From 7728bb8e070f6b39e4c9e644d32d00f39a4254dd Mon Sep 17 00:00:00 2001
From: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
Date: Wed, 8 Jun 2016 18:03:32 +0200
Subject: [PATCH] Use ERROR_HANDLE() to check for invalid passwords

Change-Id: I3d0449474e5b9240dedb7fe784a507541e705c2a
---
 src/debug.c |  4 +++-
 src/key.c   | 28 ++++++----------------------
 2 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/src/debug.c b/src/debug.c
index 3223da1..2f277d0 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -124,10 +124,12 @@ int error_handle(const char *file, int line, const char *function)
 	switch (err) {
 	case ERR_PACK(ERR_LIB_RSA, RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS):
 	case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED):
+	case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE):
+	case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG):
 		ret = YACA_ERROR_INVALID_PARAMETER;
 		break;
-	case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT):
 	case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT):
+	case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT):
 		ret = YACA_ERROR_INVALID_PASSWORD;
 		break;
 	}
diff --git a/src/key.c b/src/key.c
index 7abd5ff..3a70534 100644
--- a/src/key.c
+++ b/src/key.c
@@ -237,18 +237,6 @@ exit:
 	return ret;
 }
 
-bool check_import_wrong_pass()
-{
-	unsigned long err = ERR_peek_error();
-	unsigned long err_bad_password_1 = ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
-	unsigned long err_bad_password_2 = ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
-
-	if (err == err_bad_password_1 || err == err_bad_password_2)
-		return true;
-
-	return false;
-}
-
 int import_evp(yaca_key_h *key,
                yaca_key_type_e key_type,
                const char *password,
@@ -295,31 +283,28 @@ int import_evp(yaca_key_h *key,
 		if (pkey == NULL && !wrong_pass) {
 			BIO_reset(src);
 			pkey = PEM_read_bio_PrivateKey(src, NULL, cb, (void*)password);
-			if (check_import_wrong_pass())
+			if (ERROR_HANDLE() == YACA_ERROR_INVALID_PASSWORD)
 				wrong_pass = true;
 			private = true;
-			ERROR_CLEAR();
 		}
 
 		if (pkey == NULL && !wrong_pass) {
 			BIO_reset(src);
 			pkey = PEM_read_bio_PUBKEY(src, NULL, cb, (void*)password);
-			if (check_import_wrong_pass())
+			if (ERROR_HANDLE() == YACA_ERROR_INVALID_PASSWORD)
 				wrong_pass = true;
 			private = false;
-			ERROR_CLEAR();
 		}
 
 		if (pkey == NULL && !wrong_pass) {
 			BIO_reset(src);
 			X509 *x509 = PEM_read_bio_X509(src, NULL, cb, (void*)password);
-			if (check_import_wrong_pass())
+			if (ERROR_HANDLE() == YACA_ERROR_INVALID_PASSWORD)
 				wrong_pass = true;
 			if (x509 != NULL)
 				pkey = X509_get_pubkey(x509);
 			X509_free(x509);
 			private = false;
-			ERROR_CLEAR();
 		}
 	}
 	/* Possible DER */
@@ -327,24 +312,23 @@ int import_evp(yaca_key_h *key,
 		if (pkey == NULL && !wrong_pass) {
 			BIO_reset(src);
 			pkey = d2i_PKCS8PrivateKey_bio(src, NULL, cb, (void*)password);
-			if (check_import_wrong_pass())
+			if (ERROR_HANDLE() == YACA_ERROR_INVALID_PASSWORD)
 				wrong_pass = true;
 			private = true;
-			ERROR_CLEAR();
 		}
 
 		if (pkey == NULL && !wrong_pass) {
 			BIO_reset(src);
 			pkey = d2i_PrivateKey_bio(src, NULL);
-			private = true;
 			ERROR_CLEAR();
+			private = true;
 		}
 
 		if (pkey == NULL && !wrong_pass) {
 			BIO_reset(src);
 			pkey = d2i_PUBKEY_bio(src, NULL);
-			private = false;
 			ERROR_CLEAR();
+			private = false;
 		}
 	}
 
-- 
2.7.4