[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Sat Mar 28 14:54:41 UTC 2015
The branch master has been updated
via c5ba2d990420e1778ca4a90bf882e0f806404af0 (commit)
from 33b188a8e82df57208ec8263c263f8b6f47e8255 (commit)
- Log -----------------------------------------------------------------
commit c5ba2d990420e1778ca4a90bf882e0f806404af0
Author: Rich Salz <rsalz at openssl.org>
Date: Sat Mar 28 10:54:15 2015 -0400
free NULL cleanup
EVP_.*free; this gets:
EVP_CIPHER_CTX_free EVP_PKEY_CTX_free EVP_PKEY_asn1_free
EVP_PKEY_asn1_set_free EVP_PKEY_free EVP_PKEY_free_it
EVP_PKEY_meth_free; and also EVP_CIPHER_CTX_cleanup
Reviewed-by: Kurt Roeckx <kurt at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/dgst.c | 3 +--
apps/genpkey.c | 15 +++++----------
apps/pkcs12.c | 3 +--
apps/pkeyutl.c | 3 +--
apps/req.c | 5 ++---
apps/s_cb.c | 3 +--
apps/s_client.c | 3 +--
apps/s_server.c | 9 +++------
crypto/asn1/d2i_pr.c | 2 +-
crypto/asn1/d2i_pu.c | 2 +-
crypto/asn1/x_pkey.c | 3 +--
crypto/asn1/x_pubkey.c | 3 +--
crypto/cms/cms_asn1.c | 15 +++++----------
crypto/cms/cms_env.c | 9 +++------
crypto/cms/cms_kari.c | 8 +++-----
crypto/cms/cms_sd.c | 9 +++------
crypto/dh/dh_ameth.c | 6 ++----
crypto/ec/ec_ameth.c | 3 +--
crypto/evp/digest.c | 3 +--
crypto/evp/evp_enc.c | 7 ++++---
crypto/evp/evp_extra_test.c | 20 +++++---------------
crypto/evp/evp_test.c | 9 +++------
crypto/evp/p_lib.c | 1 +
crypto/evp/pmeth_fn.c | 3 +--
crypto/evp/pmeth_gn.c | 3 +--
crypto/evp/pmeth_lib.c | 6 ++----
crypto/pem/pem_pk8.c | 3 +--
crypto/pem/pem_pkey.c | 9 +++------
crypto/pem/pvkfmt.c | 6 ++----
crypto/pkcs12/p12_kiss.c | 2 +-
crypto/pkcs7/pk7_doit.c | 13 +++++--------
crypto/pkcs7/pk7_lib.c | 3 +--
crypto/ts/ts_rsp_sign.c | 3 +--
crypto/x509/x509_cmp.c | 6 ++----
crypto/x509/x509_vfy.c | 6 ++----
demos/cms/cms_ddec.c | 3 +--
demos/cms/cms_dec.c | 3 +--
demos/cms/cms_sign.c | 3 +--
demos/cms/cms_sign2.c | 6 ++----
demos/smime/smdec.c | 3 +--
demos/smime/smsign.c | 3 +--
demos/smime/smsign2.c | 6 ++----
doc/crypto/EVP_PKEY_CTX_new.pod | 1 +
doc/crypto/EVP_PKEY_new.pod | 1 +
engines/ccgost/gost2001_keyx.c | 7 +++----
engines/e_chil.c | 3 +--
ssl/s3_srvr.c | 3 +--
ssl/ssl_cert.c | 6 ++----
48 files changed, 90 insertions(+), 165 deletions(-)
diff --git a/apps/dgst.c b/apps/dgst.c
index ac3b583..7006000 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -384,8 +384,7 @@ int MAIN(int argc, char **argv)
}
r = 1;
mac_end:
- if (mac_ctx)
- EVP_PKEY_CTX_free(mac_ctx);
+ EVP_PKEY_CTX_free(mac_ctx);
if (r == 0)
goto end;
}
diff --git a/apps/genpkey.c b/apps/genpkey.c
index 5b7f433..bd81d51 100644
--- a/apps/genpkey.c
+++ b/apps/genpkey.c
@@ -268,10 +268,8 @@ int MAIN(int argc, char **argv)
ret = 0;
end:
- if (pkey)
- EVP_PKEY_free(pkey);
- if (ctx)
- EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_free(pkey);
+ EVP_PKEY_CTX_free(ctx);
BIO_free_all(out);
BIO_free(in);
if (pass)
@@ -317,10 +315,8 @@ static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
err:
BIO_puts(err, "Error initializing context\n");
ERR_print_errors(err);
- if (ctx)
- EVP_PKEY_CTX_free(ctx);
- if (pkey)
- EVP_PKEY_free(pkey);
+ EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_free(pkey);
return 0;
}
@@ -375,8 +371,7 @@ int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
err:
BIO_printf(err, "Error initializing %s context\n", algname);
ERR_print_errors(err);
- if (ctx)
- EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_CTX_free(ctx);
return 0;
}
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index e33fe24..a60a055 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -672,8 +672,7 @@ int MAIN(int argc, char **argv)
CRYPTO_push_info("process -export_cert: freeing");
# endif
- if (key)
- EVP_PKEY_free(key);
+ EVP_PKEY_free(key);
if (certs)
sk_X509_pop_free(certs, X509_free);
if (ucert)
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index aaa9074..1028686 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -332,8 +332,7 @@ int MAIN(int argc, char **argv)
BIO_write(out, buf_out, buf_outlen);
end:
- if (ctx)
- EVP_PKEY_CTX_free(ctx);
+ EVP_PKEY_CTX_free(ctx);
BIO_free(in);
BIO_free_all(out);
if (buf_in)
diff --git a/apps/req.c b/apps/req.c
index 231535b..3cedf2c 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -874,9 +874,9 @@ int MAIN(int argc, char **argv)
if (pkey == NULL) {
pkey = X509_REQ_get_pubkey(req);
- tmp = 1;
if (pkey == NULL)
goto end;
+ tmp = 1;
}
i = X509_REQ_verify(req, pkey);
@@ -1013,8 +1013,7 @@ int MAIN(int argc, char **argv)
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_free(pkey);
- if (genctx)
- EVP_PKEY_CTX_free(genctx);
+ EVP_PKEY_CTX_free(genctx);
if (pkeyopts)
sk_OPENSSL_STRING_free(pkeyopts);
if (sigopts)
diff --git a/apps/s_cb.c b/apps/s_cb.c
index ea7d35c..7e69fc8 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1242,8 +1242,7 @@ void ssl_excert_free(SSL_EXCERT *exc)
while (exc) {
if (exc->cert)
X509_free(exc->cert);
- if (exc->key)
- EVP_PKEY_free(exc->key);
+ EVP_PKEY_free(exc->key);
if (exc->chain)
sk_X509_pop_free(exc->chain, X509_free);
curr = exc;
diff --git a/apps/s_client.c b/apps/s_client.c
index 0874983..ec11617 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2030,8 +2030,7 @@ int MAIN(int argc, char **argv)
X509_free(cert);
if (crls)
sk_X509_CRL_pop_free(crls, X509_CRL_free);
- if (key)
- EVP_PKEY_free(key);
+ EVP_PKEY_free(key);
if (chain)
sk_X509_pop_free(chain, X509_free);
if (pass)
diff --git a/apps/s_server.c b/apps/s_server.c
index 37c40cb..f97a97d 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2011,10 +2011,8 @@ int MAIN(int argc, char *argv[])
sk_X509_CRL_pop_free(crls, X509_CRL_free);
if (s_dcert)
X509_free(s_dcert);
- if (s_key)
- EVP_PKEY_free(s_key);
- if (s_dkey)
- EVP_PKEY_free(s_dkey);
+ EVP_PKEY_free(s_key);
+ EVP_PKEY_free(s_dkey);
if (s_chain)
sk_X509_pop_free(s_chain, X509_free);
if (s_dchain)
@@ -2037,8 +2035,7 @@ int MAIN(int argc, char *argv[])
SSL_CTX_free(ctx2);
if (s_cert2)
X509_free(s_cert2);
- if (s_key2)
- EVP_PKEY_free(s_key2);
+ EVP_PKEY_free(s_key2);
BIO_free(serverinfo_in);
# ifndef OPENSSL_NO_NEXTPROTONEG
if (next_proto.data)
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index 5f1a96d..793532f 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -113,7 +113,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
(*a) = ret;
return (ret);
err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ if (a == NULL || *a != ret)
EVP_PKEY_free(ret);
return (NULL);
}
diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
index 33542dd..189cfdd 100644
--- a/crypto/asn1/d2i_pu.c
+++ b/crypto/asn1/d2i_pu.c
@@ -130,7 +130,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
(*a) = ret;
return (ret);
err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ if (a == NULL || *a != ret)
EVP_PKEY_free(ret);
return (NULL);
}
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
index f4396e7..f24c0ce 100644
--- a/crypto/asn1/x_pkey.c
+++ b/crypto/asn1/x_pkey.c
@@ -144,8 +144,7 @@ void X509_PKEY_free(X509_PKEY *x)
if (x->enc_algor != NULL)
X509_ALGOR_free(x->enc_algor);
ASN1_OCTET_STRING_free(x->enc_pkey);
- if (x->dec_pkey != NULL)
- EVP_PKEY_free(x->dec_pkey);
+ EVP_PKEY_free(x->dec_pkey);
if ((x->key_data != NULL) && (x->key_free))
OPENSSL_free(x->key_data);
OPENSSL_free(x);
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index cefaf3a..3c72997 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -174,8 +174,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
return ret;
error:
- if (ret != NULL)
- EVP_PKEY_free(ret);
+ EVP_PKEY_free(ret);
return (NULL);
}
diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c
index 9a71919..03de7af 100644
--- a/crypto/cms/cms_asn1.c
+++ b/crypto/cms/cms_asn1.c
@@ -93,8 +93,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
{
if (operation == ASN1_OP_FREE_POST) {
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
- if (si->pkey)
- EVP_PKEY_free(si->pkey);
+ EVP_PKEY_free(si->pkey);
if (si->signer)
X509_free(si->signer);
if (si->pctx)
@@ -171,8 +170,7 @@ static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
{
CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval;
if (operation == ASN1_OP_FREE_POST) {
- if (rek->pkey)
- EVP_PKEY_free(rek->pkey);
+ EVP_PKEY_free(rek->pkey);
}
return 1;
}
@@ -202,8 +200,7 @@ static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
EVP_CIPHER_CTX_set_flags(&kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
kari->pctx = NULL;
} else if (operation == ASN1_OP_FREE_POST) {
- if (kari->pctx)
- EVP_PKEY_CTX_free(kari->pctx);
+ EVP_PKEY_CTX_free(kari->pctx);
EVP_CIPHER_CTX_cleanup(&kari->ctx);
}
return 1;
@@ -250,12 +247,10 @@ static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
if (ri->type == CMS_RECIPINFO_TRANS) {
CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
- if (ktri->pkey)
- EVP_PKEY_free(ktri->pkey);
+ EVP_PKEY_free(ktri->pkey);
if (ktri->recip)
X509_free(ktri->recip);
- if (ktri->pctx)
- EVP_PKEY_CTX_free(ktri->pctx);
+ EVP_PKEY_CTX_free(ktri->pctx);
} else if (ri->type == CMS_RECIPINFO_KEK) {
CMS_KEKRecipientInfo *kekri = ri->d.kekri;
if (kekri->key) {
diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c
index d1252f8..3b4b930 100644
--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -279,8 +279,7 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
err:
if (ri)
M_ASN1_free_of(ri, CMS_RecipientInfo);
- if (pk)
- EVP_PKEY_free(pk);
+ EVP_PKEY_free(pk);
return NULL;
}
@@ -476,10 +475,8 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
ec->keylen = eklen;
err:
- if (ktri->pctx) {
- EVP_PKEY_CTX_free(ktri->pctx);
- ktri->pctx = NULL;
- }
+ EVP_PKEY_CTX_free(ktri->pctx);
+ ktri->pctx = NULL;
if (!ret && ek)
OPENSSL_free(ek);
diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index 196b5c6..5aaba59 100644
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -218,8 +218,7 @@ int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
kari->pctx = pctx;
return 1;
err:
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
+ EVP_PKEY_CTX_free(pctx);
return 0;
}
@@ -331,10 +330,9 @@ static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
kari->pctx = pctx;
rv = 1;
err:
- if (!rv && pctx)
+ if (!rv)
EVP_PKEY_CTX_free(pctx);
- if (ekey)
- EVP_PKEY_free(ekey);
+ EVP_PKEY_free(ekey);
return rv;
}
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index c45d30e..71c234c 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -487,8 +487,7 @@ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
{
if (signer) {
CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
- if (si->pkey)
- EVP_PKEY_free(si->pkey);
+ EVP_PKEY_free(si->pkey);
si->pkey = X509_get_pubkey(signer);
}
if (si->signer)
@@ -651,8 +650,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
err:
EVP_MD_CTX_cleanup(&mctx);
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
+ EVP_PKEY_CTX_free(pctx);
return r;
}
@@ -875,8 +873,7 @@ int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
}
err:
- if (pkctx)
- EVP_PKEY_CTX_free(pkctx);
+ EVP_PKEY_CTX_free(pkctx);
EVP_MD_CTX_cleanup(&mctx);
return r;
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c
index c71538f..cfa2e2d 100644
--- a/crypto/dh/dh_ameth.c
+++ b/crypto/dh/dh_ameth.c
@@ -708,8 +708,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
err:
if (public_key)
ASN1_INTEGER_free(public_key);
- if (pkpeer)
- EVP_PKEY_free(pkpeer);
+ EVP_PKEY_free(pkpeer);
DH_free(dhpeer);
return rv;
}
@@ -849,8 +848,7 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri)
X509_ALGOR_get0(&aoid, NULL, NULL, talg);
/* Is everything uninitialised? */
if (aoid == OBJ_nid2obj(NID_undef)) {
- ASN1_INTEGER *pubk;
- pubk = BN_to_ASN1_INTEGER(pkey->pkey.dh->pub_key, NULL);
+ ASN1_INTEGER *pubk = BN_to_ASN1_INTEGER(pkey->pkey.dh->pub_key, NULL);
if (!pubk)
goto err;
/* Set the key */
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index 4be85a9..65c3d56 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -704,8 +704,7 @@ static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
rv = 1;
err:
EC_KEY_free(ecpeer);
- if (pkpeer)
- EVP_PKEY_free(pkpeer);
+ EVP_PKEY_free(pkpeer);
return rv;
}
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 48c7b00..ce95350 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -352,8 +352,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
OPENSSL_free(ctx->md_data);
}
- if (ctx->pctx)
- EVP_PKEY_CTX_free(ctx->pctx);
+ EVP_PKEY_CTX_free(ctx->pctx);
#ifndef OPENSSL_NO_ENGINE
if (ctx->engine)
/*
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 3d40b04..3468b6b 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -522,14 +522,15 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
{
- if (ctx) {
- EVP_CIPHER_CTX_cleanup(ctx);
+ EVP_CIPHER_CTX_cleanup(ctx);
+ if (ctx)
OPENSSL_free(ctx);
- }
}
int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
{
+ if (!c)
+ return 0;
if (c->cipher != NULL) {
if (c->cipher->cleanup && !c->cipher->cleanup(c))
return 0;
diff --git a/crypto/evp/evp_extra_test.c b/crypto/evp/evp_extra_test.c
index c474134..567ed0f 100644
--- a/crypto/evp/evp_extra_test.c
+++ b/crypto/evp/evp_extra_test.c
@@ -265,9 +265,7 @@ static EVP_PKEY *load_example_rsa_key(void)
pkey = NULL;
out:
- if (pkey) {
- EVP_PKEY_free(pkey);
- }
+ EVP_PKEY_free(pkey);
RSA_free(rsa);
return ret;
@@ -321,9 +319,7 @@ static int test_EVP_DigestSignInit(void)
EVP_MD_CTX_cleanup(&md_ctx);
EVP_MD_CTX_cleanup(&md_ctx_verify);
- if (pkey) {
- EVP_PKEY_free(pkey);
- }
+ EVP_PKEY_free(pkey);
if (sig) {
OPENSSL_free(sig);
}
@@ -354,9 +350,7 @@ static int test_EVP_DigestVerifyInit(void)
}
EVP_MD_CTX_cleanup(&md_ctx);
- if (pkey) {
- EVP_PKEY_free(pkey);
- }
+ EVP_PKEY_free(pkey);
return ret;
}
@@ -387,9 +381,7 @@ static int test_d2i_AutoPrivateKey(const unsigned char *input,
ERR_print_errors_fp(stderr);
}
- if (pkey != NULL) {
- EVP_PKEY_free(pkey);
- }
+ EVP_PKEY_free(pkey);
return ret;
}
@@ -422,9 +414,7 @@ static int test_EVP_PKCS82PKEY(void)
PKCS8_PRIV_KEY_INFO_free(p8inf);
}
- if (pkey != NULL) {
- EVP_PKEY_free(pkey);
- }
+ EVP_PKEY_free(pkey);
return ret;
}
diff --git a/crypto/evp/evp_test.c b/crypto/evp/evp_test.c
index 1524658..68d5bde 100644
--- a/crypto/evp/evp_test.c
+++ b/crypto/evp/evp_test.c
@@ -1051,10 +1051,8 @@ static int mac_test_run(struct evp_test *t)
EVP_MD_CTX_destroy(mctx);
if (mac)
OPENSSL_free(mac);
- if (genctx)
- EVP_PKEY_CTX_free(genctx);
- if (key)
- EVP_PKEY_free(key);
+ EVP_PKEY_CTX_free(genctx);
+ EVP_PKEY_free(key);
t->err = err;
return 1;
}
@@ -1139,8 +1137,7 @@ static void pkey_test_cleanup(struct evp_test *t)
OPENSSL_free(kdata->input);
if (kdata->output)
OPENSSL_free(kdata->output);
- if (kdata->ctx)
- EVP_PKEY_CTX_free(kdata->ctx);
+ EVP_PKEY_CTX_free(kdata->ctx);
}
static int pkey_test_parse(struct evp_test *t,
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index 604faf2..a96fae6 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -409,6 +409,7 @@ void EVP_PKEY_free(EVP_PKEY *x)
static void EVP_PKEY_free_it(EVP_PKEY *x)
{
+ /* internal function; x is never NULL */
if (x->ameth && x->ameth->pkey_free) {
x->ameth->pkey_free(x);
x->pkey.ptr = NULL;
diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index 829b5f0..abf2160 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -315,8 +315,7 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
return -1;
}
- if (ctx->peerkey)
- EVP_PKEY_free(ctx->peerkey);
+ EVP_PKEY_free(ctx->peerkey);
ctx->peerkey = peer;
ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
diff --git a/crypto/evp/pmeth_gn.c b/crypto/evp/pmeth_gn.c
index a5ae484..78467c9 100644
--- a/crypto/evp/pmeth_gn.c
+++ b/crypto/evp/pmeth_gn.c
@@ -207,7 +207,6 @@ EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
goto merr;
merr:
- if (mac_ctx)
- EVP_PKEY_CTX_free(mac_ctx);
+ EVP_PKEY_CTX_free(mac_ctx);
return mac_key;
}
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 9183e40..b20a902 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -363,10 +363,8 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
return;
if (ctx->pmeth && ctx->pmeth->cleanup)
ctx->pmeth->cleanup(ctx);
- if (ctx->pkey)
- EVP_PKEY_free(ctx->pkey);
- if (ctx->peerkey)
- EVP_PKEY_free(ctx->peerkey);
+ EVP_PKEY_free(ctx->pkey);
+ EVP_PKEY_free(ctx->peerkey);
#ifndef OPENSSL_NO_ENGINE
if (ctx->engine)
/*
diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c
index 0d76026..529d077 100644
--- a/crypto/pem/pem_pk8.c
+++ b/crypto/pem/pem_pk8.c
@@ -183,8 +183,7 @@ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
if (!ret)
return NULL;
if (x) {
- if (*x)
- EVP_PKEY_free(*x);
+ EVP_PKEY_free(*x);
*x = ret;
}
return ret;
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index fd7e8b0..80c316e 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -96,8 +96,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
goto p8err;
ret = EVP_PKCS82PKEY(p8inf);
if (x) {
- if (*x)
- EVP_PKEY_free((EVP_PKEY *)*x);
+ EVP_PKEY_free((EVP_PKEY *)*x);
*x = ret;
}
PKCS8_PRIV_KEY_INFO_free(p8inf);
@@ -124,8 +123,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
goto p8err;
ret = EVP_PKCS82PKEY(p8inf);
if (x) {
- if (*x)
- EVP_PKEY_free((EVP_PKEY *)*x);
+ EVP_PKEY_free((EVP_PKEY *)*x);
*x = ret;
}
PKCS8_PRIV_KEY_INFO_free(p8inf);
@@ -186,8 +184,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
goto err;
}
if (x) {
- if (*x)
- EVP_PKEY_free((EVP_PKEY *)*x);
+ EVP_PKEY_free((EVP_PKEY *)*x);
*x = ret;
}
}
diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c
index 0f2390d..14ddb33 100644
--- a/crypto/pem/pvkfmt.c
+++ b/crypto/pem/pvkfmt.c
@@ -336,8 +336,7 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
memerr:
PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
DSA_free(dsa);
- if (ret)
- EVP_PKEY_free(ret);
+ EVP_PKEY_free(ret);
if (ctx)
BN_CTX_free(ctx);
return NULL;
@@ -385,8 +384,7 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
memerr:
PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
RSA_free(rsa);
- if (ret)
- EVP_PKEY_free(ret);
+ EVP_PKEY_free(ret);
return NULL;
}
diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c
index 4fd8b8c..fcfa986 100644
--- a/crypto/pkcs12/p12_kiss.c
+++ b/crypto/pkcs12/p12_kiss.c
@@ -161,7 +161,7 @@ int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
err:
- if (pkey && *pkey)
+ if (pkey)
EVP_PKEY_free(*pkey);
if (cert && *cert)
X509_free(*cert);
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index b7c66a3..639e217 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -179,10 +179,8 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
ret = 1;
err:
- if (pkey)
- EVP_PKEY_free(pkey);
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
+ EVP_PKEY_free(pkey);
+ EVP_PKEY_CTX_free(pctx);
if (ek)
OPENSSL_free(ek);
return ret;
@@ -240,8 +238,7 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
*peklen = eklen;
err:
- if (pctx)
- EVP_PKEY_CTX_free(pctx);
+ EVP_PKEY_CTX_free(pctx);
if (!ret && ek)
OPENSSL_free(ek);
@@ -1077,8 +1074,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
ret = -1;
goto err;
- } else
- ret = 1;
+ }
+ ret = 1;
err:
EVP_MD_CTX_cleanup(&mdc_tmp);
return (ret);
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 6409d28..956f3f2 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -556,8 +556,7 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
return 1;
err:
- if (pkey)
- EVP_PKEY_free(pkey);
+ EVP_PKEY_free(pkey);
return 0;
}
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index b510ceb..037ab64 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -216,8 +216,7 @@ int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
{
- if (ctx->signer_key)
- EVP_PKEY_free(ctx->signer_key);
+ EVP_PKEY_free(ctx->signer_key);
ctx->signer_key = key;
CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 51c47cc..c7b0fe1 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -342,8 +342,7 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
case -2:
X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE);
}
- if (xk)
- EVP_PKEY_free(xk);
+ EVP_PKEY_free(xk);
if (ret > 0)
return 1;
return 0;
@@ -436,8 +435,7 @@ int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
/* Final check: root CA signature */
rv = check_suite_b(pk, X509_get_signature_nid(x), &tflags);
end:
- if (pk)
- EVP_PKEY_free(pk);
+ EVP_PKEY_free(pk);
if (rv != X509_V_OK) {
/* Invalid signature or LOS errors are for previous cert */
if ((rv == X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 61f02b5..9cf39db 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -1933,10 +1933,8 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
}
if (!EVP_PKEY_missing_parameters(ktmp))
break;
- else {
- EVP_PKEY_free(ktmp);
- ktmp = NULL;
- }
+ EVP_PKEY_free(ktmp);
+ ktmp = NULL;
}
if (ktmp == NULL) {
X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
diff --git a/demos/cms/cms_ddec.c b/demos/cms/cms_ddec.c
index 7247e57..1e06cea 100644
--- a/demos/cms/cms_ddec.c
+++ b/demos/cms/cms_ddec.c
@@ -72,8 +72,7 @@ int main(int argc, char **argv)
CMS_ContentInfo_free(cms);
if (rcert)
X509_free(rcert);
- if (rkey)
- EVP_PKEY_free(rkey);
+ EVP_PKEY_free(rkey);
BIO_free(in);
BIO_free(out);
diff --git a/demos/cms/cms_dec.c b/demos/cms/cms_dec.c
index e9782d7..71a0e4f 100644
--- a/demos/cms/cms_dec.c
+++ b/demos/cms/cms_dec.c
@@ -63,8 +63,7 @@ int main(int argc, char **argv)
CMS_ContentInfo_free(cms);
if (rcert)
X509_free(rcert);
- if (rkey)
- EVP_PKEY_free(rkey);
+ EVP_PKEY_free(rkey);
BIO_free(in);
BIO_free(out);
diff --git a/demos/cms/cms_sign.c b/demos/cms/cms_sign.c
index 9f2cff0..3ad5ce8 100644
--- a/demos/cms/cms_sign.c
+++ b/demos/cms/cms_sign.c
@@ -73,8 +73,7 @@ int main(int argc, char **argv)
CMS_ContentInfo_free(cms);
if (scert)
X509_free(scert);
- if (skey)
- EVP_PKEY_free(skey);
+ EVP_PKEY_free(skey);
BIO_free(in);
BIO_free(out);
diff --git a/demos/cms/cms_sign2.c b/demos/cms/cms_sign2.c
index 23c6eb8..3276de1 100644
--- a/demos/cms/cms_sign2.c
+++ b/demos/cms/cms_sign2.c
@@ -82,13 +82,11 @@ int main(int argc, char **argv)
if (scert)
X509_free(scert);
- if (skey)
- EVP_PKEY_free(skey);
+ EVP_PKEY_free(skey);
if (scert2)
X509_free(scert2);
- if (skey)
- EVP_PKEY_free(skey2);
+ EVP_PKEY_free(skey2);
BIO_free(in);
BIO_free(out);
diff --git a/demos/smime/smdec.c b/demos/smime/smdec.c
index b50f8df..a418707 100644
--- a/demos/smime/smdec.c
+++ b/demos/smime/smdec.c
@@ -63,8 +63,7 @@ int main(int argc, char **argv)
PKCS7_free(p7);
if (rcert)
X509_free(rcert);
- if (rkey)
- EVP_PKEY_free(rkey);
+ EVP_PKEY_free(rkey);
BIO_free(in);
BIO_free(out);
diff --git a/demos/smime/smsign.c b/demos/smime/smsign.c
index 6b9dfdd..455efcb 100644
--- a/demos/smime/smsign.c
+++ b/demos/smime/smsign.c
@@ -73,8 +73,7 @@ int main(int argc, char **argv)
PKCS7_free(p7);
if (scert)
X509_free(scert);
- if (skey)
- EVP_PKEY_free(skey);
+ EVP_PKEY_free(skey);
BIO_free(in);
BIO_free(out);
diff --git a/demos/smime/smsign2.c b/demos/smime/smsign2.c
index 5d9de35..5f20a40 100644
--- a/demos/smime/smsign2.c
+++ b/demos/smime/smsign2.c
@@ -82,13 +82,11 @@ int main(int argc, char **argv)
if (scert)
X509_free(scert);
- if (skey)
- EVP_PKEY_free(skey);
+ EVP_PKEY_free(skey);
if (scert2)
X509_free(scert2);
- if (skey)
- EVP_PKEY_free(skey2);
+ EVP_PKEY_free(skey2);
BIO_free(in);
BIO_free(out);
diff --git a/doc/crypto/EVP_PKEY_CTX_new.pod b/doc/crypto/EVP_PKEY_CTX_new.pod
index a9af867..17d5e74 100644
--- a/doc/crypto/EVP_PKEY_CTX_new.pod
+++ b/doc/crypto/EVP_PKEY_CTX_new.pod
@@ -26,6 +26,7 @@ during parameter generation of key genration for some algorithms.
EVP_PKEY_CTX_dup() duplicates the context B<ctx>.
EVP_PKEY_CTX_free() frees up the context B<ctx>.
+If B<ctx> is NULL, nothing is done.
=head1 NOTES
diff --git a/doc/crypto/EVP_PKEY_new.pod b/doc/crypto/EVP_PKEY_new.pod
index 10687e4..d26b03f 100644
--- a/doc/crypto/EVP_PKEY_new.pod
+++ b/doc/crypto/EVP_PKEY_new.pod
@@ -18,6 +18,7 @@ The EVP_PKEY_new() function allocates an empty B<EVP_PKEY>
structure which is used by OpenSSL to store private keys.
EVP_PKEY_free() frees up the private key B<key>.
+If B<key> is NULL, nothing is done.
=head1 NOTES
diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c
index db1bdc1..864d01b 100644
--- a/engines/ccgost/gost2001_keyx.c
+++ b/engines/ccgost/gost2001_keyx.c
@@ -189,7 +189,7 @@ int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
}
ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
- if (key_is_ephemeral && sec_key)
+ if (key_is_ephemeral)
EVP_PKEY_free(sec_key);
if (!key_is_ephemeral) {
/* Set control "public key from client certificate used" */
@@ -204,7 +204,7 @@ int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
GOST_KEY_TRANSPORT_free(gkt);
return ret;
err:
- if (key_is_ephemeral && sec_key)
+ if (key_is_ephemeral)
EVP_PKEY_free(sec_key);
GOST_KEY_TRANSPORT_free(gkt);
return -1;
@@ -284,8 +284,7 @@ int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
ret = 1;
err:
- if (eph_key)
- EVP_PKEY_free(eph_key);
+ EVP_PKEY_free(eph_key);
if (gkt)
GOST_KEY_TRANSPORT_free(gkt);
return ret;
diff --git a/engines/e_chil.c b/engines/e_chil.c
index c06ab1a..68c9145 100644
--- a/engines/e_chil.c
+++ b/engines/e_chil.c
@@ -887,8 +887,7 @@ static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
return res;
err:
- if (res)
- EVP_PKEY_free(res);
+ EVP_PKEY_free(res);
return NULL;
}
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 68a8c81..5b17e52 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2869,8 +2869,7 @@ int ssl3_get_client_key_exchange(SSL *s)
EVP_PKEY_CTX_free(pkey_ctx);
if (ret)
return ret;
- else
- goto err;
+ goto err;
} else {
al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_UNKNOWN_CIPHER_TYPE);
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index f05a60a..d6401b4 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -402,10 +402,8 @@ void ssl_cert_clear_certs(CERT *c)
X509_free(cpk->x509);
cpk->x509 = NULL;
}
- if (cpk->privatekey) {
- EVP_PKEY_free(cpk->privatekey);
- cpk->privatekey = NULL;
- }
+ EVP_PKEY_free(cpk->privatekey);
+ cpk->privatekey = NULL;
if (cpk->chain) {
sk_X509_pop_free(cpk->chain, X509_free);
cpk->chain = NULL;
More information about the openssl-commits
mailing list