[Rpm-maint] [rpm-software-management/rpm] Improve the OpenSSL crypto backend (#1610)

Florian Festi notifications at github.com
Mon Feb 14 09:57:12 UTC 2022


@ffesti commented on this pull request.



>  
-    ret = EVP_PKEY_verify_init(pkey_ctx);
-    if (ret < 0) {
-        rc = 1;
+    if (EVP_PKEY_verify_init(pkey_ctx) <= 0)

Where does the `<=` come from?

>  
-    ret = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PADDING);
-    if (ret < 0) {
-        rc = 1;
+    if (EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PADDING) <= 0)

Another `<=`...

>  
     int pkey_len = EVP_PKEY_size(key->evp_pkey);
     padded_sig = xcalloc(1, pkey_len);
-    if (!BN_bn2binpad(sig->bn, padded_sig, pkey_len)) {
-        rc = 1;
+    if (BN_bn2binpad(sig->bn, padded_sig, pkey_len) <= 0)

...

>      EVP_PKEY *evp_pkey; /* Fully constructed key */
+    unsigned int poison: 1; /* if set, this key cannot be mutated */

Defaulting to 1 but relying in the code to calloc it to 0 is a bit confusing - even if the code seems fine.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1610#pullrequestreview-881318412
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/1610/review/881318412 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220214/6c7042c8/attachment.html>


More information about the Rpm-maint mailing list