Add missing OpenSSL guards

Signed-off-by: Spencer Wilson <[email protected]>
open-quantum-safe · Jul 25, 2024 · b831ae7 · b831ae7
1 parent e463233
commit b831ae7
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 27 deletions.
diff --git a/src/common/common.h b/src/common/common.h
@@ -43,13 +43,24 @@ extern "C" {
  * This is a temporary workaround until a better error
  * handling strategy is developed.
  */
+#if defined(OQS_USE_OPENSSL) && !defined(OPENSSL_NO_STDIO)
 #define OQS_OPENSSL_GUARD(x)    \
     do {                        \
         if( 1 != (x) ) {        \
             fprintf(stderr, "Error return value from OpenSSL API: %d. Exiting.\n", x); \
+            OSSL_FUNC(ERR_print_errors_fp)(stderr);
             exit(EXIT_FAILURE); \
         }                       \
     } while (0)
+#else
+#define OQS_OPENSSL_GUARD(x)    \
+    do {                        \
+        if( 1 != (x) ) {        \
+            fprintf(stderr, "Error return value from OpenSSL API: %d. Exiting.\n", x); \
+            exit(EXIT_FAILURE); \
+        }                       \
+    } while (0)
+#endif // defined(OQS_USE_OPENSSL) && !defined(OPENSSL_NO_STDIO)
 
 /**
  * Certain functions (such as OQS_randombytes_openssl in

diff --git a/src/common/rand/rand_nist.c b/src/common/rand/rand_nist.c
@@ -32,20 +32,6 @@ void OQS_randombytes_nist_kat(unsigned char *x, size_t xlen);
 static OQS_NIST_DRBG_struct DRBG_ctx;
 static void AES256_CTR_DRBG_Update(unsigned char *provided_data, unsigned char *Key, unsigned char *V);
 
-#ifdef OQS_USE_OPENSSL
-# if defined(_MSC_VER)
-__declspec(noreturn)
-# else
-__attribute__((noreturn))
-# endif
-static void handleErrors(void) {
-#ifndef OPENSSL_NO_STDIO
-	OSSL_FUNC(ERR_print_errors_fp)(stderr);
-#endif
-	abort();
-}
-#endif
-
 // Use whatever AES implementation you have. This uses AES from openSSL library
 //    key - 256-bit AES key
 //    ctr - a 128-bit plaintext value
@@ -57,17 +43,11 @@ static void AES256_ECB(unsigned char *key, unsigned char *ctr, unsigned char *bu
 	int len;
 
 	/* Create and initialise the context */
-	if (!(ctx = OSSL_FUNC(EVP_CIPHER_CTX_new)())) {
-		handleErrors();
-	}
-
-	if (1 != OSSL_FUNC(EVP_EncryptInit_ex)(ctx, oqs_aes_256_ecb(), NULL, key, NULL)) {
-		handleErrors();
-	}
+	ctx = OSSL_FUNC(EVP_CIPHER_CTX_new)();
+    OQS_EXIT_IF_NULLPTR(ctx);
 
-	if (1 != OSSL_FUNC(EVP_EncryptUpdate)(ctx, buffer, &len, ctr, 16)) {
-		handleErrors();
-	}
+    OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_EncryptInit_ex)(ctx, oqs_aes_256_ecb(), NULL, key, NULL));
+	OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_EncryptUpdate)(ctx, buffer, &len, ctr, 16));
 
 	/* Clean up */
 	OSSL_FUNC(EVP_CIPHER_CTX_free)(ctx);

diff --git a/src/common/sha2/sha2_ossl.c b/src/common/sha2/sha2_ossl.c
@@ -18,9 +18,9 @@ static void do_hash(uint8_t *output, const uint8_t *input, size_t inplen, const
 	unsigned int outlen;
 	mdctx = OSSL_FUNC(EVP_MD_CTX_new)();
 	OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL");
-	OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL);
-	OSSL_FUNC(EVP_DigestUpdate)(mdctx, input, inplen);
-	OSSL_FUNC(EVP_DigestFinal_ex)(mdctx, output, &outlen);
+	OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL));
+	OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestUpdate)(mdctx, input, inplen));
+	OQS_OPENSSL_GUARD(OSSL_FUNC(EVP_DigestFinal_ex)(mdctx, output, &outlen));
 	OSSL_FUNC(EVP_MD_CTX_free)(mdctx);
 }