From 23a1d5e97cd543d2b8e1b01dbf0f619b2e5ce540 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Thu, 30 Apr 2015 21:37:06 -0400 Subject: [PATCH] free NULL cleanup 7 This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: Richard Levitte --- apps/apps.c | 3 +- apps/ca.c | 6 +-- apps/dsaparam.c | 3 +- apps/ecparam.c | 18 +++---- apps/genrsa.c | 6 +-- apps/s_client.c | 12 ++--- apps/s_server.c | 3 +- crypto/asn1/a_object.c | 6 +-- crypto/bn/bn_blind.c | 20 +++----- crypto/bn/bn_depr.c | 8 ++- crypto/bn/bn_exp.c | 6 +-- crypto/bn/bn_exp2.c | 2 +- crypto/bn/bn_lib.c | 3 +- crypto/bn/bn_mod.c | 3 +- crypto/bn/bn_prime.c | 8 ++- crypto/bn/bn_print.c | 3 +- crypto/bn/bn_sqrt.c | 3 +- crypto/dh/dh_ameth.c | 3 +- crypto/dh/dh_check.c | 3 +- crypto/dh/dh_key.c | 13 ++--- crypto/dh/dh_lib.c | 21 +++----- crypto/dh/dh_pmeth.c | 9 ++-- crypto/dsa/dsa_ameth.c | 9 ++-- crypto/dsa/dsa_gen.c | 37 +++++-------- crypto/dsa/dsa_key.c | 13 ++--- crypto/dsa/dsa_lib.c | 21 +++----- crypto/dsa/dsa_ossl.c | 32 ++++-------- crypto/dsa/dsa_pmeth.c | 6 +-- crypto/ec/ec2_mult.c | 3 +- crypto/ec/ec2_oct.c | 12 ++--- crypto/ec/ec2_smpl.c | 33 ++++-------- crypto/ec/ec_ameth.c | 9 ++-- crypto/ec/ec_asn1.c | 44 ++++++---------- crypto/ec/ec_check.c | 3 +- crypto/ec/ec_curve.c | 21 +++----- crypto/ec/ec_key.c | 20 +++----- crypto/ec/ec_lib.c | 36 +++++-------- crypto/ec/ec_mult.c | 6 +-- crypto/ec/eck_prn.c | 21 +++----- crypto/ec/ecp_mont.c | 60 ++++++++-------------- crypto/ec/ecp_nist.c | 9 ++-- crypto/ec/ecp_nistp224.c | 9 ++-- crypto/ec/ecp_nistp256.c | 9 ++-- crypto/ec/ecp_nistp521.c | 9 ++-- crypto/ec/ecp_nistz256.c | 6 +-- crypto/ec/ecp_oct.c | 12 ++--- crypto/ec/ecp_smpl.c | 45 ++++++---------- crypto/ecdh/ech_ossl.c | 3 +- crypto/ecdsa/ecs_ossl.c | 35 +++++-------- crypto/objects/obj_dat.c | 6 +-- crypto/pem/pvkfmt.c | 3 +- crypto/rsa/rsa_chk.c | 18 +++---- crypto/rsa/rsa_crpt.c | 13 ++--- crypto/rsa/rsa_depr.c | 6 +-- crypto/rsa/rsa_eay.c | 77 ++++++++++------------------ crypto/rsa/rsa_gen.c | 14 ++--- crypto/rsa/rsa_lib.c | 30 ++++------- crypto/rsa/rsa_pmeth.c | 3 +- crypto/rsa/rsa_x931g.c | 13 ++--- crypto/srp/srp_lib.c | 6 +-- demos/engines/zencod/hw_zencod.c | 10 ++-- doc/crypto/BN_BLINDING_new.pod | 1 + doc/crypto/BN_CTX_new.pod | 1 + doc/crypto/BN_generate_prime.pod | 4 +- doc/crypto/BN_mod_mul_montgomery.pod | 1 + doc/crypto/BN_mod_mul_reciprocal.pod | 1 + doc/crypto/BN_new.pod | 1 + engines/ccgost/gost2001.c | 27 ++++------ engines/ccgost/gost_ameth.c | 20 ++++---- engines/ccgost/gost_sign.c | 30 ++++------- engines/e_cswift.c | 16 +++--- engines/e_ubsec.c | 40 +-------------- ssl/tls_srp.c | 12 ++--- test/bntest.c | 33 ++++-------- test/dhtest.c | 3 +- test/dsatest.c | 3 +- test/ecdhtest.c | 18 +++---- test/ecdsatest.c | 12 ++--- test/ectest.c | 6 +-- test/ssltest.c | 6 +-- 80 files changed, 385 insertions(+), 734 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 904629b2f1..d68594ab27 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1532,6 +1532,7 @@ int rand_serial(BIGNUM *b, ASN1_INTEGER *ai) { BIGNUM *btmp; int ret = 0; + if (b) btmp = b; else @@ -1549,7 +1550,7 @@ int rand_serial(BIGNUM *b, ASN1_INTEGER *ai) error: - if (!b) + if (btmp != b) BN_free(btmp); return ret; diff --git a/apps/ca.c b/apps/ca.c index bc7c3fd2dd..b703b425ae 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1289,10 +1289,8 @@ end_of_options: if (!save_serial(crlnumberfile, "new", crlnumber, NULL)) goto end; - if (crlnumber) { - BN_free(crlnumber); - crlnumber = NULL; - } + BN_free(crlnumber); + crlnumber = NULL; if (!do_X509_CRL_sign(crl, pkey, dgst, sigopts)) goto end; diff --git a/apps/dsaparam.c b/apps/dsaparam.c index afc8a82b01..62d5fe7a41 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -328,8 +328,7 @@ int dsaparam_main(int argc, char **argv) app_RAND_write_file(NULL); ret = 0; end: - if (cb != NULL) - BN_GENCB_free(cb); + BN_GENCB_free(cb); BIO_free(in); BIO_free_all(out); DSA_free(dsa); diff --git a/apps/ecparam.c b/apps/ecparam.c index 5b39e83cd8..082df260ab 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -483,18 +483,12 @@ int ecparam_main(int argc, char **argv) ret = 0; end: - if (ec_p) - BN_free(ec_p); - if (ec_a) - BN_free(ec_a); - if (ec_b) - BN_free(ec_b); - if (ec_gen) - BN_free(ec_gen); - if (ec_order) - BN_free(ec_order); - if (ec_cofactor) - BN_free(ec_cofactor); + BN_free(ec_p); + BN_free(ec_a); + BN_free(ec_b); + BN_free(ec_gen); + BN_free(ec_order); + BN_free(ec_cofactor); if (buffer) OPENSSL_free(buffer); BIO_free(in); diff --git a/apps/genrsa.c b/apps/genrsa.c index 7d0466aaf9..a3c00d871e 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -214,10 +214,8 @@ int genrsa_main(int argc, char **argv) ret = 0; end: - if (bn) - BN_free(bn); - if (cb) - BN_GENCB_free(cb); + BN_free(bn); + BN_GENCB_free(cb); RSA_free(rsa); BIO_free_all(out); if (passout) diff --git a/apps/s_client.c b/apps/s_client.c index e7e66849d1..8d8340d311 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -241,8 +241,7 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, if (!ret) { BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", psk_key); - if (bn) - BN_free(bn); + BN_free(bn); return 0; } @@ -320,12 +319,9 @@ static int srp_Verify_N_and_g(const BIGNUM *N, const BIGNUM *g) BN_mod_exp(r, g, p, N, bn_ctx) && BN_add_word(r, 1) && BN_cmp(r, N) == 0; - if (r) - BN_free(r); - if (p) - BN_free(p); - if (bn_ctx) - BN_CTX_free(bn_ctx); + BN_free(r); + BN_free(p); + BN_CTX_free(bn_ctx); return ret; } diff --git a/apps/s_server.c b/apps/s_server.c index ef32d5a9b0..a616b64a11 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -315,8 +315,7 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity, if (!ret) { BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", psk_key); - if (bn) - BN_free(bn); + BN_free(bn); return 0; } if (BN_num_bytes(bn) > (int)max_psk_len) { diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 2b5a4940fe..1e76122192 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -201,14 +201,12 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) } if (tmp != ftmp) OPENSSL_free(tmp); - if (bl) - BN_free(bl); + BN_free(bl); return (len); err: if (tmp != ftmp) OPENSSL_free(tmp); - if (bl) - BN_free(bl); + BN_free(bl); return (0); } diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index f045904f76..659638bc45 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -166,8 +166,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) CRYPTO_THREADID_current(&ret->tid); return (ret); err: - if (ret != NULL) - BN_BLINDING_free(ret); + BN_BLINDING_free(ret); return (NULL); } @@ -176,14 +175,10 @@ void BN_BLINDING_free(BN_BLINDING *r) if (r == NULL) return; - if (r->A != NULL) - BN_free(r->A); - if (r->Ai != NULL) - BN_free(r->Ai); - if (r->e != NULL) - BN_free(r->e); - if (r->mod != NULL) - BN_free(r->mod); + BN_free(r->A); + BN_free(r->Ai); + BN_free(r->e); + BN_free(r->mod); OPENSSL_free(r); } @@ -331,8 +326,7 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, goto err; if (e != NULL) { - if (ret->e != NULL) - BN_free(ret->e); + BN_free(ret->e); ret->e = BN_dup(e); } if (ret->e == NULL) @@ -374,7 +368,7 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, return ret; err: - if (b == NULL && ret != NULL) { + if (b == NULL) { BN_BLINDING_free(ret); ret = NULL; } diff --git a/crypto/bn/bn_depr.c b/crypto/bn/bn_depr.c index 34895f5982..bc15f8317e 100644 --- a/crypto/bn/bn_depr.c +++ b/crypto/bn/bn_depr.c @@ -73,7 +73,6 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, { BN_GENCB cb; BIGNUM *rnd = NULL; - int found = 0; BN_GENCB_set_old(&cb, callback, cb_arg); @@ -86,11 +85,10 @@ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, goto err; /* we have a prime :-) */ - found = 1; + return ret; err: - if (!found && (ret == NULL) && (rnd != NULL)) - BN_free(rnd); - return (found ? rnd : NULL); + BN_free(rnd); + return NULL; } int BN_is_prime(const BIGNUM *a, int checks, diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index 153a970d05..28c36931a9 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -564,7 +564,7 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, goto err; ret = 1; err: - if ((in_mont == NULL) && (mont != NULL)) + if (in_mont == NULL) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); bn_check_top(rr); @@ -1127,7 +1127,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, goto err; ret = 1; err: - if ((in_mont == NULL) && (mont != NULL)) + if (in_mont == NULL) BN_MONT_CTX_free(mont); if (powerbuf != NULL) { OPENSSL_cleanse(powerbuf, powerbufLen); @@ -1277,7 +1277,7 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, } ret = 1; err: - if ((in_mont == NULL) && (mont != NULL)) + if (in_mont == NULL) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); bn_check_top(rr); diff --git a/crypto/bn/bn_exp2.c b/crypto/bn/bn_exp2.c index 43fd2044c0..e36c23bc33 100644 --- a/crypto/bn/bn_exp2.c +++ b/crypto/bn/bn_exp2.c @@ -295,7 +295,7 @@ int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, goto err; ret = 1; err: - if ((in_mont == NULL) && (mont != NULL)) + if (in_mont == NULL) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); bn_check_top(rr); diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index 9cffba8b47..2c5e2b26f8 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -541,8 +541,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) i = ((n - 1) / BN_BYTES) + 1; m = ((n - 1) % (BN_BYTES)); if (bn_wexpand(ret, (int)i) == NULL) { - if (bn) - BN_free(bn); + BN_free(bn); return NULL; } ret->top = i; diff --git a/crypto/bn/bn_mod.c b/crypto/bn/bn_mod.c index e0ed47816a..e4763ff2c6 100644 --- a/crypto/bn/bn_mod.c +++ b/crypto/bn/bn_mod.c @@ -254,8 +254,7 @@ int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m)); bn_check_top(r); - if (abs_m) - BN_free(abs_m); + BN_free(abs_m); return ret; } diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 2a7822ef1d..ebfcd97e6c 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -285,10 +285,9 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, /* we have a prime :-) */ found = 1; err: - if (ctx != NULL) { + if (ctx != NULL) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); bn_check_top(ret); return found; } @@ -397,8 +396,7 @@ int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed, if (ctx_passed == NULL) BN_CTX_free(ctx); } - if (mont != NULL) - BN_MONT_CTX_free(mont); + BN_MONT_CTX_free(mont); return (ret); } diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c index 9b03240e6d..8b59e78916 100644 --- a/crypto/bn/bn_print.c +++ b/crypto/bn/bn_print.c @@ -158,8 +158,7 @@ char *BN_bn2dec(const BIGNUM *a) err: if (bn_data != NULL) OPENSSL_free(bn_data); - if (t != NULL) - BN_free(t); + BN_free(t); if (!ok && buf) { OPENSSL_free(buf); buf = NULL; diff --git a/crypto/bn/bn_sqrt.c b/crypto/bn/bn_sqrt.c index 232af99a21..ab691b79aa 100644 --- a/crypto/bn/bn_sqrt.c +++ b/crypto/bn/bn_sqrt.c @@ -398,9 +398,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) end: if (err) { - if (ret != NULL && ret != in) { + if (ret != in) BN_clear_free(ret); - } ret = NULL; } BN_CTX_end(ctx); diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index f3abe0774f..6a4223c167 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -463,8 +463,7 @@ static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src) return 0; } else a = NULL; - if (*dst) - BN_free(*dst); + BN_free(*dst); *dst = a; return 1; } diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index 7a8e063fc8..b8b3890d9e 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -159,7 +159,6 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) ok = 1; err: - if (q != NULL) - BN_free(q); + BN_free(q); return (ok); } diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 9e2c8b26e6..e2f48b142d 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -172,12 +172,10 @@ static int generate_key(DH *dh) prk = priv_key; if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) { - if (local_prk) - BN_free(local_prk); + BN_free(local_prk); goto err; } - if (local_prk) - BN_free(local_prk); + BN_free(local_prk); } dh->pub_key = pub_key; @@ -187,9 +185,9 @@ static int generate_key(DH *dh) if (ok != 1) DHerr(DH_F_GENERATE_KEY, ERR_R_BN_LIB); - if ((pub_key != NULL) && (dh->pub_key == NULL)) + if (pub_key != dh->pub_key) BN_free(pub_key); - if ((priv_key != NULL) && (dh->priv_key == NULL)) + if (priv_key != dh->priv_key) BN_free(priv_key); BN_CTX_free(ctx); return (ok); @@ -273,7 +271,6 @@ static int dh_init(DH *dh) static int dh_finish(DH *dh) { - if (dh->method_mont_p) - BN_MONT_CTX_free(dh->method_mont_p); + BN_MONT_CTX_free(dh->method_mont_p); return (1); } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 68a54a6fd2..74bad4dfcf 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -194,22 +194,15 @@ void DH_free(DH *r) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); - if (r->p != NULL) - BN_clear_free(r->p); - if (r->g != NULL) - BN_clear_free(r->g); - if (r->q != NULL) - BN_clear_free(r->q); - if (r->j != NULL) - BN_clear_free(r->j); + BN_clear_free(r->p); + BN_clear_free(r->g); + BN_clear_free(r->q); + BN_clear_free(r->j); if (r->seed) OPENSSL_free(r->seed); - if (r->counter != NULL) - BN_clear_free(r->counter); - if (r->pub_key != NULL) - BN_clear_free(r->pub_key); - if (r->priv_key != NULL) - BN_clear_free(r->priv_key); + BN_clear_free(r->counter); + BN_clear_free(r->pub_key); + BN_clear_free(r->priv_key); OPENSSL_free(r); } diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index e3ebc0201d..069b855aa0 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -383,8 +383,7 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) if (dctx->use_dsa) { DSA *dsa_dh; dsa_dh = dsa_dh_generate(dctx, pcb); - if (pcb) - BN_GENCB_free(pcb); + BN_GENCB_free(pcb); if (!dsa_dh) return 0; dh = DSA_dup_DH(dsa_dh); @@ -397,14 +396,12 @@ static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) #endif dh = DH_new(); if (!dh) { - if (pcb) - BN_GENCB_free(pcb); + BN_GENCB_free(pcb); return 0; } ret = DH_generate_parameters_ex(dh, dctx->prime_len, dctx->generator, pcb); - if (pcb) - BN_GENCB_free(pcb); + BN_GENCB_free(pcb); if (ret) EVP_PKEY_assign_DH(pkey, dh); else diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 76fc2ce8c6..e26ca848dc 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -366,20 +366,17 @@ static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) if ((a = BN_dup(from->pkey.dsa->p)) == NULL) return 0; - if (to->pkey.dsa->p != NULL) - BN_free(to->pkey.dsa->p); + BN_free(to->pkey.dsa->p); to->pkey.dsa->p = a; if ((a = BN_dup(from->pkey.dsa->q)) == NULL) return 0; - if (to->pkey.dsa->q != NULL) - BN_free(to->pkey.dsa->q); + BN_free(to->pkey.dsa->q); to->pkey.dsa->q = a; if ((a = BN_dup(from->pkey.dsa->g)) == NULL) return 0; - if (to->pkey.dsa->g != NULL) - BN_free(to->pkey.dsa->g); + BN_free(to->pkey.dsa->g); to->pkey.dsa->g = a; return 1; } diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 3506bc3dd1..1827de8d0b 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -326,12 +326,9 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, ok = 1; err: if (ok) { - if (ret->p) - BN_free(ret->p); - if (ret->q) - BN_free(ret->q); - if (ret->g) - BN_free(ret->g); + BN_free(ret->p); + BN_free(ret->q); + BN_free(ret->g); ret->p = BN_dup(p); ret->q = BN_dup(q); ret->g = BN_dup(g); @@ -346,12 +343,10 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits, if (seed_out) memcpy(seed_out, seed, qsize); } - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (mont != NULL) - BN_MONT_CTX_free(mont); + BN_CTX_free(ctx); + BN_MONT_CTX_free(mont); return ok; } @@ -631,17 +626,14 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, err: if (ok == 1) { if (p != ret->p) { - if (ret->p) - BN_free(ret->p); + BN_free(ret->p); ret->p = BN_dup(p); } if (q != ret->q) { - if (ret->q) - BN_free(ret->q); + BN_free(ret->q); ret->q = BN_dup(q); } - if (ret->g) - BN_free(ret->g); + BN_free(ret->g); ret->g = BN_dup(g); if (ret->p == NULL || ret->q == NULL || ret->g == NULL) { ok = -1; @@ -656,12 +648,10 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N, OPENSSL_free(seed); if (seed_out != seed_tmp) OPENSSL_free(seed_tmp); - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (mont != NULL) - BN_MONT_CTX_free(mont); + BN_CTX_free(ctx); + BN_MONT_CTX_free(mont); EVP_MD_CTX_cleanup(&mctx); return ok; } @@ -696,8 +686,7 @@ int dsa_paramgen_check_g(DSA *dsa) rv = 0; err: BN_CTX_end(ctx); - if (mont) - BN_MONT_CTX_free(mont); + BN_MONT_CTX_free(mont); BN_CTX_free(ctx); return rv; diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index 1c05b0f80d..ff01deca4a 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -111,12 +111,10 @@ static int dsa_builtin_keygen(DSA *dsa) prk = priv_key; if (!BN_mod_exp(pub_key, dsa->g, prk, dsa->p, ctx)) { - if (local_prk != NULL) - BN_free(local_prk); + BN_free(local_prk); goto err; } - if (local_prk != NULL) - BN_free(local_prk); + BN_free(local_prk); } dsa->priv_key = priv_key; @@ -124,11 +122,10 @@ static int dsa_builtin_keygen(DSA *dsa) ok = 1; err: - if ((pub_key != NULL) && (dsa->pub_key == NULL)) + if (pub_key != dsa->pub_key) BN_free(pub_key); - if ((priv_key != NULL) && (dsa->priv_key == NULL)) + if (priv_key != dsa->priv_key) BN_free(priv_key); - if (ctx != NULL) - BN_CTX_free(ctx); + BN_CTX_free(ctx); return (ok); } diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index 5cf1824897..aec1b3639c 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -202,20 +202,13 @@ void DSA_free(DSA *r) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data); - if (r->p != NULL) - BN_clear_free(r->p); - if (r->q != NULL) - BN_clear_free(r->q); - if (r->g != NULL) - BN_clear_free(r->g); - if (r->pub_key != NULL) - BN_clear_free(r->pub_key); - if (r->priv_key != NULL) - BN_clear_free(r->priv_key); - if (r->kinv != NULL) - BN_clear_free(r->kinv); - if (r->r != NULL) - BN_clear_free(r->r); + BN_clear_free(r->p); + BN_clear_free(r->q); + BN_clear_free(r->g); + BN_clear_free(r->pub_key); + BN_clear_free(r->priv_key); + BN_clear_free(r->kinv); + BN_clear_free(r->r); OPENSSL_free(r); } diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 325eac479b..cd63211c86 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -214,12 +214,10 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) BN_free(r); BN_free(s); } - if (ctx != NULL) - BN_CTX_free(ctx); + BN_CTX_free(ctx); BN_clear_free(m); BN_clear_free(xr); - if (kinv != NULL) /* dsa->kinv is NULL now if we used it */ - BN_clear_free(kinv); + BN_clear_free(kinv); return (ret); } @@ -313,21 +311,18 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, if ((kinv = BN_mod_inverse(NULL, k, dsa->q, ctx)) == NULL) goto err; - if (*kinvp != NULL) - BN_clear_free(*kinvp); + BN_clear_free(*kinvp); *kinvp = kinv; kinv = NULL; - if (*rp != NULL) - BN_clear_free(*rp); + BN_clear_free(*rp); *rp = r; ret = 1; err: if (!ret) { DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB); - if (r != NULL) - BN_clear_free(r); + BN_clear_free(r); } - if (ctx_in == NULL) + if (ctx != ctx_in) BN_CTX_free(ctx); BN_clear_free(k); BN_clear_free(kq); @@ -422,14 +417,10 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, err: if (ret < 0) DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB); - if (ctx != NULL) - BN_CTX_free(ctx); - if (u1) - BN_free(u1); - if (u2) - BN_free(u2); - if (t1) - BN_free(t1); + BN_CTX_free(ctx); + BN_free(u1); + BN_free(u2); + BN_free(t1); return (ret); } @@ -441,7 +432,6 @@ static int dsa_init(DSA *dsa) static int dsa_finish(DSA *dsa) { - if (dsa->method_mont_p) - BN_MONT_CTX_free(dsa->method_mont_p); + BN_MONT_CTX_free(dsa->method_mont_p); return (1); } diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c index 6a47047031..c119209ab2 100644 --- a/crypto/dsa/dsa_pmeth.c +++ b/crypto/dsa/dsa_pmeth.c @@ -253,14 +253,12 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) pcb = NULL; dsa = DSA_new(); if (!dsa) { - if (pcb) - BN_GENCB_free(pcb); + BN_GENCB_free(pcb); return 0; } ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd, NULL, 0, NULL, NULL, NULL, pcb); - if (pcb) - BN_GENCB_free(pcb); + BN_GENCB_free(pcb); if (ret) EVP_PKEY_assign_DSA(pkey, dsa); else diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c index 635c0a55f1..2049dc57f8 100644 --- a/crypto/ec/ec2_mult.c +++ b/crypto/ec/ec2_mult.c @@ -439,8 +439,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, err: EC_POINT_free(p); EC_POINT_free(acc); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } diff --git a/crypto/ec/ec2_oct.c b/crypto/ec/ec2_oct.c index 614c371f86..821c371009 100644 --- a/crypto/ec/ec2_oct.c +++ b/crypto/ec/ec2_oct.c @@ -160,8 +160,7 @@ int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -278,15 +277,13 @@ size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, if (used_ctx) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; err: if (used_ctx) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return 0; } @@ -396,8 +393,7 @@ int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } #endif diff --git a/crypto/ec/ec2_smpl.c b/crypto/ec/ec2_smpl.c index c1fb63d94d..d6a41a46bf 100644 --- a/crypto/ec/ec2_smpl.c +++ b/crypto/ec/ec2_smpl.c @@ -135,12 +135,9 @@ int ec_GF2m_simple_group_init(EC_GROUP *group) group->b = BN_new(); if (!group->field || !group->a || !group->b) { - if (group->field) - BN_free(group->field); - if (group->a) - BN_free(group->a); - if (group->b) - BN_free(group->b); + BN_free(group->field); + BN_free(group->a); + BN_free(group->b); return 0; } return 1; @@ -318,8 +315,7 @@ int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *group, err: if (ctx != NULL) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -331,12 +327,9 @@ int ec_GF2m_simple_point_init(EC_POINT *point) point->Z = BN_new(); if (!point->X || !point->Y || !point->Z) { - if (point->X) - BN_free(point->X); - if (point->Y) - BN_free(point->Y); - if (point->Z) - BN_free(point->Z); + BN_free(point->X); + BN_free(point->Y); + BN_free(point->Z); return 0; } return 1; @@ -569,8 +562,7 @@ int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -663,8 +655,7 @@ int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, err: if (ctx) BN_CTX_end(ctx); - if (new_ctx) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -716,8 +707,7 @@ int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a, err: if (ctx) BN_CTX_end(ctx); - if (new_ctx) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -758,8 +748,7 @@ int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point, err: if (ctx) BN_CTX_end(ctx); - if (new_ctx) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 6b34be38d7..0554c209e5 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -500,12 +500,9 @@ static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) err: if (!ret) ECerr(EC_F_DO_EC_KEY_PRINT, reason); - if (pub_key) - BN_free(pub_key); - if (order) - BN_free(order); - if (ctx) - BN_CTX_free(ctx); + BN_free(pub_key); + BN_free(order); + BN_CTX_free(ctx); if (buffer != NULL) OPENSSL_free(buffer); return (ret); diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 36dcb969c4..5976a2fba3 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -421,8 +421,8 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) ok = 1; - err:if (tmp) - BN_free(tmp); + err: + BN_free(tmp); return (ok); } @@ -524,21 +524,19 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) ok = 1; - err:if (buffer_1) + err: + if (buffer_1) OPENSSL_free(buffer_1); if (buffer_2) OPENSSL_free(buffer_2); - if (tmp_1) - BN_free(tmp_1); - if (tmp_2) - BN_free(tmp_2); + BN_free(tmp_1); + BN_free(tmp_2); return (ok); } static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group, ECPARAMETERS *param) { - int ok = 0; size_t len = 0; ECPARAMETERS *ret = NULL; BIGNUM *tmp = NULL; @@ -624,18 +622,15 @@ static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group, } } - ok = 1; + return ret; - err:if (!ok) { - if (ret && !param) - ECPARAMETERS_free(ret); - ret = NULL; - } - if (tmp) - BN_free(tmp); + err: + if (!param) + ECPARAMETERS_free(ret); + BN_free(tmp); if (buffer) OPENSSL_free(buffer); - return (ret); + return NULL; } ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, @@ -891,10 +886,8 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) /* extract the cofactor (optional) */ if (params->cofactor == NULL) { - if (b) { - BN_free(b); - b = NULL; - } + BN_free(b); + b = NULL; } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) { ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); goto err; @@ -913,12 +906,9 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) ret = NULL; } - if (p) - BN_free(p); - if (a) - BN_free(a); - if (b) - BN_free(b); + BN_free(p); + BN_free(a); + BN_free(b); EC_POINT_free(point); return (ret); } diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c index 422ca87cc6..1d44ad2283 100644 --- a/crypto/ec/ec_check.c +++ b/crypto/ec/ec_check.c @@ -112,8 +112,7 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) err: if (ctx != NULL) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); EC_POINT_free(point); return ret; } diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index d79637d9e5..8bba3bcb83 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3115,20 +3115,13 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) group = NULL; } EC_POINT_free(P); - if (ctx) - BN_CTX_free(ctx); - if (p) - BN_free(p); - if (a) - BN_free(a); - if (b) - BN_free(b); - if (order) - BN_free(order); - if (x) - BN_free(x); - if (y) - BN_free(y); + BN_CTX_free(ctx); + BN_free(p); + BN_free(a); + BN_free(b); + BN_free(order); + BN_free(x); + BN_free(y); return group; } diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index dbd91d6f69..4c588e83aa 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -122,8 +122,7 @@ void EC_KEY_free(EC_KEY *r) EC_GROUP_free(r->group); EC_POINT_free(r->pub_key); - if (r->priv_key != NULL) - BN_clear_free(r->priv_key); + BN_clear_free(r->priv_key); EC_EX_DATA_free_all_data(&r->method_data); @@ -266,14 +265,12 @@ int EC_KEY_generate_key(EC_KEY *eckey) ok = 1; err: - if (order) - BN_free(order); + BN_free(order); if (eckey->pub_key == NULL) EC_POINT_free(pub_key); - if (priv_key != NULL && eckey->priv_key == NULL) + if (eckey->priv_key != priv_key) BN_free(priv_key); - if (ctx != NULL) - BN_CTX_free(ctx); + BN_CTX_free(ctx); return (ok); } @@ -339,8 +336,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) } ok = 1; err: - if (ctx != NULL) - BN_CTX_free(ctx); + BN_CTX_free(ctx); EC_POINT_free(point); return (ok); } @@ -413,8 +409,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, ok = 1; err: - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); EC_POINT_free(point); return ok; @@ -439,8 +434,7 @@ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key) int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) { - if (key->priv_key) - BN_clear_free(key->priv_key); + BN_clear_free(key->priv_key); key->priv_key = BN_dup(priv_key); return (key->priv_key == NULL) ? 0 : 1; } diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index b2a5d79710..1f51f74aa9 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -117,10 +117,8 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) return ret; err: - if (ret->order) - BN_free(ret->order); - if (ret->cofactor) - BN_free(ret->cofactor); + BN_free(ret->order); + BN_free(ret->cofactor); OPENSSL_free(ret); return NULL; } @@ -135,8 +133,7 @@ void EC_GROUP_free(EC_GROUP *group) EC_EX_DATA_free_all_data(&group->extra_data); - if (group->mont_data) - BN_MONT_CTX_free(group->mont_data); + BN_MONT_CTX_free(group->mont_data); EC_POINT_free(group->generator); BN_free(group->order); @@ -160,8 +157,7 @@ void EC_GROUP_clear_free(EC_GROUP *group) EC_EX_DATA_clear_free_all_data(&group->extra_data); - if (group->mont_data) - BN_MONT_CTX_free(group->mont_data); + BN_MONT_CTX_free(group->mont_data); EC_POINT_clear_free(group->generator); BN_clear_free(group->order); @@ -208,10 +204,8 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) return 0; } else { /* src->generator == NULL */ - if (dest->mont_data != NULL) { - BN_MONT_CTX_free(dest->mont_data); - dest->mont_data = NULL; - } + BN_MONT_CTX_free(dest->mont_data); + dest->mont_data = NULL; } if (src->generator != NULL) { @@ -507,8 +501,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) b3 = BN_CTX_get(ctx); if (!b3) { BN_CTX_end(ctx); - if (ctx_new) - BN_CTX_free(ctx); + BN_CTX_free(ctx_new); return -1; } @@ -535,8 +528,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) !EC_GROUP_get_cofactor(a, a2, ctx) || !EC_GROUP_get_cofactor(b, b2, ctx)) { BN_CTX_end(ctx); - if (ctx_new) - BN_CTX_free(ctx); + BN_CTX_free(ctx_new); return -1; } if (BN_cmp(a1, b1) || BN_cmp(a2, b2)) @@ -544,8 +536,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) } BN_CTX_end(ctx); - if (ctx_new) - BN_CTX_free(ctx); + BN_CTX_free(ctx_new); return r; } @@ -1093,10 +1084,8 @@ int ec_precompute_mont_data(EC_GROUP *group) BN_CTX *ctx = BN_CTX_new(); int ret = 0; - if (group->mont_data) { - BN_MONT_CTX_free(group->mont_data); - group->mont_data = NULL; - } + BN_MONT_CTX_free(group->mont_data); + group->mont_data = NULL; if (ctx == NULL) goto err; @@ -1115,7 +1104,6 @@ int ec_precompute_mont_data(EC_GROUP *group) err: - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); return ret; } diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 6dabfc8d99..b4723fb5d5 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -553,8 +553,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, ret = 1; err: - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); EC_POINT_free(tmp); if (wsize != NULL) OPENSSL_free(wsize); @@ -746,8 +745,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) err: if (ctx != NULL) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); if (pre_comp) ec_pre_comp_free(pre_comp); if (points) { diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c index e1f5b69c76..6eb529138a 100644 --- a/crypto/ec/eck_prn.c +++ b/crypto/ec/eck_prn.c @@ -318,20 +318,13 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) err: if (!ret) ECerr(EC_F_ECPKPARAMETERS_PRINT, reason); - if (p) - BN_free(p); - if (a) - BN_free(a); - if (b) - BN_free(b); - if (gen) - BN_free(gen); - if (order) - BN_free(order); - if (cofactor) - BN_free(cofactor); - if (ctx) - BN_CTX_free(ctx); + BN_free(p); + BN_free(a); + BN_free(b); + BN_free(gen); + BN_free(order); + BN_free(cofactor); + BN_CTX_free(ctx); if (buffer != NULL) OPENSSL_free(buffer); return (ret); diff --git a/crypto/ec/ecp_mont.c b/crypto/ec/ecp_mont.c index bc9fd4759c..af914aa597 100644 --- a/crypto/ec/ecp_mont.c +++ b/crypto/ec/ecp_mont.c @@ -122,40 +122,28 @@ int ec_GFp_mont_group_init(EC_GROUP *group) void ec_GFp_mont_group_finish(EC_GROUP *group) { - if (group->field_data1 != NULL) { - BN_MONT_CTX_free(group->field_data1); - group->field_data1 = NULL; - } - if (group->field_data2 != NULL) { - BN_free(group->field_data2); - group->field_data2 = NULL; - } + BN_MONT_CTX_free(group->field_data1); + group->field_data1 = NULL; + BN_free(group->field_data2); + group->field_data2 = NULL; ec_GFp_simple_group_finish(group); } void ec_GFp_mont_group_clear_finish(EC_GROUP *group) { - if (group->field_data1 != NULL) { - BN_MONT_CTX_free(group->field_data1); - group->field_data1 = NULL; - } - if (group->field_data2 != NULL) { - BN_clear_free(group->field_data2); - group->field_data2 = NULL; - } + BN_MONT_CTX_free(group->field_data1); + group->field_data1 = NULL; + BN_clear_free(group->field_data2); + group->field_data2 = NULL; ec_GFp_simple_group_clear_finish(group); } int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src) { - if (dest->field_data1 != NULL) { - BN_MONT_CTX_free(dest->field_data1); - dest->field_data1 = NULL; - } - if (dest->field_data2 != NULL) { - BN_clear_free(dest->field_data2); - dest->field_data2 = NULL; - } + BN_MONT_CTX_free(dest->field_data1); + dest->field_data1 = NULL; + BN_clear_free(dest->field_data2); + dest->field_data2 = NULL; if (!ec_GFp_simple_group_copy(dest, src)) return 0; @@ -176,10 +164,8 @@ int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src) return 1; err: - if (dest->field_data1 != NULL) { - BN_MONT_CTX_free(dest->field_data1); - dest->field_data1 = NULL; - } + BN_MONT_CTX_free(dest->field_data1); + dest->field_data1 = NULL; return 0; } @@ -191,14 +177,10 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, BIGNUM *one = NULL; int ret = 0; - if (group->field_data1 != NULL) { - BN_MONT_CTX_free(group->field_data1); - group->field_data1 = NULL; - } - if (group->field_data2 != NULL) { - BN_free(group->field_data2); - group->field_data2 = NULL; - } + BN_MONT_CTX_free(group->field_data1); + group->field_data1 = NULL; + BN_free(group->field_data2); + group->field_data2 = NULL; if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); @@ -234,10 +216,8 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, } err: - if (new_ctx != NULL) - BN_CTX_free(new_ctx); - if (mont != NULL) - BN_MONT_CTX_free(mont); + BN_CTX_free(new_ctx); + BN_MONT_CTX_free(mont); return ret; } diff --git a/crypto/ec/ecp_nist.c b/crypto/ec/ecp_nist.c index 814051985c..2efb69e8e6 100644 --- a/crypto/ec/ecp_nist.c +++ b/crypto/ec/ecp_nist.c @@ -150,8 +150,7 @@ int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -176,8 +175,7 @@ int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, ret = 1; err: - if (ctx_new) - BN_CTX_free(ctx_new); + BN_CTX_free(ctx_new); return ret; } @@ -202,7 +200,6 @@ int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, ret = 1; err: - if (ctx_new) - BN_CTX_free(ctx_new); + BN_CTX_free(ctx_new); return ret; } diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index a5e76f41b9..fdcf450331 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -1291,8 +1291,7 @@ int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p, ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -1573,8 +1572,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r, err: BN_CTX_end(ctx); EC_POINT_free(generator); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); if (secrets != NULL) OPENSSL_free(secrets); if (pre_comp != NULL) @@ -1709,8 +1707,7 @@ int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx) err: BN_CTX_end(ctx); EC_POINT_free(generator); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); nistp224_pre_comp_free(pre); return ret; } diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index 6fce22eb61..d03bf15d8c 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -1906,8 +1906,7 @@ int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -2193,8 +2192,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, err: BN_CTX_end(ctx); EC_POINT_free(generator); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); if (secrets != NULL) OPENSSL_free(secrets); if (pre_comp != NULL) @@ -2339,8 +2337,7 @@ int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx) err: BN_CTX_end(ctx); EC_POINT_free(generator); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); nistp256_pre_comp_free(pre); return ret; } diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index 8657a8ff05..1069214f6b 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -1735,8 +1735,7 @@ int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p, ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -2021,8 +2020,7 @@ int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r, err: BN_CTX_end(ctx); EC_POINT_free(generator); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); if (secrets != NULL) OPENSSL_free(secrets); if (pre_comp != NULL) @@ -2137,8 +2135,7 @@ int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx) err: BN_CTX_end(ctx); EC_POINT_free(generator); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); nistp521_pre_comp_free(pre); return ret; } diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index 417c29a682..ae1fcddc10 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -1121,10 +1121,8 @@ __owur static int ecp_nistz256_set_from_affine(EC_POINT *out, const EC_GROUP *gr ret = EC_POINT_set_affine_coordinates_GFp(group, out, x, y, ctx); - if (x) - BN_free(x); - if (y) - BN_free(y); + BN_free(x); + BN_free(y); return ret; } diff --git a/crypto/ec/ecp_oct.c b/crypto/ec/ecp_oct.c index be309cd80a..a68b559bc0 100644 --- a/crypto/ec/ecp_oct.c +++ b/crypto/ec/ecp_oct.c @@ -202,8 +202,7 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -312,15 +311,13 @@ size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point, if (used_ctx) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; err: if (used_ctx) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return 0; } @@ -422,7 +419,6 @@ int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } diff --git a/crypto/ec/ecp_smpl.c b/crypto/ec/ecp_smpl.c index 2d42d34f51..df7314a73a 100644 --- a/crypto/ec/ecp_smpl.c +++ b/crypto/ec/ecp_smpl.c @@ -225,8 +225,7 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -271,8 +270,7 @@ int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, ret = 1; err: - if (new_ctx) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -350,8 +348,7 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) err: if (ctx != NULL) BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -363,12 +360,9 @@ int ec_GFp_simple_point_init(EC_POINT *point) point->Z_is_one = 0; if (!point->X || !point->Y || !point->Z) { - if (point->X) - BN_free(point->X); - if (point->Y) - BN_free(point->Y); - if (point->Z) - BN_free(point->Z); + BN_free(point->X); + BN_free(point->Y); + BN_free(point->Z); return 0; } return 1; @@ -466,8 +460,7 @@ int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group, ret = 1; err: - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -516,8 +509,7 @@ int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group, ret = 1; err: - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -649,8 +641,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -836,8 +827,7 @@ int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, end: if (ctx) /* otherwise we already called BN_CTX_end */ BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -979,8 +969,7 @@ int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -1097,8 +1086,7 @@ int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -1206,8 +1194,7 @@ int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, end: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -1246,8 +1233,7 @@ int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); return ret; } @@ -1398,8 +1384,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, err: BN_CTX_end(ctx); - if (new_ctx != NULL) - BN_CTX_free(new_ctx); + BN_CTX_free(new_ctx); if (prod_Z != NULL) { for (i = 0; i < num; i++) { if (prod_Z[i] == NULL) diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c index b8ccf5a719..6297706a2a 100644 --- a/crypto/ecdh/ech_ossl.c +++ b/crypto/ecdh/ech_ossl.c @@ -205,8 +205,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_POINT_free(tmp); if (ctx) BN_CTX_end(ctx); - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); if (buf) OPENSSL_free(buf); return (ret); diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c index ce2973df20..27266e9173 100644 --- a/crypto/ecdsa/ecs_ossl.c +++ b/crypto/ecdsa/ecs_ossl.c @@ -223,28 +223,22 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, } /* clear old values if necessary */ - if (*rp != NULL) - BN_clear_free(*rp); - if (*kinvp != NULL) - BN_clear_free(*kinvp); + BN_clear_free(*rp); + BN_clear_free(*kinvp); /* save the pre-computed values */ *rp = r; *kinvp = k; ret = 1; err: if (!ret) { - if (k != NULL) - BN_clear_free(k); - if (r != NULL) - BN_clear_free(r); + BN_clear_free(k); + BN_clear_free(r); } - if (ctx_in == NULL) + if (ctx != ctx_in) BN_CTX_free(ctx); - if (order != NULL) - BN_free(order); + BN_free(order); EC_POINT_free(tmp_point); - if (X) - BN_clear_free(X); + BN_clear_free(X); return (ret); } @@ -351,16 +345,11 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSA_SIG_free(ret); ret = NULL; } - if (ctx) - BN_CTX_free(ctx); - if (m) - BN_clear_free(m); - if (tmp) - BN_clear_free(tmp); - if (order) - BN_free(order); - if (kinv) - BN_clear_free(kinv); + BN_CTX_free(ctx); + BN_clear_free(m); + BN_clear_free(tmp); + BN_free(order); + BN_clear_free(kinv); return ret; } diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c index 376169c484..46c4f878d1 100644 --- a/crypto/objects/obj_dat.c +++ b/crypto/objects/obj_dat.c @@ -589,13 +589,11 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) } } - if (bl) - BN_free(bl); + BN_free(bl); return n; err: - if (bl) - BN_free(bl); + BN_free(bl); return -1; } diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 8ac9348efe..b44912bc50 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -337,8 +337,7 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length, PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE); DSA_free(dsa); EVP_PKEY_free(ret); - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); return NULL; } diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 51c1fa33e5..fa300a2e76 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -203,17 +203,11 @@ int RSA_check_key_ex(const RSA *key, BN_GENCB *cb) } err: - if (i != NULL) - BN_free(i); - if (j != NULL) - BN_free(j); - if (k != NULL) - BN_free(k); - if (l != NULL) - BN_free(l); - if (m != NULL) - BN_free(m); - if (ctx != NULL) - BN_CTX_free(ctx); + BN_free(i); + BN_free(j); + BN_free(k); + BN_free(l); + BN_free(m); + BN_CTX_free(ctx); return (ret); } diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c index 052f42c620..f5f29e0e28 100644 --- a/crypto/rsa/rsa_crpt.c +++ b/crypto/rsa/rsa_crpt.c @@ -100,10 +100,8 @@ int RSA_flags(const RSA *r) void RSA_blinding_off(RSA *rsa) { - if (rsa->blinding != NULL) { - BN_BLINDING_free(rsa->blinding); - rsa->blinding = NULL; - } + BN_BLINDING_free(rsa->blinding); + rsa->blinding = NULL; rsa->flags &= ~RSA_FLAG_BLINDING; rsa->flags |= RSA_FLAG_NO_BLINDING; } @@ -213,12 +211,11 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret)); err: BN_CTX_end(ctx); - if (in_ctx == NULL) + if (ctx != in_ctx) BN_CTX_free(ctx); - if (rsa->e == NULL) + if (e != rsa->e) BN_free(e); - if (local_n) - BN_free(local_n); + BN_free(local_n); return ret; } diff --git a/crypto/rsa/rsa_depr.c b/crypto/rsa/rsa_depr.c index 8da6ec1238..042b2b72d5 100644 --- a/crypto/rsa/rsa_depr.c +++ b/crypto/rsa/rsa_depr.c @@ -99,11 +99,9 @@ RSA *RSA_generate_key(int bits, unsigned long e_value, return rsa; } err: - if (e) - BN_free(e); + BN_free(e); RSA_free(rsa); - if (cb) - BN_GENCB_free(cb); + BN_GENCB_free(cb); return 0; } #endif diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 49c157a842..5b8e21b7a5 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -239,10 +239,9 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, r = num; err: - if (ctx != NULL) { + if (ctx != NULL) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); OPENSSL_clear_free(buf, num); return (r); } @@ -434,19 +433,16 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) if (!BN_MONT_CTX_set_locked (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) { - if (local_d) - BN_free(local_d); + BN_free(local_d); goto err; } if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx, rsa->_method_mod_n)) { - if (local_d) - BN_free(local_d); + BN_free(local_d); goto err; } - if (local_d) - BN_free(local_d); + BN_free(local_d); } if (blinding) @@ -473,10 +469,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, r = num; err: - if (ctx != NULL) { + if (ctx != NULL) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); OPENSSL_clear_free(buf, num); return (r); } @@ -570,18 +565,15 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) if (!BN_MONT_CTX_set_locked (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) { - if (local_d) - BN_free(local_d); + BN_free(local_d); goto err; } if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx, rsa->_method_mod_n)) { - if (local_d) - BN_free(local_d); + BN_free(local_d); goto err; } - if (local_d) - BN_free(local_d); + BN_free(local_d); } if (blinding) @@ -612,10 +604,9 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED); err: - if (ctx != NULL) { + if (ctx != NULL) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); OPENSSL_clear_free(buf, num); return (r); } @@ -712,10 +703,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_PADDING_CHECK_FAILED); err: - if (ctx != NULL) { + if (ctx != NULL) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); OPENSSL_clear_free(buf, num); return (r); } @@ -769,17 +759,13 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) (&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx) || !BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx)) { - if (local_p) - BN_free(local_p); - if (local_q) - BN_free(local_q); + BN_free(local_p); + BN_free(local_q); goto err; } } - if (local_p) - BN_free(local_p); - if (local_q) - BN_free(local_q); + BN_free(local_p); + BN_free(local_q); } if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) @@ -900,25 +886,19 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) d = rsa->d; if (!rsa->meth->bn_mod_exp(r0, I, d, rsa->n, ctx, rsa->_method_mod_n)) { - if (local_d) - BN_free(local_d); + BN_free(local_d); goto err; } - if (local_d) - BN_free(local_d); + BN_free(local_d); } } ret = 1; err: - if (local_dmp1) - BN_free(local_dmp1); - if (local_dmq1) - BN_free(local_dmq1); - if (local_c) - BN_free(local_c); - if (local_r1) - BN_free(local_r1); + BN_free(local_dmp1); + BN_free(local_dmq1); + BN_free(local_c); + BN_free(local_r1); BN_CTX_end(ctx); return (ret); } @@ -931,12 +911,9 @@ static int RSA_eay_init(RSA *rsa) static int RSA_eay_finish(RSA *rsa) { - if (rsa->_method_mod_n != NULL) - BN_MONT_CTX_free(rsa->_method_mod_n); - if (rsa->_method_mod_p != NULL) - BN_MONT_CTX_free(rsa->_method_mod_p); - if (rsa->_method_mod_q != NULL) - BN_MONT_CTX_free(rsa->_method_mod_q); + BN_MONT_CTX_free(rsa->_method_mod_n); + BN_MONT_CTX_free(rsa->_method_mod_p); + BN_MONT_CTX_free(rsa->_method_mod_q); return (1); } diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index ae9c2d4dd7..ec2e18ee3c 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -227,20 +227,16 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, ok = 1; err: - if (local_r0) - BN_free(local_r0); - if (local_d) - BN_free(local_d); - if (local_p) - BN_free(local_p); + BN_free(local_r0); + BN_free(local_d); + BN_free(local_p); if (ok == -1) { RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, ERR_LIB_BN); ok = 0; } - if (ctx != NULL) { + if (ctx != NULL) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); return ok; } diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 1430d5b0f3..d8a9132148 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -223,26 +223,16 @@ void RSA_free(RSA *r) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data); - if (r->n != NULL) - BN_clear_free(r->n); - if (r->e != NULL) - BN_clear_free(r->e); - if (r->d != NULL) - BN_clear_free(r->d); - if (r->p != NULL) - BN_clear_free(r->p); - if (r->q != NULL) - BN_clear_free(r->q); - if (r->dmp1 != NULL) - BN_clear_free(r->dmp1); - if (r->dmq1 != NULL) - BN_clear_free(r->dmq1); - if (r->iqmp != NULL) - BN_clear_free(r->iqmp); - if (r->blinding != NULL) - BN_BLINDING_free(r->blinding); - if (r->mt_blinding != NULL) - BN_BLINDING_free(r->mt_blinding); + BN_clear_free(r->n); + BN_clear_free(r->e); + BN_clear_free(r->d); + BN_clear_free(r->p); + BN_clear_free(r->q); + BN_clear_free(r->dmp1); + BN_clear_free(r->dmq1); + BN_clear_free(r->iqmp); + BN_BLINDING_free(r->blinding); + BN_BLINDING_free(r->mt_blinding); OPENSSL_free_locked(r->bignum_data); OPENSSL_free(r); } diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 91dc668ce7..866dd1601e 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -160,8 +160,7 @@ static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx) { RSA_PKEY_CTX *rctx = ctx->data; if (rctx) { - if (rctx->pub_exp) - BN_free(rctx->pub_exp); + BN_free(rctx->pub_exp); if (rctx->tbuf) OPENSSL_free(rctx->tbuf); if (rctx->oaep_label) diff --git a/crypto/rsa/rsa_x931g.c b/crypto/rsa/rsa_x931g.c index 5991615784..e158c6d443 100644 --- a/crypto/rsa/rsa_x931g.c +++ b/crypto/rsa/rsa_x931g.c @@ -179,12 +179,10 @@ int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, ret = 1; err: - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (ctx2) - BN_CTX_free(ctx2); + BN_CTX_free(ctx); + BN_CTX_free(ctx2); return ret; @@ -234,10 +232,9 @@ int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, ok = 1; error: - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); if (ok) return 1; diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c index 9e1de740c1..7a47acd039 100644 --- a/crypto/srp/srp_lib.c +++ b/crypto/srp/srp_lib.c @@ -228,8 +228,7 @@ BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g) BN_CTX *bn_ctx; BIGNUM *A = NULL; - if (a == NULL || N == NULL || g == NULL || - (bn_ctx = BN_CTX_new()) == NULL) + if (a == NULL || N == NULL || g == NULL || (bn_ctx = BN_CTX_new()) == NULL) return NULL; if ((A = BN_new()) != NULL && !BN_mod_exp(A, g, a, N, bn_ctx)) { @@ -252,7 +251,8 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x, if ((tmp = BN_new()) == NULL || (tmp2 = BN_new()) == NULL || - (tmp3 = BN_new()) == NULL || (K = BN_new()) == NULL) + (tmp3 = BN_new()) == NULL || + (K = BN_new()) == NULL) goto err; if (!BN_mod_exp(tmp, g, x, N, bn_ctx)) diff --git a/demos/engines/zencod/hw_zencod.c b/demos/engines/zencod/hw_zencod.c index 1c76284544..d675ace926 100644 --- a/demos/engines/zencod/hw_zencod.c +++ b/demos/engines/zencod/hw_zencod.c @@ -946,10 +946,8 @@ static DSA_SIG *DSA_zencod_do_sign(const unsigned char *dgst, int dlen, return sig; FAILED: - if (bn_r) - BN_free(bn_r); - if (bn_s) - BN_free(bn_s); + BN_free(bn_r); + BN_free(bn_s); return NULL; } @@ -1083,9 +1081,9 @@ static int DH_zencod_generate_key(DH *dh) return 1; FAILED: - if (!dh->priv_key && bn_prv) + if (!dh->priv_key) BN_free(bn_prv); - if (!dh->pub_key && bn_pub) + if (!dh->pub_key) BN_free(bn_pub); return 0; diff --git a/doc/crypto/BN_BLINDING_new.pod b/doc/crypto/BN_BLINDING_new.pod index 06d7ea20a3..f8102ba765 100644 --- a/doc/crypto/BN_BLINDING_new.pod +++ b/doc/crypto/BN_BLINDING_new.pod @@ -41,6 +41,7 @@ BN_BLINDING_new() allocates a new B structure and copies the B and B values into the newly created B object. BN_BLINDING_free() frees the B structure. +If B is NULL, nothing is done. BN_BLINDING_update() updates the B parameters by squaring the B and B or, after specific number of uses and if the diff --git a/doc/crypto/BN_CTX_new.pod b/doc/crypto/BN_CTX_new.pod index e86a72ad3c..5da8433637 100644 --- a/doc/crypto/BN_CTX_new.pod +++ b/doc/crypto/BN_CTX_new.pod @@ -27,6 +27,7 @@ created by BN_CTX_new(), also the structure itself. If L has been used on the B, L must be called before the B may be freed by BN_CTX_free(). +If B is NULL, nothing is done. =head1 RETURN VALUES diff --git a/doc/crypto/BN_generate_prime.pod b/doc/crypto/BN_generate_prime.pod index f5b05e8328..858eb0fcd7 100644 --- a/doc/crypto/BN_generate_prime.pod +++ b/doc/crypto/BN_generate_prime.pod @@ -111,8 +111,8 @@ B structure that are supported: "new" style and "old" style. New programs should prefer the "new" style, whilst the "old" style is provided for backwards compatibility purposes. -A BN_GENCB structure should be created through a call to BN_GENCB_new, and freed -through a call to BN_GENCB_free. +A BN_GENCB structure should be created through a call to BN_GENCB_new(), +and freed through a call to BN_GENCB_free(). For "new" style callbacks a BN_GENCB structure should be initialised with a call to BN_GENCB_set(), where B is a B, B is of diff --git a/doc/crypto/BN_mod_mul_montgomery.pod b/doc/crypto/BN_mod_mul_montgomery.pod index 51687488ce..d637e17d4c 100644 --- a/doc/crypto/BN_mod_mul_montgomery.pod +++ b/doc/crypto/BN_mod_mul_montgomery.pod @@ -41,6 +41,7 @@ BN_MONT_CTX_copy() copies the B I to I. BN_MONT_CTX_free() frees the components of the B, and, if it was created by BN_MONT_CTX_new(), also the structure itself. +If B is NULL, nothing is done. BN_mod_mul_montgomery() computes Mont(I,I):=I*I*R^-1 and places the result in I. diff --git a/doc/crypto/BN_mod_mul_reciprocal.pod b/doc/crypto/BN_mod_mul_reciprocal.pod index cd4b728f47..7a7d503c83 100644 --- a/doc/crypto/BN_mod_mul_reciprocal.pod +++ b/doc/crypto/BN_mod_mul_reciprocal.pod @@ -34,6 +34,7 @@ BN_RECP_CTX_init() initializes an existing uninitialized B. BN_RECP_CTX_free() frees the components of the B, and, if it was created by BN_RECP_CTX_new(), also the structure itself. +If B is NULL, nothing is done. BN_RECP_CTX_set() stores B in B and sets it up for computing 1/B and shifting it left by BN_num_bits(B)+1 to make it an diff --git a/doc/crypto/BN_new.pod b/doc/crypto/BN_new.pod index 61743e37fe..fa157d3c83 100644 --- a/doc/crypto/BN_new.pod +++ b/doc/crypto/BN_new.pod @@ -27,6 +27,7 @@ to the value 0. BN_free() frees the components of the B, and if it was created by BN_new(), also the structure itself. BN_clear_free() additionally overwrites the data before the memory is returned to the system. +If B is NULL, nothing is done. =head1 RETURN VALUES diff --git a/engines/ccgost/gost2001.c b/engines/ccgost/gost2001.c index 83cc693f75..5490a5d760 100644 --- a/engines/ccgost/gost2001.c +++ b/engines/ccgost/gost2001.c @@ -111,10 +111,9 @@ int fill_GOST2001_params(EC_KEY *eckey, int nid) err: if (P) EC_POINT_free(P); if (grp) EC_GROUP_free(grp); - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); return ok; } @@ -241,15 +240,13 @@ DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) ret = newsig; err: - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); if (C) EC_POINT_free(C); - if (md) BN_free(md); - if (!ret && newsig) { + BN_free(md); + if (!ret) DSA_SIG_free(newsig); - } return ret; } @@ -365,11 +362,10 @@ int gost2001_do_verify(const unsigned char *dgst, int dgst_len, } err: if (C) EC_POINT_free(C); - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (md) BN_free(md); + BN_CTX_free(ctx); + BN_free(md); return ok; } @@ -418,10 +414,9 @@ int gost2001_compute_public(EC_KEY *ec) ok = 256; err: if (pub_key) EC_POINT_free(pub_key); - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); return ok; } diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c index b1615bfa6c..0b694f5cf1 100644 --- a/engines/ccgost/gost_ameth.c +++ b/engines/ccgost/gost_ameth.c @@ -525,12 +525,14 @@ static int param_copy_gost94(EVP_PKEY *to, const EVP_PKEY *from) dto = DSA_new(); EVP_PKEY_assign(to, EVP_PKEY_base_id(from), dto); } -#define COPYBIGNUM(a,b,x) if (a->x) BN_free(a->x); a->x=BN_dup(b->x); - COPYBIGNUM(dto, dfrom, p) - COPYBIGNUM(dto, dfrom, q) - COPYBIGNUM(dto, dfrom, g) - - if (dto->priv_key) + BN_free(dto->p); + dto->p = BN_dup(dfrom->p); + BN_free(dto->q); + dto->q = BN_dup(dfrom->q); + BN_free(dto->g); + dto->g = BN_dup(dfrom->g); + + if (dto->priv_key) gost94_compute_public(dto); return 1; } @@ -758,10 +760,8 @@ static int pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk) Y = BN_new(); if (!X || !Y) { GOSTerr(GOST_F_PUB_ENCODE_GOST01, ERR_R_MALLOC_FAILURE); - if (X) - BN_free(X); - if (Y) - BN_free(Y); + BN_free(X); + BN_free(Y); BN_free(order); return 0; } diff --git a/engines/ccgost/gost_sign.c b/engines/ccgost/gost_sign.c index c2516ead0e..543c399688 100644 --- a/engines/ccgost/gost_sign.c +++ b/engines/ccgost/gost_sign.c @@ -114,13 +114,11 @@ DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) ret = newsig; err: BN_free(md); - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (!ret && newsig) { + BN_CTX_free(ctx); + if (!ret) DSA_SIG_free(newsig); - } return ret; } @@ -214,13 +212,11 @@ int gost_do_verify(const unsigned char *dgst, int dgst_len, GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH); } err: - if (md) - BN_free(md); - if (ctx) { + BN_free(md); + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - return ok; + BN_CTX_free(ctx); + return (ok == 0); } /* @@ -268,19 +264,13 @@ int fill_GOST94_params(DSA *dsa, int nid) return 0; } #define dump_signature(a,b,c) - if (dsa->p) { - BN_free(dsa->p); - } + BN_free(dsa->p); dsa->p = NULL; BN_dec2bn(&(dsa->p), params->p); - if (dsa->q) { - BN_free(dsa->q); - } + BN_free(dsa->q); dsa->q = NULL; BN_dec2bn(&(dsa->q), params->q); - if (dsa->g) { - BN_free(dsa->g); - } + BN_free(dsa->g); dsa->g = NULL; BN_dec2bn(&(dsa->g), params->a); return 1; diff --git a/engines/e_cswift.c b/engines/e_cswift.c index adab4d4188..848d10f018 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -717,10 +717,8 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, OPENSSL_free(sw_param.up.crt.dmq1.value); if (sw_param.up.crt.iqmp.value) OPENSSL_free(sw_param.up.crt.iqmp.value); - if (result) - BN_free(result); - if (argument) - BN_free(argument); + BN_free(result); + BN_free(argument); if (acquired) release_context(hac); return to_return; @@ -877,10 +875,9 @@ static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa) err: if (acquired) release_context(hac); - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); return to_return; } @@ -980,10 +977,9 @@ static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len, err: if (acquired) release_context(hac); - if (ctx) { + if (ctx) BN_CTX_end(ctx); - BN_CTX_free(ctx); - } + BN_CTX_free(ctx); return to_return; } # endif diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c index 6f09ffb965..9e2662e981 100644 --- a/engines/e_ubsec.c +++ b/engines/e_ubsec.c @@ -680,40 +680,6 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } # endif -# ifndef OPENSSL_NO_DSA -# ifdef NOT_USED -static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, - BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont) -{ - BIGNUM t; - int to_return = 0; - - BN_init(&t); - /* let rr = a1 ^ p1 mod m */ - if (!ubsec_mod_exp(rr, a1, p1, m, ctx)) - goto end; - /* let t = a2 ^ p2 mod m */ - if (!ubsec_mod_exp(&t, a2, p2, m, ctx)) - goto end; - /* let rr = rr * t mod m */ - if (!BN_mod_mul(rr, rr, &t, m, ctx)) - goto end; - to_return = 1; - end: - BN_free(&t); - return to_return; -} - -static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return ubsec_mod_exp(r, a, p, m, ctx); -} -# endif -# endif - # ifndef OPENSSL_NO_RSA /* @@ -825,10 +791,8 @@ static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen, err: if (!to_return) { - if (r) - BN_free(r); - if (s) - BN_free(s); + BN_free(r); + BN_free(s); } BN_clear_free(&m); return to_return; diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 5d895ccab3..5445f3cbe3 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -273,14 +273,10 @@ int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, return -1; s->srp_ctx.N = BN_dup(GN->N); s->srp_ctx.g = BN_dup(GN->g); - if (s->srp_ctx.v != NULL) { - BN_clear_free(s->srp_ctx.v); - s->srp_ctx.v = NULL; - } - if (s->srp_ctx.s != NULL) { - BN_clear_free(s->srp_ctx.s); - s->srp_ctx.s = NULL; - } + BN_clear_free(s->srp_ctx.v); + s->srp_ctx.v = NULL; + BN_clear_free(s->srp_ctx.s); + s->srp_ctx.s = NULL; if (!SRP_create_verifier_BN (user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g)) return -1; diff --git a/test/bntest.c b/test/bntest.c index 521858ae16..7aaefc58e5 100644 --- a/test/bntest.c +++ b/test/bntest.c @@ -761,14 +761,10 @@ int test_sqr(BIO *bp, BN_CTX *ctx) } ret = 1; err: - if (a != NULL) - BN_free(a); - if (c != NULL) - BN_free(c); - if (d != NULL) - BN_free(d); - if (e != NULL) - BN_free(e); + BN_free(a); + BN_free(c); + BN_free(d); + BN_free(e); return ret; } @@ -1669,14 +1665,10 @@ int test_kron(BIO *bp, BN_CTX *ctx) fflush(stderr); ret = 1; err: - if (a != NULL) - BN_free(a); - if (b != NULL) - BN_free(b); - if (r != NULL) - BN_free(r); - if (t != NULL) - BN_free(t); + BN_free(a); + BN_free(b); + BN_free(r); + BN_free(t); return ret; } @@ -1764,12 +1756,9 @@ int test_sqrt(BIO *bp, BN_CTX *ctx) } ret = 1; err: - if (a != NULL) - BN_free(a); - if (p != NULL) - BN_free(p); - if (r != NULL) - BN_free(r); + BN_free(a); + BN_free(p); + BN_free(r); return ret; } diff --git a/test/dhtest.c b/test/dhtest.c index 35bd298a87..8f71723b31 100644 --- a/test/dhtest.c +++ b/test/dhtest.c @@ -201,8 +201,7 @@ int main(int argc, char *argv[]) OPENSSL_free(bbuf); DH_free(b); DH_free(a); - if (_cb) - BN_GENCB_free(_cb); + BN_GENCB_free(_cb); BIO_free(out); # ifdef OPENSSL_SYS_NETWARE if (ret) diff --git a/test/dsatest.c b/test/dsatest.c index a5d40f1eb6..e138c64147 100644 --- a/test/dsatest.c +++ b/test/dsatest.c @@ -212,8 +212,7 @@ int main(int argc, char **argv) if (!ret) ERR_print_errors(bio_err); DSA_free(dsa); - if (cb != NULL) - BN_GENCB_free(cb); + BN_GENCB_free(cb); CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); ERR_free_strings(); diff --git a/test/ecdhtest.c b/test/ecdhtest.c index 5c451e52be..af124764c8 100644 --- a/test/ecdhtest.c +++ b/test/ecdhtest.c @@ -282,14 +282,10 @@ static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out) OPENSSL_free(abuf); if (bbuf != NULL) OPENSSL_free(bbuf); - if (x_a) - BN_free(x_a); - if (y_a) - BN_free(y_a); - if (x_b) - BN_free(x_b); - if (y_b) - BN_free(y_b); + BN_free(x_a); + BN_free(y_a); + BN_free(x_b); + BN_free(y_b); EC_KEY_free(b); EC_KEY_free(a); return (ret); @@ -390,8 +386,7 @@ static EC_KEY *mk_eckey(int nid, const unsigned char *p, size_t plen) goto err; ok = 1; err: - if (priv) - BN_clear_free(priv); + BN_clear_free(priv); EC_POINT_free(pub); if (ok) return k; @@ -526,8 +521,7 @@ int main(int argc, char *argv[]) err: ERR_print_errors_fp(stderr); - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); BIO_free(out); CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); diff --git a/test/ecdsatest.c b/test/ecdsatest.c index 3a455b4747..1eeaabaa04 100644 --- a/test/ecdsatest.c +++ b/test/ecdsatest.c @@ -243,15 +243,11 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) EC_KEY_free(key); if (signature) ECDSA_SIG_free(signature); - if (r) - BN_free(r); - if (s) - BN_free(s); + BN_free(r); + BN_free(s); EVP_MD_CTX_cleanup(&md_ctx); - if (kinv) - BN_clear_free(kinv); - if (rp) - BN_clear_free(rp); + BN_clear_free(kinv); + BN_clear_free(rp); return ret; } diff --git a/test/ectest.c b/test/ectest.c index 79ec21f820..7320d3dfe4 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -851,8 +851,7 @@ static void prime_field_tests(void) BN_free(scalar3); } - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); BN_free(p); BN_free(a); BN_free(b); @@ -1326,8 +1325,7 @@ static void char2_field_tests(void) fprintf(stdout, " ok\n\n"); } - if (ctx) - BN_CTX_free(ctx); + BN_CTX_free(ctx); BN_free(p); BN_free(a); BN_free(b); diff --git a/test/ssltest.c b/test/ssltest.c index a716c3c05f..311fbc9d61 100644 --- a/test/ssltest.c +++ b/test/ssltest.c @@ -2939,8 +2939,7 @@ static RSA *tmp_rsa_cb(SSL *s, int is_export, int keylength) end: printf("\n"); } - if (bn) - BN_free(bn); + BN_free(bn); return (rsa_tmp); } @@ -3106,8 +3105,7 @@ static int psk_key2bn(const char *pskkey, unsigned char *psk, if (!ret) { BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n", pskkey); - if (bn) - BN_free(bn); + BN_free(bn); return 0; } if (BN_num_bytes(bn) > (int)max_psk_len) { -- 2.25.1