext_len); X509_EXTENSION *ext = - X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct); + X509_EXTENSION_create_by_NID(nullptr, ext_nid, crit, ext_oct); ASN1_OCTET_STRING_free(ext_oct); return ext; } @@ -182,7 +182,7 @@ const X509V3_EXT_METHOD *method; if (!(method = X509V3_EXT_get_nid(ext_nid))) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_UNKNOWN_EXTENSION); - return NULL; + return nullptr; } return do_ext_i2d(method, ext_nid, crit, ext_struc); } @@ -266,14 +266,14 @@ static unsigned char *generic_asn1(const char *value, const X509V3_CTX *ctx, size_t *ext_len) { ASN1_TYPE *typ = ASN1_generate_v3(value, ctx); - if (typ == NULL) { - return NULL; + if (typ == nullptr) { + return nullptr; } - unsigned char *ext_der = NULL; + unsigned char *ext_der = nullptr; int len = i2d_ASN1_TYPE(typ, &ext_der); ASN1_TYPE_free(typ); if (len < 0) { - return NULL; + return nullptr; } *ext_len = len; return ext_der; @@ -286,14 +286,14 @@ const char *section, STACK_OF(X509_EXTENSION) **sk) { const STACK_OF(CONF_VALUE) *nval = NCONF_get_section(conf, section); - if (nval == NULL) { + if (nval == nullptr) { return 0; } for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) { const CONF_VALUE *val = sk_CONF_VALUE_value(nval, i); X509_EXTENSION *ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value); - int ok = ext != NULL && // - (sk == NULL || X509v3_add_ext(sk, ext, -1) != NULL); + int ok = ext != nullptr && // + (sk == nullptr || X509v3_add_ext(sk, ext, -1) != nullptr); X509_EXTENSION_free(ext); if (!ok) { return 0; @@ -306,7 +306,7 @@ int X509V3_EXT_add_nconf(const CONF *conf, const X509V3_CTX *ctx, const char *section, X509 *cert) { - STACK_OF(X509_EXTENSION) **sk = NULL; + STACK_OF(X509_EXTENSION) **sk = nullptr; if (cert) { sk = &cert->extensions; } @@ -317,7 +317,7 @@ int X509V3_EXT_CRL_add_nconf(const CONF *conf, const X509V3_CTX *ctx, const char *section, X509_CRL *crl) { - STACK_OF(X509_EXTENSION) **sk = NULL; + STACK_OF(X509_EXTENSION) **sk = nullptr; if (crl) { sk = &crl->crl->extensions; } @@ -328,7 +328,7 @@ int X509V3_EXT_REQ_add_nconf(const CONF *conf, const X509V3_CTX *ctx, const char *section, X509_REQ *req) { - STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL; + STACK_OF(X509_EXTENSION) *extlist = nullptr, **sk = nullptr; int i; if (req) { sk = &extlist; @@ -346,9 +346,9 @@ const STACK_OF(CONF_VALUE) *X509V3_get_section(const X509V3_CTX *ctx, const char *section) { - if (ctx->db == NULL) { + if (ctx->db == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_OPERATION_NOT_DEFINED); - return NULL; + return nullptr; } return NCONF_get_section(ctx->db, section); }
diff --git a/crypto/x509/v3_cpols.cc b/crypto/x509/v3_cpols.cc index 7664de2..217a808 100644 --- a/crypto/x509/v3_cpols.cc +++ b/crypto/x509/v3_cpols.cc
@@ -48,17 +48,17 @@ NID_certificate_policies, 0, ASN1_ITEM_ref(CERTIFICATEPOLICIES), - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2r_certpol, r2i_certpol, - NULL, + nullptr, }; DECLARE_ASN1_ITEM(POLICYINFO) @@ -113,13 +113,13 @@ static void *r2i_certpol(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const char *value) { STACK_OF(POLICYINFO) *pols = sk_POLICYINFO_new_null(); - if (pols == NULL) { - return NULL; + if (pols == nullptr) { + return nullptr; } STACK_OF(CONF_VALUE) *vals = X509V3_parse_list(value); { - if (vals == NULL) { + if (vals == nullptr) { OPENSSL_PUT_ERROR(X509V3, ERR_R_X509V3_LIB); goto err; } @@ -150,13 +150,13 @@ } } else { ASN1_OBJECT *pobj = OBJ_txt2obj(cnf->name, 0); - if (pobj == NULL) { + if (pobj == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); goto err; } pol = POLICYINFO_new(); - if (pol == NULL) { + if (pol == nullptr) { ASN1_OBJECT_free(pobj); goto err; } @@ -174,7 +174,7 @@ err: sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); sk_POLICYINFO_pop_free(pols, POLICYINFO_free); - return NULL; + return nullptr; } static POLICYINFO *policy_section(const X509V3_CTX *ctx, @@ -207,12 +207,12 @@ goto err; } qual->pqualid = OBJ_nid2obj(NID_id_qt_cps); - if (qual->pqualid == NULL) { + if (qual->pqualid == nullptr) { OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); goto err; } qual->d.cpsuri = ASN1_IA5STRING_new(); - if (qual->d.cpsuri == NULL) { + if (qual->d.cpsuri == nullptr) { goto err; } if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value, strlen(cnf->value))) { @@ -257,7 +257,7 @@ err: POLICYINFO_free(pol); - return NULL; + return nullptr; } static POLICYQUALINFO *notice_section(const X509V3_CTX *ctx, @@ -269,7 +269,7 @@ goto err; } qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice); - if (qual->pqualid == NULL) { + if (qual->pqualid == nullptr) { OPENSSL_PUT_ERROR(X509V3, ERR_R_INTERNAL_ERROR); goto err; } @@ -281,7 +281,7 @@ const CONF_VALUE *cnf = sk_CONF_VALUE_value(unot, i); if (!strcmp(cnf->name, "explicitText")) { notice->exptext = ASN1_VISIBLESTRING_new(); - if (notice->exptext == NULL) { + if (notice->exptext == nullptr) { goto err; } if (!ASN1_STRING_set(notice->exptext, cnf->value, strlen(cnf->value))) { @@ -346,15 +346,15 @@ err: POLICYQUALINFO_free(qual); - return NULL; + return nullptr; } static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, const STACK_OF(CONF_VALUE) *nos) { for (size_t i = 0; i < sk_CONF_VALUE_num(nos); i++) { const CONF_VALUE *cnf = sk_CONF_VALUE_value(nos, i); - ASN1_INTEGER *aint = s2i_ASN1_INTEGER(NULL, cnf->name); - if (aint == NULL) { + ASN1_INTEGER *aint = s2i_ASN1_INTEGER(nullptr, cnf->name); + if (aint == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBER); return 0; } @@ -423,11 +423,11 @@ if (i) { BIO_puts(out, ", "); } - if (num == NULL) { + if (num == nullptr) { BIO_puts(out, "(null)"); } else { - tmp = i2s_ASN1_INTEGER(NULL, num); - if (tmp == NULL) { + tmp = i2s_ASN1_INTEGER(nullptr, num); + if (tmp == nullptr) { return; } BIO_puts(out, tmp);
diff --git a/crypto/x509/v3_crld.cc b/crypto/x509/v3_crld.cc index b8fd313..22f9835 100644 --- a/crypto/x509/v3_crld.cc +++ b/crypto/x509/v3_crld.cc
@@ -35,40 +35,31 @@ NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), - 0, - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, v2i_crld, i2r_crldp, - 0, - NULL, + nullptr, + nullptr, }; const X509V3_EXT_METHOD v3_freshest_crl = { - NID_freshest_crl, - 0, - ASN1_ITEM_ref(CRL_DIST_POINTS), - 0, - 0, - 0, - 0, - 0, - 0, - 0, - v2i_crld, - i2r_crldp, - 0, - NULL, + NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS), + nullptr, nullptr, nullptr, + nullptr, nullptr, nullptr, + nullptr, v2i_crld, i2r_crldp, + nullptr, nullptr, }; static STACK_OF(GENERAL_NAME) *gnames_from_sectname(const X509V3_CTX *ctx, char *sect) { const STACK_OF(CONF_VALUE) *gnsect; - STACK_OF(CONF_VALUE) *gnsect_owned = NULL; + STACK_OF(CONF_VALUE) *gnsect_owned = nullptr; if (*sect == '@') { gnsect = X509V3_get_section(ctx, sect + 1); } else { @@ -77,9 +68,9 @@ } if (!gnsect) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_SECTION_NOT_FOUND); - return NULL; + return nullptr; } - STACK_OF(GENERAL_NAME) *gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect); + STACK_OF(GENERAL_NAME) *gens = v2i_GENERAL_NAMES(nullptr, ctx, gnsect); sk_CONF_VALUE_pop_free(gnsect_owned, X509V3_conf_free); return gens; } @@ -90,12 +81,12 @@ // additional syntax. static int set_dist_point_name(DIST_POINT_NAME **pdp, const X509V3_CTX *ctx, const CONF_VALUE *cnf) { - STACK_OF(GENERAL_NAME) *fnm = NULL; - STACK_OF(X509_NAME_ENTRY) *rnm = NULL; + STACK_OF(GENERAL_NAME) *fnm = nullptr; + STACK_OF(X509_NAME_ENTRY) *rnm = nullptr; if (!strncmp(cnf->name, "fullname", 9)) { // If |cnf| comes from |X509V3_parse_list|, which is possible for a v2i // function, |cnf->value| may be NULL. - if (cnf->value == NULL) { + if (cnf->value == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); return -1; } @@ -106,7 +97,7 @@ } else if (!strcmp(cnf->name, "relativename")) { // If |cnf| comes from |X509V3_parse_list|, which is possible for a v2i // function, |cnf->value| may be NULL. - if (cnf->value == NULL) { + if (cnf->value == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_MISSING_VALUE); return -1; } @@ -121,7 +112,7 @@ } int ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC); rnm = nm->entries; - nm->entries = NULL; + nm->entries = nullptr; X509_NAME_free(nm); if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0) { goto err; @@ -170,7 +161,7 @@ {6, "Certificate Hold", "certificateHold"}, {7, "Privilege Withdrawn", "privilegeWithdrawn"}, {8, "AA Compromise", "AACompromise"}, - {-1, NULL, NULL}}; + {-1, nullptr, nullptr}}; static int set_reasons(ASN1_BIT_STRING **preas, const char *value) { if (*preas) { @@ -236,7 +227,7 @@ static DIST_POINT *crldp_from_section(const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { - DIST_POINT *point = NULL; + DIST_POINT *point = nullptr; point = DIST_POINT_new(); if (!point) { goto err; @@ -267,14 +258,14 @@ err: DIST_POINT_free(point); - return NULL; + return nullptr; } static void *v2i_crld(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { - STACK_OF(DIST_POINT) *crld = NULL; - GENERAL_NAMES *gens = NULL; - GENERAL_NAME *gen = NULL; + STACK_OF(DIST_POINT) *crld = nullptr; + GENERAL_NAMES *gens = nullptr; + GENERAL_NAME *gen = nullptr; if (!(crld = sk_DIST_POINT_new_null())) { goto err; } @@ -304,7 +295,7 @@ if (!sk_GENERAL_NAME_push(gens, gen)) { goto err; } - gen = NULL; + gen = nullptr; if (!(point = DIST_POINT_new())) { goto err; } @@ -317,7 +308,7 @@ } point->distpoint->name.fullname = gens; point->distpoint->type = 0; - gens = NULL; + gens = nullptr; } } return crld; @@ -326,7 +317,7 @@ GENERAL_NAME_free(gen); GENERAL_NAMES_free(gens); sk_DIST_POINT_pop_free(crld, DIST_POINT_free); - return NULL; + return nullptr; } static int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, @@ -335,7 +326,7 @@ switch (operation) { case ASN1_OP_NEW_POST: - dpn->dpname = NULL; + dpn->dpname = nullptr; break; case ASN1_OP_FREE_POST: @@ -387,17 +378,17 @@ NID_issuing_distribution_point, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(ISSUING_DIST_POINT), - 0, - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, v2i_idp, i2r_idp, - 0, - NULL, + nullptr, + nullptr, }; static void *v2i_idp(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, @@ -447,7 +438,7 @@ err: ISSUING_DIST_POINT_free(idp); - return NULL; + return nullptr; } static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent) { @@ -542,14 +533,14 @@ ne = sk_X509_NAME_ENTRY_value(frag, i); if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) { X509_NAME_free(dpn->dpname); - dpn->dpname = NULL; + dpn->dpname = nullptr; return 0; } } // generate cached encoding of name - if (i2d_X509_NAME(dpn->dpname, NULL) < 0) { + if (i2d_X509_NAME(dpn->dpname, nullptr) < 0) { X509_NAME_free(dpn->dpname); - dpn->dpname = NULL; + dpn->dpname = nullptr; return 0; } return 1;
diff --git a/crypto/x509/v3_enum.cc b/crypto/x509/v3_enum.cc index 95ee398..d467553 100644 --- a/crypto/x509/v3_enum.cc +++ b/crypto/x509/v3_enum.cc
@@ -38,7 +38,7 @@ {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn", "privilegeWithdrawn"}, {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"}, - {-1, NULL, NULL}}; + {-1, nullptr, nullptr}}; static char *i2s_ASN1_ENUMERATED_TABLE(const X509V3_EXT_METHOD *method, void *ext) { @@ -58,15 +58,15 @@ NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED), - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, i2s_ASN1_ENUMERATED_TABLE, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, (void *)crl_reasons, };
diff --git a/crypto/x509/v3_extku.cc b/crypto/x509/v3_extku.cc index 15bcc51..441557b 100644 --- a/crypto/x509/v3_extku.cc +++ b/crypto/x509/v3_extku.cc
@@ -33,17 +33,17 @@ NID_ext_key_usage, 0, ASN1_ITEM_ref(EXTENDED_KEY_USAGE), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_EXTENDED_KEY_USAGE, v2i_EXTENDED_KEY_USAGE, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, }; ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = ASN1_EX_TEMPLATE_TYPE( @@ -60,7 +60,7 @@ const ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(eku, i); char obj_tmp[80]; i2t_ASN1_OBJECT(obj_tmp, 80, obj); - X509V3_add_value(NULL, obj_tmp, &ext_list); + X509V3_add_value(nullptr, obj_tmp, &ext_list); } return ext_list; } @@ -69,8 +69,8 @@ const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { EXTENDED_KEY_USAGE *extku = sk_ASN1_OBJECT_new_null(); - if (extku == NULL) { - return NULL; + if (extku == nullptr) { + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -82,12 +82,12 @@ extval = val->name; } ASN1_OBJECT *obj = OBJ_txt2obj(extval, 0); - if (obj == NULL || !sk_ASN1_OBJECT_push(extku, obj)) { + if (obj == nullptr || !sk_ASN1_OBJECT_push(extku, obj)) { ASN1_OBJECT_free(obj); sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(val); - return NULL; + return nullptr; } }
diff --git a/crypto/x509/v3_genn.cc b/crypto/x509/v3_genn.cc index 628f1ba..5d0d4e4 100644 --- a/crypto/x509/v3_genn.cc +++ b/crypto/x509/v3_genn.cc
@@ -66,12 +66,12 @@ static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) { // nameAssigner is optional and may be NULL. - if (a->nameAssigner == NULL) { - if (b->nameAssigner != NULL) { + if (a->nameAssigner == nullptr) { + if (b->nameAssigner != nullptr) { return -1; } } else { - if (b->nameAssigner == NULL || + if (b->nameAssigner == nullptr || ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner) != 0) { return -1; } @@ -195,7 +195,7 @@ return a->d.rid; default: - return NULL; + return nullptr; } } @@ -218,10 +218,10 @@ if (gen->type != GEN_OTHERNAME) { return 0; } - if (out_oid != NULL) { + if (out_oid != nullptr) { *out_oid = gen->d.otherName->type_id; } - if (out_value != NULL) { + if (out_value != nullptr) { *out_value = gen->d.otherName->value; } return 1;
diff --git a/crypto/x509/v3_ia5.cc b/crypto/x509/v3_ia5.cc index 36f9e65..f0702d9 100644 --- a/crypto/x509/v3_ia5.cc +++ b/crypto/x509/v3_ia5.cc
@@ -30,10 +30,10 @@ const ASN1_IA5STRING *ia5 = reinterpret_cast<const ASN1_IA5STRING *>(ext); char *tmp; if (!ia5 || !ia5->length) { - return NULL; + return nullptr; } if (!(tmp = reinterpret_cast<char *>(OPENSSL_malloc(ia5->length + 1)))) { - return NULL; + return nullptr; } OPENSSL_memcpy(tmp, ia5->data, ia5->length); tmp[ia5->length] = 0; @@ -45,7 +45,7 @@ ASN1_IA5STRING *ia5; if (!str) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); - return NULL; + return nullptr; } if (!(ia5 = ASN1_IA5STRING_new())) { goto err; @@ -56,7 +56,7 @@ } return ia5; err: - return NULL; + return nullptr; } #define EXT_IA5STRING(nid) \
diff --git a/crypto/x509/v3_info.cc b/crypto/x509/v3_info.cc index 573734f..0e09fa0 100644 --- a/crypto/x509/v3_info.cc +++ b/crypto/x509/v3_info.cc
@@ -36,34 +36,34 @@ NID_info_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_AUTHORITY_INFO_ACCESS, v2i_AUTHORITY_INFO_ACCESS, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, }; const X509V3_EXT_METHOD v3_sinfo = { NID_sinfo_access, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_AUTHORITY_INFO_ACCESS, v2i_AUTHORITY_INFO_ACCESS, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, }; ASN1_SEQUENCE(ACCESS_DESCRIPTION) = { @@ -93,7 +93,7 @@ desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); tmp = i2v_GENERAL_NAME(method, desc->location, tret); - if (tmp == NULL) { + if (tmp == nullptr) { goto err; } tret = tmp; @@ -106,16 +106,16 @@ OPENSSL_free(vtmp->name); vtmp->name = name; } - if (ret == NULL && tret == NULL) { + if (ret == nullptr && tret == nullptr) { return sk_CONF_VALUE_new_null(); } return tret; err: - if (ret == NULL && tret != NULL) { + if (ret == nullptr && tret != nullptr) { sk_CONF_VALUE_pop_free(tret, X509V3_conf_free); } - return NULL; + return nullptr; } static void *v2i_AUTHORITY_INFO_ACCESS(const X509V3_EXT_METHOD *method,
diff --git a/crypto/x509/v3_int.cc b/crypto/x509/v3_int.cc index 8f4942f..b28a625 100644 --- a/crypto/x509/v3_int.cc +++ b/crypto/x509/v3_int.cc
@@ -33,49 +33,49 @@ NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER), - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, i2s_ASN1_INTEGER_cb, - 0, - 0, - 0, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, }; const X509V3_EXT_METHOD v3_delta_crl = { NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER), - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, i2s_ASN1_INTEGER_cb, - 0, - 0, - 0, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, }; const X509V3_EXT_METHOD v3_inhibit_anyp = { NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER), - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, i2s_ASN1_INTEGER_cb, s2i_asn1_int, - 0, - 0, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, };
diff --git a/crypto/x509/v3_lib.cc b/crypto/x509/v3_lib.cc index dadc978..64b790c 100644 --- a/crypto/x509/v3_lib.cc +++ b/crypto/x509/v3_lib.cc
@@ -27,7 +27,7 @@ DEFINE_STACK_OF(X509V3_EXT_METHOD) -static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL; +static STACK_OF(X509V3_EXT_METHOD) *ext_list = nullptr; static int ext_stack_cmp(const X509V3_EXT_METHOD *const *a, const X509V3_EXT_METHOD *const *b) { @@ -36,7 +36,7 @@ int X509V3_EXT_add(X509V3_EXT_METHOD *ext) { // We only support |ASN1_ITEM|-based extensions. - assert(ext->it != NULL); + assert(ext->it != nullptr); // TODO(davidben): This should be locked. Also check for duplicates. if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_stack_cmp))) { @@ -131,14 +131,14 @@ const X509V3_EXT_METHOD *X509V3_EXT_get(const X509_EXTENSION *ext) { int nid; if ((nid = OBJ_obj2nid(ext->object)) == NID_undef) { - return NULL; + return nullptr; } return X509V3_EXT_get_nid(nid); } int X509V3_EXT_free(int nid, void *ext_data) { const X509V3_EXT_METHOD *ext_method = X509V3_EXT_get_nid(nid); - if (ext_method == NULL) { + if (ext_method == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION); return 0; } @@ -180,20 +180,20 @@ const unsigned char *p; if (!(method = X509V3_EXT_get(ext))) { - return NULL; + return nullptr; } p = ext->value->data; void *ret = - ASN1_item_d2i(NULL, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); - if (ret == NULL) { - return NULL; + ASN1_item_d2i(nullptr, &p, ext->value->length, ASN1_ITEM_ptr(method->it)); + if (ret == nullptr) { + return nullptr; } // Check for trailing data. if (p != ext->value->data + ext->value->length) { ASN1_item_free(reinterpret_cast<ASN1_VALUE *>(ret), ASN1_ITEM_ptr(method->it)); OPENSSL_PUT_ERROR(X509V3, X509V3_R_TRAILING_DATA_IN_EXTENSION); - return NULL; + return nullptr; } return ret; } @@ -201,7 +201,7 @@ void *X509V3_get_d2i(const STACK_OF(X509_EXTENSION) *extensions, int nid, int *out_critical, int *out_idx) { int lastpos; - X509_EXTENSION *ex, *found_ex = NULL; + X509_EXTENSION *ex, *found_ex = nullptr; if (!extensions) { if (out_idx) { *out_idx = -1; @@ -209,7 +209,7 @@ if (out_critical) { *out_critical = -1; } - return NULL; + return nullptr; } if (out_idx) { lastpos = *out_idx + 1; @@ -233,7 +233,7 @@ if (out_critical) { *out_critical = -2; } - return NULL; + return nullptr; } found_ex = ex; } @@ -253,7 +253,7 @@ if (out_critical) { *out_critical = -1; } - return NULL; + return nullptr; } // This function is a general extension append, replace and delete utility. @@ -263,8 +263,8 @@ int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value, int crit, unsigned long flags) { int errcode, extidx = -1; - X509_EXTENSION *ext = NULL, *extmp; - STACK_OF(X509_EXTENSION) *ret = NULL; + X509_EXTENSION *ext = nullptr, *extmp; + STACK_OF(X509_EXTENSION) *ret = nullptr; unsigned long ext_op = flags & X509V3_ADD_OP_MASK; // If appending we don't care if it exists, otherwise look for existing @@ -287,7 +287,7 @@ // If delete, just delete it if (ext_op == X509V3_ADD_DELETE) { X509_EXTENSION *prev_ext = sk_X509_EXTENSION_delete(*x, extidx); - if (prev_ext == NULL) { + if (prev_ext == nullptr) { return -1; } X509_EXTENSION_free(prev_ext); @@ -322,7 +322,8 @@ return 1; } - if ((ret = *x) == NULL && (ret = sk_X509_EXTENSION_new_null()) == NULL) { + if ((ret = *x) == nullptr && + (ret = sk_X509_EXTENSION_new_null()) == nullptr) { goto m_fail; } if (!sk_X509_EXTENSION_push(ret, ext)) {
diff --git a/crypto/x509/v3_ncons.cc b/crypto/x509/v3_ncons.cc index e130c9c..95457e4 100644 --- a/crypto/x509/v3_ncons.cc +++ b/crypto/x509/v3_ncons.cc
@@ -47,17 +47,17 @@ NID_name_constraints, 0, ASN1_ITEM_ref(NAME_CONSTRAINTS), - 0, - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, v2i_NAME_CONSTRAINTS, i2r_NAME_CONSTRAINTS, - 0, - NULL, + nullptr, + nullptr, }; ASN1_SEQUENCE(GENERAL_SUBTREE) = { @@ -80,9 +80,9 @@ static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { - STACK_OF(GENERAL_SUBTREE) **ptree = NULL; - NAME_CONSTRAINTS *ncons = NULL; - GENERAL_SUBTREE *sub = NULL; + STACK_OF(GENERAL_SUBTREE) **ptree = nullptr; + NAME_CONSTRAINTS *ncons = nullptr; + GENERAL_SUBTREE *sub = nullptr; ncons = NAME_CONSTRAINTS_new(); if (!ncons) { goto err; @@ -111,7 +111,7 @@ if (!*ptree || !sk_GENERAL_SUBTREE_push(*ptree, sub)) { goto err; } - sub = NULL; + sub = nullptr; } return ncons; @@ -119,7 +119,7 @@ err: NAME_CONSTRAINTS_free(ncons); GENERAL_SUBTREE_free(sub); - return NULL; + return nullptr; } static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
diff --git a/crypto/x509/v3_ocsp.cc b/crypto/x509/v3_ocsp.cc index d0a5d67..1cc5564 100644 --- a/crypto/x509/v3_ocsp.cc +++ b/crypto/x509/v3_ocsp.cc
@@ -34,34 +34,34 @@ NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), - 0, - 0, - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2r_ocsp_acutoff, - 0, - NULL, + nullptr, + nullptr, }; const X509V3_EXT_METHOD v3_ocsp_nocheck = { NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL), - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, s2i_ocsp_nocheck, - 0, - 0, + nullptr, + nullptr, i2r_ocsp_nocheck, - 0, - NULL, + nullptr, + nullptr, }; static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff,
diff --git a/crypto/x509/v3_pcons.cc b/crypto/x509/v3_pcons.cc index 417f1ad..5943949 100644 --- a/crypto/x509/v3_pcons.cc +++ b/crypto/x509/v3_pcons.cc
@@ -36,17 +36,17 @@ NID_policy_constraints, 0, ASN1_ITEM_ref(POLICY_CONSTRAINTS), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_POLICY_CONSTRAINTS, v2i_POLICY_CONSTRAINTS, - NULL, - NULL, - NULL}; + nullptr, + nullptr, + nullptr}; ASN1_SEQUENCE(POLICY_CONSTRAINTS) = { ASN1_IMP_OPT(POLICY_CONSTRAINTS, requireExplicitPolicy, ASN1_INTEGER, 0), @@ -68,9 +68,9 @@ static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method, const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *values) { - POLICY_CONSTRAINTS *pcons = NULL; + POLICY_CONSTRAINTS *pcons = nullptr; if (!(pcons = POLICY_CONSTRAINTS_new())) { - return NULL; + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(values); i++) { const CONF_VALUE *val = sk_CONF_VALUE_value(values, i); @@ -96,5 +96,5 @@ return pcons; err: POLICY_CONSTRAINTS_free(pcons); - return NULL; + return nullptr; }
diff --git a/crypto/x509/v3_pmaps.cc b/crypto/x509/v3_pmaps.cc index 62ccb1b..c1b82e6 100644 --- a/crypto/x509/v3_pmaps.cc +++ b/crypto/x509/v3_pmaps.cc
@@ -33,17 +33,17 @@ NID_policy_mappings, 0, ASN1_ITEM_ref(POLICY_MAPPINGS), - 0, - 0, - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, i2v_POLICY_MAPPINGS, v2i_POLICY_MAPPINGS, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, }; ASN1_SEQUENCE(POLICY_MAPPING) = { @@ -74,8 +74,8 @@ const X509V3_CTX *ctx, const STACK_OF(CONF_VALUE) *nval) { POLICY_MAPPINGS *pmaps = sk_POLICY_MAPPING_new_null(); - if (pmaps == NULL) { - return NULL; + if (pmaps == nullptr) { + return nullptr; } for (size_t i = 0; i < sk_CONF_VALUE_num(nval); i++) { @@ -87,7 +87,7 @@ } POLICY_MAPPING *pmap = POLICY_MAPPING_new(); - if (pmap == NULL || !sk_POLICY_MAPPING_push(pmaps, pmap)) { + if (pmap == nullptr || !sk_POLICY_MAPPING_push(pmaps, pmap)) { POLICY_MAPPING_free(pmap); goto err; } @@ -104,5 +104,5 @@ err: sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free); - return NULL; + return nullptr; }
diff --git a/crypto/x509/v3_prn.cc b/crypto/x509/v3_prn.cc index fb6119e..74f22e9 100644 --- a/crypto/x509/v3_prn.cc +++ b/crypto/x509/v3_prn.cc
@@ -63,19 +63,19 @@ int X509V3_EXT_print(BIO *out, const X509_EXTENSION *ext, unsigned long flag, int indent) { const X509V3_EXT_METHOD *method = X509V3_EXT_get(ext); - if (method == NULL) { + if (method == nullptr) { return unknown_ext_print(out, ext, flag, indent, 0); } const ASN1_STRING *ext_data = X509_EXTENSION_get_data(ext); const unsigned char *p = ASN1_STRING_get0_data(ext_data); - void *ext_str = ASN1_item_d2i(NULL, &p, ASN1_STRING_length(ext_data), + void *ext_str = ASN1_item_d2i(nullptr, &p, ASN1_STRING_length(ext_data), ASN1_ITEM_ptr(method->it)); if (!ext_str) { return unknown_ext_print(out, ext, flag, indent, 1); } - char *value = NULL; - STACK_OF(CONF_VALUE) *nval = NULL; + char *value = nullptr; + STACK_OF(CONF_VALUE) *nval = nullptr; int ok = 0; if (method->i2s) { if (!(value = method->i2s(method, ext_str))) { @@ -83,7 +83,7 @@ } BIO_printf(out, "%*s%s", indent, "", value); } else if (method->i2v) { - if (!(nval = method->i2v(method, ext_str, NULL))) { + if (!(nval = method->i2v(method, ext_str, nullptr))) { goto err; } X509V3_EXT_val_prn(out, nval, indent,
diff --git a/crypto/x509/v3_purp.cc b/crypto/x509/v3_purp.cc index e7e0518..685676f 100644 --- a/crypto/x509/v3_purp.cc +++ b/crypto/x509/v3_purp.cc
@@ -92,7 +92,7 @@ return 1; } const X509_PURPOSE *pt = X509_PURPOSE_get0(id); - if (pt == NULL) { + if (pt == nullptr) { return 0; } // Historically, |check_purpose| implementations other than |X509_PURPOSE_ANY| @@ -111,7 +111,7 @@ return &p; } } - return NULL; + return nullptr; } int X509_PURPOSE_get_by_sname(const char *sname) { @@ -144,7 +144,7 @@ if (!dp->distpoint || (dp->distpoint->type != 1)) { return 1; } - X509_NAME *iname = NULL; + X509_NAME *iname = nullptr; for (size_t i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) { GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); if (gen->type == GEN_DIRNAME) { @@ -162,8 +162,8 @@ static int setup_crldp(X509 *x) { int j; x->crldp = reinterpret_cast<STACK_OF(DIST_POINT) *>( - X509_get_ext_d2i(x, NID_crl_distribution_points, &j, NULL)); - if (x->crldp == NULL && j != -1) { + X509_get_ext_d2i(x, NID_crl_distribution_points, &j, nullptr)); + if (x->crldp == nullptr && j != -1) { return 0; } for (size_t i = 0; i < sk_DIST_POINT_num(x->crldp); i++) { @@ -195,7 +195,7 @@ return (x->ex_flags & EXFLAG_INVALID) == 0; } - if (!X509_digest(x, EVP_sha256(), x->cert_hash, NULL)) { + if (!X509_digest(x, EVP_sha256(), x->cert_hash, nullptr)) { x->ex_flags |= EXFLAG_INVALID; } // V1 should mean no extensions ... @@ -204,7 +204,7 @@ } // Handle basic constraints if ((bs = reinterpret_cast<BASIC_CONSTRAINTS *>( - X509_get_ext_d2i(x, NID_basic_constraints, &j, NULL)))) { + X509_get_ext_d2i(x, NID_basic_constraints, &j, nullptr)))) { if (bs->ca) { x->ex_flags |= EXFLAG_CA; } @@ -230,7 +230,7 @@ } // Handle key usage if ((usage = reinterpret_cast<ASN1_BIT_STRING *>( - X509_get_ext_d2i(x, NID_key_usage, &j, NULL)))) { + X509_get_ext_d2i(x, NID_key_usage, &j, nullptr)))) { if (usage->length > 0) { x->ex_kusage = usage->data[0]; if (usage->length > 1) { @@ -246,7 +246,7 @@ } x->ex_xkusage = 0; if ((extusage = reinterpret_cast<EXTENDED_KEY_USAGE *>( - X509_get_ext_d2i(x, NID_ext_key_usage, &j, NULL)))) { + X509_get_ext_d2i(x, NID_ext_key_usage, &j, nullptr)))) { x->ex_flags |= EXFLAG_XKUSAGE; for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) { switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) { @@ -294,13 +294,13 @@ } x->skid = reinterpret_cast<ASN1_OCTET_STRING *>( - X509_get_ext_d2i(x, NID_subject_key_identifier, &j, NULL)); - if (x->skid == NULL && j != -1) { + X509_get_ext_d2i(x, NID_subject_key_identifier, &j, nullptr)); + if (x->skid == nullptr && j != -1) { x->ex_flags |= EXFLAG_INVALID; } x->akid = reinterpret_cast<AUTHORITY_KEYID *>( - X509_get_ext_d2i(x, NID_authority_key_identifier, &j, NULL)); - if (x->akid == NULL && j != -1) { + X509_get_ext_d2i(x, NID_authority_key_identifier, &j, nullptr)); + if (x->akid == nullptr && j != -1) { x->ex_flags |= EXFLAG_INVALID; } // Does subject name match issuer ? @@ -313,13 +313,13 @@ } } x->altname = reinterpret_cast<STACK_OF(GENERAL_NAME) *>( - X509_get_ext_d2i(x, NID_subject_alt_name, &j, NULL)); - if (x->altname == NULL && j != -1) { + X509_get_ext_d2i(x, NID_subject_alt_name, &j, nullptr)); + if (x->altname == nullptr && j != -1) { x->ex_flags |= EXFLAG_INVALID; } x->nc = reinterpret_cast<NAME_CONSTRAINTS *>( - X509_get_ext_d2i(x, NID_name_constraints, &j, NULL)); - if (x->nc == NULL && j != -1) { + X509_get_ext_d2i(x, NID_name_constraints, &j, nullptr)); + if (x->nc == nullptr && j != -1) { x->ex_flags |= EXFLAG_INVALID; } if (!setup_crldp(x)) { @@ -552,30 +552,30 @@ const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x509) { if (!x509v3_cache_extensions(x509)) { - return NULL; + return nullptr; } return x509->skid; } const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x509) { if (!x509v3_cache_extensions(x509)) { - return NULL; + return nullptr; } - return x509->akid != NULL ? x509->akid->keyid : NULL; + return x509->akid != nullptr ? x509->akid->keyid : nullptr; } const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x509) { if (!x509v3_cache_extensions(x509)) { - return NULL; + return nullptr; } - return x509->akid != NULL ? x509->akid->issuer : NULL; + return x509->akid != nullptr ? x509->akid->issuer : nullptr; } const ASN1_INTEGER *X509_get0_authority_serial(X509 *x509) { if (!x509v3_cache_extensions(x509)) { - return NULL; + return nullptr; } - return x509->akid != NULL ? x509->akid->serial : NULL; + return x509->akid != nullptr ? x509->akid->serial : nullptr; } long X509_get_pathlen(X509 *x509) {
diff --git a/crypto/x509/v3_skey.cc b/crypto/x509/v3_skey.cc index bec89ce..5025e9d 100644 --- a/crypto/x509/v3_skey.cc +++ b/crypto/x509/v3_skey.cc
@@ -36,8 +36,8 @@ size_t len; uint8_t *data = x509v3_hex_to_bytes(str, &len); ASN1_OCTET_STRING *oct; - if (data == NULL) { - return NULL; + if (data == nullptr) { + return nullptr; } if (len > INT_MAX) { OPENSSL_PUT_ERROR(X509V3, ERR_R_OVERFLOW); @@ -45,7 +45,7 @@ } oct = ASN1_OCTET_STRING_new(); - if (oct == NULL) { + if (oct == nullptr) { goto err; } ASN1_STRING_set0(oct, data, (int)len); @@ -53,7 +53,7 @@ err: OPENSSL_free(data); - return NULL; + return nullptr; } static char *i2s_ASN1_OCTET_STRING_cb(const X509V3_EXT_METHOD *method, @@ -74,7 +74,7 @@ } if (!(oct = ASN1_OCTET_STRING_new())) { - return NULL; + return nullptr; } if (ctx && (ctx->flags == X509V3_CTX_TEST)) { @@ -92,7 +92,8 @@ pk = &ctx->subject_cert->key.public_key; } - if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL)) { + if (!EVP_Digest(pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), + nullptr)) { goto err; } @@ -104,22 +105,22 @@ err: ASN1_OCTET_STRING_free(oct); - return NULL; + return nullptr; } const X509V3_EXT_METHOD v3_skey_id = { NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING), - 0, - 0, - 0, - 0, + nullptr, + nullptr, + nullptr, + nullptr, i2s_ASN1_OCTET_STRING_cb, s2i_skey_id, - 0, - 0, - 0, - 0, - NULL, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr, };
diff --git a/crypto/x509/v3_utl.cc b/crypto/x509/v3_utl.cc index 35ca667..bf37f41 100644 --- a/crypto/x509/v3_utl.cc +++ b/crypto/x509/v3_utl.cc
@@ -49,9 +49,9 @@ static int x509V3_add_len_value(const char *name, const char *value, size_t value_len, int omit_value, STACK_OF(CONF_VALUE) **extlist) { - CONF_VALUE *vtmp = NULL; - char *tname = NULL, *tvalue = NULL; - int extlist_was_null = *extlist == NULL; + CONF_VALUE *vtmp = nullptr; + char *tname = nullptr, *tvalue = nullptr; + int extlist_was_null = *extlist == nullptr; if (name && !(tname = OPENSSL_strdup(name))) { goto err; } @@ -62,7 +62,7 @@ goto err; } tvalue = OPENSSL_strndup(value, value_len); - if (tvalue == NULL) { + if (tvalue == nullptr) { goto err; } } @@ -72,7 +72,7 @@ if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) { goto err; } - vtmp->section = NULL; + vtmp->section = nullptr; vtmp->name = tname; vtmp->value = tvalue; if (!sk_CONF_VALUE_push(*extlist, vtmp)) { @@ -82,7 +82,7 @@ err: if (extlist_was_null) { sk_CONF_VALUE_free(*extlist); - *extlist = NULL; + *extlist = nullptr; } OPENSSL_free(vtmp); OPENSSL_free(tname); @@ -92,8 +92,8 @@ int X509V3_add_value(const char *name, const char *value, STACK_OF(CONF_VALUE) **extlist) { - return x509V3_add_len_value(name, value, value != NULL ? strlen(value) : 0, - /*omit_value=*/value == NULL, extlist); + return x509V3_add_len_value(name, value, value != nullptr ? strlen(value) : 0, + /*omit_value=*/value == nullptr, extlist); } int x509V3_add_value_asn1_string(const char *name, const ASN1_STRING *value, @@ -133,8 +133,8 @@ } tmp = BN_bn2hex(bn); - if (tmp == NULL) { - return NULL; + if (tmp == nullptr) { + return nullptr; } // Prepend "0x", but place it after the "-" if negative. @@ -148,12 +148,12 @@ char *i2s_ASN1_ENUMERATED(const X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a) { - BIGNUM *bntmp = NULL; - char *strtmp = NULL; + BIGNUM *bntmp = nullptr; + char *strtmp = nullptr; if (!a) { - return NULL; + return nullptr; } - if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) || + if (!(bntmp = ASN1_ENUMERATED_to_BN(a, nullptr)) || !(strtmp = bignum_to_string(bntmp))) { } BN_free(bntmp); @@ -161,12 +161,12 @@ } char *i2s_ASN1_INTEGER(const X509V3_EXT_METHOD *method, const ASN1_INTEGER *a) { - BIGNUM *bntmp = NULL; - char *strtmp = NULL; + BIGNUM *bntmp = nullptr; + char *strtmp = nullptr; if (!a) { - return NULL; + return nullptr; } - if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) || + if (!(bntmp = ASN1_INTEGER_to_BN(a, nullptr)) || !(strtmp = bignum_to_string(bntmp))) { } BN_free(bntmp); @@ -175,13 +175,13 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(const X509V3_EXT_METHOD *method, const char *value) { - BIGNUM *bn = NULL; + BIGNUM *bn = nullptr; ASN1_INTEGER *aint; int isneg, ishex; int ret; if (!value) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_VALUE); - return 0; + return nullptr; } bn = BN_new(); if (value[0] == '-') { @@ -209,7 +209,7 @@ if (strlen(value) > 8192) { BN_free(bn); OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NUMBER); - return 0; + return nullptr; } ret = BN_dec2bn(&bn, value); } @@ -217,18 +217,18 @@ if (!ret || value[ret]) { BN_free(bn); OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_DEC2BN_ERROR); - return 0; + return nullptr; } if (isneg && BN_is_zero(bn)) { isneg = 0; } - aint = BN_to_ASN1_INTEGER(bn, NULL); + aint = BN_to_ASN1_INTEGER(bn, nullptr); BN_free(bn); if (!aint) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_BN_TO_ASN1_INTEGER_ERROR); - return 0; + return nullptr; } if (isneg) { aint->type |= V_ASN1_NEG; @@ -243,7 +243,7 @@ if (!aint) { return 1; } - if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) { + if (!(strtmp = i2s_ASN1_INTEGER(nullptr, aint))) { return 0; } ret = X509V3_add_value(name, strtmp, extlist); @@ -268,7 +268,7 @@ int X509V3_get_value_bool(const CONF_VALUE *value, ASN1_BOOLEAN *out_bool) { const char *btmp = value->value; - if (btmp == NULL) { + if (btmp == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_BOOLEAN_STRING); goto err; } @@ -284,7 +284,7 @@ int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint) { ASN1_INTEGER *itmp; - if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) { + if (!(itmp = s2i_ASN1_INTEGER(nullptr, value->value))) { X509V3_conf_err(value); return 0; } @@ -301,16 +301,16 @@ STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line) { char *p, *q, c; char *ntmp, *vtmp; - STACK_OF(CONF_VALUE) *values = NULL; + STACK_OF(CONF_VALUE) *values = nullptr; char *linebuf; int state; // We are going to modify the line so copy it first linebuf = OPENSSL_strdup(line); - if (linebuf == NULL) { + if (linebuf == nullptr) { goto err; } state = HDR_NAME; - ntmp = NULL; + ntmp = nullptr; // Go through all characters for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n'); p++) { switch (state) { @@ -335,7 +335,7 @@ OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } - X509V3_add_value(ntmp, NULL, &values); + X509V3_add_value(ntmp, nullptr, &values); } break; @@ -352,7 +352,7 @@ goto err; } X509V3_add_value(ntmp, vtmp, &values); - ntmp = NULL; + ntmp = nullptr; q = p + 1; } } @@ -377,7 +377,7 @@ OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_NAME); goto err; } - X509V3_add_value(ntmp, NULL, &values); + X509V3_add_value(ntmp, nullptr, &values); } OPENSSL_free(linebuf); return values; @@ -385,7 +385,7 @@ err: OPENSSL_free(linebuf); sk_CONF_VALUE_pop_free(values, X509V3_conf_free); - return NULL; + return nullptr; } // Delete leading and trailing spaces from a string @@ -397,7 +397,7 @@ p++; } if (!*p) { - return NULL; + return nullptr; } q = p + strlen(p) - 1; while ((q != p) && OPENSSL_isspace((unsigned char)*q)) { @@ -407,7 +407,7 @@ q[1] = 0; } if (!*p) { - return NULL; + return nullptr; } return p; } @@ -437,7 +437,7 @@ err: CBB_cleanup(&cbb); - return NULL; + return nullptr; } unsigned char *x509v3_hex_to_bytes(const char *str, size_t *len) { @@ -446,7 +446,7 @@ uint8_t high, low; if (!str) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_NULL_ARGUMENT); - return NULL; + return nullptr; } if (!(hexbuf = reinterpret_cast<uint8_t *>(OPENSSL_malloc(strlen(str) >> 1)))) { @@ -461,7 +461,7 @@ if (!cl) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_ODD_NUMBER_OF_DIGITS); OPENSSL_free(hexbuf); - return NULL; + return nullptr; } if (!OPENSSL_fromxdigit(&high, ch)) { goto badhex; @@ -480,12 +480,12 @@ err: OPENSSL_free(hexbuf); - return NULL; + return nullptr; badhex: OPENSSL_free(hexbuf); OPENSSL_PUT_ERROR(X509V3, X509V3_R_ILLEGAL_HEX_DIGIT); - return NULL; + return nullptr; } int x509v3_conf_name_matches(const char *name, const char *cmp) { @@ -507,7 +507,7 @@ STACK_OF(OPENSSL_STRING) *ret; gens = reinterpret_cast<GENERAL_NAMES *>( - X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL)); + X509_get_ext_d2i(x, NID_subject_alt_name, nullptr, nullptr)); ret = get_email(X509_get_subject_name(x), gens); sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); return ret; @@ -515,13 +515,13 @@ STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(const X509 *x) { AUTHORITY_INFO_ACCESS *info; - STACK_OF(OPENSSL_STRING) *ret = NULL; + STACK_OF(OPENSSL_STRING) *ret = nullptr; size_t i; info = reinterpret_cast<AUTHORITY_INFO_ACCESS *>( - X509_get_ext_d2i(x, NID_info_access, NULL, NULL)); + X509_get_ext_d2i(x, NID_info_access, nullptr, nullptr)); if (!info) { - return NULL; + return nullptr; } for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) { ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i); @@ -544,7 +544,7 @@ exts = X509_REQ_get_extensions(x); gens = reinterpret_cast<GENERAL_NAMES *>( - X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL)); + X509V3_get_d2i(exts, NID_subject_alt_name, nullptr, nullptr)); ret = get_email(X509_REQ_get_subject_name(x), gens); sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); @@ -553,7 +553,7 @@ static STACK_OF(OPENSSL_STRING) *get_email(const X509_NAME *name, const GENERAL_NAMES *gens) { - STACK_OF(OPENSSL_STRING) *ret = NULL; + STACK_OF(OPENSSL_STRING) *ret = nullptr; // Now add any email address(es) to STACK int i = -1; // First supplied X509_NAME @@ -562,7 +562,7 @@ const X509_NAME_ENTRY *ne = X509_NAME_get_entry(name, i); const ASN1_IA5STRING *email = X509_NAME_ENTRY_get_data(ne); if (!append_ia5(&ret, email)) { - return NULL; + return nullptr; } } for (size_t j = 0; j < sk_GENERAL_NAME_num(gens); j++) { @@ -571,7 +571,7 @@ continue; } if (!append_ia5(&ret, gen->d.ia5)) { - return NULL; + return nullptr; } } return ret; @@ -585,16 +585,16 @@ if (email->type != V_ASN1_IA5STRING) { return 1; } - if (email->data == NULL || email->length == 0) { + if (email->data == nullptr || email->length == 0) { return 1; } // |OPENSSL_STRING| cannot represent strings with embedded NULs. Do not // report them as outputs. - if (OPENSSL_memchr(email->data, 0, email->length) != NULL) { + if (OPENSSL_memchr(email->data, 0, email->length) != nullptr) { return 1; } - char *emtmp = NULL; + char *emtmp = nullptr; if (!*sk) { *sk = sk_OPENSSL_STRING_new(sk_strcmp); } @@ -603,13 +603,13 @@ } emtmp = OPENSSL_strndup((char *)email->data, email->length); - if (emtmp == NULL) { + if (emtmp == nullptr) { goto err; } // Don't add duplicates sk_OPENSSL_STRING_sort(*sk); - if (sk_OPENSSL_STRING_find(*sk, NULL, emtmp)) { + if (sk_OPENSSL_STRING_find(*sk, nullptr, emtmp)) { OPENSSL_free(emtmp); return 1; } @@ -623,7 +623,7 @@ // on |append_ia5| leaving |*sk| at NULL on error. OPENSSL_free(emtmp); X509_email_free(*sk); - *sk = NULL; + *sk = nullptr; return 0; } @@ -754,7 +754,7 @@ static const unsigned char *valid_star(const unsigned char *p, size_t len, unsigned int flags) { - const unsigned char *star = 0; + const unsigned char *star = nullptr; size_t i; int state = LABEL_START; int dots = 0; @@ -767,12 +767,12 @@ // At most one wildcard per pattern. // No wildcards in IDNA labels. // No wildcards after the first label. - if (star != NULL || (state & LABEL_IDNA) != 0 || dots) { - return NULL; + if (star != nullptr || (state & LABEL_IDNA) != 0 || dots) { + return nullptr; } // Only full-label '*.example.com' wildcards. if (!atstart || !atend) { - return NULL; + return nullptr; } star = &p[i]; state &= ~LABEL_START; @@ -784,25 +784,25 @@ state &= ~(LABEL_HYPHEN | LABEL_START); } else if (p[i] == '.') { if ((state & (LABEL_HYPHEN | LABEL_START)) != 0) { - return NULL; + return nullptr; } state = LABEL_START; ++dots; } else if (p[i] == '-') { // no domain/subdomain starts with '-' if ((state & LABEL_START) != 0) { - return NULL; + return nullptr; } state |= LABEL_HYPHEN; } else { - return NULL; + return nullptr; } } // The final label must not end in a hyphen or ".", and // there must be at least two dots after the star. if ((state & (LABEL_START | LABEL_HYPHEN)) != 0 || dots < 2) { - return NULL; + return nullptr; } return star; } @@ -811,14 +811,14 @@ static int equal_wildcard(const unsigned char *pattern, size_t pattern_len, const unsigned char *subject, size_t subject_len, unsigned int flags) { - const unsigned char *star = NULL; + const unsigned char *star = nullptr; // Subject names starting with '.' can only match a wildcard pattern // via a subject sub-domain pattern suffix match. if (!(subject_len > 1 && subject[0] == '.')) { star = valid_star(pattern, pattern_len, flags); } - if (star == NULL) { + if (star == nullptr) { return equal_nocase(pattern, pattern_len, subject, subject_len, flags); } return wildcard_match(pattern, star - pattern, star + 1, @@ -892,7 +892,7 @@ } if (rv > 0 && peername) { *peername = OPENSSL_strndup((char *)a->data, a->length); - if (*peername == NULL) { + if (*peername == nullptr) { return -1; } } @@ -913,7 +913,7 @@ } if (rv > 0 && peername) { *peername = OPENSSL_strndup((char *)astr, astrlen); - if (*peername == NULL) { + if (*peername == nullptr) { return -1; } } @@ -946,7 +946,7 @@ } GENERAL_NAMES *gens = reinterpret_cast<GENERAL_NAMES *>( - X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL)); + X509_get_ext_d2i(x, NID_subject_alt_name, nullptr, nullptr)); if (gens) { for (size_t i = 0; i < sk_GENERAL_NAME_num(gens); i++) { const GENERAL_NAME *gen = sk_GENERAL_NAME_value(gens, i); @@ -992,7 +992,7 @@ int X509_check_host(const X509 *x, const char *chk, size_t chklen, unsigned int flags, char **peername) { - if (chk == NULL) { + if (chk == nullptr) { return -2; } if (OPENSSL_memchr(chk, '\0', chklen)) { @@ -1003,35 +1003,36 @@ int X509_check_email(const X509 *x, const char *chk, size_t chklen, unsigned int flags) { - if (chk == NULL) { + if (chk == nullptr) { return -2; } if (OPENSSL_memchr(chk, '\0', chklen)) { return -2; } - return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL); + return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, nullptr); } int X509_check_ip(const X509 *x, const unsigned char *chk, size_t chklen, unsigned int flags) { - if (chk == NULL) { + if (chk == nullptr) { return -2; } - return do_x509_check(x, (const char *)chk, chklen, flags, GEN_IPADD, NULL); + return do_x509_check(x, (const char *)chk, chklen, flags, GEN_IPADD, nullptr); } int X509_check_ip_asc(const X509 *x, const char *ipasc, unsigned int flags) { unsigned char ipout[16]; size_t iplen; - if (ipasc == NULL) { + if (ipasc == nullptr) { return -2; } iplen = (size_t)x509v3_a2i_ipadd(ipout, ipasc); if (iplen == 0) { return -2; } - return do_x509_check(x, (const char *)ipout, iplen, flags, GEN_IPADD, NULL); + return do_x509_check(x, (const char *)ipout, iplen, flags, GEN_IPADD, + nullptr); } // Convert IP addresses both IPv4 and IPv6 into an OCTET STRING compatible @@ -1044,33 +1045,33 @@ iplen = x509v3_a2i_ipadd(ipout, ipasc); if (!iplen) { - return NULL; + return nullptr; } ret = ASN1_OCTET_STRING_new(); if (!ret) { - return NULL; + return nullptr; } if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) { ASN1_OCTET_STRING_free(ret); - return NULL; + return nullptr; } return ret; } ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc) { - ASN1_OCTET_STRING *ret = NULL; + ASN1_OCTET_STRING *ret = nullptr; unsigned char ipout[32]; - char *iptmp = NULL, *p; + char *iptmp = nullptr, *p; int iplen1, iplen2; // FIXME: yes, this function takes a const pointer and writes to it! p = const_cast<char *>(strchr(ipasc, '/')); if (!p) { - return NULL; + return nullptr; } iptmp = OPENSSL_strdup(ipasc); if (!iptmp) { - return NULL; + return nullptr; } p = iptmp + (p - ipasc); *p++ = 0; @@ -1084,7 +1085,7 @@ iplen2 = x509v3_a2i_ipadd(ipout + iplen1, p); OPENSSL_free(iptmp); - iptmp = NULL; + iptmp = nullptr; if (!iplen2 || (iplen1 != iplen2)) { goto err; @@ -1103,7 +1104,7 @@ err: OPENSSL_free(iptmp); ASN1_OCTET_STRING_free(ret); - return NULL; + return nullptr; } int x509v3_a2i_ipadd(uint8_t ipout[16], const char *ipasc) {
diff --git a/crypto/x509/x509_att.cc b/crypto/x509/x509_att.cc index 49363b2..3afcf48 100644 --- a/crypto/x509/x509_att.cc +++ b/crypto/x509/x509_att.cc
@@ -27,9 +27,9 @@ const ASN1_OBJECT *obj; obj = OBJ_nid2obj(nid); - if (obj == NULL) { + if (obj == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); - return NULL; + return nullptr; } return X509_ATTRIBUTE_create_by_OBJ(attr, obj, attrtype, data, len); } @@ -40,9 +40,9 @@ int len) { X509_ATTRIBUTE *ret; - if ((attr == NULL) || (*attr == NULL)) { - if ((ret = X509_ATTRIBUTE_new()) == NULL) { - return NULL; + if ((attr == nullptr) || (*attr == nullptr)) { + if ((ret = X509_ATTRIBUTE_new()) == nullptr) { + return nullptr; } } else { ret = *attr; @@ -55,15 +55,15 @@ goto err; } - if ((attr != NULL) && (*attr == NULL)) { + if ((attr != nullptr) && (*attr == nullptr)) { *attr = ret; } return ret; err: - if ((attr == NULL) || (ret != *attr)) { + if ((attr == nullptr) || (ret != *attr)) { X509_ATTRIBUTE_free(ret); } - return NULL; + return nullptr; } X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, @@ -74,10 +74,10 @@ X509_ATTRIBUTE *nattr; obj = OBJ_txt2obj(attrname, 0); - if (obj == NULL) { + if (obj == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", attrname); - return NULL; + return nullptr; } nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len); ASN1_OBJECT_free(obj); @@ -85,12 +85,12 @@ } int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) { - if ((attr == NULL) || (obj == NULL)) { + if ((attr == nullptr) || (obj == nullptr)) { return 0; } ASN1_OBJECT_free(attr->object); attr->object = OBJ_dup(obj); - return attr->object != NULL; + return attr->object != nullptr; } int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, @@ -106,7 +106,7 @@ } ASN1_TYPE *typ = ASN1_TYPE_new(); - if (typ == NULL) { + if (typ == nullptr) { return 0; } @@ -116,9 +116,9 @@ // preferred ASN.1 type. Note |len| may be -1, in which case // |ASN1_STRING_set_by_NID| calls |strlen| automatically. ASN1_STRING *str = - ASN1_STRING_set_by_NID(NULL, reinterpret_cast<const uint8_t *>(data), + ASN1_STRING_set_by_NID(nullptr, reinterpret_cast<const uint8_t *>(data), len, attrtype, OBJ_obj2nid(attr->object)); - if (str == NULL) { + if (str == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB); goto err; } @@ -127,7 +127,7 @@ // |attrtype| must be a valid |ASN1_STRING| type. |data| and |len| is a // value in the corresponding |ASN1_STRING| representation. ASN1_STRING *str = ASN1_STRING_type_new(attrtype); - if (str == NULL || !ASN1_STRING_set(str, data, len)) { + if (str == nullptr || !ASN1_STRING_set(str, data, len)) { ASN1_STRING_free(str); goto err; } @@ -155,8 +155,8 @@ } ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) { - if (attr == NULL) { - return NULL; + if (attr == nullptr) { + return nullptr; } return attr->object; } @@ -166,21 +166,21 @@ ASN1_TYPE *ttmp; ttmp = X509_ATTRIBUTE_get0_type(attr, idx); if (!ttmp) { - return NULL; + return nullptr; } if (attrtype != ASN1_TYPE_get(ttmp)) { OPENSSL_PUT_ERROR(X509, X509_R_WRONG_TYPE); - return NULL; + return nullptr; } return (void *)asn1_type_value_as_pointer(ttmp); } ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) { - if (attr == NULL) { - return NULL; + if (attr == nullptr) { + return nullptr; } if (idx >= X509_ATTRIBUTE_count(attr)) { - return NULL; + return nullptr; } return sk_ASN1_TYPE_value(attr->set, idx); }
diff --git a/crypto/x509/x509_cmp.cc b/crypto/x509/x509_cmp.cc index 5bd407a..511ec64 100644 --- a/crypto/x509/x509_cmp.cc +++ b/crypto/x509/x509_cmp.cc
@@ -151,7 +151,7 @@ const X509_NAME *name, const ASN1_INTEGER *serial) { if (serial->type != V_ASN1_INTEGER && serial->type != V_ASN1_NEG_INTEGER) { - return NULL; + return nullptr; } for (size_t i = 0; i < sk_X509_num(sk); i++) { @@ -161,7 +161,7 @@ return x509; } } - return NULL; + return nullptr; } X509 *X509_find_by_subject(const STACK_OF(X509) *sk, const X509_NAME *name) { @@ -171,26 +171,26 @@ return x509; } } - return NULL; + return nullptr; } EVP_PKEY *X509_get0_pubkey(const X509 *x) { - if (x == NULL) { - return NULL; + if (x == nullptr) { + return nullptr; } return X509_PUBKEY_get0(&x->key); } EVP_PKEY *X509_get_pubkey(const X509 *x) { - if (x == NULL) { - return NULL; + if (x == nullptr) { + return nullptr; } return X509_PUBKEY_get(&x->key); } ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x) { if (!x) { - return NULL; + return nullptr; } // This function is not const-correct for OpenSSL compatibility. return const_cast<ASN1_BIT_STRING*>(&x->key.public_key); @@ -198,7 +198,7 @@ int X509_check_private_key(const X509 *x, const EVP_PKEY *k) { const EVP_PKEY *xk = X509_get0_pubkey(x); - if (xk == NULL) { + if (xk == nullptr) { return 0; } @@ -227,8 +227,8 @@ // each X509 structure. STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain) { STACK_OF(X509) *ret = sk_X509_dup(chain); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } for (size_t i = 0; i < sk_X509_num(ret); i++) { X509_up_ref(sk_X509_value(ret, i));
diff --git a/crypto/x509/x509_d2.cc b/crypto/x509/x509_d2.cc index c4b16c4..1ef80bf 100644 --- a/crypto/x509/x509_d2.cc +++ b/crypto/x509/x509_d2.cc
@@ -20,16 +20,16 @@ X509_LOOKUP *lookup; lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); - if (lookup == NULL) { + if (lookup == nullptr) { return 0; } - X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); + X509_LOOKUP_load_file(lookup, nullptr, X509_FILETYPE_DEFAULT); lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); - if (lookup == NULL) { + if (lookup == nullptr) { return 0; } - X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); + X509_LOOKUP_add_dir(lookup, nullptr, X509_FILETYPE_DEFAULT); // clear any errors ERR_clear_error(); @@ -41,25 +41,25 @@ const char *path) { X509_LOOKUP *lookup; - if (file != NULL) { + if (file != nullptr) { lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); - if (lookup == NULL) { + if (lookup == nullptr) { return 0; } if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1) { return 0; } } - if (path != NULL) { + if (path != nullptr) { lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); - if (lookup == NULL) { + if (lookup == nullptr) { return 0; } if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1) { return 0; } } - if ((path == NULL) && (file == NULL)) { + if ((path == nullptr) && (file == nullptr)) { return 0; } return 1;
diff --git a/crypto/x509/x509_ext.cc b/crypto/x509/x509_ext.cc index bb896dc..ed1cea0 100644 --- a/crypto/x509/x509_ext.cc +++ b/crypto/x509/x509_ext.cc
@@ -66,7 +66,7 @@ } int X509_CRL_add_ext(X509_CRL *x, const X509_EXTENSION *ex, int loc) { - return X509v3_add_ext(&x->crl->extensions, ex, loc) != NULL; + return X509v3_add_ext(&x->crl->extensions, ex, loc) != nullptr; } int X509_get_ext_count(const X509 *x) { @@ -94,7 +94,7 @@ } int X509_add_ext(X509 *x, const X509_EXTENSION *ex, int loc) { - return X509v3_add_ext(&x->extensions, ex, loc) != NULL; + return X509v3_add_ext(&x->extensions, ex, loc) != nullptr; } void *X509_get_ext_d2i(const X509 *x509, int nid, int *out_critical, @@ -134,7 +134,7 @@ } int X509_REVOKED_add_ext(X509_REVOKED *x, const X509_EXTENSION *ex, int loc) { - return X509v3_add_ext(&x->extensions, ex, loc) != NULL; + return X509v3_add_ext(&x->extensions, ex, loc) != nullptr; } void *X509_REVOKED_get_ext_d2i(const X509_REVOKED *revoked, int nid,
diff --git a/crypto/x509/x509_lu.cc b/crypto/x509/x509_lu.cc index 4599ef9..93181e0 100644 --- a/crypto/x509/x509_lu.cc +++ b/crypto/x509/x509_lu.cc
@@ -42,24 +42,24 @@ X509_STORE *store) { X509_LOOKUP *ret = reinterpret_cast<X509_LOOKUP *>(OPENSSL_zalloc(sizeof(X509_LOOKUP))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->method = method; ret->store_ctx = store; - if (method->new_item != NULL && !method->new_item(ret)) { + if (method->new_item != nullptr && !method->new_item(ret)) { OPENSSL_free(ret); - return NULL; + return nullptr; } return ret; } void X509_LOOKUP_free(X509_LOOKUP *ctx) { - if (ctx == NULL) { + if (ctx == nullptr) { return; } - if (ctx->method != NULL && ctx->method->free != NULL) { + if (ctx->method != nullptr && ctx->method->free != nullptr) { (*ctx->method->free)(ctx); } OPENSSL_free(ctx); @@ -67,10 +67,10 @@ int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret) { - if (ctx->method == NULL) { + if (ctx->method == nullptr) { return -1; } - if (ctx->method->ctrl != NULL) { + if (ctx->method->ctrl != nullptr) { return ctx->method->ctrl(ctx, cmd, argc, argl, ret); } else { return 1; @@ -79,7 +79,7 @@ static int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, const X509_NAME *name, X509_OBJECT *ret) { - if (ctx->method == NULL || ctx->method->get_by_subject == NULL) { + if (ctx->method == nullptr || ctx->method->get_by_subject == nullptr) { return 0; } // Note |get_by_subject| leaves |ret| in an inconsistent state. It has @@ -129,8 +129,8 @@ X509_STORE *X509_STORE_new(void) { X509_STORE *ret = reinterpret_cast<X509_STORE *>(OPENSSL_zalloc(sizeof(X509_STORE))); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->references = 1; @@ -138,10 +138,10 @@ ret->objs = sk_X509_OBJECT_new(x509_object_cmp_sk); ret->get_cert_methods = sk_X509_LOOKUP_new_null(); ret->param = X509_VERIFY_PARAM_new(); - if (ret->objs == NULL || ret->get_cert_methods == NULL || - ret->param == NULL) { + if (ret->objs == nullptr || ret->get_cert_methods == nullptr || + ret->param == nullptr) { X509_STORE_free(ret); - return NULL; + return nullptr; } return ret; @@ -174,9 +174,9 @@ } X509_LOOKUP *lu = X509_LOOKUP_new(m, v); - if (lu == NULL || !sk_X509_LOOKUP_push(v->get_cert_methods, lu)) { + if (lu == nullptr || !sk_X509_LOOKUP_push(v->get_cert_methods, lu)) { X509_LOOKUP_free(lu); - return NULL; + return nullptr; } return lu; @@ -190,7 +190,7 @@ X509_OBJECT *tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name); CRYPTO_MUTEX_unlock_write(&ctx->objs_lock); - if (tmp == NULL || type == X509_LU_CRL) { + if (tmp == nullptr || type == X509_LU_CRL) { for (size_t i = 0; i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) { X509_LOOKUP *lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i); if (X509_LOOKUP_by_subject(lu, type, name, &stmp)) { @@ -198,7 +198,7 @@ break; } } - if (tmp == NULL) { + if (tmp == nullptr) { return 0; } } @@ -212,12 +212,12 @@ } static int x509_store_add(X509_STORE *ctx, void *x, int is_crl) { - if (x == NULL) { + if (x == nullptr) { return 0; } X509_OBJECT *const obj = X509_OBJECT_new(); - if (obj == NULL) { + if (obj == nullptr) { return 0; } @@ -261,7 +261,7 @@ } void X509_OBJECT_free(X509_OBJECT *obj) { - if (obj == NULL) { + if (obj == nullptr) { return; } X509_OBJECT_free_contents(obj); @@ -296,8 +296,8 @@ int X509_OBJECT_get_type(const X509_OBJECT *a) { return a->type; } X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a) { - if (a == NULL || a->type != X509_LU_X509) { - return NULL; + if (a == nullptr || a->type != X509_LU_X509) { + return nullptr; } return a->data.x509; } @@ -347,7 +347,7 @@ static int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, const X509_NAME *name) { - return x509_object_idx_cnt(h, type, name, NULL); + return x509_object_idx_cnt(h, type, name, nullptr); } static X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, @@ -356,15 +356,15 @@ int idx; idx = X509_OBJECT_idx_by_subject(h, type, name); if (idx == -1) { - return NULL; + return nullptr; } return sk_X509_OBJECT_value(h, idx); } static X509_OBJECT *x509_object_dup(const X509_OBJECT *obj) { X509_OBJECT *ret = X509_OBJECT_new(); - if (ret == NULL) { - return NULL; + if (ret == nullptr) { + return nullptr; } ret->type = obj->type; ret->data = obj->data; @@ -388,8 +388,8 @@ const X509_NAME *nm) { int cnt; STACK_OF(X509) *sk = sk_X509_new_null(); - if (sk == NULL) { - return NULL; + if (sk == nullptr) { + return nullptr; } CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); int idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt); @@ -400,7 +400,7 @@ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); if (!X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) { sk_X509_free(sk); - return NULL; + return nullptr; } X509_OBJECT_free_contents(&xobj); CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); @@ -408,7 +408,7 @@ if (idx < 0) { CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); sk_X509_free(sk); - return NULL; + return nullptr; } } for (int i = 0; i < cnt; i++, idx++) { @@ -417,7 +417,7 @@ if (!sk_X509_push(sk, x)) { CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); sk_X509_pop_free(sk, X509_free); - return NULL; + return nullptr; } X509_up_ref(x); } @@ -430,14 +430,14 @@ int cnt; X509_OBJECT xobj; STACK_OF(X509_CRL) *sk = sk_X509_CRL_new_null(); - if (sk == NULL) { - return NULL; + if (sk == nullptr) { + return nullptr; } // Always do lookup to possibly add new CRLs to cache. if (!X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) { sk_X509_CRL_free(sk); - return NULL; + return nullptr; } X509_OBJECT_free_contents(&xobj); CRYPTO_MUTEX_lock_write(&ctx->ctx->objs_lock); @@ -445,7 +445,7 @@ if (idx < 0) { CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); sk_X509_CRL_free(sk); - return NULL; + return nullptr; } for (int i = 0; i < cnt; i++, idx++) { @@ -456,7 +456,7 @@ CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); X509_CRL_free(x); sk_X509_CRL_pop_free(sk, X509_CRL_free); - return NULL; + return nullptr; } } CRYPTO_MUTEX_unlock_write(&ctx->ctx->objs_lock); @@ -468,7 +468,7 @@ sk_X509_OBJECT_sort(h); size_t idx; if (!sk_X509_OBJECT_find(h, &idx, x)) { - return NULL; + return nullptr; } if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL)) { return sk_X509_OBJECT_value(h, idx); @@ -476,7 +476,7 @@ for (size_t i = idx; i < sk_X509_OBJECT_num(h); i++) { X509_OBJECT *obj = sk_X509_OBJECT_value(h, i); if (x509_object_cmp(obj, x)) { - return NULL; + return nullptr; } if (x->type == X509_LU_X509) { if (!X509_cmp(obj->data.x509, x->data.x509)) { @@ -490,7 +490,7 @@ return obj; } } - return NULL; + return nullptr; } int X509_STORE_CTX_get1_issuer(X509 **out_issuer, X509_STORE_CTX *ctx,
diff --git a/crypto/x509/x509_obj.cc b/crypto/x509/x509_obj.cc index 66ef386..36a98fc 100644 --- a/crypto/x509/x509_obj.cc +++ b/crypto/x509/x509_obj.cc
@@ -36,13 +36,13 @@ const char *s; char *p; unsigned char *q; - BUF_MEM *b = NULL; + BUF_MEM *b = nullptr; static const char hex[17] = "0123456789ABCDEF"; int gs_doit[4]; char tmp_buf[80]; - if (buf == NULL) { - if ((b = BUF_MEM_new()) == NULL) { + if (buf == nullptr) { + if ((b = BUF_MEM_new()) == nullptr) { goto err; } if (!BUF_MEM_grow(b, 200)) { @@ -51,9 +51,9 @@ b->data[0] = '\0'; len = 200; } else if (len <= 0) { - return NULL; + return nullptr; } - if (a == NULL) { + if (a == nullptr) { if (b) { buf = b->data; OPENSSL_free(b); @@ -67,7 +67,7 @@ for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { ne = sk_X509_NAME_ENTRY_value(a->entries, i); n = OBJ_obj2nid(ne->object); - if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) { + if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == nullptr)) { i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object); s = tmp_buf; } @@ -115,7 +115,7 @@ OPENSSL_PUT_ERROR(X509, X509_R_NAME_TOO_LONG); goto err; } - if (b != NULL) { + if (b != nullptr) { if (!BUF_MEM_grow(b, l + 1)) { goto err; } @@ -148,7 +148,7 @@ } *p = '\0'; } - if (b != NULL) { + if (b != nullptr) { p = b->data; OPENSSL_free(b); } else { @@ -160,5 +160,5 @@ return p; err: BUF_MEM_free(b); - return NULL; + return nullptr; }
diff --git a/crypto/x509/x509_req.cc b/crypto/x509/x509_req.cc index ffaaf82..31c9724 100644 --- a/crypto/x509/x509_req.cc +++ b/crypto/x509/x509_req.cc
@@ -35,22 +35,22 @@ } EVP_PKEY *X509_REQ_get_pubkey(const X509_REQ *req) { - if (req == NULL) { - return NULL; + if (req == nullptr) { + return nullptr; } return X509_PUBKEY_get(req->req_info->pubkey); } EVP_PKEY *X509_REQ_get0_pubkey(const X509_REQ *req) { - if (req == NULL) { - return NULL; + if (req == nullptr) { + return nullptr; } return X509_PUBKEY_get0(req->req_info->pubkey); } int X509_REQ_check_private_key(const X509_REQ *x, const EVP_PKEY *k) { const EVP_PKEY *xk = X509_REQ_get0_pubkey(x); - if (xk == NULL) { + if (xk == nullptr) { return 0; } @@ -83,8 +83,8 @@ } STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(const X509_REQ *req) { - if (req == NULL || req->req_info == NULL) { - return NULL; + if (req == nullptr || req->req_info == nullptr) { + return nullptr; } int idx = X509_REQ_get_attr_by_NID(req, NID_ext_req, -1); @@ -92,7 +92,7 @@ idx = X509_REQ_get_attr_by_NID(req, NID_ms_ext_req, -1); } if (idx == -1) { - return NULL; + return nullptr; } const X509_ATTRIBUTE *attr = X509_REQ_get_attr(req, idx); @@ -100,11 +100,12 @@ // take and return a const pointer. const ASN1_TYPE *ext = X509_ATTRIBUTE_get0_type((X509_ATTRIBUTE *)attr, 0); if (!ext || ext->type != V_ASN1_SEQUENCE) { - return NULL; + return nullptr; } const unsigned char *p = ext->value.sequence->data; return (STACK_OF(X509_EXTENSION) *)ASN1_item_d2i( - NULL, &p, ext->value.sequence->length, ASN1_ITEM_rptr(X509_EXTENSIONS)); + nullptr, &p, ext->value.sequence->length, + ASN1_ITEM_rptr(X509_EXTENSIONS)); } // Add a STACK_OF extensions to a certificate request: allow alternative OIDs @@ -113,7 +114,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, const STACK_OF(X509_EXTENSION) *exts, int nid) { // Generate encoding of extensions - unsigned char *ext = NULL; + unsigned char *ext = nullptr; int ext_len = ASN1_item_i2d((ASN1_VALUE *)exts, &ext, ASN1_ITEM_rptr(X509_EXTENSIONS)); if (ext_len <= 0) { @@ -136,7 +137,7 @@ int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos) { const ASN1_OBJECT *obj = OBJ_nid2obj(nid); - if (obj == NULL) { + if (obj == nullptr) { return -1; } return X509_REQ_get_attr_by_OBJ(req, obj, lastpos); @@ -144,7 +145,7 @@ int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, const ASN1_OBJECT *obj, int lastpos) { - if (req->req_info->attributes == NULL) { + if (req->req_info->attributes == nullptr) { return -1; } lastpos++; @@ -163,26 +164,26 @@ } X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc) { - if (req->req_info->attributes == NULL || loc < 0 || + if (req->req_info->attributes == nullptr || loc < 0 || sk_X509_ATTRIBUTE_num(req->req_info->attributes) <= (size_t)loc) { - return NULL; + return nullptr; } return sk_X509_ATTRIBUTE_value(req->req_info->attributes, loc); } X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc) { - if (req->req_info->attributes == NULL || loc < 0 || + if (req->req_info->attributes == nullptr || loc < 0 || sk_X509_ATTRIBUTE_num(req->req_info->attributes) <= (size_t)loc) { - return NULL; + return nullptr; } return sk_X509_ATTRIBUTE_delete(req->req_info->attributes, loc); } static int X509_REQ_add0_attr(X509_REQ *req, X509_ATTRIBUTE *attr) { - if (req->req_info->attributes == NULL) { + if (req->req_info->attributes == nullptr) { req->req_info->attributes = sk_X509_ATTRIBUTE_new_null(); } - if (req->req_info->attributes == NULL || + if (req->req_info->attributes == nullptr || !sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) { return 0; } @@ -192,7 +193,7 @@ int X509_REQ_add1_attr(X509_REQ *req, const X509_ATTRIBUTE *attr) { X509_ATTRIBUTE *new_attr = X509_ATTRIBUTE_dup(attr); - if (new_attr == NULL || !X509_REQ_add0_attr(req, new_attr)) { + if (new_attr == nullptr || !X509_REQ_add0_attr(req, new_attr)) { X509_ATTRIBUTE_free(new_attr); return 0; } @@ -204,8 +205,8 @@ int attrtype, const unsigned char *data, int len) { X509_ATTRIBUTE *attr = - X509_ATTRIBUTE_create_by_OBJ(NULL, obj, attrtype, data, len); - if (attr == NULL || !X509_REQ_add0_attr(req, attr)) { + X509_ATTRIBUTE_create_by_OBJ(nullptr, obj, attrtype, data, len); + if (attr == nullptr || !X509_REQ_add0_attr(req, attr)) { X509_ATTRIBUTE_free(attr); return 0; } @@ -216,8 +217,8 @@ int X509_REQ_add1_attr_by_NID(X509_REQ *req, int nid, int attrtype, const unsigned char *data, int len) { X509_ATTRIBUTE *attr = - X509_ATTRIBUTE_create_by_NID(NULL, nid, attrtype, data, len); - if (attr == NULL || !X509_REQ_add0_attr(req, attr)) { + X509_ATTRIBUTE_create_by_NID(nullptr, nid, attrtype, data, len); + if (attr == nullptr || !X509_REQ_add0_attr(req, attr)) { X509_ATTRIBUTE_free(attr); return 0; } @@ -228,8 +229,8 @@ int X509_REQ_add1_attr_by_txt(X509_REQ *req, const char *attrname, int attrtype, const unsigned char *data, int len) { X509_ATTRIBUTE *attr = - X509_ATTRIBUTE_create_by_txt(NULL, attrname, attrtype, data, len); - if (attr == NULL || !X509_REQ_add0_attr(req, attr)) { + X509_ATTRIBUTE_create_by_txt(nullptr, attrname, attrtype, data, len); + if (attr == nullptr || !X509_REQ_add0_attr(req, attr)) { X509_ATTRIBUTE_free(attr); return 0; } @@ -239,10 +240,10 @@ void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg) { - if (psig != NULL) { + if (psig != nullptr) { *psig = req->signature; } - if (palg != NULL) { + if (palg != nullptr) { *palg = req->sig_alg; } }
diff --git a/crypto/x509/x509_set.cc b/crypto/x509/x509_set.cc index 12953a4..9f39a72 100644 --- a/crypto/x509/x509_set.cc +++ b/crypto/x509/x509_set.cc
@@ -24,7 +24,7 @@ long X509_get_version(const X509 *x509) { return x509->version; } int X509_set_version(X509 *x, long version) { - if (x == NULL) { + if (x == nullptr) { return 0; } @@ -112,10 +112,10 @@ void X509_get0_uids(const X509 *x509, const ASN1_BIT_STRING **out_issuer_uid, const ASN1_BIT_STRING **out_subject_uid) { - if (out_issuer_uid != NULL) { + if (out_issuer_uid != nullptr) { *out_issuer_uid = x509->issuerUID; } - if (out_subject_uid != NULL) { + if (out_subject_uid != nullptr) { *out_subject_uid = x509->subjectUID; } }
diff --git a/crypto/x509/x509_test.cc b/crypto/x509/x509_test.cc index de67e41..f859d21 100644 --- a/crypto/x509/x509_test.cc +++ b/crypto/x509/x509_test.cc
@@ -2290,15 +2290,15 @@ ASSERT_TRUE(pkey); // Test PKCS#1 v1.5. bssl::ScopedEVP_MD_CTX md_ctx; - ASSERT_TRUE( - EVP_DigestSignInit(md_ctx.get(), NULL, EVP_sha256(), NULL, pkey.get())); + ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), nullptr, EVP_sha256(), nullptr, + pkey.get())); ASSERT_TRUE(SignatureRoundTrips(md_ctx.get(), pkey.get())); // RSA-PSS with salt length matching hash length should work when passing in // |RSA_PSS_SALTLEN_DIGEST| or the value explicitly. md_ctx.Reset(); EVP_PKEY_CTX *pkey_ctx; - ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), NULL, + ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), nullptr, pkey.get())); ASSERT_TRUE(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)); ASSERT_TRUE( @@ -2306,7 +2306,7 @@ ASSERT_TRUE(SignatureRoundTrips(md_ctx.get(), pkey.get())); md_ctx.Reset(); - ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), NULL, + ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), nullptr, pkey.get())); ASSERT_TRUE(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)); ASSERT_TRUE(EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, 32)); @@ -2314,7 +2314,7 @@ // RSA-PSS with SHA-1 is not supported. md_ctx.Reset(); - ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha1(), NULL, + ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha1(), nullptr, pkey.get())); ASSERT_TRUE(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)); ASSERT_TRUE( @@ -2325,7 +2325,7 @@ // RSA-PSS with mismatched hashes is not supported. md_ctx.Reset(); - ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), NULL, + ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), nullptr, pkey.get())); ASSERT_TRUE(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)); ASSERT_TRUE( @@ -2337,7 +2337,7 @@ // RSA-PSS with the wrong salt length is not supported. md_ctx.Reset(); - ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), NULL, + ASSERT_TRUE(EVP_DigestSignInit(md_ctx.get(), &pkey_ctx, EVP_sha256(), nullptr, pkey.get())); ASSERT_TRUE(EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)); ASSERT_TRUE(EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, 33));
diff --git a/crypto/x509/x509_time_test.cc b/crypto/x509/x509_time_test.cc index 637228b..ada534e 100644 --- a/crypto/x509/x509_time_test.cc +++ b/crypto/x509/x509_time_test.cc
@@ -313,13 +313,13 @@ } TEST(X509TimeTest, TestCmpTimeCurrent) { - time_t now = time(NULL); + time_t now = time(nullptr); // Pick a day earlier and later, relative to any system clock. - bssl::UniquePtr<ASN1_TIME> asn1_before(ASN1_TIME_adj(NULL, now, -1, 0)); - bssl::UniquePtr<ASN1_TIME> asn1_after(ASN1_TIME_adj(NULL, now, 1, 0)); + bssl::UniquePtr<ASN1_TIME> asn1_before(ASN1_TIME_adj(nullptr, now, -1, 0)); + bssl::UniquePtr<ASN1_TIME> asn1_after(ASN1_TIME_adj(nullptr, now, 1, 0)); - ASSERT_EQ(-1, X509_cmp_time(asn1_before.get(), NULL)); - ASSERT_EQ(1, X509_cmp_time(asn1_after.get(), NULL)); + ASSERT_EQ(-1, X509_cmp_time(asn1_before.get(), nullptr)); + ASSERT_EQ(1, X509_cmp_time(asn1_after.get(), nullptr)); } } // namespace
diff --git a/crypto/x509/x509_trs.cc b/crypto/x509/x509_trs.cc index eb11804..4b90d30 100644 --- a/crypto/x509/x509_trs.cc +++ b/crypto/x509/x509_trs.cc
@@ -48,7 +48,7 @@ return &t; } } - return NULL; + return nullptr; } int X509_check_trust(X509 *x, int id, int flags) { @@ -61,10 +61,10 @@ if (rv != X509_TRUST_UNTRUSTED) { return rv; } - return trust_compat(NULL, x); + return trust_compat(nullptr, x); } const X509_TRUST *pt = X509_TRUST_get0(id); - if (pt == NULL) { + if (pt == nullptr) { // Unknown trust IDs are silently reintrepreted as NIDs. This is unreachable // from the certificate verifier itself, but wpa_supplicant relies on it. // Note this relies on commonly-used NIDs and trust IDs not colliding. @@ -74,7 +74,7 @@ } int X509_is_valid_trust_id(int trust) { - return X509_TRUST_get0(trust) != NULL; + return X509_TRUST_get0(trust) != nullptr; } static int trust_1oidany(const X509_TRUST *trust, X509 *x) {
diff --git a/crypto/x509/x509_v3.cc b/crypto/x509/x509_v3.cc index 9033d76..c4e2aaf 100644 --- a/crypto/x509/x509_v3.cc +++ b/crypto/x509/x509_v3.cc
@@ -23,7 +23,7 @@ int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x) { - if (x == NULL) { + if (x == nullptr) { return 0; } return (int)sk_X509_EXTENSION_num(x); @@ -32,7 +32,7 @@ int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid, int lastpos) { const ASN1_OBJECT *obj = OBJ_nid2obj(nid); - if (obj == NULL) { + if (obj == nullptr) { return -1; } return X509v3_get_ext_by_OBJ(x, obj, lastpos); @@ -40,7 +40,7 @@ int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, const ASN1_OBJECT *obj, int lastpos) { - if (sk == NULL) { + if (sk == nullptr) { return -1; } lastpos++; @@ -59,7 +59,7 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, int lastpos) { - if (sk == NULL) { + if (sk == nullptr) { return -1; } @@ -80,8 +80,8 @@ } X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc) { - if (x == NULL || loc < 0 || sk_X509_EXTENSION_num(x) <= (size_t)loc) { - return NULL; + if (x == nullptr || loc < 0 || sk_X509_EXTENSION_num(x) <= (size_t)loc) { + return nullptr; } else { return sk_X509_EXTENSION_value(x, loc); } @@ -90,8 +90,8 @@ X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc) { X509_EXTENSION *ret; - if (x == NULL || loc < 0 || sk_X509_EXTENSION_num(x) <= (size_t)loc) { - return NULL; + if (x == nullptr || loc < 0 || sk_X509_EXTENSION_num(x) <= (size_t)loc) { + return nullptr; } ret = sk_X509_EXTENSION_delete(x, loc); return ret; @@ -99,17 +99,17 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, const X509_EXTENSION *ex, int loc) { - X509_EXTENSION *new_ex = NULL; - STACK_OF(X509_EXTENSION) *sk = NULL; + X509_EXTENSION *new_ex = nullptr; + STACK_OF(X509_EXTENSION) *sk = nullptr; int free_sk = 0, n; - if (x == NULL) { + if (x == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); goto err; } - if (*x == NULL) { - if ((sk = sk_X509_EXTENSION_new_null()) == NULL) { + if (*x == nullptr) { + if ((sk = sk_X509_EXTENSION_new_null()) == nullptr) { goto err; } free_sk = 1; @@ -124,13 +124,13 @@ loc = n; } - if ((new_ex = X509_EXTENSION_dup(ex)) == NULL) { + if ((new_ex = X509_EXTENSION_dup(ex)) == nullptr) { goto err; } if (!sk_X509_EXTENSION_insert(sk, new_ex, loc)) { goto err; } - if (*x == NULL) { + if (*x == nullptr) { *x = sk; } return sk; @@ -140,7 +140,7 @@ if (free_sk) { sk_X509_EXTENSION_free(sk); } - return NULL; + return nullptr; } X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, @@ -150,9 +150,9 @@ X509_EXTENSION *ret; obj = OBJ_nid2obj(nid); - if (obj == NULL) { + if (obj == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); - return NULL; + return nullptr; } ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data); return ret; @@ -163,9 +163,9 @@ const ASN1_OCTET_STRING *data) { X509_EXTENSION *ret; - if ((ex == NULL) || (*ex == NULL)) { - if ((ret = X509_EXTENSION_new()) == NULL) { - return NULL; + if ((ex == nullptr) || (*ex == nullptr)) { + if ((ret = X509_EXTENSION_new()) == nullptr) { + return nullptr; } } else { ret = *ex; @@ -181,28 +181,28 @@ goto err; } - if ((ex != NULL) && (*ex == NULL)) { + if ((ex != nullptr) && (*ex == nullptr)) { *ex = ret; } return ret; err: - if ((ex == NULL) || (ret != *ex)) { + if ((ex == nullptr) || (ret != *ex)) { X509_EXTENSION_free(ret); } - return NULL; + return nullptr; } int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj) { - if ((ex == NULL) || (obj == NULL)) { + if ((ex == nullptr) || (obj == nullptr)) { return 0; } ASN1_OBJECT_free(ex->object); ex->object = OBJ_dup(obj); - return ex->object != NULL; + return ex->object != nullptr; } int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit) { - if (ex == NULL) { + if (ex == nullptr) { return 0; } // The critical field is DEFAULT FALSE, so non-critical extensions should omit @@ -214,7 +214,7 @@ int X509_EXTENSION_set_data(X509_EXTENSION *ex, const ASN1_OCTET_STRING *data) { int i; - if (ex == NULL) { + if (ex == nullptr) { return 0; } i = ASN1_OCTET_STRING_set(ex->value, data->data, data->length); @@ -225,21 +225,21 @@ } ASN1_OBJECT *X509_EXTENSION_get_object(const X509_EXTENSION *ex) { - if (ex == NULL) { - return NULL; + if (ex == nullptr) { + return nullptr; } return ex->object; } ASN1_OCTET_STRING *X509_EXTENSION_get_data(const X509_EXTENSION *ex) { - if (ex == NULL) { - return NULL; + if (ex == nullptr) { + return nullptr; } return ex->value; } int X509_EXTENSION_get_critical(const X509_EXTENSION *ex) { - if (ex == NULL) { + if (ex == nullptr) { return 0; } if (ex->critical > 0) {
diff --git a/crypto/x509/x509_vfy.cc b/crypto/x509/x509_vfy.cc index 5b007e5..a1ae85f 100644 --- a/crypto/x509/x509_vfy.cc +++ b/crypto/x509/x509_vfy.cc
@@ -106,12 +106,12 @@ // Given a certificate try and find an exact match in the store static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x) { STACK_OF(X509) *certs; - X509 *xtmp = NULL; + X509 *xtmp = nullptr; size_t i; // Lookup all certs with matching subject name certs = X509_STORE_CTX_get1_certs(ctx, X509_get_subject_name(x)); - if (certs == NULL) { - return NULL; + if (certs == nullptr) { + return nullptr; } // Look for exact match for (i = 0; i < sk_X509_num(certs); i++) { @@ -123,28 +123,28 @@ if (i < sk_X509_num(certs)) { X509_up_ref(xtmp); } else { - xtmp = NULL; + xtmp = nullptr; } sk_X509_pop_free(certs, X509_free); return xtmp; } int X509_verify_cert(X509_STORE_CTX *ctx) { - X509 *chain_ss = NULL; + X509 *chain_ss = nullptr; int bad_chain = 0; X509_VERIFY_PARAM *param = ctx->param; int i, ok = 0; int j, retry, trust; - STACK_OF(X509) *sktmp = NULL; + STACK_OF(X509) *sktmp = nullptr; { - if (ctx->cert == NULL) { + if (ctx->cert == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); ctx->error = X509_V_ERR_INVALID_CALL; return 0; } - if (ctx->chain != NULL) { + if (ctx->chain != nullptr) { // This X509_STORE_CTX has already been used to verify a cert. We // cannot do another one. OPENSSL_PUT_ERROR(X509, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); @@ -165,7 +165,7 @@ // first we make sure the chain we are going to build is present and that // the first entry is in place ctx->chain = sk_X509_new_null(); - if (ctx->chain == NULL || !sk_X509_push(ctx->chain, ctx->cert)) { + if (ctx->chain == nullptr || !sk_X509_push(ctx->chain, ctx->cert)) { ctx->error = X509_V_ERR_OUT_OF_MEM; goto end; } @@ -173,8 +173,8 @@ ctx->last_untrusted = 1; // We use a temporary STACK so we can chop and hack at it. - if (ctx->untrusted != NULL && - (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) { + if (ctx->untrusted != nullptr && + (sktmp = sk_X509_dup(ctx->untrusted)) == nullptr) { ctx->error = X509_V_ERR_OUT_OF_MEM; goto end; } @@ -205,7 +205,7 @@ // If asked see if we can find issuer in trusted store first if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) { X509 *issuer = get_trusted_issuer(ctx, x); - if (issuer != NULL) { + if (issuer != nullptr) { // Free the certificate. It will be picked up again later. X509_free(issuer); break; @@ -213,9 +213,9 @@ } // If we were passed a cert chain, use it first - if (sktmp != NULL) { + if (sktmp != nullptr) { X509 *issuer = find_issuer(ctx, sktmp, x); - if (issuer != NULL) { + if (issuer != nullptr) { if (!sk_X509_push(ctx->chain, issuer)) { ctx->error = X509_V_ERR_OUT_OF_MEM; goto end; @@ -256,7 +256,7 @@ // find it in the store. We must have an exact match to avoid // possible impersonation. X509 *issuer = get_trusted_issuer(ctx, x); - if (issuer == NULL || X509_cmp(x, issuer) != 0) { + if (issuer == nullptr || X509_cmp(x, issuer) != 0) { X509_free(issuer); ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; ctx->current_cert = x; @@ -299,7 +299,7 @@ break; } X509 *issuer = get_trusted_issuer(ctx, x); - if (issuer == NULL) { + if (issuer == nullptr) { break; } x = issuer; @@ -330,7 +330,7 @@ X509 *issuer = get_trusted_issuer(ctx, sk_X509_value(ctx->chain, j - 1)); // Check if we found an alternate chain - if (issuer != NULL) { + if (issuer != nullptr) { // Free up the found cert we'll add it again later X509_free(issuer); @@ -352,7 +352,7 @@ // self signed certificate in which case we've indicated an error already // and set bad_chain == 1 if (trust != X509_TRUST_TRUSTED && !bad_chain) { - if (chain_ss == NULL || + if (chain_ss == nullptr || !x509_check_issued_with_callback(ctx, x, chain_ss)) { if (ctx->last_untrusted >= num) { ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; @@ -369,7 +369,7 @@ ctx->last_untrusted = num; ctx->current_cert = chain_ss; ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; - chain_ss = NULL; + chain_ss = nullptr; } ctx->error_depth = num - 1; @@ -418,7 +418,7 @@ return issuer; } } - return NULL; + return nullptr; } // Given a possible certificate and issuer check them @@ -442,17 +442,17 @@ static X509 *get_trusted_issuer(X509_STORE_CTX *ctx, X509 *x) { X509 *issuer; - if (ctx->trusted_stack != NULL) { + if (ctx->trusted_stack != nullptr) { // Ignore the store and use the configured stack instead. issuer = find_issuer(ctx, ctx->trusted_stack, x); - if (issuer != NULL) { + if (issuer != nullptr) { X509_up_ref(issuer); } return issuer; } if (!X509_STORE_CTX_get1_issuer(&issuer, ctx, x)) { - return NULL; + return nullptr; } return issuer; } @@ -589,7 +589,7 @@ // worse. A decorative common-name misidentified as a DNS name would fail // the name constraint anyway. X509 *leaf = sk_X509_value(ctx->chain, 0); - if (has_name_constraints && leaf->altname == NULL) { + if (has_name_constraints && leaf->altname == nullptr) { rv = reject_dns_name_in_common_name(leaf); switch (rv) { case X509_V_OK: @@ -625,7 +625,7 @@ for (i = 0; i < n; ++i) { name = sk_OPENSSL_STRING_value(param->hosts, i); - if (X509_check_host(x, name, strlen(name), param->hostflags, NULL) > 0) { + if (X509_check_host(x, name, strlen(name), param->hostflags, nullptr) > 0) { return 1; } } @@ -659,7 +659,7 @@ } static int check_trust(X509_STORE_CTX *ctx) { - X509 *x = NULL; + X509 *x = nullptr; // Check all trusted certificates in chain for (size_t i = ctx->last_untrusted; i < sk_X509_num(ctx->chain); i++) { x = sk_X509_value(ctx->chain, i); @@ -721,11 +721,11 @@ } static int check_cert(X509_STORE_CTX *ctx) { - X509_CRL *crl = NULL; + X509_CRL *crl = nullptr; int ok = 0, cnum = ctx->error_depth; X509 *x = sk_X509_value(ctx->chain, cnum); ctx->current_cert = x; - ctx->current_crl_issuer = NULL; + ctx->current_crl_issuer = nullptr; ctx->current_crl_score = 0; // Try to retrieve the relevant CRL. Note that |get_crl| sets @@ -751,7 +751,7 @@ err: X509_CRL_free(crl); - ctx->current_crl = NULL; + ctx->current_crl = nullptr; return ok; } @@ -768,7 +768,7 @@ if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) { ptime = ctx->param->check_time; } else { - ptime = time(NULL); + ptime = time(nullptr); } int i = X509_cmp_time_posix(X509_CRL_get0_lastUpdate(crl), ptime); @@ -816,7 +816,7 @@ } if (notify) { - ctx->current_crl = NULL; + ctx->current_crl = nullptr; } return 1; @@ -826,8 +826,8 @@ int *pscore, STACK_OF(X509_CRL) *crls) { int crl_score, best_score = *pscore; X509 *x = ctx->current_cert; - X509_CRL *best_crl = NULL; - X509 *crl_issuer = NULL, *best_crl_issuer = NULL; + X509_CRL *best_crl = nullptr; + X509 *crl_issuer = nullptr, *best_crl_issuer = nullptr; for (size_t i = 0; i < sk_X509_CRL_num(crls); i++) { X509_CRL *crl = sk_X509_CRL_value(crls, i); @@ -836,7 +836,7 @@ continue; } // If current CRL is equivalent use it if it is newer - if (crl_score == best_score && best_crl != NULL) { + if (crl_score == best_score && best_crl != nullptr) { int day, sec; if (ASN1_TIME_diff(&day, &sec, X509_CRL_get0_lastUpdate(best_crl), X509_CRL_get0_lastUpdate(crl)) == 0) { @@ -918,7 +918,7 @@ static int crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer, int *pcrl_score) { - X509 *crl_issuer = NULL; + X509 *crl_issuer = nullptr; X509_NAME *cnm = X509_CRL_get_issuer(crl); int cidx = ctx->error_depth; @@ -954,8 +954,8 @@ // relative. Compare X509_NAME to GENERAL_NAMES. 3. Both are full names and // compare two GENERAL_NAMES. 4. One is NULL: automatic match. static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b) { - X509_NAME *nm = NULL; - GENERAL_NAMES *gens = NULL; + X509_NAME *nm = nullptr; + GENERAL_NAMES *gens = nullptr; GENERAL_NAME *gena, *genb; size_t i, j; if (!a || !b) { @@ -1042,7 +1042,7 @@ // // We also do not support indirect CRLs, and a CRL issuer can only match // indirect CRLs (RFC 5280, section 6.3.3, step b.1). - if (dp->reasons != NULL || dp->CRLissuer != NULL) { + if (dp->reasons != nullptr || dp->CRLissuer != nullptr) { continue; } // At this point we have already checked that the CRL issuer matches @@ -1064,10 +1064,10 @@ // Retrieve CRL corresponding to current certificate. static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) { - X509 *issuer = NULL; + X509 *issuer = nullptr; int crl_score = 0; - X509_CRL *crl = NULL; - STACK_OF(X509_CRL) *skcrl = NULL; + X509_CRL *crl = nullptr; + STACK_OF(X509_CRL) *skcrl = nullptr; if (get_crl_sk(ctx, &crl, &issuer, &crl_score, ctx->crls)) { goto done; } @@ -1098,7 +1098,7 @@ // Check CRL validity static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) { - X509 *issuer = NULL; + X509 *issuer = nullptr; int cnum = ctx->error_depth; int chnum = (int)sk_X509_num(ctx->chain) - 1; // If we have an alternative CRL issuer cert use that. Otherwise, it is the @@ -1195,7 +1195,7 @@ } static int check_policy(X509_STORE_CTX *ctx) { - X509 *current_cert = NULL; + X509 *current_cert = nullptr; int ret = X509_policy_check(ctx->chain, ctx->param->policies, ctx->param->flags, ¤t_cert); if (ret != X509_V_OK) { @@ -1219,7 +1219,7 @@ if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) { ptime = ctx->param->check_time; } else { - ptime = time(NULL); + ptime = time(nullptr); } int i = X509_cmp_time_posix(X509_get_notBefore(x), ptime); @@ -1299,7 +1299,7 @@ // time. if (xs != xi || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE)) { EVP_PKEY *pkey = X509_get0_pubkey(xi); - if (pkey == NULL) { + if (pkey == nullptr) { ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; ctx->current_cert = xi; if (!call_verify_cb(0, ctx)) { @@ -1336,11 +1336,11 @@ } int X509_cmp_current_time(const ASN1_TIME *ctm) { - return X509_cmp_time_posix(ctm, time(NULL)); + return X509_cmp_time_posix(ctm, time(nullptr)); } int X509_cmp_time(const ASN1_TIME *ctm, const time_t *cmp_time) { - int64_t compare_time = (cmp_time == NULL) ? time(NULL) : *cmp_time; + int64_t compare_time = (cmp_time == nullptr) ? time(nullptr) : *cmp_time; return X509_cmp_time_posix(ctm, compare_time); } @@ -1354,7 +1354,7 @@ } ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long offset_sec) { - return X509_time_adj(s, offset_sec, NULL); + return X509_time_adj(s, offset_sec, nullptr); } ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, const time_t *in_tm) { @@ -1368,7 +1368,7 @@ if (in_tm) { t = *in_tm; } else { - t = time(NULL); + t = time(nullptr); } return ASN1_TIME_adj(s, t, offset_day, offset_sec); @@ -1413,7 +1413,7 @@ STACK_OF(X509) *X509_STORE_CTX_get1_chain(const X509_STORE_CTX *ctx) { if (!ctx->chain) { - return NULL; + return nullptr; } return X509_chain_up_ref(ctx->chain); } @@ -1426,7 +1426,7 @@ // In OpenSSL, an |X509_STORE_CTX| sometimes has a parent context during CRL // path validation for indirect CRLs. We require the CRL to be issued // somewhere along the certificate path, so this is always NULL. - return NULL; + return nullptr; } void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) { @@ -1448,7 +1448,7 @@ } const X509_PURPOSE *pobj = X509_PURPOSE_get0(purpose); - if (pobj == NULL) { + if (pobj == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_PURPOSE_ID); return 0; } @@ -1487,7 +1487,7 @@ } void X509_STORE_CTX_free(X509_STORE_CTX *ctx) { - if (ctx == NULL) { + if (ctx == nullptr) { return; } X509_STORE_CTX_cleanup(ctx); @@ -1504,7 +1504,7 @@ CRYPTO_new_ex_data(&ctx->ex_data); - if (store == NULL) { + if (store == nullptr) { OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); goto err; }
diff --git a/crypto/x509/x509_vpm.cc b/crypto/x509/x509_vpm.cc index 5a113fb..83509ef 100644 --- a/crypto/x509/x509_vpm.cc +++ b/crypto/x509/x509_vpm.cc
@@ -34,7 +34,7 @@ const char *name, size_t namelen) { char *copy; - if (name == NULL || namelen == 0) { + if (name == nullptr || namelen == 0) { // Unlike OpenSSL, we reject trying to set or add an empty name. return 0; } @@ -47,16 +47,16 @@ if (mode == SET_HOST && param->hosts) { sk_OPENSSL_STRING_pop_free(param->hosts, str_free); - param->hosts = NULL; + param->hosts = nullptr; } copy = OPENSSL_strndup(name, namelen); - if (copy == NULL) { + if (copy == nullptr) { return 0; } - if (param->hosts == NULL && - (param->hosts = sk_OPENSSL_STRING_new_null()) == NULL) { + if (param->hosts == nullptr && + (param->hosts = sk_OPENSSL_STRING_new_null()) == nullptr) { OPENSSL_free(copy); return 0; } @@ -65,7 +65,7 @@ OPENSSL_free(copy); if (sk_OPENSSL_STRING_num(param->hosts) == 0) { sk_OPENSSL_STRING_free(param->hosts); - param->hosts = NULL; + param->hosts = nullptr; } return 0; } @@ -77,14 +77,14 @@ X509_VERIFY_PARAM *param = reinterpret_cast<X509_VERIFY_PARAM *>( OPENSSL_zalloc(sizeof(X509_VERIFY_PARAM))); if (!param) { - return NULL; + return nullptr; } param->depth = -1; return param; } void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param) { - if (param == NULL) { + if (param == nullptr) { return; } sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); @@ -117,7 +117,7 @@ static int x509_verify_param_copy(X509_VERIFY_PARAM *dest, const X509_VERIFY_PARAM *src, int prefer_src) { - if (src == NULL) { + if (src == nullptr) { return 1; } @@ -135,19 +135,20 @@ dest->flags |= src->flags; - if (should_copy(dest->policies != NULL, src->policies != NULL, prefer_src)) { + if (should_copy(dest->policies != nullptr, src->policies != nullptr, + prefer_src)) { if (!X509_VERIFY_PARAM_set1_policies(dest, src->policies)) { return 0; } } - if (should_copy(dest->hosts != NULL, src->hosts != NULL, prefer_src)) { + if (should_copy(dest->hosts != nullptr, src->hosts != nullptr, prefer_src)) { sk_OPENSSL_STRING_pop_free(dest->hosts, str_free); - dest->hosts = NULL; + dest->hosts = nullptr; if (src->hosts) { dest->hosts = sk_OPENSSL_STRING_deep_copy(src->hosts, OPENSSL_strdup, str_free); - if (dest->hosts == NULL) { + if (dest->hosts == nullptr) { return 0; } // Copy the host flags if and only if we're copying the host list. Note @@ -158,13 +159,13 @@ } } - if (should_copy(dest->email != NULL, src->email != NULL, prefer_src)) { + if (should_copy(dest->email != nullptr, src->email != nullptr, prefer_src)) { if (!X509_VERIFY_PARAM_set1_email(dest, src->email, src->emaillen)) { return 0; } } - if (should_copy(dest->ip != NULL, src->ip != NULL, prefer_src)) { + if (should_copy(dest->ip != nullptr, src->ip != nullptr, prefer_src)) { if (!X509_VERIFY_PARAM_set1_ip(dest, src->ip, src->iplen)) { return 0; } @@ -191,7 +192,7 @@ static int int_x509_param_set1(char **pdest, size_t *pdestlen, const char *src, size_t srclen) { void *tmp; - if (src == NULL || srclen == 0) { + if (src == nullptr || srclen == 0) { // Unlike OpenSSL, we do not allow an empty string to disable previously // configured checks. return 0; @@ -228,7 +229,7 @@ } int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose) { - if (X509_PURPOSE_get0(purpose) == NULL) { + if (X509_PURPOSE_get0(purpose) == nullptr) { OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PURPOSE); return 0; } @@ -281,7 +282,7 @@ sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free); if (!policies) { - param->policies = NULL; + param->policies = nullptr; return 1; } @@ -319,7 +320,7 @@ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param, const char *email, size_t emaillen) { - if (OPENSSL_memchr(email, '\0', emaillen) != NULL || + if (OPENSSL_memchr(email, '\0', emaillen) != nullptr || !int_x509_param_set1(¶m->email, ¶m->emaillen, email, emaillen)) { param->poison = 1; return 0; @@ -436,5 +437,5 @@ if (strcmp(name, "ssl_server") == 0) { return &kSSLServerParam; } - return NULL; + return nullptr; }
diff --git a/crypto/x509/x509cset.cc b/crypto/x509/x509cset.cc index 3ef23d3..a6d686b 100644 --- a/crypto/x509/x509cset.cc +++ b/crypto/x509/x509cset.cc
@@ -22,7 +22,7 @@ #include "internal.h" int X509_CRL_set_version(X509_CRL *x, long version) { - if (x == NULL) { + if (x == nullptr) { return 0; } @@ -34,13 +34,13 @@ // v1(0) is default and is represented by omitting the version. if (version == X509_CRL_VERSION_1) { ASN1_INTEGER_free(x->crl->version); - x->crl->version = NULL; + x->crl->version = nullptr; return 1; } - if (x->crl->version == NULL) { + if (x->crl->version == nullptr) { x->crl->version = ASN1_INTEGER_new(); - if (x->crl->version == NULL) { + if (x->crl->version == nullptr) { return 0; } } @@ -48,7 +48,7 @@ } int X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name) { - if ((x == NULL) || (x->crl == NULL)) { + if ((x == nullptr) || (x->crl == nullptr)) { return 0; } return (X509_NAME_set(&x->crl->issuer, name)); @@ -57,35 +57,35 @@ int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm) { ASN1_TIME *in; - if (x == NULL) { + if (x == nullptr) { return 0; } in = x->crl->lastUpdate; if (in != tm) { in = ASN1_STRING_dup(tm); - if (in != NULL) { + if (in != nullptr) { ASN1_TIME_free(x->crl->lastUpdate); x->crl->lastUpdate = in; } } - return in != NULL; + return in != nullptr; } int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) { ASN1_TIME *in; - if (x == NULL) { + if (x == nullptr) { return 0; } in = x->crl->nextUpdate; if (in != tm) { in = ASN1_STRING_dup(tm); - if (in != NULL) { + if (in != nullptr) { ASN1_TIME_free(x->crl->nextUpdate); x->crl->nextUpdate = in; } } - return in != NULL; + return in != nullptr; } int X509_CRL_sort(X509_CRL *c) { @@ -132,10 +132,10 @@ void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, const X509_ALGOR **palg) { - if (psig != NULL) { + if (psig != nullptr) { *psig = crl->signature; } - if (palg != NULL) { + if (palg != nullptr) { *palg = crl->sig_alg; } } @@ -152,18 +152,18 @@ const ASN1_TIME *tm) { ASN1_TIME *in; - if (revoked == NULL) { + if (revoked == nullptr) { return 0; } in = revoked->revocationDate; if (in != tm) { in = ASN1_STRING_dup(tm); - if (in != NULL) { + if (in != nullptr) { ASN1_TIME_free(revoked->revocationDate); revoked->revocationDate = in; } } - return in != NULL; + return in != nullptr; } const ASN1_INTEGER *X509_REVOKED_get0_serialNumber( @@ -180,18 +180,18 @@ return 0; } - if (revoked == NULL) { + if (revoked == nullptr) { return 0; } in = revoked->serialNumber; if (in != serial) { in = ASN1_INTEGER_dup(serial); - if (in != NULL) { + if (in != nullptr) { ASN1_INTEGER_free(revoked->serialNumber); revoked->serialNumber = in; } } - return in != NULL; + return in != nullptr; } const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
diff --git a/crypto/x509/x509name.cc b/crypto/x509/x509name.cc index 72c8883..0c24246 100644 --- a/crypto/x509/x509name.cc +++ b/crypto/x509/x509name.cc
@@ -31,7 +31,7 @@ const ASN1_OBJECT *obj; obj = OBJ_nid2obj(nid); - if (obj == NULL) { + if (obj == nullptr) { return -1; } return (X509_NAME_get_text_by_OBJ(name, obj, buf, len)); @@ -45,7 +45,7 @@ } const ASN1_STRING *data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i)); - unsigned char *text = NULL; + unsigned char *text = nullptr; int ret = -1; int text_len = ASN1_STRING_to_UTF8(&text, data); // Fail if we could not encode as UTF-8. @@ -60,7 +60,7 @@ goto out; } // We still support the "pass NULL to find out how much" API - if (buf != NULL) { + if (buf != nullptr) { if (text_len >= len || len <= 0 || !CBS_copy_bytes(&cbs, (uint8_t *)buf, text_len)) { goto out; @@ -76,7 +76,7 @@ } int X509_NAME_entry_count(const X509_NAME *name) { - if (name == NULL) { + if (name == nullptr) { return 0; } return (int)sk_X509_NAME_ENTRY_num(name->entries); @@ -86,7 +86,7 @@ const ASN1_OBJECT *obj; obj = OBJ_nid2obj(nid); - if (obj == NULL) { + if (obj == nullptr) { return -2; } return X509_NAME_get_index_by_OBJ(name, obj, lastpos); @@ -95,7 +95,7 @@ // NOTE: you should be passsing -1, not 0 as lastpos int X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj, int lastpos) { - if (name == NULL) { + if (name == nullptr) { return -1; } if (lastpos < 0) { @@ -113,18 +113,18 @@ } X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc) { - if (name == NULL || loc < 0 || + if (name == nullptr || loc < 0 || sk_X509_NAME_ENTRY_num(name->entries) <= (size_t)loc) { - return NULL; + return nullptr; } else { return (sk_X509_NAME_ENTRY_value(name->entries, loc)); } } X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc) { - if (name == NULL || loc < 0 || + if (name == nullptr || loc < 0 || sk_X509_NAME_ENTRY_num(name->entries) <= (size_t)loc) { - return NULL; + return nullptr; } STACK_OF(X509_NAME_ENTRY) *sk = name->entries; @@ -157,7 +157,7 @@ int type, const unsigned char *bytes, ossl_ssize_t len, int loc, int set) { X509_NAME_ENTRY *ne = - X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len); + X509_NAME_ENTRY_create_by_OBJ(nullptr, obj, type, bytes, len); if (!ne) { return 0; } @@ -170,7 +170,7 @@ const unsigned char *bytes, ossl_ssize_t len, int loc, int set) { X509_NAME_ENTRY *ne = - X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len); + X509_NAME_ENTRY_create_by_NID(nullptr, nid, type, bytes, len); if (!ne) { return 0; } @@ -183,7 +183,7 @@ const unsigned char *bytes, ossl_ssize_t len, int loc, int set) { X509_NAME_ENTRY *ne = - X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len); + X509_NAME_ENTRY_create_by_txt(nullptr, field, type, bytes, len); if (!ne) { return 0; } @@ -262,10 +262,10 @@ X509_NAME_ENTRY *nentry; obj = OBJ_txt2obj(field, 0); - if (obj == NULL) { + if (obj == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME); ERR_add_error_data(2, "name=", field); - return NULL; + return nullptr; } nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len); ASN1_OBJECT_free(obj); @@ -277,9 +277,9 @@ const unsigned char *bytes, ossl_ssize_t len) { const ASN1_OBJECT *obj = OBJ_nid2obj(nid); - if (obj == NULL) { + if (obj == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID); - return NULL; + return nullptr; } return X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len); } @@ -290,9 +290,9 @@ ossl_ssize_t len) { X509_NAME_ENTRY *ret; - if ((ne == NULL) || (*ne == NULL)) { - if ((ret = X509_NAME_ENTRY_new()) == NULL) { - return NULL; + if ((ne == nullptr) || (*ne == nullptr)) { + if ((ret = X509_NAME_ENTRY_new()) == nullptr) { + return nullptr; } } else { ret = *ne; @@ -305,30 +305,30 @@ goto err; } - if ((ne != NULL) && (*ne == NULL)) { + if ((ne != nullptr) && (*ne == nullptr)) { *ne = ret; } return ret; err: - if ((ne == NULL) || (ret != *ne)) { + if ((ne == nullptr) || (ret != *ne)) { X509_NAME_ENTRY_free(ret); } - return NULL; + return nullptr; } int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj) { - if ((ne == NULL) || (obj == NULL)) { + if ((ne == nullptr) || (obj == nullptr)) { OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER); return 0; } ASN1_OBJECT_free(ne->object); ne->object = OBJ_dup(obj); - return ((ne->object == NULL) ? 0 : 1); + return ((ne->object == nullptr) ? 0 : 1); } int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, ossl_ssize_t len) { - if ((ne == NULL) || ((bytes == NULL) && (len != 0))) { + if ((ne == nullptr) || ((bytes == nullptr) && (len != 0))) { return 0; } if ((type > 0) && (type & MBSTRING_FLAG)) { @@ -349,15 +349,15 @@ } ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne) { - if (ne == NULL) { - return NULL; + if (ne == nullptr) { + return nullptr; } return ne->object; } ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne) { - if (ne == NULL) { - return NULL; + if (ne == nullptr) { + return nullptr; } // This function is not const-correct for OpenSSL compatibility. return const_cast<ASN1_STRING*>(&ne->value);
diff --git a/crypto/x509/x509rset.cc b/crypto/x509/x509rset.cc index ec7ad8c..15a147f 100644 --- a/crypto/x509/x509rset.cc +++ b/crypto/x509/x509rset.cc
@@ -21,7 +21,7 @@ int X509_REQ_set_version(X509_REQ *x, long version) { - if (x == NULL) { + if (x == nullptr) { return 0; } if (version != X509_REQ_VERSION_1) { @@ -32,14 +32,14 @@ } int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name) { - if ((x == NULL) || (x->req_info == NULL)) { + if ((x == nullptr) || (x->req_info == nullptr)) { return 0; } return (X509_NAME_set(&x->req_info->subject, name)); } int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) { - if ((x == NULL) || (x->req_info == NULL)) { + if ((x == nullptr) || (x->req_info == nullptr)) { return 0; } return (X509_PUBKEY_set(&x->req_info->pubkey, pkey));
diff --git a/crypto/x509/x509spki.cc b/crypto/x509/x509spki.cc index 6649f47..67b0799 100644 --- a/crypto/x509/x509spki.cc +++ b/crypto/x509/x509spki.cc
@@ -20,15 +20,15 @@ #include <openssl/x509.h> int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey) { - if ((x == NULL) || (x->spkac == NULL)) { + if ((x == nullptr) || (x->spkac == nullptr)) { return 0; } return (X509_PUBKEY_set(&(x->spkac->pubkey), pkey)); } EVP_PKEY *NETSCAPE_SPKI_get_pubkey(const NETSCAPE_SPKI *x) { - if ((x == NULL) || (x->spkac == NULL)) { - return NULL; + if ((x == nullptr) || (x->spkac == nullptr)) { + return nullptr; } return (X509_PUBKEY_get(x->spkac->pubkey)); } @@ -45,19 +45,19 @@ } if (!EVP_DecodedLength(&spki_len, len)) { OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); - return NULL; + return nullptr; } if (!(spki_der = reinterpret_cast<uint8_t *>(OPENSSL_malloc(spki_len)))) { - return NULL; + return nullptr; } if (!EVP_DecodeBase64(spki_der, &spki_len, spki_len, (const uint8_t *)str, len)) { OPENSSL_PUT_ERROR(X509, X509_R_BASE64_DECODE_ERROR); OPENSSL_free(spki_der); - return NULL; + return nullptr; } p = spki_der; - spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); + spki = d2i_NETSCAPE_SPKI(nullptr, &p, spki_len); OPENSSL_free(spki_der); return spki; } @@ -69,19 +69,19 @@ char *b64_str; size_t b64_len; int der_len; - der_len = i2d_NETSCAPE_SPKI(spki, NULL); + der_len = i2d_NETSCAPE_SPKI(spki, nullptr); if (!EVP_EncodedLength(&b64_len, der_len)) { OPENSSL_PUT_ERROR(X509, ERR_R_OVERFLOW); - return NULL; + return nullptr; } der_spki = reinterpret_cast<uint8_t *>(OPENSSL_malloc(der_len)); - if (der_spki == NULL) { - return NULL; + if (der_spki == nullptr) { + return nullptr; } b64_str = reinterpret_cast<char *>(OPENSSL_malloc(b64_len)); - if (b64_str == NULL) { + if (b64_str == nullptr) { OPENSSL_free(der_spki); - return NULL; + return nullptr; } p = der_spki; i2d_NETSCAPE_SPKI(spki, &p);
diff --git a/crypto/x509/x_algor.cc b/crypto/x509/x_algor.cc index f807459..6c78dad 100644 --- a/crypto/x509/x_algor.cc +++ b/crypto/x509/x_algor.cc
@@ -149,10 +149,10 @@ return 0; } if (ptype != V_ASN1_UNDEF) { - if (alg->parameter == NULL) { + if (alg->parameter == nullptr) { alg->parameter = ASN1_TYPE_new(); } - if (alg->parameter == NULL) { + if (alg->parameter == nullptr) { return 0; } } @@ -166,7 +166,7 @@ if (ptype == V_ASN1_UNDEF) { if (alg->parameter) { ASN1_TYPE_free(alg->parameter); - alg->parameter = NULL; + alg->parameter = nullptr; } } else { ASN1_TYPE_set(alg->parameter, ptype, pval); @@ -176,18 +176,18 @@ void X509_ALGOR_get0(const ASN1_OBJECT **out_obj, int *out_param_type, const void **out_param_value, const X509_ALGOR *alg) { - if (out_obj != NULL) { + if (out_obj != nullptr) { *out_obj = alg->algorithm; } - if (out_param_type != NULL) { + if (out_param_type != nullptr) { int type = V_ASN1_UNDEF; - const void *value = NULL; - if (alg->parameter != NULL) { + const void *value = nullptr; + if (alg->parameter != nullptr) { type = alg->parameter->type; value = asn1_type_value_as_pointer(alg->parameter); } *out_param_type = type; - if (out_param_value != NULL) { + if (out_param_value != nullptr) { *out_param_value = value; } } @@ -204,7 +204,8 @@ param_type = V_ASN1_NULL; } - return X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL); + return X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, + nullptr); } // X509_ALGOR_cmp returns 0 if |a| and |b| are equal and non-zero otherwise.
diff --git a/crypto/x509/x_all.cc b/crypto/x509/x_all.cc index dbc8612..064487b 100644 --- a/crypto/x509/x_all.cc +++ b/crypto/x509/x_all.cc
@@ -85,13 +85,13 @@ int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) { asn1_encoding_clear(&x->req_info->enc); - return ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), x->sig_alg, NULL, + return ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), x->sig_alg, nullptr, x->signature, x->req_info, pkey, md); } int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx) { asn1_encoding_clear(&x->req_info->enc); - return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), x->sig_alg, NULL, + return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO), x->sig_alg, nullptr, x->signature, x->req_info, ctx); } @@ -108,7 +108,7 @@ } int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) { - return ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, NULL, + return ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, nullptr, x->signature, x->spkac, pkey, md); } @@ -256,18 +256,18 @@ if (!key) { return 0; } - return EVP_Digest(key->data, key->length, md, len, type, NULL); + return EVP_Digest(key->data, key->length, md, len, type, nullptr); } int X509_digest(const X509 *x509, const EVP_MD *md, uint8_t *out, unsigned *out_len) { - uint8_t *der = NULL; + uint8_t *der = nullptr; int der_len = i2d_X509(x509, &der); if (der_len < 0) { return 0; } - int ret = EVP_Digest(der, der_len, out, out_len, md, NULL); + int ret = EVP_Digest(der, der_len, out, out_len, md, nullptr); OPENSSL_free(der); return ret; }
diff --git a/crypto/x509/x_attrib.cc b/crypto/x509/x_attrib.cc index 20ab3b0..f030cf7 100644 --- a/crypto/x509/x_attrib.cc +++ b/crypto/x509/x_attrib.cc
@@ -30,13 +30,13 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int attrtype, void *value) { ASN1_OBJECT *obj = OBJ_nid2obj(nid); - if (obj == NULL) { - return NULL; + if (obj == nullptr) { + return nullptr; } X509_ATTRIBUTE *ret = X509_ATTRIBUTE_new(); ASN1_TYPE *val = ASN1_TYPE_new(); - if (ret == NULL || val == NULL) { + if (ret == nullptr || val == nullptr) { goto err; } @@ -51,5 +51,5 @@ err: X509_ATTRIBUTE_free(ret); ASN1_TYPE_free(val); - return NULL; + return nullptr; }
diff --git a/crypto/x509/x_crl.cc b/crypto/x509/x_crl.cc index 73a579d..1b78455 100644 --- a/crypto/x509/x_crl.cc +++ b/crypto/x509/x_crl.cc
@@ -94,7 +94,7 @@ int crit; ASN1_ENUMERATED *reason = reinterpret_cast<ASN1_ENUMERATED *>( - X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, &crit, NULL)); + X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, &crit, nullptr)); if (!reason && crit != -1) { crl->flags |= EXFLAG_INVALID; return 1; @@ -129,8 +129,8 @@ switch (operation) { case ASN1_OP_NEW_POST: - crl->idp = NULL; - crl->akid = NULL; + crl->idp = nullptr; + crl->akid = nullptr; crl->flags = 0; crl->idp_flags = 0; break; @@ -138,7 +138,7 @@ case ASN1_OP_D2I_POST: { // The version must be one of v1(0) or v2(1). long version = X509_CRL_VERSION_1; - if (crl->crl->version != NULL) { + if (crl->crl->version != nullptr) { version = ASN1_INTEGER_get(crl->crl->version); // Versions v1 and v2. v1 is DEFAULT, so cannot be encoded explicitly. if (version != X509_CRL_VERSION_2) { @@ -148,7 +148,7 @@ } // Per RFC 5280, section 5.1.2.1, extensions require v2. - if (version != X509_CRL_VERSION_2 && crl->crl->extensions != NULL) { + if (version != X509_CRL_VERSION_2 && crl->crl->extensions != nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_FOR_VERSION); return 0; } @@ -161,13 +161,13 @@ return 0; } - if (!X509_CRL_digest(crl, EVP_sha256(), crl->crl_hash, NULL)) { + if (!X509_CRL_digest(crl, EVP_sha256(), crl->crl_hash, nullptr)) { return 0; } - crl->idp = reinterpret_cast<ISSUING_DIST_POINT *>( - X509_CRL_get_ext_d2i(crl, NID_issuing_distribution_point, &i, NULL)); - if (crl->idp != NULL) { + crl->idp = reinterpret_cast<ISSUING_DIST_POINT *>(X509_CRL_get_ext_d2i( + crl, NID_issuing_distribution_point, &i, nullptr)); + if (crl->idp != nullptr) { if (!setup_idp(crl, crl->idp)) { return 0; } @@ -176,8 +176,8 @@ } crl->akid = reinterpret_cast<AUTHORITY_KEYID *>( - X509_CRL_get_ext_d2i(crl, NID_authority_key_identifier, &i, NULL)); - if (crl->akid == NULL && i != -1) { + X509_CRL_get_ext_d2i(crl, NID_authority_key_identifier, &i, nullptr)); + if (crl->akid == nullptr && i != -1) { return 0; } @@ -300,7 +300,7 @@ int X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret, const ASN1_INTEGER *serial) { - return crl_lookup(crl, ret, serial, NULL); + return crl_lookup(crl, ret, serial, nullptr); } int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x) { @@ -310,7 +310,7 @@ static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, X509_REVOKED *rev) { - return nm == NULL || X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)) == 0; + return nm == nullptr || X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)) == 0; } static CRYPTO_MUTEX g_crl_sort_lock = CRYPTO_MUTEX_INIT;
diff --git a/crypto/x509/x_name.cc b/crypto/x509/x_name.cc index 13f4965..ac0c7b7 100644 --- a/crypto/x509/x_name.cc +++ b/crypto/x509/x_name.cc
@@ -229,14 +229,14 @@ !x509_marshal_name_entries(&seq, name, /*canonicalize=*/0) || !CBB_finish(cbb.get(), &new_cache->der, &new_cache->der_len)) { x509_name_cache_free(new_cache); - return 0; + return nullptr; } // Cache the canonicalized form, without the outer TLV. if (!CBB_init(cbb.get(), 16) || !x509_marshal_name_entries(cbb.get(), name, /*canonicalize=*/1) || !CBB_finish(cbb.get(), &new_cache->canon, &new_cache->canon_len)) { x509_name_cache_free(new_cache); - return 0; + return nullptr; } X509_NAME_CACHE *expected = nullptr;
diff --git a/crypto/x509/x_pubkey.cc b/crypto/x509/x_pubkey.cc index 3d2ad4a..2004624 100644 --- a/crypto/x509/x_pubkey.cc +++ b/crypto/x509/x_pubkey.cc
@@ -160,13 +160,13 @@ } EVP_PKEY *X509_PUBKEY_get0(const X509_PUBKEY *key) { - if (key == NULL) { - return NULL; + if (key == nullptr) { + return nullptr; } - if (key->pkey == NULL) { + if (key->pkey == nullptr) { OPENSSL_PUT_ERROR(X509, X509_R_PUBLIC_KEY_DECODE_ERROR); - return NULL; + return nullptr; } return key->pkey; @@ -174,7 +174,7 @@ EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key) { EVP_PKEY *pkey = X509_PUBKEY_get0(key); - if (pkey != NULL) { + if (pkey != nullptr) { EVP_PKEY_up_ref(pkey); } return pkey; @@ -198,14 +198,14 @@ int X509_PUBKEY_get0_param(ASN1_OBJECT **out_obj, const uint8_t **out_key, int *out_key_len, X509_ALGOR **out_alg, X509_PUBKEY *pub) { - if (out_obj != NULL) { + if (out_obj != nullptr) { *out_obj = pub->algor.algorithm; } - if (out_key != NULL) { + if (out_key != nullptr) { *out_key = pub->public_key.data; *out_key_len = pub->public_key.length; } - if (out_alg != NULL) { + if (out_alg != nullptr) { *out_alg = &pub->algor; } return 1;
diff --git a/crypto/x509/x_sig.cc b/crypto/x509/x_sig.cc index e64c014..c361c63 100644 --- a/crypto/x509/x_sig.cc +++ b/crypto/x509/x_sig.cc
@@ -32,20 +32,20 @@ void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **out_alg, const ASN1_OCTET_STRING **out_digest) { - if (out_alg != NULL) { + if (out_alg != nullptr) { *out_alg = sig->algor; } - if (out_digest != NULL) { + if (out_digest != nullptr) { *out_digest = sig->digest; } } void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **out_alg, ASN1_OCTET_STRING **out_digest) { - if (out_alg != NULL) { + if (out_alg != nullptr) { *out_alg = sig->algor; } - if (out_digest != NULL) { + if (out_digest != nullptr) { *out_digest = sig->digest; } }
diff --git a/crypto/x509/x_x509.cc b/crypto/x509/x_x509.cc index bf5ac24..bf2d594 100644 --- a/crypto/x509/x_x509.cc +++ b/crypto/x509/x_x509.cc
@@ -65,7 +65,8 @@ } void X509_free(X509 *x509) { - if (x509 == NULL || !CRYPTO_refcount_dec_and_test_zero(&x509->references)) { + if (x509 == nullptr || + !CRYPTO_refcount_dec_and_test_zero(&x509->references)) { return; } @@ -296,7 +297,7 @@ } int i2d_X509(const X509 *x509, uint8_t **outp) { - if (x509 == NULL) { + if (x509 == nullptr) { OPENSSL_PUT_ERROR(ASN1, ASN1_R_MISSING_VALUE); return -1; } @@ -308,12 +309,12 @@ static int x509_new_cb(ASN1_VALUE **pval, const ASN1_ITEM *it) { *pval = (ASN1_VALUE *)X509_new(); - return *pval != NULL; + return *pval != nullptr; } static void x509_free_cb(ASN1_VALUE **pval, const ASN1_ITEM *it) { X509_free((X509 *)*pval); - *pval = NULL; + *pval = nullptr; } static int x509_parse_cb(ASN1_VALUE **pval, CBS *cbs, const ASN1_ITEM *it, @@ -342,14 +343,14 @@ IMPLEMENT_EXTERN_ASN1(X509, x509_extern_funcs) X509 *X509_dup(const X509 *x509) { - uint8_t *der = NULL; + uint8_t *der = nullptr; int len = i2d_X509(x509, &der); if (len < 0) { - return NULL; + return nullptr; } const uint8_t *inp = der; - X509 *ret = d2i_X509(NULL, &inp, len); + X509 *ret = d2i_X509(nullptr, &inp, len); OPENSSL_free(der); return ret; } @@ -383,13 +384,13 @@ X509 *ret; int freeret = 0; - if (!a || *a == NULL) { + if (!a || *a == nullptr) { freeret = 1; } ret = d2i_X509(a, &q, length); // If certificate unreadable then forget it if (!ret) { - return NULL; + return nullptr; } // update length length -= q - *pp; @@ -403,10 +404,10 @@ if (freeret) { X509_free(ret); if (a) { - *a = NULL; + *a = nullptr; } } - return NULL; + return nullptr; } // Serialize trusted certificate to *pp or just return the required buffer @@ -415,22 +416,22 @@ // Here we avoid compounding the problem. static int i2d_x509_aux_internal(const X509 *a, unsigned char **pp) { int length, tmplen; - unsigned char *start = pp != NULL ? *pp : NULL; + unsigned char *start = pp != nullptr ? *pp : nullptr; - assert(pp == NULL || *pp != NULL); + assert(pp == nullptr || *pp != nullptr); // This might perturb *pp on error, but fixing that belongs in i2d_X509() // not here. It should be that if a == NULL length is zero, but we check // both just in case. length = i2d_X509(a, pp); - if (length <= 0 || a == NULL) { + if (length <= 0 || a == nullptr) { return length; } - if (a->aux != NULL) { + if (a->aux != nullptr) { tmplen = i2d_X509_CERT_AUX(a->aux, pp); if (tmplen < 0) { - if (start != NULL) { + if (start != nullptr) { *pp = start; } return tmplen; @@ -453,18 +454,18 @@ unsigned char *tmp; // Buffer provided by caller - if (pp == NULL || *pp != NULL) { + if (pp == nullptr || *pp != nullptr) { return i2d_x509_aux_internal(a, pp); } // Obtain the combined length - if ((length = i2d_x509_aux_internal(a, NULL)) <= 0) { + if ((length = i2d_x509_aux_internal(a, nullptr)) <= 0) { return length; } // Allocate requisite combined storage *pp = tmp = reinterpret_cast<uint8_t *>(OPENSSL_malloc(length)); - if (tmp == NULL) { + if (tmp == nullptr) { return -1; // Push error onto error stack? } @@ -472,7 +473,7 @@ length = i2d_x509_aux_internal(a, &tmp); if (length <= 0) { OPENSSL_free(*pp); - *pp = NULL; + *pp = nullptr; } return length; }
diff --git a/crypto/x509/x_x509a.cc b/crypto/x509/x_x509a.cc index 9318d43..e78e6fe 100644 --- a/crypto/x509/x_x509a.cc +++ b/crypto/x509/x_x509a.cc
@@ -40,10 +40,10 @@ static X509_CERT_AUX *aux_get(X509 *x) { if (!x) { - return NULL; + return nullptr; } if (!x->aux && !(x->aux = X509_CERT_AUX_new())) { - return NULL; + return nullptr; } return x->aux; } @@ -58,7 +58,7 @@ return 1; } ASN1_UTF8STRING_free(x->aux->alias); - x->aux->alias = NULL; + x->aux->alias = nullptr; return 1; } if (!(aux = aux_get(x))) { @@ -80,7 +80,7 @@ return 1; } ASN1_OCTET_STRING_free(x->aux->keyid); - x->aux->keyid = NULL; + x->aux->keyid = nullptr; return 1; } if (!(aux = aux_get(x))) { @@ -93,19 +93,19 @@ } const uint8_t *X509_alias_get0(const X509 *x, int *out_len) { - const ASN1_UTF8STRING *alias = x->aux != NULL ? x->aux->alias : NULL; - if (out_len != NULL) { - *out_len = alias != NULL ? alias->length : 0; + const ASN1_UTF8STRING *alias = x->aux != nullptr ? x->aux->alias : nullptr; + if (out_len != nullptr) { + *out_len = alias != nullptr ? alias->length : 0; } - return alias != NULL ? alias->data : NULL; + return alias != nullptr ? alias->data : nullptr; } const uint8_t *X509_keyid_get0(const X509 *x, int *out_len) { - const ASN1_OCTET_STRING *keyid = x->aux != NULL ? x->aux->keyid : NULL; - if (out_len != NULL) { - *out_len = keyid != NULL ? keyid->length : 0; + const ASN1_OCTET_STRING *keyid = x->aux != nullptr ? x->aux->keyid : nullptr; + if (out_len != nullptr) { + *out_len = keyid != nullptr ? keyid->length : 0; } - return keyid != NULL ? keyid->data : NULL; + return keyid != nullptr ? keyid->data : nullptr; } int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj) { @@ -141,13 +141,13 @@ void X509_trust_clear(X509 *x) { if (x->aux && x->aux->trust) { sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); - x->aux->trust = NULL; + x->aux->trust = nullptr; } } void X509_reject_clear(X509 *x) { if (x->aux && x->aux->reject) { sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free); - x->aux->reject = NULL; + x->aux->reject = nullptr; } }
diff --git a/decrepit/bio/base64_bio.cc b/decrepit/bio/base64_bio.cc index 3ece828..4be8d49 100644 --- a/decrepit/bio/base64_bio.cc +++ b/decrepit/bio/base64_bio.cc
@@ -50,7 +50,7 @@ static int b64_new(BIO *bio) { BIO_B64_CTX *ctx = reinterpret_cast<BIO_B64_CTX *>(OPENSSL_zalloc(sizeof(*ctx))); - if (ctx == NULL) { + if (ctx == nullptr) { return 0; } @@ -63,11 +63,11 @@ } static int b64_free(BIO *bio) { - if (bio == NULL) { + if (bio == nullptr) { return 0; } OPENSSL_free(bio->ptr); - bio->ptr = NULL; + bio->ptr = nullptr; bio->init = 0; bio->flags = 0; return 1; @@ -78,12 +78,12 @@ BIO_B64_CTX *ctx; uint8_t *p, *q; - if (out == NULL) { + if (out == nullptr) { return 0; } ctx = (BIO_B64_CTX *)b->ptr; - if (ctx == NULL || b->next_bio == NULL) { + if (ctx == nullptr || b->next_bio == nullptr) { return 0; } @@ -310,7 +310,7 @@ ctx->buf_off = 0; ctx->buf_len = 0; - if (in == NULL || inl <= 0) { + if (in == nullptr || inl <= 0) { return 0; } @@ -430,7 +430,7 @@ // do a final write again: while (ctx->buf_len != ctx->buf_off) { - i = b64_write(b, NULL, 0); + i = b64_write(b, nullptr, 0); if (i < 0) { return i; } @@ -470,7 +470,7 @@ } static long b64_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) { - if (b->next_bio == NULL) { + if (b->next_bio == nullptr) { return 0; } return BIO_callback_ctrl(b->next_bio, cmd, fp);
diff --git a/decrepit/evp/evp_do_all.cc b/decrepit/evp/evp_do_all.cc index e04b80c..feaf17c 100644 --- a/decrepit/evp/evp_do_all.cc +++ b/decrepit/evp/evp_do_all.cc
@@ -19,75 +19,75 @@ const char *name, const char *unused, void *arg), void *arg) { - callback(EVP_aes_128_cbc(), "AES-128-CBC", NULL, arg); - callback(EVP_aes_192_cbc(), "AES-192-CBC", NULL, arg); - callback(EVP_aes_256_cbc(), "AES-256-CBC", NULL, arg); - callback(EVP_aes_128_ctr(), "AES-128-CTR", NULL, arg); - callback(EVP_aes_192_ctr(), "AES-192-CTR", NULL, arg); - callback(EVP_aes_256_ctr(), "AES-256-CTR", NULL, arg); - callback(EVP_aes_128_ecb(), "AES-128-ECB", NULL, arg); - callback(EVP_aes_192_ecb(), "AES-192-ECB", NULL, arg); - callback(EVP_aes_256_ecb(), "AES-256-ECB", NULL, arg); - callback(EVP_aes_128_ofb(), "AES-128-OFB", NULL, arg); - callback(EVP_aes_192_ofb(), "AES-192-OFB", NULL, arg); - callback(EVP_aes_256_ofb(), "AES-256-OFB", NULL, arg); - callback(EVP_aes_128_gcm(), "AES-128-GCM", NULL, arg); - callback(EVP_aes_192_gcm(), "AES-192-GCM", NULL, arg); - callback(EVP_aes_256_gcm(), "AES-256-GCM", NULL, arg); - callback(EVP_des_cbc(), "DES-CBC", NULL, arg); - callback(EVP_des_ecb(), "DES-ECB", NULL, arg); - callback(EVP_des_ede(), "DES-EDE", NULL, arg); - callback(EVP_des_ede_cbc(), "DES-EDE-CBC", NULL, arg); - callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", NULL, arg); - callback(EVP_rc2_cbc(), "RC2-CBC", NULL, arg); - callback(EVP_rc4(), "RC4", NULL, arg); + callback(EVP_aes_128_cbc(), "AES-128-CBC", nullptr, arg); + callback(EVP_aes_192_cbc(), "AES-192-CBC", nullptr, arg); + callback(EVP_aes_256_cbc(), "AES-256-CBC", nullptr, arg); + callback(EVP_aes_128_ctr(), "AES-128-CTR", nullptr, arg); + callback(EVP_aes_192_ctr(), "AES-192-CTR", nullptr, arg); + callback(EVP_aes_256_ctr(), "AES-256-CTR", nullptr, arg); + callback(EVP_aes_128_ecb(), "AES-128-ECB", nullptr, arg); + callback(EVP_aes_192_ecb(), "AES-192-ECB", nullptr, arg); + callback(EVP_aes_256_ecb(), "AES-256-ECB", nullptr, arg); + callback(EVP_aes_128_ofb(), "AES-128-OFB", nullptr, arg); + callback(EVP_aes_192_ofb(), "AES-192-OFB", nullptr, arg); + callback(EVP_aes_256_ofb(), "AES-256-OFB", nullptr, arg); + callback(EVP_aes_128_gcm(), "AES-128-GCM", nullptr, arg); + callback(EVP_aes_192_gcm(), "AES-192-GCM", nullptr, arg); + callback(EVP_aes_256_gcm(), "AES-256-GCM", nullptr, arg); + callback(EVP_des_cbc(), "DES-CBC", nullptr, arg); + callback(EVP_des_ecb(), "DES-ECB", nullptr, arg); + callback(EVP_des_ede(), "DES-EDE", nullptr, arg); + callback(EVP_des_ede_cbc(), "DES-EDE-CBC", nullptr, arg); + callback(EVP_des_ede3_cbc(), "DES-EDE3-CBC", nullptr, arg); + callback(EVP_rc2_cbc(), "RC2-CBC", nullptr, arg); + callback(EVP_rc4(), "RC4", nullptr, arg); // OpenSSL returns everything twice, the second time in lower case. - callback(EVP_aes_128_cbc(), "aes-128-cbc", NULL, arg); - callback(EVP_aes_192_cbc(), "aes-192-cbc", NULL, arg); - callback(EVP_aes_256_cbc(), "aes-256-cbc", NULL, arg); - callback(EVP_aes_128_ctr(), "aes-128-ctr", NULL, arg); - callback(EVP_aes_192_ctr(), "aes-192-ctr", NULL, arg); - callback(EVP_aes_256_ctr(), "aes-256-ctr", NULL, arg); - callback(EVP_aes_128_ecb(), "aes-128-ecb", NULL, arg); - callback(EVP_aes_192_ecb(), "aes-192-ecb", NULL, arg); - callback(EVP_aes_256_ecb(), "aes-256-ecb", NULL, arg); - callback(EVP_aes_128_ofb(), "aes-128-ofb", NULL, arg); - callback(EVP_aes_192_ofb(), "aes-192-ofb", NULL, arg); - callback(EVP_aes_256_ofb(), "aes-256-ofb", NULL, arg); - callback(EVP_aes_128_gcm(), "aes-128-gcm", NULL, arg); - callback(EVP_aes_192_gcm(), "aes-192-gcm", NULL, arg); - callback(EVP_aes_256_gcm(), "aes-256-gcm", NULL, arg); - callback(EVP_des_cbc(), "des-cbc", NULL, arg); - callback(EVP_des_ecb(), "des-ecb", NULL, arg); - callback(EVP_des_ede(), "des-ede", NULL, arg); - callback(EVP_des_ede_cbc(), "des-ede-cbc", NULL, arg); - callback(EVP_des_ede3_cbc(), "des-ede3-cbc", NULL, arg); - callback(EVP_rc2_cbc(), "rc2-cbc", NULL, arg); - callback(EVP_rc4(), "rc4", NULL, arg); + callback(EVP_aes_128_cbc(), "aes-128-cbc", nullptr, arg); + callback(EVP_aes_192_cbc(), "aes-192-cbc", nullptr, arg); + callback(EVP_aes_256_cbc(), "aes-256-cbc", nullptr, arg); + callback(EVP_aes_128_ctr(), "aes-128-ctr", nullptr, arg); + callback(EVP_aes_192_ctr(), "aes-192-ctr", nullptr, arg); + callback(EVP_aes_256_ctr(), "aes-256-ctr", nullptr, arg); + callback(EVP_aes_128_ecb(), "aes-128-ecb", nullptr, arg); + callback(EVP_aes_192_ecb(), "aes-192-ecb", nullptr, arg); + callback(EVP_aes_256_ecb(), "aes-256-ecb", nullptr, arg); + callback(EVP_aes_128_ofb(), "aes-128-ofb", nullptr, arg); + callback(EVP_aes_192_ofb(), "aes-192-ofb", nullptr, arg); + callback(EVP_aes_256_ofb(), "aes-256-ofb", nullptr, arg); + callback(EVP_aes_128_gcm(), "aes-128-gcm", nullptr, arg); + callback(EVP_aes_192_gcm(), "aes-192-gcm", nullptr, arg); + callback(EVP_aes_256_gcm(), "aes-256-gcm", nullptr, arg); + callback(EVP_des_cbc(), "des-cbc", nullptr, arg); + callback(EVP_des_ecb(), "des-ecb", nullptr, arg); + callback(EVP_des_ede(), "des-ede", nullptr, arg); + callback(EVP_des_ede_cbc(), "des-ede-cbc", nullptr, arg); + callback(EVP_des_ede3_cbc(), "des-ede3-cbc", nullptr, arg); + callback(EVP_rc2_cbc(), "rc2-cbc", nullptr, arg); + callback(EVP_rc4(), "rc4", nullptr, arg); } void EVP_MD_do_all_sorted(void (*callback)(const EVP_MD *cipher, const char *name, const char *unused, void *arg), void *arg) { - callback(EVP_md4(), "MD4", NULL, arg); - callback(EVP_md5(), "MD5", NULL, arg); - callback(EVP_sha1(), "SHA1", NULL, arg); - callback(EVP_sha224(), "SHA224", NULL, arg); - callback(EVP_sha256(), "SHA256", NULL, arg); - callback(EVP_sha384(), "SHA384", NULL, arg); - callback(EVP_sha512(), "SHA512", NULL, arg); - callback(EVP_sha512_256(), "SHA512-256", NULL, arg); + callback(EVP_md4(), "MD4", nullptr, arg); + callback(EVP_md5(), "MD5", nullptr, arg); + callback(EVP_sha1(), "SHA1", nullptr, arg); + callback(EVP_sha224(), "SHA224", nullptr, arg); + callback(EVP_sha256(), "SHA256", nullptr, arg); + callback(EVP_sha384(), "SHA384", nullptr, arg); + callback(EVP_sha512(), "SHA512", nullptr, arg); + callback(EVP_sha512_256(), "SHA512-256", nullptr, arg); - callback(EVP_md4(), "md4", NULL, arg); - callback(EVP_md5(), "md5", NULL, arg); - callback(EVP_sha1(), "sha1", NULL, arg); - callback(EVP_sha224(), "sha224", NULL, arg); - callback(EVP_sha256(), "sha256", NULL, arg); - callback(EVP_sha384(), "sha384", NULL, arg); - callback(EVP_sha512(), "sha512", NULL, arg); - callback(EVP_sha512_256(), "sha512-256", NULL, arg); + callback(EVP_md4(), "md4", nullptr, arg); + callback(EVP_md5(), "md5", nullptr, arg); + callback(EVP_sha1(), "sha1", nullptr, arg); + callback(EVP_sha224(), "sha224", nullptr, arg); + callback(EVP_sha256(), "sha256", nullptr, arg); + callback(EVP_sha384(), "sha384", nullptr, arg); + callback(EVP_sha512(), "sha512", nullptr, arg); + callback(EVP_sha512_256(), "sha512-256", nullptr, arg); } void EVP_MD_do_all(void (*callback)(const EVP_MD *cipher, const char *name,
diff --git a/decrepit/ripemd/ripemd.cc b/decrepit/ripemd/ripemd.cc index dbbb2b3..485387f 100644 --- a/decrepit/ripemd/ripemd.cc +++ b/decrepit/ripemd/ripemd.cc
@@ -701,7 +701,7 @@ RIPEMD160_CTX ctx; if (!RIPEMD160_Init(&ctx)) { - return NULL; + return nullptr; } RIPEMD160_Update(&ctx, data, len);
diff --git a/decrepit/rsa/rsa_decrepit.cc b/decrepit/rsa/rsa_decrepit.cc index a1b943f..f4cc431 100644 --- a/decrepit/rsa/rsa_decrepit.cc +++ b/decrepit/rsa/rsa_decrepit.cc
@@ -38,17 +38,17 @@ int RSA_padding_add_PKCS1_PSS(const RSA *rsa, uint8_t *EM, const uint8_t *mHash, const EVP_MD *Hash, int sLen) { - return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen); + return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, nullptr, sLen); } int RSA_verify_PKCS1_PSS(const RSA *rsa, const uint8_t *mHash, const EVP_MD *Hash, const uint8_t *EM, int sLen) { - return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen); + return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, nullptr, EM, sLen); } int RSA_padding_add_PKCS1_OAEP(uint8_t *to, size_t to_len, const uint8_t *from, size_t from_len, const uint8_t *param, size_t param_len) { return RSA_padding_add_PKCS1_OAEP_mgf1(to, to_len, from, from_len, param, - param_len, NULL, NULL); + param_len, nullptr, nullptr); }
diff --git a/decrepit/ssl/ssl_decrepit.cc b/decrepit/ssl/ssl_decrepit.cc index 8a2a9b0..d72ddfe 100644 --- a/decrepit/ssl/ssl_decrepit.cc +++ b/decrepit/ssl/ssl_decrepit.cc
@@ -28,7 +28,7 @@ int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, const char *path) { DIR *dir = opendir(path); - if (dir == NULL) { + if (dir == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); ERR_add_error_data(3, "opendir('", dir, "')"); return 0; @@ -39,7 +39,7 @@ // |readdir| may fail with or without setting |errno|. errno = 0; struct dirent *dirent = readdir(dir); - if (dirent == NULL) { + if (dirent == nullptr) { if (errno) { OPENSSL_PUT_ERROR(SSL, ERR_R_SYS_LIB); ERR_add_error_data(3, "readdir('", path, "')");
diff --git a/decrepit/x509/x509_decrepit.cc b/decrepit/x509/x509_decrepit.cc index 5611d42..eb32629 100644 --- a/decrepit/x509/x509_decrepit.cc +++ b/decrepit/x509/x509_decrepit.cc
@@ -22,6 +22,6 @@ X509_EXTENSION *X509V3_EXT_conf_nid(CRYPTO_MUST_BE_NULL *conf, const X509V3_CTX *ctx, int ext_nid, const char *value) { - assert(conf == NULL); - return X509V3_EXT_nconf_nid(NULL, ctx, ext_nid, value); + assert(conf == nullptr); + return X509V3_EXT_nconf_nid(nullptr, ctx, ext_nid, value); }
diff --git a/decrepit/xts/xts.cc b/decrepit/xts/xts.cc index 398fa90..3b7e96c 100644 --- a/decrepit/xts/xts.cc +++ b/decrepit/xts/xts.cc
@@ -193,8 +193,8 @@ return -1; } // key1 and key2 are used as an indicator both key and IV are set - xctx->xts.key1 = NULL; - xctx->xts.key2 = NULL; + xctx->xts.key1 = nullptr; + xctx->xts.key2 = nullptr; return 1; }
diff --git a/pki/verify.cc b/pki/verify.cc index c0ed8ad..1ee57ff 100644 --- a/pki/verify.cc +++ b/pki/verify.cc
@@ -207,7 +207,7 @@ if (opts.time.has_value()) { now = opts.time.value(); } else { - now = time(NULL); + now = time(nullptr); } der::GeneralizedTime verification_time;
diff --git a/ssl/bio_ssl.cc b/ssl/bio_ssl.cc index da7612a..2a37398 100644 --- a/ssl/bio_ssl.cc +++ b/ssl/bio_ssl.cc
@@ -23,7 +23,7 @@ static int ssl_read(BIO *bio, char *out, int outl) { SSL *ssl = get_ssl(bio); - if (ssl == NULL) { + if (ssl == nullptr) { return 0; } @@ -63,7 +63,7 @@ static int ssl_write(BIO *bio, const char *out, int outl) { SSL *ssl = get_ssl(bio); - if (ssl == NULL) { + if (ssl == nullptr) { return 0; } @@ -97,13 +97,13 @@ static long ssl_ctrl(BIO *bio, int cmd, long num, void *ptr) { SSL *ssl = get_ssl(bio); - if (ssl == NULL && cmd != BIO_C_SET_SSL) { + if (ssl == nullptr && cmd != BIO_C_SET_SSL) { return 0; } switch (cmd) { case BIO_C_SET_SSL: - if (ssl != NULL) { + if (ssl != nullptr) { // OpenSSL allows reusing an SSL BIO with a different SSL object. We do // not support this. OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); @@ -156,7 +156,7 @@ static int ssl_free(BIO *bio) { SSL *ssl = get_ssl(bio); - if (ssl == NULL) { + if (ssl == nullptr) { return 1; } @@ -170,7 +170,7 @@ static long ssl_callback_ctrl(BIO *bio, int cmd, BIO_info_cb *fp) { SSL *ssl = get_ssl(bio); - if (ssl == NULL) { + if (ssl == nullptr) { return 0; }
diff --git a/ssl/d1_both.cc b/ssl/d1_both.cc index ef0a95c..1ef97b9 100644 --- a/ssl/d1_both.cc +++ b/ssl/d1_both.cc
@@ -195,7 +195,7 @@ !CBB_add_u16(cbb.get(), msg_hdr->seq) || !CBB_add_u24(cbb.get(), 0 /* frag_off */) || !CBB_add_u24(cbb.get(), msg_hdr->msg_len) || - !CBB_finish(cbb.get(), NULL, NULL)) { + !CBB_finish(cbb.get(), nullptr, nullptr)) { return nullptr; } @@ -223,12 +223,12 @@ if (msg_hdr->seq < ssl->d1->handshake_read_seq || msg_hdr->seq - ssl->d1->handshake_read_seq >= SSL_MAX_HANDSHAKE_FLIGHT) { *out_alert = SSL_AD_INTERNAL_ERROR; - return NULL; + return nullptr; } size_t idx = msg_hdr->seq % SSL_MAX_HANDSHAKE_FLIGHT; DTLSIncomingMessage *frag = ssl->d1->incoming_messages[idx].get(); - if (frag != NULL) { + if (frag != nullptr) { assert(frag->seq == msg_hdr->seq); // The new fragment must be compatible with the previous fragments from this // message. @@ -236,7 +236,7 @@ frag->msg_len() != msg_hdr->msg_len) { OPENSSL_PUT_ERROR(SSL, SSL_R_FRAGMENT_MISMATCH); *out_alert = SSL_AD_ILLEGAL_PARAMETER; - return NULL; + return nullptr; } return frag; } @@ -245,7 +245,7 @@ ssl->d1->incoming_messages[idx] = dtls_new_incoming_message(msg_hdr); if (!ssl->d1->incoming_messages[idx]) { *out_alert = SSL_AD_INTERNAL_ERROR; - return NULL; + return nullptr; } return ssl->d1->incoming_messages[idx].get(); } @@ -590,7 +590,7 @@ } // TODO(svaldez): Move this up a layer to fix abstraction for SSLTranscript // on hs. - if (ssl->s3->hs != NULL && !ssl->s3->hs->transcript.Update(data)) { + if (ssl->s3->hs != nullptr && !ssl->s3->hs->transcript.Update(data)) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return false; } @@ -647,12 +647,12 @@ // |SSL_set_mtu|. Does this need to be so complex? if (ssl->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(ssl) & SSL_OP_NO_QUERY_MTU)) { - long mtu = BIO_ctrl(ssl->wbio.get(), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL); + long mtu = BIO_ctrl(ssl->wbio.get(), BIO_CTRL_DGRAM_QUERY_MTU, 0, nullptr); if (mtu >= 0 && mtu <= (1 << 30) && (unsigned)mtu >= dtls1_min_mtu()) { ssl->d1->mtu = (unsigned)mtu; } else { ssl->d1->mtu = kDefaultMTU; - BIO_ctrl(ssl->wbio.get(), BIO_CTRL_DGRAM_SET_MTU, ssl->d1->mtu, NULL); + BIO_ctrl(ssl->wbio.get(), BIO_CTRL_DGRAM_SET_MTU, ssl->d1->mtu, nullptr); } }
diff --git a/ssl/d1_lib.cc b/ssl/d1_lib.cc index 7e34420..01ff5b7 100644 --- a/ssl/d1_lib.cc +++ b/ssl/d1_lib.cc
@@ -69,12 +69,12 @@ void dtls1_free(SSL *ssl) { tls_free(ssl); - if (ssl == NULL) { + if (ssl == nullptr) { return; } Delete(ssl->d1); - ssl->d1 = NULL; + ssl->d1 = nullptr; } void DTLSTimer::StartMicroseconds(OPENSSL_timeval now, uint64_t microseconds) {
diff --git a/ssl/d1_srtp.cc b/ssl/d1_srtp.cc index 198ed7b..25759d7 100644 --- a/ssl/d1_srtp.cc +++ b/ssl/d1_srtp.cc
@@ -33,7 +33,7 @@ {"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32}, {"SRTP_AEAD_AES_128_GCM", SRTP_AEAD_AES_128_GCM}, {"SRTP_AEAD_AES_256_GCM", SRTP_AEAD_AES_256_GCM}, - {0, 0}, + {nullptr, 0}, }; static int find_profile_by_name(const char *profile_name,
diff --git a/ssl/dtls_record.cc b/ssl/dtls_record.cc index da5c318..f5e4227 100644 --- a/ssl/dtls_record.cc +++ b/ssl/dtls_record.cc
@@ -504,7 +504,7 @@ } bool dtls13_header = use_dtls13_record_header(ssl, epoch); - uint8_t *extra_in = NULL; + uint8_t *extra_in = nullptr; size_t extra_in_len = 0; if (dtls13_header) { extra_in = &type;
diff --git a/ssl/encrypted_client_hello.cc b/ssl/encrypted_client_hello.cc index 5110508..cac0358 100644 --- a/ssl/encrypted_client_hello.cc +++ b/ssl/encrypted_client_hello.cc
@@ -584,7 +584,7 @@ } assert(kdf_id == EVP_HPKE_HKDF_SHA256); - assert(get_ech_aead(aead_id) != NULL); + assert(get_ech_aead(aead_id) != nullptr); return EVP_HPKE_CTX_setup_recipient(ctx, key_.get(), EVP_hpke_hkdf_sha256(), get_ech_aead(aead_id), enc.data(), enc.size(), CBB_data(info_cbb.get()),
diff --git a/ssl/extensions.cc b/ssl/extensions.cc index b5f19bd..1bce374 100644 --- a/ssl/extensions.cc +++ b/ssl/extensions.cc
@@ -467,7 +467,7 @@ static bool forbid_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents != NULL) { + if (contents != nullptr) { // Servers MUST NOT send this extension. *out_alert = SSL_AD_UNSUPPORTED_EXTENSION; OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION); @@ -522,7 +522,7 @@ CBS *contents) { // The server may acknowledge SNI with an empty extension. We check the syntax // but otherwise ignore this signal. - return contents == NULL || CBS_len(contents) == 0; + return contents == nullptr || CBS_len(contents) == 0; } static bool ext_sni_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert, @@ -583,7 +583,7 @@ static bool ext_ech_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -695,7 +695,7 @@ static bool ext_ri_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents != NULL && ssl_protocol_version(ssl) >= TLS1_3_VERSION) { + if (contents != nullptr && ssl_protocol_version(ssl) >= TLS1_3_VERSION) { *out_alert = SSL_AD_ILLEGAL_PARAMETER; return false; } @@ -703,13 +703,13 @@ // Servers may not switch between omitting the extension and supporting it. // See RFC 5746, sections 3.5 and 4.2. if (ssl->s3->initial_handshake_complete && - (contents != NULL) != ssl->s3->send_connection_binding) { + (contents != nullptr) != ssl->s3->send_connection_binding) { *out_alert = SSL_AD_HANDSHAKE_FAILURE; OPENSSL_PUT_ERROR(SSL, SSL_R_RENEGOTIATION_MISMATCH); return false; } - if (contents == NULL) { + if (contents == nullptr) { // Strictly speaking, if we want to avoid an attack we should *always* see // RI even on initial ServerHello because the client doesn't see any // renegotiation during an attack. However this would mean we could not @@ -776,7 +776,7 @@ return true; } - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -844,7 +844,7 @@ CBS *contents) { SSL *const ssl = hs->ssl; - if (contents != NULL) { + if (contents != nullptr) { if (ssl_protocol_version(ssl) >= TLS1_3_VERSION || // CBS_len(contents) != 0) { return false; @@ -871,7 +871,7 @@ return true; } - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -936,7 +936,7 @@ static bool ext_ticket_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1004,7 +1004,7 @@ static bool ext_sigalgs_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { hs->peer_sigalgs.Reset(); - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1046,7 +1046,7 @@ static bool ext_ocsp_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1071,7 +1071,7 @@ static bool ext_ocsp_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1111,7 +1111,7 @@ CBB *out_compressible, ssl_client_hello_type_t type) { const SSL *const ssl = hs->ssl; - if (ssl->ctx->next_proto_select_cb == NULL || + if (ssl->ctx->next_proto_select_cb == nullptr || // Do not allow NPN to change on renegotiation. ssl->s3->initial_handshake_complete || // NPN is not defined in DTLS or TLS 1.3. @@ -1131,7 +1131,7 @@ static bool ext_npn_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1144,7 +1144,7 @@ // called. assert(!ssl->s3->initial_handshake_complete); assert(!SSL_is_dtls(ssl)); - assert(ssl->ctx->next_proto_select_cb != NULL); + assert(ssl->ctx->next_proto_select_cb != nullptr); if (!ssl->s3->alpn_selected.empty()) { // NPN and ALPN may not be negotiated in the same connection. @@ -1187,13 +1187,13 @@ return true; } - if (contents != NULL && CBS_len(contents) != 0) { + if (contents != nullptr && CBS_len(contents) != 0) { return false; } - if (contents == NULL || // - ssl->s3->initial_handshake_complete || // - ssl->ctx->next_protos_advertised_cb == NULL || // + if (contents == nullptr || // + ssl->s3->initial_handshake_complete || // + ssl->ctx->next_protos_advertised_cb == nullptr || // SSL_is_dtls(ssl)) { return true; } @@ -1254,7 +1254,7 @@ static bool ext_sct_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1292,7 +1292,7 @@ static bool ext_sct_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1362,7 +1362,7 @@ static bool ext_alpn_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { if (SSL_is_quic(ssl)) { // ALPN is required when QUIC is used. OPENSSL_PUT_ERROR(SSL, SSL_R_NO_APPLICATION_PROTOCOL); @@ -1459,7 +1459,7 @@ const SSL_CLIENT_HELLO *client_hello) { SSL *const ssl = hs->ssl; CBS contents; - if (ssl->ctx->alpn_select_cb == NULL || + if (ssl->ctx->alpn_select_cb == nullptr || !ssl_client_hello_get_extension( client_hello, &contents, TLSEXT_TYPE_application_layer_protocol_negotiation)) { @@ -1580,7 +1580,7 @@ static bool ext_channel_id_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1599,7 +1599,8 @@ uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL || !hs->config->channel_id_enabled || SSL_is_dtls(ssl)) { + if (contents == nullptr || !hs->config->channel_id_enabled || + SSL_is_dtls(ssl)) { return true; } @@ -1635,7 +1636,7 @@ const SSL *const ssl = hs->ssl; const STACK_OF(SRTP_PROTECTION_PROFILE) *profiles = SSL_get_srtp_profiles(ssl); - if (profiles == NULL || // + if (profiles == nullptr || // sk_SRTP_PROTECTION_PROFILE_num(profiles) == 0 || // !SSL_is_dtls(ssl)) { return true; @@ -1665,7 +1666,7 @@ static bool ext_srtp_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1709,7 +1710,7 @@ CBS *contents) { SSL *const ssl = hs->ssl; // DTLS-SRTP is only defined for DTLS. - if (contents == NULL || !SSL_is_dtls(ssl)) { + if (contents == nullptr || !SSL_is_dtls(ssl)) { return true; } @@ -1749,7 +1750,7 @@ static bool ext_srtp_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) { SSL *const ssl = hs->ssl; - if (ssl->s3->srtp_profile == NULL) { + if (ssl->s3->srtp_profile == nullptr) { return true; } @@ -1797,7 +1798,7 @@ static bool ext_ec_point_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -1815,7 +1816,7 @@ // point format. if (OPENSSL_memchr(CBS_data(&ec_point_format_list), TLSEXT_ECPOINTFORMAT_uncompressed, - CBS_len(&ec_point_format_list)) == NULL) { + CBS_len(&ec_point_format_list)) == nullptr) { *out_alert = SSL_AD_ILLEGAL_PARAMETER; return false; } @@ -2060,7 +2061,7 @@ static bool ext_psk_key_exchange_modes_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -2074,7 +2075,7 @@ // We only support tickets with PSK_DHE_KE. hs->accept_psk_mode = OPENSSL_memchr(CBS_data(&ke_modes), SSL_PSK_DHE_KE, - CBS_len(&ke_modes)) != NULL; + CBS_len(&ke_modes)) != nullptr; return true; } @@ -2116,7 +2117,7 @@ uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL) { + if (contents == nullptr) { if (hs->early_data_offered && !ssl->s3->used_hello_retry_request) { ssl->s3->early_data_reason = ssl->s3->session_reused ? ssl_early_data_peer_declined @@ -2154,7 +2155,7 @@ uint8_t *out_alert, CBS *contents) { SSL *const ssl = hs->ssl; - if (contents == NULL || ssl_protocol_version(ssl) < TLS1_3_VERSION) { + if (contents == nullptr || ssl_protocol_version(ssl) < TLS1_3_VERSION) { return true; } @@ -2585,7 +2586,7 @@ static bool ext_supported_groups_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -2625,7 +2626,7 @@ static bool ext_certificate_authorities_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert, CBS *contents) { - if (contents == NULL) { + if (contents == nullptr) { return true; } @@ -3731,10 +3732,10 @@ #define kNumExtensions (sizeof(kExtensions) / sizeof(struct tls_extension)) static_assert(kNumExtensions <= - sizeof(((SSL_HANDSHAKE *)NULL)->extensions.sent) * 8, + sizeof(((SSL_HANDSHAKE *)nullptr)->extensions.sent) * 8, "too many extensions for sent bitset"); static_assert(kNumExtensions <= - sizeof(((SSL_HANDSHAKE *)NULL)->extensions.received) * 8, + sizeof(((SSL_HANDSHAKE *)nullptr)->extensions.received) * 8, "too many extensions for received bitset"); bool ssl_setup_extension_permutation(SSL_HANDSHAKE *hs) { @@ -3771,7 +3772,7 @@ } } - return NULL; + return nullptr; } static bool add_padding_extension(CBB *cbb, uint16_t ext, size_t len) { @@ -4072,7 +4073,7 @@ unsigned ext_index; const struct tls_extension *const ext = tls_extension_find(&ext_index, type); - if (ext == NULL) { + if (ext == nullptr) { continue; } @@ -4091,7 +4092,7 @@ continue; } - CBS *contents = NULL, fake_contents; + CBS *contents = nullptr, fake_contents; static const uint8_t kFakeRenegotiateExtension[] = {0}; if (kExtensions[i].value == TLSEXT_TYPE_renegotiate && ssl_client_cipher_list_contains_cipher( @@ -4159,7 +4160,7 @@ const struct tls_extension *const ext = tls_extension_find(&ext_index, type); - if (ext == NULL) { + if (ext == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_EXTENSION); ERR_add_error_dataf("extension %u", (unsigned)type); *out_alert = SSL_AD_UNSUPPORTED_EXTENSION; @@ -4193,7 +4194,7 @@ // Extension wasn't observed so call the callback with a NULL // parameter. uint8_t alert = SSL_AD_DECODE_ERROR; - if (!kExtensions[i].parse_serverhello(hs, &alert, NULL)) { + if (!kExtensions[i].parse_serverhello(hs, &alert, nullptr)) { OPENSSL_PUT_ERROR(SSL, SSL_R_MISSING_EXTENSION); ERR_add_error_dataf("extension %u", (unsigned)kExtensions[i].value); *out_alert = alert; @@ -4209,9 +4210,9 @@ SSL *const ssl = hs->ssl; int ret = SSL_TLSEXT_ERR_NOACK; int al = SSL_AD_UNRECOGNIZED_NAME; - if (ssl->ctx->servername_callback != 0) { + if (ssl->ctx->servername_callback != nullptr) { ret = ssl->ctx->servername_callback(ssl, &al, ssl->ctx->servername_arg); - } else if (ssl->session_ctx->servername_callback != 0) { + } else if (ssl->session_ctx->servername_callback != nullptr) { ret = ssl->session_ctx->servername_callback( ssl, &al, ssl->session_ctx->servername_arg); } @@ -4292,7 +4293,7 @@ auto ticket_mac = ticket.last(mac_len); ticket = ticket.first(ticket.size() - mac_len); HMAC_Update(hmac_ctx, ticket.data(), ticket.size()); - HMAC_Final(hmac_ctx, mac, NULL); + HMAC_Final(hmac_ctx, mac, nullptr); assert(mac_len == ticket_mac.size()); bool mac_ok = CRYPTO_memcmp(mac, ticket_mac.data(), mac_len) == 0; if (CRYPTO_fuzzer_mode_enabled()) { @@ -4387,8 +4388,8 @@ return ssl_ticket_aead_ignore_ticket; } if (!HMAC_Init_ex(hmac_ctx.get(), key->hmac_key, sizeof(key->hmac_key), - tlsext_tick_md(), NULL) || - !EVP_DecryptInit_ex(cipher_ctx.get(), cipher, NULL, key->aes_key, + tlsext_tick_md(), nullptr) || + !EVP_DecryptInit_ex(cipher_ctx.get(), cipher, nullptr, key->aes_key, iv.data())) { return ssl_ticket_aead_error; } @@ -4456,7 +4457,7 @@ } } else if (!is_psk && hints && !hs->hints_requested && hints->ignore_ticket) { result = ssl_ticket_aead_ignore_ticket; - } else if (ssl->session_ctx->ticket_aead_method != NULL) { + } else if (ssl->session_ctx->ticket_aead_method != nullptr) { result = ssl_decrypt_ticket_with_method(hs, &plaintext, out_renew_ticket, ticket); } else { @@ -4466,7 +4467,7 @@ // HMAC. if (ticket.size() < SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH) { result = ssl_ticket_aead_ignore_ticket; - } else if (ssl->session_ctx->ticket_key_cb != NULL) { + } else if (ssl->session_ctx->ticket_key_cb != nullptr) { result = ssl_decrypt_ticket_with_cb(hs, &plaintext, out_renew_ticket, ticket); } else { @@ -4621,10 +4622,10 @@ } const uint8_t *p = CBS_data(&extension); - if (BN_bin2bn(p + 0, 32, x.get()) == NULL || - BN_bin2bn(p + 32, 32, y.get()) == NULL || - BN_bin2bn(p + 64, 32, sig->r) == NULL || - BN_bin2bn(p + 96, 32, sig->s) == NULL) { + if (BN_bin2bn(p + 0, 32, x.get()) == nullptr || + BN_bin2bn(p + 32, 32, y.get()) == nullptr || + BN_bin2bn(p + 64, 32, sig->r) == nullptr || + BN_bin2bn(p + 96, 32, sig->s) == nullptr) { return false; } @@ -4719,7 +4720,7 @@ static const char kClientIDMagic[] = "TLS Channel ID signature"; SHA256_Update(&ctx, kClientIDMagic, sizeof(kClientIDMagic)); - if (ssl->session != NULL) { + if (ssl->session != nullptr) { static const char kResumptionMagic[] = "Resumption"; SHA256_Update(&ctx, kResumptionMagic, sizeof(kResumptionMagic)); if (ssl->session->original_handshake_hash.empty()) { @@ -4746,7 +4747,7 @@ // This function should never be called for a resumed session because the // handshake hashes that we wish to record are for the original, full // handshake. - if (ssl->session != NULL) { + if (ssl->session != nullptr) { return false; }
diff --git a/ssl/handshake.cc b/ssl/handshake.cc index fade2d6..88b42a7 100644 --- a/ssl/handshake.cc +++ b/ssl/handshake.cc
@@ -230,7 +230,7 @@ enum ssl_verify_result_t ssl_verify_peer_cert(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; const SSL_SESSION *prev_session = ssl->s3->established_session.get(); - if (prev_session != NULL) { + if (prev_session != nullptr) { // If renegotiating, the server must not change the server certificate. See // https://mitls.org/pages/attacks/3SHAKE. We never resume on renegotiation, // so this check is sufficient to ensure the reported peer certificate never
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc index 9224bfe..769dcfc 100644 --- a/ssl/handshake_client.cc +++ b/ssl/handshake_client.cc
@@ -76,7 +76,7 @@ *out_mask_k = 0; // PSK requires a client callback. - if (hs->config->psk_client_callback == NULL) { + if (hs->config->psk_client_callback == nullptr) { *out_mask_a |= SSL_aPSK; *out_mask_k |= SSL_kPSK; } @@ -240,7 +240,7 @@ // ClientHellOuterAAD computation would break. assert(type != ssl_client_hello_outer); if (!tls13_write_psk_binder(hs, hs->transcript, Span(msg), - /*out_binder_len=*/0)) { + /*out_binder_len=*/nullptr)) { return false; } } @@ -749,7 +749,7 @@ ssl->s3->session_reused = true; } else { // The session wasn't resumed. Create a fresh SSL_SESSION to fill out. - ssl_set_session(ssl, NULL); + ssl_set_session(ssl, nullptr); if (!ssl_get_new_session(hs)) { ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); return ssl_hs_error; @@ -773,7 +773,7 @@ // If doing a full handshake, the server may request a client certificate // which requires hashing the handshake transcript. Otherwise, the handshake // buffer may be released. - if (ssl->session != NULL || + if (ssl->session != nullptr || !ssl_cipher_uses_certificate_auth(hs->new_cipher)) { hs->transcript.FreeBuffer(); } @@ -790,7 +790,7 @@ return ssl_hs_error; } - if (ssl->session != NULL && + if (ssl->session != nullptr && hs->extended_master_secret != ssl->session->extended_master_secret) { if (ssl->session->extended_master_secret) { OPENSSL_PUT_ERROR(SSL, SSL_R_RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION); @@ -803,7 +803,7 @@ ssl->method->next_message(ssl); - if (ssl->session != NULL) { + if (ssl->session != nullptr) { if (ssl->ctx->reverify_on_resume && ssl_cipher_uses_certificate_auth(hs->new_cipher)) { hs->state = state_reverify_server_certificate; @@ -848,7 +848,7 @@ CBS body = msg.body; uint8_t alert = SSL_AD_DECODE_ERROR; if (!ssl_parse_cert_chain(&alert, &hs->new_session->certs, &hs->peer_pubkey, - NULL, &body, ssl->ctx->pool)) { + nullptr, &body, ssl->ctx->pool)) { ssl_send_alert(ssl, SSL3_AL_FATAL, alert); return ssl_hs_error; } @@ -1379,7 +1379,7 @@ unsigned psk_len = 0; uint8_t psk[PSK_MAX_PSK_LEN]; if (alg_a & SSL_aPSK) { - if (hs->config->psk_client_callback == NULL) { + if (hs->config->psk_client_callback == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_NO_CLIENT_CB); return ssl_hs_error; } @@ -1414,7 +1414,7 @@ // Depending on the key exchange method, compute |pms|. if (alg_k & SSL_kRSA) { RSA *rsa = EVP_PKEY_get0_RSA(hs->peer_pubkey.get()); - if (rsa == NULL) { + if (rsa == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return ssl_hs_error; } @@ -1646,7 +1646,7 @@ static enum ssl_hs_wait_t do_finish_flight(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; - if (ssl->session != NULL) { + if (ssl->session != nullptr) { hs->state = state_finish_client_handshake; return ssl_hs_ok; } @@ -1757,7 +1757,7 @@ return wait; } - if (ssl->session != NULL) { + if (ssl->session != nullptr) { hs->state = state_send_client_finished; return ssl_hs_ok; }
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc index d4fc10d..5d119ef 100644 --- a/ssl/handshake_server.cc +++ b/ssl/handshake_server.cc
@@ -145,7 +145,7 @@ } const SSL_CIPHER *c = SSL_get_cipher_by_value(cipher_suite); - if (c != NULL && !sk_SSL_CIPHER_push(sk.get(), c)) { + if (c != nullptr && !sk_SSL_CIPHER_push(sk.get(), c)) { return nullptr; } } @@ -584,7 +584,7 @@ } // Run the early callback. - if (ssl->ctx->select_certificate_cb != NULL) { + if (ssl->ctx->select_certificate_cb != nullptr) { switch (ssl->ctx->select_certificate_cb(&client_hello)) { case ssl_select_cert_retry: return ssl_hs_certificate_selection_pending; @@ -634,7 +634,7 @@ // Only null compression is supported. TLS 1.3 further requires the peer // advertise no other compression. if (OPENSSL_memchr(client_hello.compression_methods, 0, - client_hello.compression_methods_len) == NULL || + client_hello.compression_methods_len) == nullptr || (ssl_protocol_version(ssl) >= TLS1_3_VERSION && client_hello.compression_methods_len != 1)) { OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_COMPRESSION_LIST); @@ -656,7 +656,7 @@ SSL *const ssl = hs->ssl; // Call |cert_cb| to update server certificates if required. - if (hs->config->cert->cert_cb != NULL) { + if (hs->config->cert->cert_cb != nullptr) { int rv = hs->config->cert->cert_cb(ssl, hs->config->cert->cert_cb_arg); if (rv == 0) { OPENSSL_PUT_ERROR(SSL, SSL_R_CERT_CB_ERROR); @@ -817,7 +817,7 @@ } } - if (ssl->ctx->dos_protection_cb != NULL && + if (ssl->ctx->dos_protection_cb != nullptr && ssl->ctx->dos_protection_cb(&client_hello) == 0) { // Connection rejected for DOS reasons. OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_REJECTED); @@ -825,7 +825,7 @@ return ssl_hs_error; } - if (ssl->session == NULL) { + if (ssl->session == nullptr) { hs->new_session->cipher = hs->new_cipher; if (hs->new_session->cipher->algorithm_mkey & SSL_kECDHE) { assert(has_ecdhe_group); @@ -1419,7 +1419,7 @@ // For a PSK cipher suite, the actual pre-master secret is combined with the // pre-shared key. if (alg_a & SSL_aPSK) { - if (hs->config->psk_server_callback == NULL) { + if (hs->config->psk_server_callback == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); return ssl_hs_error; @@ -1567,7 +1567,7 @@ } static enum ssl_hs_wait_t do_read_change_cipher_spec(SSL_HANDSHAKE *hs) { - if (hs->handback && hs->ssl->session != NULL) { + if (hs->handback && hs->ssl->session != nullptr) { return ssl_hs_handback; } hs->state = state12_process_change_cipher_spec; @@ -1650,7 +1650,7 @@ return wait; } - if (ssl->session != NULL) { + if (ssl->session != nullptr) { hs->state = state12_finish_server_handshake; } else { hs->state = state12_send_server_finished; @@ -1659,7 +1659,7 @@ // If this is a full handshake with ChannelID then record the handshake // hashes in |hs->new_session| in case we need them to verify a // ChannelID signature on a resumption of this session in the future. - if (ssl->session == NULL && ssl->s3->channel_id_valid && + if (ssl->session == nullptr && ssl->s3->channel_id_valid && !tls1_record_handshake_hashes_for_channel_id(hs)) { return ssl_hs_error; } @@ -1673,7 +1673,7 @@ if (hs->ticket_expected) { const SSL_SESSION *session; UniquePtr<SSL_SESSION> session_copy; - if (ssl->session == NULL) { + if (ssl->session == nullptr) { // Fix the timeout to measure from the ticket issuance time. ssl_session_rebase_time(ssl, hs->new_session.get()); session = hs->new_session.get(); @@ -1711,7 +1711,7 @@ return ssl_hs_error; } - if (ssl->session != NULL) { + if (ssl->session != nullptr) { hs->state = state12_read_change_cipher_spec; } else { hs->state = state12_finish_server_handshake; @@ -1729,7 +1729,7 @@ ssl->method->on_handshake_complete(ssl); // If we aren't retaining peer certificates then we can discard it now. - if (hs->new_session != NULL && + if (hs->new_session != nullptr && hs->config->retain_only_sha256_of_client_certs) { hs->new_session->certs.reset(); ssl->ctx->x509_method->session_clear(hs->new_session.get());
diff --git a/ssl/s3_both.cc b/ssl/s3_both.cc index 3ebcbba..b8c156b 100644 --- a/ssl/s3_both.cc +++ b/ssl/s3_both.cc
@@ -136,7 +136,7 @@ ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HANDSHAKE, msg); // TODO(svaldez): Move this up a layer to fix abstraction for SSLTranscript on // hs. - if (ssl->s3->hs != NULL && // + if (ssl->s3->hs != nullptr && // !ssl->s3->hs->transcript.Update(msg)) { return false; } @@ -363,7 +363,7 @@ // Add the null compression scheme and finish. if (!CBB_add_u8(&hello_body, 1) || // !CBB_add_u8(&hello_body, 0) || // - !CBB_finish(client_hello.get(), NULL, &ssl->s3->hs_buf->length)) { + !CBB_finish(client_hello.get(), nullptr, &ssl->s3->hs_buf->length)) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return ssl_open_record_error; }
diff --git a/ssl/s3_lib.cc b/ssl/s3_lib.cc index bae2e07..327e1a9 100644 --- a/ssl/s3_lib.cc +++ b/ssl/s3_lib.cc
@@ -77,12 +77,12 @@ } void tls_free(SSL *ssl) { - if (ssl->s3 == NULL) { + if (ssl->s3 == nullptr) { return; } Delete(ssl->s3); - ssl->s3 = NULL; + ssl->s3 = nullptr; } BSSL_NAMESPACE_END
diff --git a/ssl/ssl_aead_ctx.cc b/ssl/ssl_aead_ctx.cc index a30825b..e44d09a 100644 --- a/ssl/ssl_aead_ctx.cc +++ b/ssl/ssl_aead_ctx.cc
@@ -401,7 +401,7 @@ } if (!SealScatter(out, out + prefix_len, out + prefix_len + in_len, type, - record_version, seqnum, header, in, in_len, 0, 0)) { + record_version, seqnum, header, in, in_len, nullptr, 0)) { return false; } *out_len = prefix_len + in_len + suffix_len;
diff --git a/ssl/ssl_asn1.cc b/ssl/ssl_asn1.cc index 49ef2d7..2fe50ea 100644 --- a/ssl/ssl_asn1.cc +++ b/ssl/ssl_asn1.cc
@@ -142,7 +142,7 @@ static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, CBB *cbb, int for_ticket) { - if (in == NULL || in->cipher == NULL) { + if (in == nullptr || in->cipher == nullptr) { return 0; } @@ -262,7 +262,7 @@ // The certificate chain is only serialized if the leaf's SHA-256 isn't // serialized instead. - if (in->certs != NULL && // + if (in->certs != nullptr && // !in->peer_sha256_valid && // sk_CRYPTO_BUFFER_num(in->certs.get()) >= 2) { if (!CBB_add_asn1(&session, &child, kCertChainTag)) { @@ -389,7 +389,7 @@ static bool SSL_SESSION_parse_octet_string(CBS *cbs, Array<uint8_t> *out, CBS_ASN1_TAG tag) { CBS value; - if (!CBS_get_optional_asn1_octet_string(cbs, &value, NULL, tag)) { + if (!CBS_get_optional_asn1_octet_string(cbs, &value, nullptr, tag)) { OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); return false; } @@ -492,7 +492,7 @@ return nullptr; } ret->cipher = SSL_get_cipher_by_value(cipher_value); - if (ret->cipher == NULL) { + if (ret->cipher == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_CIPHER); return nullptr; } @@ -592,7 +592,7 @@ } CBS cert_chain; - CBS_init(&cert_chain, NULL, 0); + CBS_init(&cert_chain, nullptr, 0); int has_cert_chain; if (!CBS_get_optional_asn1(&session, &cert_chain, &has_cert_chain, kCertChainTag) || @@ -620,7 +620,7 @@ while (CBS_len(&cert_chain) > 0) { CBS cert; - if (!CBS_get_any_asn1_element(&cert_chain, &cert, NULL, NULL) || + if (!CBS_get_any_asn1_element(&cert_chain, &cert, nullptr, nullptr) || CBS_len(&cert) == 0) { OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); return nullptr; @@ -726,7 +726,7 @@ *out_len = strlen(kNotResumableSession); *out_data = (uint8_t *)OPENSSL_memdup(kNotResumableSession, *out_len); - if (*out_data == NULL) { + if (*out_data == nullptr) { return 0; } @@ -785,11 +785,11 @@ UniquePtr<SSL_SESSION> ret = SSL_SESSION_parse(&cbs, ctx->x509_method, ctx->pool); if (!ret) { - return NULL; + return nullptr; } if (CBS_len(&cbs) != 0) { OPENSSL_PUT_ERROR(SSL, SSL_R_INVALID_SSL_SESSION); - return NULL; + return nullptr; } return ret.release(); }
diff --git a/ssl/ssl_buffer.cc b/ssl/ssl_buffer.cc index 2cdcbc3..8c5c7bc 100644 --- a/ssl/ssl_buffer.cc +++ b/ssl/ssl_buffer.cc
@@ -70,7 +70,7 @@ // sensitive data, we allocate with malloc rather than |OPENSSL_malloc| and // avoid zeroing on free. new_buf = (uint8_t *)malloc(new_cap + SSL3_ALIGN_PAYLOAD - 1); - if (new_buf == NULL) { + if (new_buf == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); return false; }
diff --git a/ssl/ssl_cert.cc b/ssl/ssl_cert.cc index 3be7d14..72218ae 100644 --- a/ssl/ssl_cert.cc +++ b/ssl/ssl_cert.cc
@@ -82,12 +82,12 @@ CERT *cert, CRYPTO_BUFFER *const *certs, size_t num_certs, EVP_PKEY *privkey, const SSL_PRIVATE_KEY_METHOD *privkey_method) { if (num_certs == 0 || // - (privkey == NULL && privkey_method == NULL)) { + (privkey == nullptr && privkey_method == nullptr)) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } - if (privkey != NULL && privkey_method != NULL) { + if (privkey != nullptr && privkey_method != nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_HAVE_BOTH_PRIVKEY_AND_METHOD); return 0; } @@ -164,7 +164,7 @@ } // Retain the hash of the leaf certificate if requested. - if (out_leaf_sha256 != NULL) { + if (out_leaf_sha256 != nullptr) { SHA256(CBS_data(&certificate), CBS_len(&certificate), out_leaf_sha256); } } @@ -210,19 +210,19 @@ !CBS_get_asn1(&toplevel, out_tbs_cert, CBS_ASN1_SEQUENCE) || // // version !CBS_get_optional_asn1( - out_tbs_cert, NULL, NULL, + out_tbs_cert, nullptr, nullptr, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) || // // serialNumber - !CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_INTEGER) || + !CBS_get_asn1(out_tbs_cert, nullptr, CBS_ASN1_INTEGER) || // signature algorithm - !CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1(out_tbs_cert, nullptr, CBS_ASN1_SEQUENCE) || // issuer - !CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1(out_tbs_cert, nullptr, CBS_ASN1_SEQUENCE) || // validity - !CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1(out_tbs_cert, nullptr, CBS_ASN1_SEQUENCE) || // subject - !CBS_get_asn1(out_tbs_cert, NULL, CBS_ASN1_SEQUENCE)) { + !CBS_get_asn1(out_tbs_cert, nullptr, CBS_ASN1_SEQUENCE)) { return false; } @@ -239,12 +239,12 @@ !CBS_get_asn1(&toplevel, &cert, CBS_ASN1_SEQUENCE) || // // version !CBS_get_optional_asn1( - &cert, NULL, NULL, + &cert, nullptr, nullptr, CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC | 0) || // // serialNumber - !CBS_get_asn1(&cert, NULL, CBS_ASN1_INTEGER) || // + !CBS_get_asn1(&cert, nullptr, CBS_ASN1_INTEGER) || // // signature algorithm - !CBS_get_asn1(&cert, NULL, CBS_ASN1_SEQUENCE) || // + !CBS_get_asn1(&cert, nullptr, CBS_ASN1_SEQUENCE) || // // issuer !CBS_get_asn1_element(&cert, out_dn, CBS_ASN1_SEQUENCE)) { return false; @@ -305,12 +305,12 @@ int has_extensions; if (!ssl_cert_skip_to_spki(&buf, &tbs_cert) || // subjectPublicKeyInfo - !CBS_get_asn1(&tbs_cert, NULL, CBS_ASN1_SEQUENCE) || + !CBS_get_asn1(&tbs_cert, nullptr, CBS_ASN1_SEQUENCE) || // issuerUniqueID - !CBS_get_optional_asn1(&tbs_cert, NULL, NULL, + !CBS_get_optional_asn1(&tbs_cert, nullptr, nullptr, CBS_ASN1_CONTEXT_SPECIFIC | 1) || // subjectUniqueID - !CBS_get_optional_asn1(&tbs_cert, NULL, NULL, + !CBS_get_optional_asn1(&tbs_cert, nullptr, nullptr, CBS_ASN1_CONTEXT_SPECIFIC | 2) || !CBS_get_optional_asn1( &tbs_cert, &outer_extensions, &has_extensions, @@ -334,7 +334,7 @@ if (!CBS_get_asn1(&extensions, &extension, CBS_ASN1_SEQUENCE) || !CBS_get_asn1(&extension, &oid, CBS_ASN1_OBJECT) || (CBS_peek_asn1_tag(&extension, CBS_ASN1_BOOLEAN) && - !CBS_get_asn1(&extension, NULL, CBS_ASN1_BOOLEAN)) || + !CBS_get_asn1(&extension, nullptr, CBS_ASN1_BOOLEAN)) || !CBS_get_asn1(&extension, &contents, CBS_ASN1_OCTETSTRING) || CBS_len(&extension) != 0) { OPENSSL_PUT_ERROR(SSL, SSL_R_CANNOT_PARSE_LEAF_CERT); @@ -549,7 +549,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, size_t der_len, const uint8_t *der) { - UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(der, der_len, NULL)); + UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(der, der_len, nullptr)); if (!buffer) { return 0; } @@ -558,7 +558,7 @@ } int SSL_use_certificate_ASN1(SSL *ssl, const uint8_t *der, size_t der_len) { - UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(der, der_len, NULL)); + UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(der, der_len, nullptr)); if (!buffer || !ssl->config) { return 0; } @@ -580,16 +580,16 @@ const STACK_OF(CRYPTO_BUFFER) *SSL_get0_peer_certificates(const SSL *ssl) { SSL_SESSION *session = SSL_get_session(ssl); - if (session == NULL) { - return NULL; + if (session == nullptr) { + return nullptr; } return session->certs.get(); } const STACK_OF(CRYPTO_BUFFER) *SSL_get0_server_requested_CAs(const SSL *ssl) { - if (ssl->s3->hs == NULL) { - return NULL; + if (ssl->s3->hs == nullptr) { + return nullptr; } return ssl->s3->hs->ca_names.get(); }
diff --git a/ssl/ssl_cipher.cc b/ssl/ssl_cipher.cc index 227daaf..1e19eef 100644 --- a/ssl/ssl_cipher.cc +++ b/ssl/ssl_cipher.cc
@@ -453,7 +453,7 @@ size_t *out_mac_secret_len, size_t *out_fixed_iv_len, const SSL_CIPHER *cipher, uint16_t version) { - *out_aead = NULL; + *out_aead = nullptr; *out_mac_secret_len = 0; *out_fixed_iv_len = 0; @@ -537,7 +537,7 @@ return EVP_sha384(); default: assert(0); - return NULL; + return nullptr; } } @@ -563,15 +563,15 @@ if (curr == *head) { *head = curr->next; } - if (curr->prev != NULL) { + if (curr->prev != nullptr) { curr->prev->next = curr->next; } - if (curr->next != NULL) { + if (curr->next != nullptr) { curr->next->prev = curr->prev; } (*tail)->next = curr; curr->prev = *tail; - curr->next = NULL; + curr->next = nullptr; *tail = curr; } @@ -583,15 +583,15 @@ if (curr == *tail) { *tail = curr->prev; } - if (curr->next != NULL) { + if (curr->next != nullptr) { curr->next->prev = curr->prev; } - if (curr->prev != NULL) { + if (curr->prev != nullptr) { curr->prev->next = curr->next; } (*head)->prev = curr; curr->next = *head; - curr->prev = NULL; + curr->prev = nullptr; *head = curr; } @@ -686,14 +686,14 @@ last = tail; } - curr = NULL; + curr = nullptr; for (;;) { if (curr == last) { break; } curr = next; - if (curr == NULL) { + if (curr == nullptr) { break; } @@ -707,7 +707,7 @@ continue; } } else if (strength_bits >= 0) { - if (strength_bits != SSL_CIPHER_get_bits(cp, NULL)) { + if (strength_bits != SSL_CIPHER_get_bits(cp, nullptr)) { continue; } } else { @@ -761,14 +761,14 @@ tail = curr->prev; } curr->active = false; - if (curr->next != NULL) { + if (curr->next != nullptr) { curr->next->prev = curr->prev; } - if (curr->prev != NULL) { + if (curr->prev != nullptr) { curr->prev->next = curr->next; } - curr->next = NULL; - curr->prev = NULL; + curr->next = nullptr; + curr->prev = nullptr; } } @@ -783,10 +783,10 @@ // '+' movement to the end of the list. int max_strength_bits = 0; CIPHER_ORDER *curr = *head_p; - while (curr != NULL) { + while (curr != nullptr) { if (curr->active && - SSL_CIPHER_get_bits(curr->cipher, NULL) > max_strength_bits) { - max_strength_bits = SSL_CIPHER_get_bits(curr->cipher, NULL); + SSL_CIPHER_get_bits(curr->cipher, nullptr) > max_strength_bits) { + max_strength_bits = SSL_CIPHER_get_bits(curr->cipher, nullptr); } curr = curr->next; } @@ -798,9 +798,9 @@ // Now find the strength_bits values actually used. curr = *head_p; - while (curr != NULL) { + while (curr != nullptr) { if (curr->active) { - number_uses[SSL_CIPHER_get_bits(curr->cipher, NULL)]++; + number_uses[SSL_CIPHER_get_bits(curr->cipher, nullptr)]++; } curr = curr->next; } @@ -1002,7 +1002,7 @@ const bool has_aes_hw, const char *rule_str, bool strict) { // Return with error if nothing to do. - if (rule_str == NULL || out_cipher_list == NULL) { + if (rule_str == nullptr || out_cipher_list == nullptr) { return false; } @@ -1109,7 +1109,7 @@ // The cipher selection for the list is done. The ciphers are added // to the resulting precedence to the STACK_OF(SSL_CIPHER). size_t num_in_group_flags = 0; - for (CIPHER_ORDER *curr = head; curr != NULL; curr = curr->next) { + for (CIPHER_ORDER *curr = head; curr != nullptr; curr = curr->next) { if (curr->active) { if (!sk_SSL_CIPHER_push(cipherstack.get(), curr->cipher)) { return false; @@ -1309,12 +1309,12 @@ return EVP_sha384(); } assert(0); - return NULL; + return nullptr; } int SSL_CIPHER_get_prf_nid(const SSL_CIPHER *cipher) { const EVP_MD *md = SSL_CIPHER_get_handshake_digest(cipher); - if (md == NULL) { + if (md == nullptr) { return NID_undef; } return EVP_MD_nid(md); @@ -1350,7 +1350,7 @@ // return the actual cipher being used const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher) { - if (cipher != NULL) { + if (cipher != nullptr) { return cipher->name; } @@ -1362,7 +1362,7 @@ } const char *SSL_CIPHER_get_kx_name(const SSL_CIPHER *cipher) { - if (cipher == NULL) { + if (cipher == nullptr) { return ""; } @@ -1398,7 +1398,7 @@ } int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *out_alg_bits) { - if (cipher == NULL) { + if (cipher == nullptr) { return 0; } @@ -1428,7 +1428,7 @@ strength_bits = 0; } - if (out_alg_bits != NULL) { + if (out_alg_bits != nullptr) { *out_alg_bits = alg_bits; } return strength_bits; @@ -1536,11 +1536,11 @@ break; } - if (buf == NULL) { + if (buf == nullptr) { len = 128; buf = (char *)OPENSSL_malloc(len); - if (buf == NULL) { - return NULL; + if (buf == nullptr) { + return nullptr; } } else if (len < 128) { return "Buffer too small"; @@ -1555,11 +1555,11 @@ return "TLSv1/SSLv3"; } -STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) { return NULL; } +STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) { return nullptr; } int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) { return 1; } -const char *SSL_COMP_get_name(const COMP_METHOD *comp) { return NULL; } +const char *SSL_COMP_get_name(const COMP_METHOD *comp) { return nullptr; } const char *SSL_COMP_get0_name(const SSL_COMP *comp) { return comp->name; }
diff --git a/ssl/ssl_file.cc b/ssl/ssl_file.cc index 5360566..e2df63d 100644 --- a/ssl/ssl_file.cc +++ b/ssl/ssl_file.cc
@@ -69,7 +69,7 @@ X509_NAME *subject = X509_get_subject_name(x509.get()); // Skip if already present in |out|. Duplicates in |to_append| will be // handled separately. - if (sk_X509_NAME_find(out, /*out_index=*/NULL, subject)) { + if (sk_X509_NAME_find(out, /*out_index=*/nullptr, subject)) { continue; }
diff --git a/ssl/ssl_lib.cc b/ssl/ssl_lib.cc index bbe428f..f64b103 100644 --- a/ssl/ssl_lib.cc +++ b/ssl/ssl_lib.cc
@@ -179,7 +179,7 @@ bool ssl_log_secret(const SSL *ssl, const char *label, Span<const uint8_t> secret) { - if (ssl->ctx->keylog_callback == NULL) { + if (ssl->ctx->keylog_callback == nullptr) { return true; } @@ -205,21 +205,21 @@ } void ssl_do_info_callback(const SSL *ssl, int type, int value) { - void (*cb)(const SSL *ssl, int type, int value) = NULL; - if (ssl->info_callback != NULL) { + void (*cb)(const SSL *ssl, int type, int value) = nullptr; + if (ssl->info_callback != nullptr) { cb = ssl->info_callback; - } else if (ssl->ctx->info_callback != NULL) { + } else if (ssl->ctx->info_callback != nullptr) { cb = ssl->ctx->info_callback; } - if (cb != NULL) { + if (cb != nullptr) { cb(ssl, type, value); } } void ssl_do_msg_callback(const SSL *ssl, int is_write, int content_type, Span<const uint8_t> in) { - if (ssl->msg_callback == NULL) { + if (ssl->msg_callback == nullptr) { return; } @@ -243,7 +243,7 @@ } OPENSSL_timeval ssl_ctx_get_current_time(const SSL_CTX *ctx) { - if (ctx->current_time_cb != NULL) { + if (ctx->current_time_cb != nullptr) { // TODO(davidben): Update current_time_cb to use OPENSSL_timeval. See // https://crbug.com/boringssl/155. struct timeval clock; @@ -269,7 +269,7 @@ } #else struct timeval clock; - gettimeofday(&clock, NULL); + gettimeofday(&clock, nullptr); if (clock.tv_sec < 0) { assert(0); return {0, 0}; @@ -422,7 +422,7 @@ } SSL_CTX *SSL_CTX_new(const SSL_METHOD *method) { - if (method == NULL) { + if (method == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_NULL_SSL_METHOD_PASSED); return nullptr; } @@ -493,7 +493,7 @@ CRYPTO_free_ex_data(&g_ex_data_class_ssl, &ex_data); // |config| refers to |this|, so we must release it earlier. config.reset(); - if (method != NULL) { + if (method != nullptr) { method->ssl_free(this); } } @@ -623,7 +623,7 @@ // If the two arguments are equal, one fewer reference is granted than // taken. - if (rbio != NULL && rbio == wbio) { + if (rbio != nullptr && rbio == wbio) { BIO_up_ref(rbio); } @@ -723,7 +723,7 @@ int SSL_do_handshake(SSL *ssl) { ssl_reset_error_state(ssl); - if (ssl->do_handshake == NULL) { + if (ssl->do_handshake == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_TYPE_NOT_SET); return -1; } @@ -753,7 +753,7 @@ } int SSL_connect(SSL *ssl) { - if (ssl->do_handshake == NULL) { + if (ssl->do_handshake == nullptr) { // Not properly initialized yet SSL_set_connect_state(ssl); } @@ -762,7 +762,7 @@ } int SSL_accept(SSL *ssl) { - if (ssl->do_handshake == NULL) { + if (ssl->do_handshake == nullptr) { // Not properly initialized yet SSL_set_accept_state(ssl); } @@ -836,7 +836,7 @@ static int ssl_read_impl(SSL *ssl) { ssl_reset_error_state(ssl); - if (ssl->do_handshake == NULL) { + if (ssl->do_handshake == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return -1; } @@ -954,7 +954,7 @@ return -1; } - if (ssl->do_handshake == NULL) { + if (ssl->do_handshake == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return -1; } @@ -989,7 +989,7 @@ int SSL_key_update(SSL *ssl, int request_type) { ssl_reset_error_state(ssl); - if (ssl->do_handshake == NULL) { + if (ssl->do_handshake == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return 0; } @@ -1015,7 +1015,7 @@ int SSL_shutdown(SSL *ssl) { ssl_reset_error_state(ssl); - if (ssl->do_handshake == NULL) { + if (ssl->do_handshake == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_UNINITIALIZED); return -1; } @@ -1118,7 +1118,7 @@ } int SSL_in_early_data(const SSL *ssl) { - if (ssl->s3->hs == NULL) { + if (ssl->s3->hs == nullptr) { return 0; } return ssl->s3->hs->in_early_data; @@ -1130,7 +1130,7 @@ void SSL_reset_early_data_reject(SSL *ssl) { SSL_HANDSHAKE *hs = ssl->s3->hs.get(); - if (hs == NULL || // + if (hs == nullptr || // hs->wait != ssl_hs_early_data_rejected) { abort(); } @@ -1391,7 +1391,7 @@ // is the client's in a full handshake and the server's for a resumption. See // https://tools.ietf.org/html/rfc5929#section-3.1. Span<const uint8_t> finished = ssl->s3->previous_client_finished; - if (ssl->session != NULL) { + if (ssl->session != nullptr) { // tls-unique is broken for resumed sessions unless EMS is used. if (!ssl->session->extended_master_secret) { return 0; @@ -1435,7 +1435,7 @@ if (!ssl->config) { assert(ssl->config); *out_len = 0; - return NULL; + return nullptr; } *out_len = ssl->config->cert->sid_ctx.size(); return ssl->config->cert->sid_ctx.data(); @@ -1446,7 +1446,7 @@ int SSL_get_rfd(const SSL *ssl) { int ret = -1; BIO *b = BIO_find_type(SSL_get_rbio(ssl), BIO_TYPE_DESCRIPTOR); - if (b != NULL) { + if (b != nullptr) { BIO_get_fd(b, &ret); } return ret; @@ -1455,7 +1455,7 @@ int SSL_get_wfd(const SSL *ssl) { int ret = -1; BIO *b = BIO_find_type(SSL_get_wbio(ssl), BIO_TYPE_DESCRIPTOR); - if (b != NULL) { + if (b != nullptr) { BIO_get_fd(b, &ret); } return ret; @@ -1464,7 +1464,7 @@ #if !defined(OPENSSL_NO_SOCK) int SSL_set_fd(SSL *ssl, int fd) { BIO *bio = BIO_new(BIO_s_socket()); - if (bio == NULL) { + if (bio == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); return 0; } @@ -1475,10 +1475,10 @@ int SSL_set_wfd(SSL *ssl, int fd) { BIO *rbio = SSL_get_rbio(ssl); - if (rbio == NULL || BIO_method_type(rbio) != BIO_TYPE_SOCKET || - BIO_get_fd(rbio, NULL) != fd) { + if (rbio == nullptr || BIO_method_type(rbio) != BIO_TYPE_SOCKET || + BIO_get_fd(rbio, nullptr) != fd) { BIO *bio = BIO_new(BIO_s_socket()); - if (bio == NULL) { + if (bio == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); return 0; } @@ -1495,10 +1495,10 @@ int SSL_set_rfd(SSL *ssl, int fd) { BIO *wbio = SSL_get_wbio(ssl); - if (wbio == NULL || BIO_method_type(wbio) != BIO_TYPE_SOCKET || - BIO_get_fd(wbio, NULL) != fd) { + if (wbio == nullptr || BIO_method_type(wbio) != BIO_TYPE_SOCKET || + BIO_get_fd(wbio, nullptr) != fd) { BIO *bio = BIO_new(BIO_s_socket()); - if (bio == NULL) { + if (bio == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_BUF_LIB); return 0; } @@ -1566,12 +1566,12 @@ } // If the initial handshake completed, query the established session. - if (ssl->s3->established_session != NULL) { + if (ssl->s3->established_session != nullptr) { return ssl->s3->established_session->extended_master_secret; } // Otherwise, query the in-progress handshake. - if (ssl->s3->hs != NULL) { + if (ssl->s3->hs != nullptr) { return ssl->s3->hs->extended_master_secret; } assert(0); @@ -1765,7 +1765,7 @@ int SSL_CTX_get_tlsext_ticket_keys(SSL_CTX *ctx, void *out, size_t len) { - if (out == NULL) { + if (out == nullptr) { return 48; } if (len != 48) { @@ -1788,7 +1788,7 @@ } int SSL_CTX_set_tlsext_ticket_keys(SSL_CTX *ctx, const void *in, size_t len) { - if (in == NULL) { + if (in == nullptr) { return 48; } if (len != 48) { @@ -1999,7 +1999,7 @@ uint16_t SSL_get_group_id(const SSL *ssl) { SSL_SESSION *session = SSL_get_session(ssl); - if (session == NULL) { + if (session == nullptr) { return 0; } @@ -2057,12 +2057,12 @@ } STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl) { - if (ssl == NULL) { - return NULL; + if (ssl == nullptr) { + return nullptr; } - if (ssl->config == NULL) { + if (ssl->config == nullptr) { assert(ssl->config); - return NULL; + return nullptr; } return ssl->config->cipher_list ? ssl->config->cipher_list->ciphers.get() @@ -2070,18 +2070,18 @@ } const char *SSL_get_cipher_list(const SSL *ssl, int n) { - if (ssl == NULL) { - return NULL; + if (ssl == nullptr) { + return nullptr; } STACK_OF(SSL_CIPHER) *sk = SSL_get_ciphers(ssl); - if (sk == NULL || n < 0 || (size_t)n >= sk_SSL_CIPHER_num(sk)) { - return NULL; + if (sk == nullptr || n < 0 || (size_t)n >= sk_SSL_CIPHER_num(sk)) { + return nullptr; } const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, n); - if (c == NULL) { - return NULL; + if (c == nullptr) { + return nullptr; } return c->name; @@ -2125,7 +2125,7 @@ const char *SSL_get_servername(const SSL *ssl, const int type) { if (type != TLSEXT_NAMETYPE_host_name) { - return NULL; + return nullptr; } // Historically, |SSL_get_servername| was also the configuration getter @@ -2138,7 +2138,7 @@ } int SSL_get_servername_type(const SSL *ssl) { - if (SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) == NULL) { + if (SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name) == nullptr) { return -1; } return TLSEXT_NAMETYPE_host_name; @@ -2188,7 +2188,7 @@ SSL_SESSION *session = SSL_get_session(ssl); if (ssl->server || !session || !session->signed_cert_timestamp_list) { *out_len = 0; - *out = NULL; + *out = nullptr; return; } @@ -2201,7 +2201,7 @@ SSL_SESSION *session = SSL_get_session(ssl); if (ssl->server || !session || !session->ocsp_response) { *out_len = 0; - *out = NULL; + *out = nullptr; return; } @@ -2520,9 +2520,9 @@ return ssl->s3->session_reused || SSL_in_early_data(ssl); } -const COMP_METHOD *SSL_get_current_compression(SSL *ssl) { return NULL; } +const COMP_METHOD *SSL_get_current_compression(SSL *ssl) { return nullptr; } -const COMP_METHOD *SSL_get_current_expansion(SSL *ssl) { return NULL; } +const COMP_METHOD *SSL_get_current_expansion(SSL *ssl) { return nullptr; } int SSL_get_server_tmp_key(SSL *ssl, EVP_PKEY **out_key) { return 0; } @@ -2574,7 +2574,7 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) { if (!ssl->config) { - return NULL; + return nullptr; } if (ssl->ctx.get() == ctx) { return ssl->ctx.get(); @@ -2583,7 +2583,7 @@ // One cannot change the X.509 callbacks during a connection. if (ssl->ctx->x509_method != ctx->x509_method) { assert(0); - return NULL; + return nullptr; } UniquePtr<CERT> new_cert = ssl_cert_dup(ctx->cert.get()); @@ -2616,7 +2616,7 @@ char *SSL_get_shared_ciphers(const SSL *ssl, char *buf, int len) { if (len <= 0) { - return NULL; + return nullptr; } buf[0] = '\0'; return buf; @@ -2696,7 +2696,8 @@ static int use_psk_identity_hint(UniquePtr<char> *out, const char *identity_hint) { - if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { + if (identity_hint != nullptr && + strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) { OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG); return 0; } @@ -2708,7 +2709,7 @@ // send either no hint (omit ServerKeyExchange) or an empty hint, while // ECDHE_PSK can only spell empty hint. Having different capabilities is odd, // so we interpret empty and missing as identical. - if (identity_hint != NULL && identity_hint[0] != '\0') { + if (identity_hint != nullptr && identity_hint[0] != '\0') { out->reset(OPENSSL_strdup(identity_hint)); if (*out == nullptr) { return 0; @@ -2730,23 +2731,23 @@ } const char *SSL_get_psk_identity_hint(const SSL *ssl) { - if (ssl == NULL) { - return NULL; + if (ssl == nullptr) { + return nullptr; } - if (ssl->config == NULL) { + if (ssl->config == nullptr) { assert(ssl->config); - return NULL; + return nullptr; } return ssl->config->psk_identity_hint.get(); } const char *SSL_get_psk_identity(const SSL *ssl) { - if (ssl == NULL) { - return NULL; + if (ssl == nullptr) { + return nullptr; } SSL_SESSION *session = SSL_get_session(ssl); - if (session == NULL) { - return NULL; + if (session == nullptr) { + return nullptr; } return session->psk_identity.get(); } @@ -2844,7 +2845,7 @@ } int SSL_in_false_start(const SSL *ssl) { - if (ssl->s3->hs == NULL) { + if (ssl->s3->hs == nullptr) { return 0; } return ssl->s3->hs->in_false_start; @@ -3040,7 +3041,7 @@ uint16_t SSL_get_peer_signature_algorithm(const SSL *ssl) { SSL_SESSION *session = SSL_get_session(ssl); - if (session == NULL) { + if (session == nullptr) { return 0; } @@ -3071,8 +3072,8 @@ const SSL_CIPHER *SSL_get_pending_cipher(const SSL *ssl) { SSL_HANDSHAKE *hs = ssl->s3->hs.get(); - if (hs == NULL) { - return NULL; + if (hs == nullptr) { + return nullptr; } return hs->new_cipher; } @@ -3145,7 +3146,7 @@ // established session to be offered the next time around. wpa_supplicant // depends on this behavior, so emulate it. UniquePtr<SSL_SESSION> session; - if (!ssl->server && ssl->s3->established_session != NULL) { + if (!ssl->server && ssl->s3->established_session != nullptr) { session = UpRef(ssl->s3->established_session); } @@ -3154,7 +3155,7 @@ // // TODO(davidben): Avoid this. unsigned mtu = 0; - if (ssl->d1 != NULL) { + if (ssl->d1 != nullptr) { mtu = ssl->d1->mtu; } @@ -3199,7 +3200,7 @@ int SSL_cache_hit(SSL *ssl) { return SSL_session_reused(ssl); } int SSL_CTX_set_tmp_ecdh(SSL_CTX *ctx, const EC_KEY *ec_key) { - if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) { + if (ec_key == nullptr || EC_KEY_get0_group(ec_key) == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -3208,7 +3209,7 @@ } int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key) { - if (ec_key == NULL || EC_KEY_get0_group(ec_key) == NULL) { + if (ec_key == nullptr || EC_KEY_get0_group(ec_key) == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; }
diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc index 41c1cb1..f0fa81a 100644 --- a/ssl/ssl_privkey.cc +++ b/ssl/ssl_privkey.cc
@@ -125,7 +125,7 @@ bool ssl_pkey_supports_algorithm(const SSL *ssl, EVP_PKEY *pkey, uint16_t sigalg, bool is_verify) { const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg); - if (alg == NULL || EVP_PKEY_id(pkey) != alg->pkey_type) { + if (alg == nullptr || EVP_PKEY_id(pkey) != alg->pkey_type) { return false; } @@ -185,13 +185,14 @@ } const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg); - const EVP_MD *digest = alg->digest_func != NULL ? alg->digest_func() : NULL; + const EVP_MD *digest = + alg->digest_func != nullptr ? alg->digest_func() : nullptr; EVP_PKEY_CTX *pctx; if (is_verify) { - if (!EVP_DigestVerifyInit(ctx, &pctx, digest, NULL, pkey)) { + if (!EVP_DigestVerifyInit(ctx, &pctx, digest, nullptr, pkey)) { return false; } - } else if (!EVP_DigestSignInit(ctx, &pctx, digest, NULL, pkey)) { + } else if (!EVP_DigestSignInit(ctx, &pctx, digest, nullptr, pkey)) { return false; } @@ -239,7 +240,7 @@ EVP_PKEY *privkey = cred->privkey.get(); assert(!hs->can_release_private_key); - if (key_method != NULL) { + if (key_method != nullptr) { enum ssl_private_key_result_t ret; if (hs->pending_private_key_op) { ret = key_method->complete(ssl, out, out_len, max_out); @@ -299,7 +300,7 @@ SSL *const ssl = hs->ssl; const SSL_CREDENTIAL *const cred = hs->credential.get(); assert(!hs->can_release_private_key); - if (cred->key_method != NULL) { + if (cred->key_method != nullptr) { enum ssl_private_key_result_t ret; if (hs->pending_private_key_op) { ret = cred->key_method->complete(ssl, out, out_len, max_out); @@ -315,7 +316,7 @@ } RSA *rsa = EVP_PKEY_get0_RSA(cred->privkey.get()); - if (rsa == NULL) { + if (rsa == nullptr) { // Decrypt operations are only supported for RSA keys. OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return ssl_private_key_failure; @@ -335,7 +336,7 @@ using namespace bssl; int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) { - if (rsa == NULL || ssl->config == NULL) { + if (rsa == nullptr || ssl->config == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -361,7 +362,7 @@ } int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) { - if (pkey == NULL || ssl->config == NULL) { + if (pkey == nullptr || ssl->config == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -378,7 +379,7 @@ } const uint8_t *p = der; - UniquePtr<EVP_PKEY> pkey(d2i_PrivateKey(type, NULL, &p, (long)der_len)); + UniquePtr<EVP_PKEY> pkey(d2i_PrivateKey(type, nullptr, &p, (long)der_len)); if (!pkey || p != der + der_len) { OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; @@ -388,7 +389,7 @@ } int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) { - if (rsa == NULL) { + if (rsa == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -414,7 +415,7 @@ } int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) { - if (pkey == NULL) { + if (pkey == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -431,7 +432,7 @@ } const uint8_t *p = der; - UniquePtr<EVP_PKEY> pkey(d2i_PrivateKey(type, NULL, &p, (long)der_len)); + UniquePtr<EVP_PKEY> pkey(d2i_PrivateKey(type, nullptr, &p, (long)der_len)); if (!pkey || p != der + der_len) { OPENSSL_PUT_ERROR(SSL, ERR_R_ASN1_LIB); return 0; @@ -502,7 +503,7 @@ } } - return NULL; + return nullptr; } size_t SSL_get_all_signature_algorithm_names(const char **out, size_t max_out) {
diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc index 01a1211..e7f52a3 100644 --- a/ssl/ssl_session.cc +++ b/ssl/ssl_session.cc
@@ -223,7 +223,7 @@ } UniquePtr<SSL_SESSION> session = ssl_session_new(ssl->ctx->x509_method); - if (session == NULL) { + if (session == nullptr) { return false; } @@ -258,7 +258,7 @@ session->verify_result = X509_V_ERR_INVALID_CALL; hs->new_session = std::move(session); - ssl_set_session(ssl, NULL); + ssl_set_session(ssl, nullptr); return true; } @@ -329,7 +329,7 @@ SSL_CTX *tctx = hs->ssl->session_ctx.get(); uint8_t iv[EVP_MAX_IV_LENGTH]; uint8_t key_name[16]; - if (tctx->ticket_key_cb != NULL) { + if (tctx->ticket_key_cb != nullptr) { int ret = tctx->ticket_key_cb(hs->ssl, key_name, iv, ctx.get(), hctx.get(), 1 /* encrypt */); if (ret < 0) { @@ -346,10 +346,10 @@ } MutexReadLock lock(&tctx->lock); if (!RAND_bytes(iv, 16) || - !EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_cbc(), NULL, + !EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_cbc(), nullptr, tctx->ticket_key_current->aes_key, iv) || !HMAC_Init_ex(hctx.get(), tctx->ticket_key_current->hmac_key, 16, - tlsext_tick_md(), NULL)) { + tlsext_tick_md(), nullptr)) { return 0; } OPENSSL_memcpy(key_name, tctx->ticket_key_current->name, 16); @@ -465,7 +465,7 @@ } bool ssl_session_is_time_valid(const SSL *ssl, const SSL_SESSION *session) { - if (session == NULL) { + if (session == nullptr) { return false; } @@ -665,7 +665,7 @@ // locked by SSL_CTX in the calling function static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *session) { - if (session->next == NULL || session->prev == NULL) { + if (session->next == nullptr || session->prev == nullptr) { return; } @@ -673,8 +673,8 @@ // last element in list if (session->prev == (SSL_SESSION *)&ctx->session_cache_head) { // only one element in list - ctx->session_cache_head = NULL; - ctx->session_cache_tail = NULL; + ctx->session_cache_head = nullptr; + ctx->session_cache_tail = nullptr; } else { ctx->session_cache_tail = session->prev; session->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail); @@ -689,15 +689,15 @@ session->prev->next = session->next; } } - session->prev = session->next = NULL; + session->prev = session->next = nullptr; } static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *session) { - if (session->next != NULL && session->prev != NULL) { + if (session->next != nullptr && session->prev != nullptr) { SSL_SESSION_list_remove(ctx, session); } - if (ctx->session_cache_head == NULL) { + if (ctx->session_cache_head == nullptr) { ctx->session_cache_head = session; ctx->session_cache_tail = session; session->prev = (SSL_SESSION *)&(ctx->session_cache_head); @@ -843,7 +843,7 @@ const uint8_t *SSL_SESSION_get_id(const SSL_SESSION *session, unsigned *out_len) { - if (out_len != NULL) { + if (out_len != nullptr) { *out_len = session->session_id.size(); } return session->session_id.data(); @@ -864,7 +864,7 @@ } uint64_t SSL_SESSION_get_time(const SSL_SESSION *session) { - if (session == NULL) { + if (session == nullptr) { // NULL should crash, but silently accept it here for compatibility. return 0; } @@ -916,7 +916,7 @@ } uint64_t SSL_SESSION_set_time(SSL_SESSION *session, uint64_t time) { - if (session == NULL) { + if (session == nullptr) { return 0; } @@ -925,7 +925,7 @@ } uint32_t SSL_SESSION_set_timeout(SSL_SESSION *session, uint32_t timeout) { - if (session == NULL) { + if (session == nullptr) { return 0; } @@ -936,7 +936,7 @@ const uint8_t *SSL_SESSION_get0_id_context(const SSL_SESSION *session, unsigned *out_len) { - if (out_len != NULL) { + if (out_len != nullptr) { *out_len = session->sid_ctx.size(); } return session->sid_ctx.data(); @@ -1061,7 +1061,7 @@ SSL_SESSION *SSL_get1_session(SSL *ssl) { SSL_SESSION *ret = SSL_get_session(ssl); - if (ret != NULL) { + if (ret != nullptr) { SSL_SESSION_up_ref(ret); } return ret; @@ -1095,7 +1095,7 @@ int SSL_set_session(SSL *ssl, SSL_SESSION *session) { // SSL_set_session may only be called before the handshake has started. if (ssl->s3->initial_handshake_complete || // - ssl->s3->hs == NULL || // + ssl->s3->hs == nullptr || // ssl->s3->hs->state != 0) { abort(); } @@ -1105,7 +1105,7 @@ } uint32_t SSL_CTX_set_timeout(SSL_CTX *ctx, uint32_t timeout) { - if (ctx == NULL) { + if (ctx == nullptr) { return 0; } @@ -1120,7 +1120,7 @@ } uint32_t SSL_CTX_get_timeout(const SSL_CTX *ctx) { - if (ctx == NULL) { + if (ctx == nullptr) { return 0; } @@ -1148,7 +1148,7 @@ SSL_SESSION_list_remove(param->ctx, session); // TODO(https://crbug.com/boringssl/251): Callbacks should not be called // under a lock. - if (param->ctx->remove_session_cb != NULL) { + if (param->ctx->remove_session_cb != nullptr) { param->ctx->remove_session_cb(param->ctx, session); } SSL_SESSION_free(session); @@ -1160,7 +1160,7 @@ tp.ctx = ctx; tp.cache = ctx->sessions; - if (tp.cache == NULL) { + if (tp.cache == nullptr) { return; } tp.time = time;
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index 659efbd..8279f75 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc
@@ -1253,12 +1253,12 @@ // Verify the SSL_SESSION also decodes with the legacy API. const uint8_t *cptr = input.data(); - session.reset(d2i_SSL_SESSION(NULL, &cptr, input.size())); + session.reset(d2i_SSL_SESSION(nullptr, &cptr, input.size())); ASSERT_TRUE(session) << "d2i_SSL_SESSION failed"; EXPECT_EQ(cptr, input.data() + input.size()); // Verify the SSL_SESSION encoding round-trips via the legacy API. - int len = i2d_SSL_SESSION(session.get(), NULL); + int len = i2d_SSL_SESSION(session.get(), nullptr); ASSERT_GT(len, 0) << "i2d_SSL_SESSION failed"; ASSERT_EQ(static_cast<size_t>(len), input.size()) << "i2d_SSL_SESSION(NULL) returned invalid length"; @@ -1650,7 +1650,7 @@ } const uint8_t *derp = CRYPTO_BUFFER_data(buffer.get()); return bssl::UniquePtr<X509>( - d2i_X509(NULL, &derp, CRYPTO_BUFFER_len(buffer.get()))); + d2i_X509(nullptr, &derp, CRYPTO_BUFFER_len(buffer.get()))); } static bssl::UniquePtr<X509> GetTestCertificate() { @@ -3838,11 +3838,11 @@ SSL_CTX_set_verify(client_ctx_.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr); - SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, NULL); + SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, nullptr); SSL_CTX_set_verify(server_ctx_.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr); - SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, NULL); + SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, nullptr); ASSERT_TRUE(Connect()); @@ -3868,8 +3868,8 @@ TEST_P(SSLVersionTest, NoPeerCertificate) { SSL_CTX_set_verify(server_ctx_.get(), SSL_VERIFY_PEER, nullptr); - SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, NULL); - SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, NULL); + SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, nullptr); + SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, nullptr); ASSERT_TRUE(Connect()); @@ -3880,7 +3880,7 @@ } TEST_P(SSLVersionTest, RetainOnlySHA256OfCerts) { - uint8_t *cert_der = NULL; + uint8_t *cert_der = nullptr; int cert_der_len = i2d_X509(cert_.get(), &cert_der); ASSERT_GE(cert_der_len, 0); bssl::UniquePtr<uint8_t> free_cert_der(cert_der); @@ -3898,8 +3898,8 @@ SSL_CTX_set_verify(server_ctx_.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr); - SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, NULL); - SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, NULL); + SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, nullptr); + SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, nullptr); SSL_CTX_set_retain_only_sha256_of_client_certs(server_ctx_.get(), 1); ASSERT_TRUE(Connect()); @@ -4149,8 +4149,9 @@ return 0; } - if (!HMAC_Init_ex(hmac_ctx, kZeros, sizeof(kZeros), EVP_sha256(), NULL) || - !EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, kZeros, iv, encrypt)) { + if (!HMAC_Init_ex(hmac_ctx, kZeros, sizeof(kZeros), EVP_sha256(), nullptr) || + !EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), nullptr, kZeros, iv, + encrypt)) { return -1; } @@ -4728,8 +4729,8 @@ SSL_CTX_set_verify(server_ctx_.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr); - SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, NULL); - SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, NULL); + SSL_CTX_set_cert_verify_callback(client_ctx_.get(), VerifySucceed, nullptr); + SSL_CTX_set_cert_verify_callback(server_ctx_.get(), VerifySucceed, nullptr); // By default, the client and server should each only send the leaf. ASSERT_TRUE(Connect());
diff --git a/ssl/ssl_transcript.cc b/ssl/ssl_transcript.cc index b51a566..6a445be 100644 --- a/ssl/ssl_transcript.cc +++ b/ssl/ssl_transcript.cc
@@ -183,7 +183,7 @@ return false; } - if (EVP_MD_CTX_md(hash_.get()) != NULL) { + if (EVP_MD_CTX_md(hash_.get()) != nullptr) { EVP_DigestUpdate(hash_.get(), in.data(), in.size()); }
diff --git a/ssl/ssl_x509.cc b/ssl/ssl_x509.cc index 8dfb104..eb749e4 100644 --- a/ssl/ssl_x509.cc +++ b/ssl/ssl_x509.cc
@@ -36,25 +36,25 @@ // installed. Calling an X509-based method on an |ssl| with a different method // will likely misbehave and possibly crash or leak memory. static void check_ssl_x509_method(const SSL *ssl) { - assert(ssl == NULL || ssl->ctx->x509_method == &ssl_crypto_x509_method); + assert(ssl == nullptr || ssl->ctx->x509_method == &ssl_crypto_x509_method); } // check_ssl_ctx_x509_method acts like |check_ssl_x509_method|, but for an // |SSL_CTX|. static void check_ssl_ctx_x509_method(const SSL_CTX *ctx) { - assert(ctx == NULL || ctx->x509_method == &ssl_crypto_x509_method); + assert(ctx == nullptr || ctx->x509_method == &ssl_crypto_x509_method); } // x509_to_buffer returns a |CRYPTO_BUFFER| that contains the serialised // contents of |x509|. static UniquePtr<CRYPTO_BUFFER> x509_to_buffer(X509 *x509) { - uint8_t *buf = NULL; + uint8_t *buf = nullptr; int cert_len = i2d_X509(x509, &buf); if (cert_len <= 0) { - return 0; + return nullptr; } - UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(buf, cert_len, NULL)); + UniquePtr<CRYPTO_BUFFER> buffer(CRYPTO_BUFFER_new(buf, cert_len, nullptr)); OPENSSL_free(buf); return buffer; @@ -371,12 +371,12 @@ X509 *SSL_get_peer_certificate(const SSL *ssl) { check_ssl_x509_method(ssl); - if (ssl == NULL) { - return NULL; + if (ssl == nullptr) { + return nullptr; } SSL_SESSION *session = SSL_get_session(ssl); - if (session == NULL || session->x509_peer == NULL) { - return NULL; + if (session == nullptr || session->x509_peer == nullptr) { + return nullptr; } X509_up_ref(session->x509_peer); return session->x509_peer; @@ -400,8 +400,8 @@ STACK_OF(X509) *SSL_get_peer_full_cert_chain(const SSL *ssl) { check_ssl_x509_method(ssl); SSL_SESSION *session = SSL_get_session(ssl); - if (session == NULL) { - return NULL; + if (session == nullptr) { + return nullptr; } return session->x509_chain; @@ -455,7 +455,7 @@ check_ssl_x509_method(ssl); if (!ssl->config) { assert(ssl->config); - return 0; + return nullptr; } return ssl->config->param; } @@ -473,7 +473,7 @@ check_ssl_x509_method(ssl); if (!ssl->config) { assert(ssl->config); - return 0; + return nullptr; } return ssl->config->verify_callback; } @@ -501,7 +501,7 @@ return; } ssl->config->verify_mode = mode; - if (callback != NULL) { + if (callback != nullptr) { ssl->config->verify_callback = callback; } } @@ -547,7 +547,7 @@ long SSL_get_verify_result(const SSL *ssl) { check_ssl_x509_method(ssl); SSL_SESSION *session = SSL_get_session(ssl); - if (session == NULL) { + if (session == nullptr) { return X509_V_ERR_INVALID_CALL; } return session->verify_result; @@ -565,7 +565,7 @@ } static int ssl_use_certificate(CERT *cert, X509 *x) { - if (x == NULL) { + if (x == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -597,7 +597,7 @@ assert(cert->x509_method); const SSL_CREDENTIAL *cred = cert->legacy_credential.get(); - if (cert->x509_leaf != NULL || cred->chain == NULL) { + if (cert->x509_leaf != nullptr || cred->chain == nullptr) { return 1; } @@ -607,13 +607,13 @@ } cert->x509_leaf = X509_parse_from_buffer(leaf); - return cert->x509_leaf != NULL; + return cert->x509_leaf != nullptr; } static X509 *ssl_cert_get0_leaf(CERT *cert) { - if (cert->x509_leaf == NULL && // + if (cert->x509_leaf == nullptr && // !ssl_cert_cache_leaf_cert(cert)) { - return NULL; + return nullptr; } return cert->x509_leaf; @@ -623,7 +623,7 @@ check_ssl_x509_method(ssl); if (!ssl->config) { assert(ssl->config); - return 0; + return nullptr; } return ssl_cert_get0_leaf(ssl->config->cert.get()); } @@ -724,7 +724,7 @@ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx) { check_ssl_ctx_x509_method(ctx); - return SSL_CTX_set0_chain(ctx, NULL); + return SSL_CTX_set0_chain(ctx, nullptr); } int SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx) { @@ -734,7 +734,7 @@ int SSL_clear_chain_certs(SSL *ssl) { check_ssl_x509_method(ssl); - return SSL_set0_chain(ssl, NULL); + return SSL_set0_chain(ssl, nullptr); } // ssl_cert_cache_chain_certs fills in |cert->x509_chain| from elements 1.. of @@ -770,7 +770,7 @@ check_ssl_ctx_x509_method(ctx); MutexWriteLock lock(const_cast<CRYPTO_MUTEX *>(&ctx->lock)); if (!ssl_cert_cache_chain_certs(ctx->cert.get())) { - *out_chain = NULL; + *out_chain = nullptr; return 0; } @@ -790,7 +790,7 @@ return 0; } if (!ssl_cert_cache_chain_certs(ssl->config->cert.get())) { - *out_chain = NULL; + *out_chain = nullptr; return 0; } @@ -802,7 +802,7 @@ uint8_t *data; size_t len; if (!BIO_read_asn1(bio, &data, &len, 1024 * 1024)) { - return 0; + return nullptr; } bssl::UniquePtr<uint8_t> free_data(data); const uint8_t *ptr = data; @@ -841,7 +841,7 @@ } for (X509_NAME *name : name_list) { - uint8_t *outp = NULL; + uint8_t *outp = nullptr; int len = i2d_X509_NAME(name, &outp); if (len < 0) { return; @@ -876,17 +876,17 @@ static STACK_OF(X509_NAME) *buffer_names_to_x509( const STACK_OF(CRYPTO_BUFFER) *names, STACK_OF(X509_NAME) **cached) { - if (names == NULL) { - return NULL; + if (names == nullptr) { + return nullptr; } - if (*cached != NULL) { + if (*cached != nullptr) { return *cached; } UniquePtr<STACK_OF(X509_NAME)> new_cache(sk_X509_NAME_new_null()); if (!new_cache) { - return NULL; + return nullptr; } for (const CRYPTO_BUFFER *buffer : names) { @@ -896,7 +896,7 @@ if (!name || inp != CRYPTO_BUFFER_data(buffer) + CRYPTO_BUFFER_len(buffer) || !PushToStack(new_cache.get(), std::move(name))) { - return NULL; + return nullptr; } } @@ -908,23 +908,23 @@ check_ssl_x509_method(ssl); if (!ssl->config) { assert(ssl->config); - return NULL; + return nullptr; } // For historical reasons, this function is used both to query configuration // state on a server as well as handshake state on a client. However, whether // |ssl| is a client or server is not known until explicitly configured with // |SSL_set_connect_state|. If |do_handshake| is NULL, |ssl| is in an // indeterminate mode and |ssl->server| is unset. - if (ssl->do_handshake != NULL && !ssl->server) { - if (ssl->s3->hs != NULL) { + if (ssl->do_handshake != nullptr && !ssl->server) { + if (ssl->s3->hs != nullptr) { return buffer_names_to_x509(ssl->s3->hs->ca_names.get(), &ssl->s3->hs->cached_x509_ca_names); } - return NULL; + return nullptr; } - if (ssl->config->client_CA != NULL) { + if (ssl->config->client_CA != nullptr) { return buffer_names_to_x509( ssl->config->client_CA.get(), (STACK_OF(X509_NAME) **)&ssl->config->cached_x509_client_CA); @@ -944,11 +944,11 @@ static int add_client_CA(UniquePtr<STACK_OF(CRYPTO_BUFFER)> *names, X509 *x509, CRYPTO_BUFFER_POOL *pool) { - if (x509 == NULL) { + if (x509 == nullptr) { return 0; } - uint8_t *outp = NULL; + uint8_t *outp = nullptr; int len = i2d_X509_NAME(X509_get_subject_name(x509), &outp); if (len < 0) { return 0; @@ -965,7 +965,7 @@ names->reset(sk_CRYPTO_BUFFER_new_null()); alloced = 1; - if (*names == NULL) { + if (*names == nullptr) { return 0; } } @@ -1012,8 +1012,8 @@ return 1; } - X509 *x509 = NULL; - EVP_PKEY *pkey = NULL; + X509 *x509 = nullptr; + EVP_PKEY *pkey = nullptr; int ret = ssl->ctx->client_cert_cb(ssl, &x509, &pkey); if (ret < 0) { return -1; @@ -1036,7 +1036,7 @@ EVP_PKEY **out_pkey)) { check_ssl_ctx_x509_method(ctx); // Emulate the old client certificate callback with the new one. - SSL_CTX_set_cert_cb(ctx, do_client_cert_cb, NULL); + SSL_CTX_set_cert_cb(ctx, do_client_cert_cb, nullptr); ctx->client_cert_cb = cb; } @@ -1045,7 +1045,7 @@ X509_STORE_free(*store_ptr); *store_ptr = new_store; - if (new_store != NULL && take_ref) { + if (new_store != nullptr && take_ref) { X509_STORE_up_ref(new_store); }
diff --git a/ssl/t1_enc.cc b/ssl/t1_enc.cc index 9b1f624..20a2158 100644 --- a/ssl/t1_enc.cc +++ b/ssl/t1_enc.cc
@@ -48,7 +48,7 @@ static bool get_key_block_lengths(const SSL *ssl, size_t *out_mac_secret_len, size_t *out_key_len, size_t *out_iv_len, const SSL_CIPHER *cipher) { - const EVP_AEAD *aead = NULL; + const EVP_AEAD *aead = nullptr; if (!ssl_cipher_get_evp_aead(&aead, out_mac_secret_len, out_iv_len, cipher, ssl_protocol_version(ssl))) { OPENSSL_PUT_ERROR(SSL, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc index 4f65f16..608f9b2 100644 --- a/ssl/test/bssl_shim.cc +++ b/ssl/test/bssl_shim.cc
@@ -222,7 +222,8 @@ // during a renegotiation. if (config->use_exporter_between_reads) { uint8_t buf; - if (!SSL_export_keying_material(ssl, &buf, 1, NULL, 0, NULL, 0, 0)) { + if (!SSL_export_keying_material(ssl, &buf, 1, nullptr, 0, nullptr, 0, + 0)) { fprintf(stderr, "failed to export keying material\n"); return -1; }
diff --git a/ssl/test/packeted_bio.cc b/ssl/test/packeted_bio.cc index b30699b..4f52aa8 100644 --- a/ssl/test/packeted_bio.cc +++ b/ssl/test/packeted_bio.cc
@@ -69,7 +69,7 @@ PacketedBio *GetData(BIO *bio) { if (BIO_method_type(bio) != PacketedBioMethodType()) { - return NULL; + return nullptr; } return static_cast<PacketedBio *>(BIO_get_data(bio)); }
diff --git a/ssl/test/test_config.cc b/ssl/test/test_config.cc index bce633a..9a7ee6a 100644 --- a/ssl/test/test_config.cc +++ b/ssl/test/test_config.cc
@@ -1006,8 +1006,9 @@ return 0; } - if (!HMAC_Init_ex(hmac_ctx, kZeros, sizeof(kZeros), EVP_sha256(), NULL) || - !EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, kZeros, iv, encrypt)) { + if (!HMAC_Init_ex(hmac_ctx, kZeros, sizeof(kZeros), EVP_sha256(), nullptr) || + !EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), nullptr, kZeros, iv, + encrypt)) { return -1; } @@ -1068,7 +1069,7 @@ } else if (async_state->pending_session) { return SSL_magic_pending_session_ptr(); } else { - return NULL; + return nullptr; } } @@ -1235,7 +1236,7 @@ return nullptr; } return bssl::UniquePtr<EVP_PKEY>( - PEM_read_bio_PrivateKey(bio.get(), NULL, NULL, NULL)); + PEM_read_bio_PrivateKey(bio.get(), nullptr, nullptr, nullptr)); } static bssl::UniquePtr<CRYPTO_BUFFER> X509ToBuffer(X509 *x509) { @@ -1326,7 +1327,7 @@ EVP_PKEY *private_key = GetPrivateKey(ssl); RSA *rsa = EVP_PKEY_get0_RSA(private_key); - if (rsa == NULL) { + if (rsa == nullptr) { fprintf(stderr, "AsyncPrivateKeyDecrypt called with incorrect key type.\n"); abort(); } @@ -2030,15 +2031,15 @@ } SSL_CTX_set_next_protos_advertised_cb(ssl_ctx.get(), - NextProtosAdvertisedCallback, NULL); + NextProtosAdvertisedCallback, nullptr); if (!select_next_proto.empty() || select_empty_next_proto) { SSL_CTX_set_next_proto_select_cb(ssl_ctx.get(), NextProtoSelectCallback, - NULL); + nullptr); } if (!select_alpn.empty() || decline_alpn || reject_alpn || select_empty_alpn) { - SSL_CTX_set_alpn_select_cb(ssl_ctx.get(), AlpnSelectCallback, NULL); + SSL_CTX_set_alpn_select_cb(ssl_ctx.get(), AlpnSelectCallback, nullptr); } SSL_CTX_set_current_time_cb(ssl_ctx.get(), CurrentTimeCallback); @@ -2056,7 +2057,8 @@ } if (!use_custom_verify_callback) { - SSL_CTX_set_cert_verify_callback(ssl_ctx.get(), CertVerifyCallback, NULL); + SSL_CTX_set_cert_verify_callback(ssl_ctx.get(), CertVerifyCallback, + nullptr); } if (!signed_cert_timestamps.empty() && @@ -2339,7 +2341,7 @@ if (use_custom_verify_callback) { SSL_set_custom_verify(ssl.get(), mode, CustomVerifyCallback); } else if (mode != SSL_VERIFY_NONE) { - SSL_set_verify(ssl.get(), mode, NULL); + SSL_set_verify(ssl.get(), mode, nullptr); } if (false_start) { SSL_set_mode(ssl.get(), SSL_MODE_ENABLE_FALSE_START); @@ -2570,7 +2572,7 @@ SSL_set_jdk11_workaround(ssl.get(), 1); } - if (session != NULL) { + if (session != nullptr) { if (!is_server) { if (SSL_set_session(ssl.get(), session) != 1) { return nullptr;
diff --git a/ssl/tls13_both.cc b/ssl/tls13_both.cc index db615e0..f41b086 100644 --- a/ssl/tls13_both.cc +++ b/ssl/tls13_both.cc
@@ -334,7 +334,7 @@ bool tls13_process_certificate_verify(SSL_HANDSHAKE *hs, const SSLMessage &msg) { SSL *const ssl = hs->ssl; - if (hs->peer_pubkey == NULL) { + if (hs->peer_pubkey == nullptr) { OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR); return false; } @@ -460,7 +460,7 @@ } } - if (hs->ocsp_stapling_requested && cred->ocsp_response != NULL) { + if (hs->ocsp_stapling_requested && cred->ocsp_response != nullptr) { CBB contents, ocsp_response; if (!CBB_add_u16(&extensions, TLSEXT_TYPE_status_request) || !CBB_add_u16_length_prefixed(&extensions, &contents) ||
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc index a664321..bc653e9 100644 --- a/ssl/tls13_client.cc +++ b/ssl/tls13_client.cc
@@ -524,7 +524,7 @@ ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR); return ssl_hs_error; } - ssl_set_session(ssl, NULL); + ssl_set_session(ssl, nullptr); // Resumption incorporates fresh key material, so refresh the timeout. ssl_session_renew_timeout(ssl, hs->new_session.get(), @@ -1149,7 +1149,7 @@ } if ((ssl->session_ctx->session_cache_mode & SSL_SESS_CACHE_CLIENT) && - ssl->session_ctx->new_session_cb != NULL && + ssl->session_ctx->new_session_cb != nullptr && ssl->session_ctx->new_session_cb(ssl, session.get())) { // |new_session_cb|'s return value signals that it took ownership. session.release();
diff --git a/ssl/tls13_enc.cc b/ssl/tls13_enc.cc index ee8a459..f94aea7 100644 --- a/ssl/tls13_enc.cc +++ b/ssl/tls13_enc.cc
@@ -98,7 +98,7 @@ // arbitrary prefix for the label instead of using the hardcoded "tls13 " // prefix. CBB cbb, child; - uint8_t *hkdf_label = NULL; + uint8_t *hkdf_label = nullptr; size_t hkdf_label_len; CBB_zero(&cbb); if (!CBB_init(&cbb,
diff --git a/ssl/tls13_server.cc b/ssl/tls13_server.cc index 185d26a..3452ea3 100644 --- a/ssl/tls13_server.cc +++ b/ssl/tls13_server.cc
@@ -375,7 +375,7 @@ // Negotiate the cipher suite. hs->new_cipher = choose_tls13_cipher(ssl, &client_hello); - if (hs->new_cipher == NULL) { + if (hs->new_cipher == nullptr) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_SHARED_CIPHER); ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); return ssl_hs_error; @@ -652,7 +652,7 @@ } } - if (ssl->ctx->dos_protection_cb != NULL && + if (ssl->ctx->dos_protection_cb != nullptr && ssl->ctx->dos_protection_cb(&client_hello) == 0) { // Connection rejected for DOS reasons. OPENSSL_PUT_ERROR(SSL, SSL_R_CONNECTION_REJECTED);
diff --git a/ssl/tls_record.cc b/ssl/tls_record.cc index fca3e85..328a2da 100644 --- a/ssl/tls_record.cc +++ b/ssl/tls_record.cc
@@ -264,7 +264,7 @@ uint8_t *out_suffix, uint8_t type, const uint8_t *in, const size_t in_len) { SSLAEADContext *aead = ssl->s3->aead_write_ctx.get(); - uint8_t *extra_in = NULL; + uint8_t *extra_in = nullptr; size_t extra_in_len = 0; if (!aead->is_null_cipher() && ssl_protocol_version(ssl) >= TLS1_3_VERSION) { // TLS 1.3 hides the actual record type inside the encrypted data.