diff options
| author | tb <> | 2018-11-29 06:21:09 +0000 |
|---|---|---|
| committer | tb <> | 2018-11-29 06:21:09 +0000 |
| commit | ee1a55d3c708acf2230e003941964e4f2e0a2967 (patch) | |
| tree | e6d7cfb92aa4dd37296357c6b9238a791a0465c6 /src/lib | |
| parent | ba84074f57e5f0f067c453aa61cee8316107861a (diff) | |
| download | openbsd-ee1a55d3c708acf2230e003941964e4f2e0a2967.tar.gz openbsd-ee1a55d3c708acf2230e003941964e4f2e0a2967.tar.bz2 openbsd-ee1a55d3c708acf2230e003941964e4f2e0a2967.zip | |
Refactor a tangle in ssl3_send_client_verify() into one function for each
type, sigalgs/rsa/ec/gost. Move a few special dances for GOST where they
belong now. This prompted a fix for a long-standing bug with GOST client
certificate authentication where tls1_transcript_data() fails since the
transcript was already freed before. Add a bit of missing error checking
and leave some further cleanup for later.
idea, guidance & ok jsing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 331 |
1 files changed, 213 insertions, 118 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 65277ef4ef..60983fc6fd 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.50 2018/11/21 15:13:29 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.51 2018/11/29 06:21:09 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2368,154 +2368,256 @@ err: | |||
| 2368 | return (-1); | 2368 | return (-1); |
| 2369 | } | 2369 | } |
| 2370 | 2370 | ||
| 2371 | int | 2371 | static int |
| 2372 | ssl3_send_client_verify(SSL *s) | 2372 | ssl3_send_client_verify_sigalgs(SSL *s, CBB *cert_verify) |
| 2373 | { | 2373 | { |
| 2374 | CBB cbb, cert_verify, cbb_signature; | 2374 | CBB cbb_signature; |
| 2375 | unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; | ||
| 2376 | unsigned char *signature = NULL; | ||
| 2377 | unsigned int signature_len = 0; | ||
| 2378 | const unsigned char *hdata; | ||
| 2379 | size_t hdatalen; | ||
| 2380 | EVP_PKEY_CTX *pctx = NULL; | 2375 | EVP_PKEY_CTX *pctx = NULL; |
| 2381 | EVP_PKEY *pkey; | 2376 | EVP_PKEY *pkey; |
| 2382 | EVP_MD_CTX mctx; | 2377 | EVP_MD_CTX mctx; |
| 2383 | const EVP_MD *md; | 2378 | const EVP_MD *md; |
| 2379 | const unsigned char *hdata; | ||
| 2380 | unsigned char *signature = NULL; | ||
| 2381 | unsigned int signature_len = 0; | ||
| 2382 | size_t hdatalen; | ||
| 2384 | size_t siglen; | 2383 | size_t siglen; |
| 2384 | int ret = 0; | ||
| 2385 | |||
| 2386 | EVP_MD_CTX_init(&mctx); | ||
| 2387 | |||
| 2388 | pkey = s->cert->key->privatekey; | ||
| 2389 | md = s->cert->key->sigalg->md(); | ||
| 2390 | |||
| 2391 | if (!tls1_transcript_data(s, &hdata, &hdatalen) || | ||
| 2392 | !CBB_add_u16(cert_verify, s->cert->key->sigalg->value)) { | ||
| 2393 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 2394 | goto err; | ||
| 2395 | } | ||
| 2396 | if (!EVP_DigestSignInit(&mctx, &pctx, md, NULL, pkey)) { | ||
| 2397 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2398 | goto err; | ||
| 2399 | } | ||
| 2400 | if ((s->cert->key->sigalg->flags & SIGALG_FLAG_RSA_PSS) && | ||
| 2401 | (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) || | ||
| 2402 | !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))) { | ||
| 2403 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2404 | goto err; | ||
| 2405 | } | ||
| 2406 | if (!EVP_DigestSignUpdate(&mctx, hdata, hdatalen)) { | ||
| 2407 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2408 | goto err; | ||
| 2409 | } | ||
| 2410 | if (!EVP_DigestSignFinal(&mctx, NULL, &siglen) || siglen == 0) { | ||
| 2411 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2412 | goto err; | ||
| 2413 | } | ||
| 2414 | if ((signature = calloc(1, siglen)) == NULL) { | ||
| 2415 | SSLerror(s, ERR_R_MALLOC_FAILURE); | ||
| 2416 | goto err; | ||
| 2417 | } | ||
| 2418 | if (!EVP_DigestSignFinal(&mctx, signature, &siglen)) { | ||
| 2419 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2420 | goto err; | ||
| 2421 | } | ||
| 2422 | signature_len = siglen; /* XXX */ | ||
| 2423 | |||
| 2424 | if (!CBB_add_u16_length_prefixed(cert_verify, &cbb_signature)) | ||
| 2425 | goto err; | ||
| 2426 | if (!CBB_add_bytes(&cbb_signature, signature, signature_len)) | ||
| 2427 | goto err; | ||
| 2428 | if (!CBB_flush(cert_verify)) | ||
| 2429 | goto err; | ||
| 2385 | 2430 | ||
| 2431 | ret = 1; | ||
| 2432 | err: | ||
| 2433 | EVP_MD_CTX_cleanup(&mctx); | ||
| 2434 | free(signature); | ||
| 2435 | return ret; | ||
| 2436 | } | ||
| 2437 | |||
| 2438 | static int | ||
| 2439 | ssl3_send_client_verify_rsa(SSL *s, CBB *cert_verify) | ||
| 2440 | { | ||
| 2441 | CBB cbb_signature; | ||
| 2442 | EVP_PKEY *pkey; | ||
| 2443 | unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; | ||
| 2444 | unsigned char *signature = NULL; | ||
| 2445 | unsigned int signature_len = 0; | ||
| 2446 | int ret = 0; | ||
| 2447 | |||
| 2448 | if (!tls1_handshake_hash_value(s, data, sizeof(data), NULL)) | ||
| 2449 | goto err; | ||
| 2450 | |||
| 2451 | pkey = s->cert->key->privatekey; | ||
| 2452 | if ((signature = calloc(1, EVP_PKEY_size(pkey))) == NULL) | ||
| 2453 | goto err; | ||
| 2454 | if (RSA_sign(NID_md5_sha1, data, MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, | ||
| 2455 | signature, &signature_len, pkey->pkey.rsa) <= 0 ) { | ||
| 2456 | SSLerror(s, ERR_R_RSA_LIB); | ||
| 2457 | goto err; | ||
| 2458 | } | ||
| 2459 | |||
| 2460 | if (!CBB_add_u16_length_prefixed(cert_verify, &cbb_signature)) | ||
| 2461 | goto err; | ||
| 2462 | if (!CBB_add_bytes(&cbb_signature, signature, signature_len)) | ||
| 2463 | goto err; | ||
| 2464 | if (!CBB_flush(cert_verify)) | ||
| 2465 | goto err; | ||
| 2466 | |||
| 2467 | ret = 1; | ||
| 2468 | err: | ||
| 2469 | free(signature); | ||
| 2470 | return ret; | ||
| 2471 | } | ||
| 2472 | |||
| 2473 | static int | ||
| 2474 | ssl3_send_client_verify_ec(SSL *s, CBB *cert_verify) | ||
| 2475 | { | ||
| 2476 | CBB cbb_signature; | ||
| 2477 | EVP_PKEY *pkey; | ||
| 2478 | unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH]; | ||
| 2479 | unsigned char *signature = NULL; | ||
| 2480 | unsigned int signature_len = 0; | ||
| 2481 | int ret = 0; | ||
| 2482 | |||
| 2483 | if (!tls1_handshake_hash_value(s, data, sizeof(data), NULL)) | ||
| 2484 | goto err; | ||
| 2485 | |||
| 2486 | pkey = s->cert->key->privatekey; | ||
| 2487 | if ((signature = calloc(1, EVP_PKEY_size(pkey))) == NULL) | ||
| 2488 | goto err; | ||
| 2489 | if (!ECDSA_sign(pkey->save_type, &data[MD5_DIGEST_LENGTH], | ||
| 2490 | SHA_DIGEST_LENGTH, signature, &signature_len, pkey->pkey.ec)) { | ||
| 2491 | SSLerror(s, ERR_R_ECDSA_LIB); | ||
| 2492 | goto err; | ||
| 2493 | } | ||
| 2494 | |||
| 2495 | if (!CBB_add_u16_length_prefixed(cert_verify, &cbb_signature)) | ||
| 2496 | goto err; | ||
| 2497 | if (!CBB_add_bytes(&cbb_signature, signature, signature_len)) | ||
| 2498 | goto err; | ||
| 2499 | if (!CBB_flush(cert_verify)) | ||
| 2500 | goto err; | ||
| 2501 | |||
| 2502 | ret = 1; | ||
| 2503 | err: | ||
| 2504 | free(signature); | ||
| 2505 | return ret; | ||
| 2506 | } | ||
| 2507 | |||
| 2508 | #ifndef OPENSSL_NO_GOST | ||
| 2509 | static int | ||
| 2510 | ssl3_send_client_verify_gost(SSL *s, CBB *cert_verify) | ||
| 2511 | { | ||
| 2512 | CBB cbb_signature; | ||
| 2513 | EVP_MD_CTX mctx; | ||
| 2514 | EVP_PKEY_CTX *pctx; | ||
| 2515 | EVP_PKEY *pkey; | ||
| 2516 | const EVP_MD *md; | ||
| 2517 | const unsigned char *hdata; | ||
| 2518 | unsigned char signbuf[128]; | ||
| 2519 | unsigned char *signature = NULL; | ||
| 2520 | unsigned int signature_len = 0; | ||
| 2521 | unsigned int u; | ||
| 2522 | size_t hdatalen; | ||
| 2523 | size_t sigsize; | ||
| 2524 | int nid; | ||
| 2525 | int ret = 0; | ||
| 2386 | 2526 | ||
| 2387 | EVP_MD_CTX_init(&mctx); | 2527 | EVP_MD_CTX_init(&mctx); |
| 2388 | 2528 | ||
| 2529 | pkey = s->cert->key->privatekey; | ||
| 2530 | |||
| 2531 | /* Create context from key and test if sha1 is allowed as digest. */ | ||
| 2532 | if ((pctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) | ||
| 2533 | goto err; | ||
| 2534 | if (EVP_PKEY_sign_init(pctx) <= 0) | ||
| 2535 | goto err; | ||
| 2536 | /* XXX - is this needed? */ | ||
| 2537 | if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) <= 0) | ||
| 2538 | ERR_clear_error(); | ||
| 2539 | |||
| 2540 | if (!tls1_transcript_data(s, &hdata, &hdatalen)) { | ||
| 2541 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 2542 | goto err; | ||
| 2543 | } | ||
| 2544 | if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || | ||
| 2545 | !(md = EVP_get_digestbynid(nid))) { | ||
| 2546 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2547 | goto err; | ||
| 2548 | } | ||
| 2549 | if (!EVP_DigestInit_ex(&mctx, md, NULL) || | ||
| 2550 | !EVP_DigestUpdate(&mctx, hdata, hdatalen) || | ||
| 2551 | !EVP_DigestFinal(&mctx, signbuf, &u) || | ||
| 2552 | |||
| 2553 | (EVP_PKEY_CTX_set_signature_md(pctx, md) <= 0) || | ||
| 2554 | (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, | ||
| 2555 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, | ||
| 2556 | NULL) <= 0) || | ||
| 2557 | (EVP_PKEY_sign(pctx, signature, &sigsize, signbuf, u) <= 0)) { | ||
| 2558 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2559 | goto err; | ||
| 2560 | } | ||
| 2561 | if (sigsize > UINT_MAX) | ||
| 2562 | goto err; | ||
| 2563 | signature_len = sigsize; | ||
| 2564 | |||
| 2565 | if (!CBB_add_u16_length_prefixed(cert_verify, &cbb_signature)) | ||
| 2566 | goto err; | ||
| 2567 | if (!CBB_add_bytes(&cbb_signature, signature, signature_len)) | ||
| 2568 | goto err; | ||
| 2569 | if (!CBB_flush(cert_verify)) | ||
| 2570 | goto err; | ||
| 2571 | |||
| 2572 | ret = 1; | ||
| 2573 | err: | ||
| 2574 | EVP_MD_CTX_cleanup(&mctx); | ||
| 2575 | EVP_PKEY_CTX_free(pctx); | ||
| 2576 | free(signature); | ||
| 2577 | return ret; | ||
| 2578 | } | ||
| 2579 | #endif | ||
| 2580 | |||
| 2581 | int | ||
| 2582 | ssl3_send_client_verify(SSL *s) | ||
| 2583 | { | ||
| 2584 | CBB cbb, cert_verify; | ||
| 2585 | EVP_PKEY *pkey; | ||
| 2586 | |||
| 2389 | memset(&cbb, 0, sizeof(cbb)); | 2587 | memset(&cbb, 0, sizeof(cbb)); |
| 2390 | 2588 | ||
| 2391 | if (S3I(s)->hs.state == SSL3_ST_CW_CERT_VRFY_A) { | 2589 | if (S3I(s)->hs.state == SSL3_ST_CW_CERT_VRFY_A) { |
| 2392 | if (!ssl3_handshake_msg_start(s, &cbb, &cert_verify, | 2590 | if (!ssl3_handshake_msg_start(s, &cbb, &cert_verify, |
| 2393 | SSL3_MT_CERTIFICATE_VERIFY)) | 2591 | SSL3_MT_CERTIFICATE_VERIFY)) |
| 2394 | goto err; | 2592 | goto err; |
| 2395 | /* | ||
| 2396 | * Create context from key and test if sha1 is allowed as | ||
| 2397 | * digest. | ||
| 2398 | */ | ||
| 2399 | pkey = s->cert->key->privatekey; | ||
| 2400 | md = s->cert->key->sigalg->md(); | ||
| 2401 | pctx = EVP_PKEY_CTX_new(pkey, NULL); | ||
| 2402 | EVP_PKEY_sign_init(pctx); | ||
| 2403 | 2593 | ||
| 2404 | /* XXX - is this needed? */ | 2594 | pkey = s->cert->key->privatekey; |
| 2405 | if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) <= 0) | ||
| 2406 | ERR_clear_error(); | ||
| 2407 | 2595 | ||
| 2408 | if (!SSL_USE_SIGALGS(s)) { | ||
| 2409 | tls1_transcript_free(s); | ||
| 2410 | if (!tls1_handshake_hash_value(s, data, sizeof(data), | ||
| 2411 | NULL)) | ||
| 2412 | goto err; | ||
| 2413 | } | ||
| 2414 | /* | 2596 | /* |
| 2415 | * For TLS v1.2 send signature algorithm and signature | 2597 | * For TLS v1.2 send signature algorithm and signature |
| 2416 | * using agreed digest and cached handshake records. | 2598 | * using agreed digest and cached handshake records. |
| 2417 | */ | 2599 | */ |
| 2418 | if (SSL_USE_SIGALGS(s)) { | 2600 | if (SSL_USE_SIGALGS(s)) { |
| 2419 | EVP_PKEY_CTX *pctx; | 2601 | if (!ssl3_send_client_verify_sigalgs(s, &cert_verify)) |
| 2420 | if (!tls1_transcript_data(s, &hdata, &hdatalen) || | ||
| 2421 | !CBB_add_u16(&cert_verify, | ||
| 2422 | s->cert->key->sigalg->value)) { | ||
| 2423 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 2424 | goto err; | ||
| 2425 | } | ||
| 2426 | if (!EVP_DigestSignInit(&mctx, &pctx, md, NULL, pkey)) { | ||
| 2427 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2428 | goto err; | ||
| 2429 | } | ||
| 2430 | if ((s->cert->key->sigalg->flags & | ||
| 2431 | SIGALG_FLAG_RSA_PSS) && | ||
| 2432 | (!EVP_PKEY_CTX_set_rsa_padding(pctx, | ||
| 2433 | RSA_PKCS1_PSS_PADDING) || | ||
| 2434 | !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))) { | ||
| 2435 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2436 | goto err; | ||
| 2437 | } | ||
| 2438 | if (!EVP_DigestSignUpdate(&mctx, hdata, hdatalen)) { | ||
| 2439 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2440 | goto err; | ||
| 2441 | } | ||
| 2442 | if (!EVP_DigestSignFinal(&mctx, NULL, &siglen) || | ||
| 2443 | siglen == 0) { | ||
| 2444 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2445 | goto err; | 2602 | goto err; |
| 2446 | } | ||
| 2447 | if ((signature = calloc(1, siglen)) == NULL) { | ||
| 2448 | SSLerror(s, ERR_R_MALLOC_FAILURE); | ||
| 2449 | goto err; | ||
| 2450 | } | ||
| 2451 | if (!EVP_DigestSignFinal(&mctx, signature, &siglen)) { | ||
| 2452 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2453 | goto err; | ||
| 2454 | } | ||
| 2455 | signature_len = siglen; /* XXX */ | ||
| 2456 | tls1_transcript_free(s); | ||
| 2457 | } else if (pkey->type == EVP_PKEY_RSA) { | 2603 | } else if (pkey->type == EVP_PKEY_RSA) { |
| 2458 | if ((signature = calloc(1, EVP_PKEY_size(pkey))) == NULL) | 2604 | if (!ssl3_send_client_verify_rsa(s, &cert_verify)) |
| 2459 | goto err; | 2605 | goto err; |
| 2460 | if (RSA_sign(NID_md5_sha1, data, | ||
| 2461 | MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, signature, | ||
| 2462 | &signature_len, pkey->pkey.rsa) <= 0 ) { | ||
| 2463 | SSLerror(s, ERR_R_RSA_LIB); | ||
| 2464 | goto err; | ||
| 2465 | } | ||
| 2466 | } else if (pkey->type == EVP_PKEY_EC) { | 2606 | } else if (pkey->type == EVP_PKEY_EC) { |
| 2467 | if ((signature = calloc(1, EVP_PKEY_size(pkey))) == NULL) | 2607 | if (!ssl3_send_client_verify_ec(s, &cert_verify)) |
| 2468 | goto err; | 2608 | goto err; |
| 2469 | if (!ECDSA_sign(pkey->save_type, | ||
| 2470 | &data[MD5_DIGEST_LENGTH], SHA_DIGEST_LENGTH, | ||
| 2471 | signature, &signature_len, pkey->pkey.ec)) { | ||
| 2472 | SSLerror(s, ERR_R_ECDSA_LIB); | ||
| 2473 | goto err; | ||
| 2474 | } | ||
| 2475 | #ifndef OPENSSL_NO_GOST | 2609 | #ifndef OPENSSL_NO_GOST |
| 2476 | } else if (pkey->type == NID_id_GostR3410_94 || | 2610 | } else if (pkey->type == NID_id_GostR3410_94 || |
| 2477 | pkey->type == NID_id_GostR3410_2001) { | 2611 | pkey->type == NID_id_GostR3410_2001) { |
| 2478 | unsigned char signbuf[128]; | 2612 | if (!ssl3_send_client_verify_gost(s, &cert_verify)) |
| 2479 | unsigned int u; | ||
| 2480 | size_t sigsize; | ||
| 2481 | int nid; | ||
| 2482 | |||
| 2483 | if (!tls1_transcript_data(s, &hdata, &hdatalen)) { | ||
| 2484 | SSLerror(s, ERR_R_INTERNAL_ERROR); | ||
| 2485 | goto err; | ||
| 2486 | } | ||
| 2487 | if (!EVP_PKEY_get_default_digest_nid(pkey, &nid) || | ||
| 2488 | !(md = EVP_get_digestbynid(nid))) { | ||
| 2489 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2490 | goto err; | 2613 | goto err; |
| 2491 | } | ||
| 2492 | if (!EVP_DigestInit_ex(&mctx, md, NULL) || | ||
| 2493 | !EVP_DigestUpdate(&mctx, hdata, hdatalen) || | ||
| 2494 | !EVP_DigestFinal(&mctx, signbuf, &u) || | ||
| 2495 | |||
| 2496 | (EVP_PKEY_CTX_set_signature_md(pctx, md) <= 0) || | ||
| 2497 | (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, | ||
| 2498 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, | ||
| 2499 | GOST_SIG_FORMAT_RS_LE, NULL) <= 0) || | ||
| 2500 | (EVP_PKEY_sign(pctx, signature, &sigsize, | ||
| 2501 | signbuf, u) <= 0)) { | ||
| 2502 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2503 | goto err; | ||
| 2504 | } | ||
| 2505 | if (sigsize > UINT_MAX) | ||
| 2506 | goto err; | ||
| 2507 | signature_len = sigsize; | ||
| 2508 | tls1_transcript_free(s); | ||
| 2509 | #endif | 2614 | #endif |
| 2510 | } else { | 2615 | } else { |
| 2511 | SSLerror(s, ERR_R_INTERNAL_ERROR); | 2616 | SSLerror(s, ERR_R_INTERNAL_ERROR); |
| 2512 | goto err; | 2617 | goto err; |
| 2513 | } | 2618 | } |
| 2514 | 2619 | ||
| 2515 | if (!CBB_add_u16_length_prefixed(&cert_verify, &cbb_signature)) | 2620 | tls1_transcript_free(s); |
| 2516 | goto err; | ||
| 2517 | if (!CBB_add_bytes(&cbb_signature, signature, signature_len)) | ||
| 2518 | goto err; | ||
| 2519 | 2621 | ||
| 2520 | if (!ssl3_handshake_msg_finish(s, &cbb)) | 2622 | if (!ssl3_handshake_msg_finish(s, &cbb)) |
| 2521 | goto err; | 2623 | goto err; |
| @@ -2523,17 +2625,10 @@ ssl3_send_client_verify(SSL *s) | |||
| 2523 | S3I(s)->hs.state = SSL3_ST_CW_CERT_VRFY_B; | 2625 | S3I(s)->hs.state = SSL3_ST_CW_CERT_VRFY_B; |
| 2524 | } | 2626 | } |
| 2525 | 2627 | ||
| 2526 | EVP_MD_CTX_cleanup(&mctx); | ||
| 2527 | EVP_PKEY_CTX_free(pctx); | ||
| 2528 | free(signature); | ||
| 2529 | |||
| 2530 | return (ssl3_handshake_write(s)); | 2628 | return (ssl3_handshake_write(s)); |
| 2531 | 2629 | ||
| 2532 | err: | 2630 | err: |
| 2533 | CBB_cleanup(&cbb); | 2631 | CBB_cleanup(&cbb); |
| 2534 | EVP_MD_CTX_cleanup(&mctx); | ||
| 2535 | EVP_PKEY_CTX_free(pctx); | ||
| 2536 | free(signature); | ||
| 2537 | 2632 | ||
| 2538 | return (-1); | 2633 | return (-1); |
| 2539 | } | 2634 | } |