[PATCH v2 07/19] rsatoc: cleanup error handling

mail archive of the barebox mailing list
 help / color / mirror / Atom feed

From: Sascha Hauer <s.hauer@pengutronix.de>
To: Barebox List <barebox@lists.infradead.org>
Subject: [PATCH v2 07/19] rsatoc: cleanup error handling
Date: Thu,  1 Aug 2024 07:57:25 +0200	[thread overview]
Message-ID: <20240801055737.3190132-8-s.hauer@pengutronix.de> (raw)
In-Reply-To: <20240801055737.3190132-1-s.hauer@pengutronix.de>

- In case of an error bail out immediately instead of continuing and
  just return an error at the end
- explicitly set 'ret' right before going to the cleanup label which
  makes the code more readable

Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 scripts/rsatoc.c | 58 +++++++++++++++++++++++++++++++++---------------
 1 file changed, 40 insertions(+), 18 deletions(-)

diff --git a/scripts/rsatoc.c b/scripts/rsatoc.c
index 0faf41bca2..22f0318298 100644
--- a/scripts/rsatoc.c
+++ b/scripts/rsatoc.c
@@ -167,15 +167,16 @@ static int rsa_get_exponent(RSA *key, uint64_t *e)
 	const BIGNUM *key_e;
 	uint64_t te;
 
-	ret = -EINVAL;
 	bn_te = NULL;
 
 	if (!e)
 		goto cleanup;
 
 	RSA_get0_key(key, NULL, &key_e, NULL);
-	if (BN_num_bits(key_e) > 64)
+	if (BN_num_bits(key_e) > 64) {
+		ret = -EINVAL;
 		goto cleanup;
+	}
 
 	*e = BN_get_word(key_e);
 
@@ -185,14 +186,20 @@ static int rsa_get_exponent(RSA *key, uint64_t *e)
 	}
 
 	bn_te = BN_dup(key_e);
-	if (!bn_te)
+	if (!bn_te) {
+		ret = -EINVAL;
 		goto cleanup;
+	}
 
-	if (!BN_rshift(bn_te, bn_te, 32))
+	if (!BN_rshift(bn_te, bn_te, 32)) {
+		ret = -EINVAL;
 		goto cleanup;
+	}
 
-	if (!BN_mask_bits(bn_te, 32))
+	if (!BN_mask_bits(bn_te, 32)) {
+		ret = -EINVAL;
 		goto cleanup;
+	}
 
 	te = BN_get_word(bn_te);
 	te <<= 32;
@@ -217,7 +224,7 @@ static int rsa_get_params(EVP_PKEY *key, uint64_t *exponent, uint32_t *n0_invp,
 	BIGNUM *n, *r, *r_squared, *tmp;
 	const BIGNUM *key_n;
 	BN_CTX *bn_ctx = BN_CTX_new();
-	int ret = 0;
+	int ret;
 
 	/* Convert to a RSA_style key. */
 	rsa = EVP_PKEY_get1_RSA(key);
@@ -241,38 +248,53 @@ static int rsa_get_params(EVP_PKEY *key, uint64_t *exponent, uint32_t *n0_invp,
 		return -ENOMEM;
 	}
 
-	if (0 != rsa_get_exponent(rsa, exponent))
-		ret = -1;
+	ret = rsa_get_exponent(rsa, exponent);
+	if (ret)
+		goto cleanup;
 
 	RSA_get0_key(rsa, &key_n, NULL, NULL);
 	if (!BN_copy(n, key_n) || !BN_set_word(big1, 1L) ||
-	    !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L))
-		ret = -1;
+	    !BN_set_word(big2, 2L) || !BN_set_word(big32, 32L)) {
+		ret = -EINVAL;
+		goto cleanup;
+	}
 
 	/* big2_32 = 2^32 */
-	if (!BN_exp(big2_32, big2, big32, bn_ctx))
-		ret = -1;
+	if (!BN_exp(big2_32, big2, big32, bn_ctx)) {
+		ret = -EINVAL;
+		goto cleanup;
+	}
 
 	/* Calculate n0_inv = -1 / n[0] mod 2^32 */
 	if (!BN_mod_inverse(tmp, n, big2_32, bn_ctx) ||
-	    !BN_sub(tmp, big2_32, tmp))
-		ret = -1;
+	    !BN_sub(tmp, big2_32, tmp)) {
+		ret = -EINVAL;
+		goto cleanup;
+	}
+
 	*n0_invp = BN_get_word(tmp);
 
 	/* Calculate R = 2^(# of key bits) */
 	if (!BN_set_word(tmp, BN_num_bits(n)) ||
-	    !BN_exp(r, big2, tmp, bn_ctx))
-		ret = -1;
+	    !BN_exp(r, big2, tmp, bn_ctx)) {
+		ret = -EINVAL;
+		goto cleanup;
+	}
 
 	/* Calculate r_squared = R^2 mod n */
 	if (!BN_copy(r_squared, r) ||
 	    !BN_mul(tmp, r_squared, r, bn_ctx) ||
-	    !BN_mod(r_squared, tmp, n, bn_ctx))
-		ret = -1;
+	    !BN_mod(r_squared, tmp, n, bn_ctx)) {
+		ret = -EINVAL;
+		goto cleanup;
+	}
 
 	*modulusp = n;
 	*r_squaredp = r_squared;
 
+	ret = 0;
+
+cleanup:
 	BN_free(big1);
 	BN_free(big2);
 	BN_free(big32);
-- 
2.39.2

next prev parent reply	other threads:[~2024-08-01  5:58 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-08-01  5:57 [PATCH v2 00/19] Add ECDSA support for FIT image verification Sascha Hauer
2024-08-01  5:57 ` [PATCH v2 01/19] errno: include string for EOPNOTSUPP Sascha Hauer
2024-08-05  9:28   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 02/19] rsatoc: disable deprecated function warnings Sascha Hauer
2024-08-05  9:29   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 03/19] rsatoc: remove unnecessary function call Sascha Hauer
2024-08-05  9:29   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 04/19] rsatoc: pass EVP_PKEY around Sascha Hauer
2024-08-05  9:35   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 05/19] rsatoc: rename rsa_err() to openssl_error() Sascha Hauer
2024-08-05  9:37   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 06/19] rsatoc: move engine initialization to engine_get_pub_key() Sascha Hauer
2024-08-05  9:47   ` Ahmad Fatoum
2024-08-01  5:57 ` Sascha Hauer [this message]
2024-08-05  9:54   ` [PATCH v2 07/19] rsatoc: cleanup error handling Ahmad Fatoum
2024-08-05 10:07     ` Sascha Hauer
2024-08-01  5:57 ` [PATCH v2 08/19] rsatoc: remove unnecessary error check Sascha Hauer
2024-08-05  9:56   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 09/19] rsatoc: use non deprecated openssl functions to retrieve RSA params Sascha Hauer
2024-08-05 10:02   ` Ahmad Fatoum
2024-08-05 10:29   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 10/19] rsatoc: check error value of gen_key() Sascha Hauer
2024-08-05 10:03   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 11/19] rsatoc: rename to keytoc Sascha Hauer
2024-08-05 10:05   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 12/19] keytoc: add ecdsa support Sascha Hauer
2024-08-05 11:04   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 13/19] keytoc: Let openssl_error() take a format string Sascha Hauer
2024-08-05 10:22   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 14/19] keytoc: clarify error messages Sascha Hauer
2024-08-05 10:06   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 15/19] malloc: implement free_sensitive() Sascha Hauer
2024-08-05 10:17   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 16/19] Add elliptic curve cryptography (ECC) helper functions Sascha Hauer
2024-08-05 11:32   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 17/19] crypto: add ECDSA support Sascha Hauer
2024-08-05 11:57   ` Ahmad Fatoum
2024-08-05 12:44     ` Sascha Hauer
2024-08-06  9:13       ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 18/19] crypto: make RSA a visible option Sascha Hauer
2024-08-05 10:19   ` Ahmad Fatoum
2024-08-01  5:57 ` [PATCH v2 19/19] fit: Add ecdsa support Sascha Hauer
2024-08-05 12:04   ` Ahmad Fatoum
2024-08-06  6:03 ` [PATCH v2 00/19] Add ECDSA support for FIT image verification Sascha Hauer
2024-08-06  6:07   ` Sascha Hauer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240801055737.3190132-8-s.hauer@pengutronix.de \
    --to=s.hauer@pengutronix.de \
    --cc=barebox@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox