EVP_DigestInit_ex() may be used to recycle an existing EVP_MD_CTX without having

to reinitialize all of it, especially if it is used with the same MD algorithm. However, when the MD algorithm changes, it needs to perform more cleanups. Make that code more closer to what EVP_MD_CTX_cleanup() does by: - only freeing md_data if EVP_MD_CTX_FLAG_REUSE is not set - performing an explicit_bzero of md_data before freeing it - making sure we call EVP_PKEY_CTX_free on the pctx if the allocation for the new md_data fails. ok tedu@
author: miod <> 2014-07-13 11:14:02 +0000
committer: miod <> 2014-07-13 11:14:02 +0000
commit: bb6ecc6d127525e219bd52f088338bd8de903206 (patch)
tree: 82205e765786f000bdfdd3df7391aa83a3b32be2 /src
parent: dc9fac280f24b608e27c4cd3f2c5a043754b92fd (diff)
download: openbsd-bb6ecc6d127525e219bd52f088338bd8de903206.tar.gz
openbsd-bb6ecc6d127525e219bd52f088338bd8de903206.tar.bz2
openbsd-bb6ecc6d127525e219bd52f088338bd8de903206.zip
2 files changed, 18 insertions, 6 deletions
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index d582d7954e..a1be18ee22 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.22 2014/07/12 16:03:37 miod Exp $ */
+/* $OpenBSD: digest.c,v 1.23 2014/07/13 11:14:02 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -192,13 +192,19 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
        }
 #endif
        if (ctx->digest != type) {
-                if (ctx->digest && ctx->digest->ctx_size)
+                if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
+                    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
+                        explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
                        free(ctx->md_data);
+                        ctx->md_data = NULL;
+                }
                ctx->digest = type;
                if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
                        ctx->update = type->update;
                        ctx->md_data = malloc(type->ctx_size);
                        if (ctx->md_data == NULL) {
+                                EVP_PKEY_CTX_free(ctx->pctx);
+                                ctx->pctx = NULL;
                                EVPerr(EVP_F_EVP_DIGESTINIT_EX,
                                    ERR_R_MALLOC_FAILURE);
                                return 0;
@@ -355,7 +361,7 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
                ctx->digest->cleanup(ctx);
        if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
            !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
-                OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
+                explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
                free(ctx->md_data);
        }
        EVP_PKEY_CTX_free(ctx->pctx);
diff --git a/src/lib/libssl/src/crypto/evp/digest.c b/src/lib/libssl/src/crypto/evp/digest.c
index d582d7954e..a1be18ee22 100644
--- a/src/lib/libssl/src/crypto/evp/digest.c
+++ b/src/lib/libssl/src/crypto/evp/digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.22 2014/07/12 16:03:37 miod Exp $ */
+/* $OpenBSD: digest.c,v 1.23 2014/07/13 11:14:02 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -192,13 +192,19 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
        }
 #endif
        if (ctx->digest != type) {
-                if (ctx->digest && ctx->digest->ctx_size)
+                if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
+                    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
+                        explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
                        free(ctx->md_data);
+                        ctx->md_data = NULL;
+                }
                ctx->digest = type;
                if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
                        ctx->update = type->update;
                        ctx->md_data = malloc(type->ctx_size);
                        if (ctx->md_data == NULL) {
+                                EVP_PKEY_CTX_free(ctx->pctx);
+                                ctx->pctx = NULL;
                                EVPerr(EVP_F_EVP_DIGESTINIT_EX,
                                    ERR_R_MALLOC_FAILURE);
                                return 0;
@@ -355,7 +361,7 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
                ctx->digest->cleanup(ctx);
        if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
            !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
-                OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
+                explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
                free(ctx->md_data);
        }
        EVP_PKEY_CTX_free(ctx->pctx);
author	miod <>	2014-07-13 11:14:02 +0000
committer	miod <>	2014-07-13 11:14:02 +0000
commit	bb6ecc6d127525e219bd52f088338bd8de903206 (patch)
tree	82205e765786f000bdfdd3df7391aa83a3b32be2 /src
parent	dc9fac280f24b608e27c4cd3f2c5a043754b92fd (diff)
download	openbsd-bb6ecc6d127525e219bd52f088338bd8de903206.tar.gz openbsd-bb6ecc6d127525e219bd52f088338bd8de903206.tar.bz2 openbsd-bb6ecc6d127525e219bd52f088338bd8de903206.zip