deps: upgrade openssl sources to 1.1.1a

This updates all sources in deps/openssl/openssl with openssl-1.1.1a.

PR-URL: https://github.com/nodejs/node/pull/25381
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>

1 files changed, 40 insertions, 33 deletions

diff --git a/deps/openssl/openssl/crypto/hmac/hmac.c b/deps/openssl/openssl/crypto/hmac/hmac.c
index 3374105cbb..e4031b44a5 100644
--- a/deps/openssl/openssl/crypto/hmac/hmac.c
+++ b/deps/openssl/openssl/crypto/hmac/hmac.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -18,8 +18,9 @@
 int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
                  const EVP_MD *md, ENGINE *impl)
 {
+    int rv = 0;
     int i, j, reset = 0;
-    unsigned char pad[HMAC_MAX_MD_CBLOCK];
+    unsigned char pad[HMAC_MAX_MD_CBLOCK_SIZE];
 
     /* If we are changing MD then we must have a key */
     if (md != NULL && md != ctx->md && (key == NULL || len < 0))
@@ -37,46 +38,45 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
     if (key != NULL) {
         reset = 1;
         j = EVP_MD_block_size(md);
-        OPENSSL_assert(j <= (int)sizeof(ctx->key));
+        if (!ossl_assert(j <= (int)sizeof(ctx->key)))
+            return 0;
         if (j < len) {
-            if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl))
-                goto err;
-            if (!EVP_DigestUpdate(ctx->md_ctx, key, len))
-                goto err;
-            if (!EVP_DigestFinal_ex(ctx->md_ctx, ctx->key,
-                                    &ctx->key_length))
-                goto err;
+            if (!EVP_DigestInit_ex(ctx->md_ctx, md, impl)
+                    || !EVP_DigestUpdate(ctx->md_ctx, key, len)
+                    || !EVP_DigestFinal_ex(ctx->md_ctx, ctx->key,
+                                           &ctx->key_length))
+                return 0;
         } else {
             if (len < 0 || len > (int)sizeof(ctx->key))
                 return 0;
             memcpy(ctx->key, key, len);
             ctx->key_length = len;
         }
-        if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
+        if (ctx->key_length != HMAC_MAX_MD_CBLOCK_SIZE)
             memset(&ctx->key[ctx->key_length], 0,
-                   HMAC_MAX_MD_CBLOCK - ctx->key_length);
+                   HMAC_MAX_MD_CBLOCK_SIZE - ctx->key_length);
     }
 
     if (reset) {
-        for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+        for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
             pad[i] = 0x36 ^ ctx->key[i];
-        if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl))
-            goto err;
-        if (!EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
+        if (!EVP_DigestInit_ex(ctx->i_ctx, md, impl)
+                || !EVP_DigestUpdate(ctx->i_ctx, pad, EVP_MD_block_size(md)))
             goto err;
 
-        for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+        for (i = 0; i < HMAC_MAX_MD_CBLOCK_SIZE; i++)
             pad[i] = 0x5c ^ ctx->key[i];
-        if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl))
-            goto err;
-        if (!EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
+        if (!EVP_DigestInit_ex(ctx->o_ctx, md, impl)
+                || !EVP_DigestUpdate(ctx->o_ctx, pad, EVP_MD_block_size(md)))
             goto err;
     }
     if (!EVP_MD_CTX_copy_ex(ctx->md_ctx, ctx->i_ctx))
         goto err;
-    return 1;
+    rv = 1;
  err:
-    return 0;
+    if (reset)
+        OPENSSL_cleanse(pad, sizeof(pad));
+    return rv;
 }
 
 #if OPENSSL_API_COMPAT < 0x10100000L
@@ -118,7 +118,9 @@ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
 
 size_t HMAC_size(const HMAC_CTX *ctx)
 {
-    return EVP_MD_size((ctx)->md);
+    int size = EVP_MD_size((ctx)->md);
+
+    return (size < 0) ? 0 : size;
 }
 
 HMAC_CTX *HMAC_CTX_new(void)
@@ -155,31 +157,36 @@ void HMAC_CTX_free(HMAC_CTX *ctx)
     }
 }
 
-int HMAC_CTX_reset(HMAC_CTX *ctx)
+static int hmac_ctx_alloc_mds(HMAC_CTX *ctx)
 {
-    hmac_ctx_cleanup(ctx);
     if (ctx->i_ctx == NULL)
         ctx->i_ctx = EVP_MD_CTX_new();
     if (ctx->i_ctx == NULL)
-        goto err;
+        return 0;
     if (ctx->o_ctx == NULL)
         ctx->o_ctx = EVP_MD_CTX_new();
     if (ctx->o_ctx == NULL)
-        goto err;
+        return 0;
     if (ctx->md_ctx == NULL)
         ctx->md_ctx = EVP_MD_CTX_new();
     if (ctx->md_ctx == NULL)
-        goto err;
-    ctx->md = NULL;
+        return 0;
     return 1;
- err:
+}
+
+int HMAC_CTX_reset(HMAC_CTX *ctx)
+{
     hmac_ctx_cleanup(ctx);
-    return 0;
+    if (!hmac_ctx_alloc_mds(ctx)) {
+        hmac_ctx_cleanup(ctx);
+        return 0;
+    }
+    return 1;
 }
 
 int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
 {
-    if (!HMAC_CTX_reset(dctx))
+    if (!hmac_ctx_alloc_mds(dctx))
         goto err;
     if (!EVP_MD_CTX_copy_ex(dctx->i_ctx, sctx->i_ctx))
         goto err;
@@ -187,7 +194,7 @@ int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
         goto err;
     if (!EVP_MD_CTX_copy_ex(dctx->md_ctx, sctx->md_ctx))
         goto err;
-    memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
+    memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK_SIZE);
     dctx->key_length = sctx->key_length;
     dctx->md = sctx->md;
     return 1;