[openssl] master update

[Dr. Paul Dale]

The branch master has been updated
       via  842d61b5177bb57b7de374a3f25adc9e07e269d8 (commit)
       via  0df56c30f7ad1d29bac5ed2546069402d6219c15 (commit)
       via  4885ecffc7857a3eb4ef580763b1200cbaf9f45e (commit)
       via  54e1c14a29ef338a60ef180e213ffaeb3010f798 (commit)
       via  b0f6402bf41a66ebfa13e98bb96763d01bb27d2f (commit)
      from  c6b72390721622bad4815e912f005e7add940e92 (commit)


- Log -----------------------------------------------------------------
commit 842d61b5177bb57b7de374a3f25adc9e07e269d8
Author: Pauli <pauli at openssl.org>
Date:   Wed May 12 11:14:02 2021 +1000

    Checksum update
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>

commit 0df56c30f7ad1d29bac5ed2546069402d6219c15
Author: Pauli <pauli at openssl.org>
Date:   Mon May 10 14:13:30 2021 +1000

    evp: fix return code check.
    
    The return from evp_do_md_getparams() is 0 for failure and -1 for not being
    a provided algorithm.  The code in evp_md_cache_constants() failed to check
    the return code properly.  In this case it was harmless but better to fix it.
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/15208)

commit 4885ecffc7857a3eb4ef580763b1200cbaf9f45e
Author: Pauli <pauli at openssl.org>
Date:   Mon May 10 10:24:13 2021 +1000

    coverity: fix 1484542 dereference after null check
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/15208)

commit 54e1c14a29ef338a60ef180e213ffaeb3010f798
Author: Pauli <pauli at openssl.org>
Date:   Mon May 10 10:18:07 2021 +1000

    coverity: fix 1484540 resource leak
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/15208)

commit b0f6402bf41a66ebfa13e98bb96763d01bb27d2f
Author: Pauli <pauli at openssl.org>
Date:   Mon May 10 10:17:38 2021 +1000

    coverity: fix 1484539 resource leak
    
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    Reviewed-by: Ben Kaduk <kaduk at mit.edu>
    (Merged from https://github.com/openssl/openssl/pull/15208)

-----------------------------------------------------------------------

Summary of changes:
 apps/kdf.c                       | 3 ++-
 apps/mac.c                       | 3 ++-
 crypto/evp/digest.c              | 2 +-
 crypto/evp/evp_lib.c             | 6 ++----
 providers/fips-sources.checksums | 4 ++--
 providers/fips.checksum          | 2 +-
 6 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/apps/kdf.c b/apps/kdf.c
index 7b016051f1..c4892ed20e 100644
--- a/apps/kdf.c
+++ b/apps/kdf.c
@@ -52,13 +52,14 @@ static char *alloc_kdf_algorithm_name(STACK_OF(OPENSSL_STRING) **optp,
                                       const char *name, const char *arg)
 {
     size_t len = strlen(name) + strlen(arg) + 2;
-    char *res = app_malloc(len, "algorithm name");
+    char *res;
 
     if (*optp == NULL)
         *optp = sk_OPENSSL_STRING_new_null();
     if (*optp == NULL)
         return NULL;
 
+    res = app_malloc(len, "algorithm name");
     BIO_snprintf(res, len, "%s:%s", name, arg);
     if (sk_OPENSSL_STRING_push(*optp, res))
         return res;
diff --git a/apps/mac.c b/apps/mac.c
index ca02a781e5..5f80ca22c7 100644
--- a/apps/mac.c
+++ b/apps/mac.c
@@ -56,13 +56,14 @@ static char *alloc_mac_algorithm_name(STACK_OF(OPENSSL_STRING) **optp,
                                       const char *name, const char *arg)
 {
     size_t len = strlen(name) + strlen(arg) + 2;
-    char *res = app_malloc(len, "algorithm name");
+    char *res;
 
     if (*optp == NULL)
         *optp = sk_OPENSSL_STRING_new_null();
     if (*optp == NULL)
         return NULL;
 
+    res = app_malloc(len, "algorithm name");
     BIO_snprintf(res, len, "%s:%s", name, arg);
     if (sk_OPENSSL_STRING_push(*optp, res))
         return res;
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index e584bd8b2b..25ce609854 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -882,7 +882,7 @@ static int evp_md_cache_constants(EVP_MD *md)
     params[3] = OSSL_PARAM_construct_int(OSSL_DIGEST_PARAM_ALGID_ABSENT,
                                          &algid_absent);
     params[4] = OSSL_PARAM_construct_end();
-    ok = evp_do_md_getparams(md, params);
+    ok = evp_do_md_getparams(md, params) > 0;
     if (mdsize > INT_MAX || blksz > INT_MAX)
         ok = 0;
     if (ok) {
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index dfc4059d76..e2ac6af895 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -358,7 +358,7 @@ int evp_cipher_cache_constants(EVP_CIPHER *cipher)
     params[7] = OSSL_PARAM_construct_int(OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK,
                                          &multiblock);
     params[8] = OSSL_PARAM_construct_end();
-    ok = evp_do_ciph_getparams(cipher, params);
+    ok = evp_do_ciph_getparams(cipher, params) > 0;
     if (ok) {
         cipher->block_size = blksz;
         cipher->iv_len = ivlen;
@@ -372,10 +372,8 @@ int evp_cipher_cache_constants(EVP_CIPHER *cipher)
             cipher->flags |= EVP_CIPH_FLAG_CTS;
         if (multiblock)
             cipher->flags |= EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK;
-        /* Provided implementations may have a custom cipher_cipher */
-        if (cipher->prov != NULL && cipher->ccipher != NULL)
+        if (cipher->ccipher != NULL)
             cipher->flags |= EVP_CIPH_FLAG_CUSTOM_CIPHER;
-        /* Provided implementations may also have custom ASN1 algorithm parameters */
         if (OSSL_PARAM_locate_const(EVP_CIPHER_gettable_ctx_params(cipher),
                                     OSSL_CIPHER_PARAM_ALGORITHM_ID_PARAMS))
             cipher->flags |= EVP_CIPH_FLAG_CUSTOM_ASN1;
diff --git a/providers/fips-sources.checksums b/providers/fips-sources.checksums
index 72d4f9cf28..dfcfb83178 100644
--- a/providers/fips-sources.checksums
+++ b/providers/fips-sources.checksums
@@ -166,11 +166,11 @@ fa39906519062932adafb63cbf05b5dfa7563673576d421c80ec6b889d024e84  crypto/ec/ecp_
 22c44f561ab42d1bd7fd3a3c538ebaba375a704f98056b035e7949d73963c580  crypto/ec/ecx_key.c
 7c7f3e2a19a95d62942790e525f00cccc87e46da099a0c96d101787d68c75128  crypto/evp/asymcipher.c
 0e75a058dcbbb62cfe39fec6c4a85385dc1a8fce794e4278ce6cebb29763b82b  crypto/evp/dh_support.c
-e819c499207dd2ee5457cd9411c6089e13476bedf41de2aa67e10b13810ff0e5  crypto/evp/digest.c
+3c8e633beeb9b79cac2f068de248b7f1ad55910d2e2ff10b2b3694daae552436  crypto/evp/digest.c
 5e2c5d865029ae86855f15e162360d091f28ca0d4c67260700c90aa25faf308b  crypto/evp/ec_support.c
 c146c0a8a06e3c558207c1c76039dd2a61a2160cc243e9e3de2e290bc6e1b2d0  crypto/evp/evp_enc.c
 4518be2a70f28492668fe1ad6464593ff0db227ab75536bc5dc5a9c0da135800  crypto/evp/evp_fetch.c
-ce97d3bbaa68d2c3aae7f2c4d8709396ec2f0f131abf2c2584e523585ec89c02  crypto/evp/evp_lib.c
+1a168c88f1ee61d0f0c94ea72e220f913526a09fc09b8ba1706eb126e948699c  crypto/evp/evp_lib.c
 af0245f7a849997921c0719df339469427656821416b402754fc1f5f5e2da291  crypto/evp/evp_rand.c
 c0f87865be8dab6ea909fd976e5a46e4e8343b18403090c4a59b2af90f9a1329  crypto/evp/evp_utils.c
 896bc29e0009657071bd74401513bdbedfb08ca66e34bf634e824fd3f34beb0a  crypto/evp/exchange.c
diff --git a/providers/fips.checksum b/providers/fips.checksum
index a02e185df1..2a2fc21d65 100644
--- a/providers/fips.checksum
+++ b/providers/fips.checksum
@@ -1 +1 @@
-25ebfe80438755a6a997fd7b76a2d30725c7be0ae73b9378d0daf5e444453afa  providers/fips-sources.checksums
+4d519901583d7281047570278c491370463f04412f648f2862d41d04a99ad4e8  providers/fips-sources.checksums