Stop pretending that EVP_CIPHER cleanup can fail.

Now that EVP_CIPHER is opaque, stop pretending that EVP_CIPHER cleanup can
fail.

ok tb@

Author: jsing

src/lib/libcrypto/evp/e_aes.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.48 2022/09/10 17:45:10 jsing Exp $ */
+/* $OpenBSD: e_aes.c,v 1.49 2022/09/13 04:59:18 jsing Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -1255,15 +1255,15 @@ EVP_aes_256_ctr(void)
 #endif
 }
 
-static int
+static void
 aes_gcm_cleanup(EVP_CIPHER_CTX *c)
 {
 	EVP_AES_GCM_CTX *gctx = c->cipher_data;
 
 	if (gctx->iv != c->iv)
 		free(gctx->iv);
+
 	explicit_bzero(gctx, sizeof(*gctx));
-	return 1;
 }
 
 /* increment counter (64-bit int) by 1 */

src/lib/libcrypto/evp/e_chacha20poly1305.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: e_chacha20poly1305.c,v 1.25 2022/08/30 19:33:26 tb Exp $ */
+/* $OpenBSD: e_chacha20poly1305.c,v 1.26 2022/09/13 04:59:18 jsing Exp $ */
 
 /*
  * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
@@ -530,14 +530,12 @@ chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	return len;
 }
 
-static int
+static void
 chacha20_poly1305_cleanup(EVP_CIPHER_CTX *ctx)
 {
 	struct chacha20_poly1305_ctx *cpx = ctx->cipher_data;
 
 	explicit_bzero(cpx, sizeof(*cpx));
-
-	return 1;
 }
 
 static int

src/lib/libcrypto/evp/evp_enc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_enc.c,v 1.46 2022/09/04 13:34:13 jsing Exp $ */
+/* $OpenBSD: evp_enc.c,v 1.47 2022/09/13 04:59:18 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -601,18 +601,21 @@ int
 EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
 {
 	if (c->cipher != NULL) {
-		if (c->cipher->cleanup && !c->cipher->cleanup(c))
-			return 0;
-		/* Cleanse cipher context data */
-		if (c->cipher_data)
+		if (c->cipher->cleanup != NULL)
+			c->cipher->cleanup(c);
+		if (c->cipher_data != NULL)
 			explicit_bzero(c->cipher_data, c->cipher->ctx_size);
 	}
+
 	/* XXX - store size of cipher_data so we can always freezero(). */
 	free(c->cipher_data);
+
 #ifndef OPENSSL_NO_ENGINE
 	ENGINE_finish(c->engine);
 #endif
+
 	explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
+
 	return 1;
 }
 

src/lib/libcrypto/evp/evp_locl.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: evp_locl.h,v 1.27 2022/09/04 09:56:30 jsing Exp $ */
+/* $OpenBSD: evp_locl.h,v 1.28 2022/09/13 04:59:18 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -143,7 +143,7 @@ struct evp_cipher_st {
 	    const unsigned char *iv, int enc);	/* init key */
 	int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
 	    const unsigned char *in, size_t inl);/* encrypt/decrypt data */
-	int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
+	void (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
 	int ctx_size;		/* how big ctx->cipher_data needs to be */
 	int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
 	int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */