diff options
| author | miod <> | 2014-07-13 12:53:46 +0000 |
|---|---|---|
| committer | miod <> | 2014-07-13 12:53:46 +0000 |
| commit | 111fadec15cbbe302bb6c1aa84e3035fbe782ff9 (patch) | |
| tree | 7bb560c2803648ce9adc8ce91f96c74942f8f7db /src/lib | |
| parent | 19e9baa82a5d67c6fa2f5695d30f290bbf838772 (diff) | |
| download | openbsd-111fadec15cbbe302bb6c1aa84e3035fbe782ff9.tar.gz openbsd-111fadec15cbbe302bb6c1aa84e3035fbe782ff9.tar.bz2 openbsd-111fadec15cbbe302bb6c1aa84e3035fbe782ff9.zip | |
Make sure all error conditions in RSA_padding_add_PKCS1_PSS_mgf1() cause
EVP_MD_CTX_cleanup() to be called.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_pss.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/rsa/rsa_pss.c | 7 |
2 files changed, 8 insertions, 6 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_pss.c b/src/lib/libcrypto/rsa/rsa_pss.c index e18ca632aa..f841b2f8a3 100644 --- a/src/lib/libcrypto/rsa/rsa_pss.c +++ b/src/lib/libcrypto/rsa/rsa_pss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_pss.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_pss.c,v 1.10 2014/07/13 12:53:46 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2005. | 3 | * project 2005. |
| 4 | */ | 4 | */ |
| @@ -199,6 +199,8 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 199 | unsigned char *H, *salt = NULL, *p; | 199 | unsigned char *H, *salt = NULL, *p; |
| 200 | EVP_MD_CTX ctx; | 200 | EVP_MD_CTX ctx; |
| 201 | 201 | ||
| 202 | EVP_MD_CTX_init(&ctx); | ||
| 203 | |||
| 202 | if (mgf1Hash == NULL) | 204 | if (mgf1Hash == NULL) |
| 203 | mgf1Hash = Hash; | 205 | mgf1Hash = Hash; |
| 204 | 206 | ||
| @@ -246,7 +248,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 246 | } | 248 | } |
| 247 | maskedDBLen = emLen - hLen - 1; | 249 | maskedDBLen = emLen - hLen - 1; |
| 248 | H = EM + maskedDBLen; | 250 | H = EM + maskedDBLen; |
| 249 | EVP_MD_CTX_init(&ctx); | ||
| 250 | if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || | 251 | if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || |
| 251 | !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || | 252 | !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || |
| 252 | !EVP_DigestUpdate(&ctx, mHash, hLen)) | 253 | !EVP_DigestUpdate(&ctx, mHash, hLen)) |
| @@ -255,7 +256,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 255 | goto err; | 256 | goto err; |
| 256 | if (!EVP_DigestFinal_ex(&ctx, H, NULL)) | 257 | if (!EVP_DigestFinal_ex(&ctx, H, NULL)) |
| 257 | goto err; | 258 | goto err; |
| 258 | EVP_MD_CTX_cleanup(&ctx); | ||
| 259 | 259 | ||
| 260 | /* Generate dbMask in place then perform XOR on it */ | 260 | /* Generate dbMask in place then perform XOR on it */ |
| 261 | if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) | 261 | if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) |
| @@ -284,6 +284,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 284 | 284 | ||
| 285 | err: | 285 | err: |
| 286 | free(salt); | 286 | free(salt); |
| 287 | EVP_MD_CTX_cleanup(&ctx); | ||
| 287 | 288 | ||
| 288 | return ret; | 289 | return ret; |
| 289 | } | 290 | } |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_pss.c b/src/lib/libssl/src/crypto/rsa/rsa_pss.c index e18ca632aa..f841b2f8a3 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_pss.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_pss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_pss.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */ | 1 | /* $OpenBSD: rsa_pss.c,v 1.10 2014/07/13 12:53:46 miod Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2005. | 3 | * project 2005. |
| 4 | */ | 4 | */ |
| @@ -199,6 +199,8 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 199 | unsigned char *H, *salt = NULL, *p; | 199 | unsigned char *H, *salt = NULL, *p; |
| 200 | EVP_MD_CTX ctx; | 200 | EVP_MD_CTX ctx; |
| 201 | 201 | ||
| 202 | EVP_MD_CTX_init(&ctx); | ||
| 203 | |||
| 202 | if (mgf1Hash == NULL) | 204 | if (mgf1Hash == NULL) |
| 203 | mgf1Hash = Hash; | 205 | mgf1Hash = Hash; |
| 204 | 206 | ||
| @@ -246,7 +248,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 246 | } | 248 | } |
| 247 | maskedDBLen = emLen - hLen - 1; | 249 | maskedDBLen = emLen - hLen - 1; |
| 248 | H = EM + maskedDBLen; | 250 | H = EM + maskedDBLen; |
| 249 | EVP_MD_CTX_init(&ctx); | ||
| 250 | if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || | 251 | if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || |
| 251 | !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || | 252 | !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || |
| 252 | !EVP_DigestUpdate(&ctx, mHash, hLen)) | 253 | !EVP_DigestUpdate(&ctx, mHash, hLen)) |
| @@ -255,7 +256,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 255 | goto err; | 256 | goto err; |
| 256 | if (!EVP_DigestFinal_ex(&ctx, H, NULL)) | 257 | if (!EVP_DigestFinal_ex(&ctx, H, NULL)) |
| 257 | goto err; | 258 | goto err; |
| 258 | EVP_MD_CTX_cleanup(&ctx); | ||
| 259 | 259 | ||
| 260 | /* Generate dbMask in place then perform XOR on it */ | 260 | /* Generate dbMask in place then perform XOR on it */ |
| 261 | if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) | 261 | if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) |
| @@ -284,6 +284,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 284 | 284 | ||
| 285 | err: | 285 | err: |
| 286 | free(salt); | 286 | free(salt); |
| 287 | EVP_MD_CTX_cleanup(&ctx); | ||
| 287 | 288 | ||
| 288 | return ret; | 289 | return ret; |
| 289 | } | 290 | } |