summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authormiod <>2016-11-05 11:32:45 +0000
committermiod <>2016-11-05 11:32:45 +0000
commit36f83cc64aba950579850268de8e1eb4819bd14a (patch)
tree00edee73f45a94785fa755556669521614e2aaec /src
parente7fb7b2ca65897bb75773e32acee48b352309c53 (diff)
downloadopenbsd-36f83cc64aba950579850268de8e1eb4819bd14a.tar.gz
openbsd-36f83cc64aba950579850268de8e1eb4819bd14a.tar.bz2
openbsd-36f83cc64aba950579850268de8e1eb4819bd14a.zip
Make sure PEM_SealInit() will correctly destroy the PEM_ENCODE_SEAL_CTX
upon error, as there is no way to do this outside of PEM_SealFinal(), which can only work if PEM_SealInit() succeeded... ok beck@ jsing@
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/pem/pem_seal.c30
1 files changed, 22 insertions, 8 deletions
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
index 96687eb77f..79162b32d7 100644
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_seal.c,v 1.22 2015/09/10 15:56:25 jsing Exp $ */ 1/* $OpenBSD: pem_seal.c,v 1.23 2016/11/05 11:32:45 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -70,6 +70,14 @@
70#include <openssl/rsa.h> 70#include <openssl/rsa.h>
71#include <openssl/x509.h> 71#include <openssl/x509.h>
72 72
73static void
74PEM_ENCODE_SEAL_CTX_cleanup(PEM_ENCODE_SEAL_CTX *ctx)
75{
76 EVP_CIPHER_CTX_cleanup(&ctx->cipher);
77 EVP_MD_CTX_cleanup(&ctx->md);
78 explicit_bzero(&ctx->encode, sizeof(ctx->encode));
79}
80
73int 81int
74PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, 82PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
75 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk) 83 unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk)
@@ -79,6 +87,14 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
79 int i, j, max = 0; 87 int i, j, max = 0;
80 char *s = NULL; 88 char *s = NULL;
81 89
90 /*
91 * Make sure ctx is properly initialized so that we can always pass
92 * it to PEM_ENCODE_SEAL_CTX_cleanup() in the error path.
93 */
94 EVP_EncodeInit(&ctx->encode);
95 EVP_MD_CTX_init(&ctx->md);
96 EVP_CIPHER_CTX_init(&ctx->cipher);
97
82 for (i = 0; i < npubk; i++) { 98 for (i = 0; i < npubk; i++) {
83 if (pubk[i]->type != EVP_PKEY_RSA) { 99 if (pubk[i]->type != EVP_PKEY_RSA) {
84 PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA); 100 PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
@@ -94,13 +110,9 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
94 goto err; 110 goto err;
95 } 111 }
96 112
97 EVP_EncodeInit(&ctx->encode);
98
99 EVP_MD_CTX_init(&ctx->md);
100 if (!EVP_SignInit(&ctx->md, md_type)) 113 if (!EVP_SignInit(&ctx->md, md_type))
101 goto err; 114 goto err;
102 115
103 EVP_CIPHER_CTX_init(&ctx->cipher);
104 ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk); 116 ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
105 if (ret <= 0) 117 if (ret <= 0)
106 goto err; 118 goto err;
@@ -115,9 +127,12 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
115 127
116 ret = npubk; 128 ret = npubk;
117 129
130 if (0) {
118err: 131err:
132 PEM_ENCODE_SEAL_CTX_cleanup(ctx);
133 }
119 free(s); 134 free(s);
120 explicit_bzero(key, EVP_MAX_KEY_LENGTH); 135 explicit_bzero(key, sizeof(key));
121 return (ret); 136 return (ret);
122} 137}
123 138
@@ -182,8 +197,7 @@ PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
182 ret = 1; 197 ret = 1;
183 198
184err: 199err:
185 EVP_MD_CTX_cleanup(&ctx->md); 200 PEM_ENCODE_SEAL_CTX_cleanup(ctx);
186 EVP_CIPHER_CTX_cleanup(&ctx->cipher);
187 free(s); 201 free(s);
188 return (ret); 202 return (ret);
189} 203}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 10:58:53 +0000