diff options
| author | joshua <> | 2024-03-26 05:26:27 +0000 |
|---|---|---|
| committer | joshua <> | 2024-03-26 05:26:27 +0000 |
| commit | e978a251991069caf6ee014d5a5df9bc58135470 (patch) | |
| tree | 648fc357ff73ed05902034d86c9cb9026fba2aa5 /src | |
| parent | 98835cc766bfec13ffe0088cd081e96059a6da2c (diff) | |
| download | openbsd-e978a251991069caf6ee014d5a5df9bc58135470.tar.gz openbsd-e978a251991069caf6ee014d5a5df9bc58135470.tar.bz2 openbsd-e978a251991069caf6ee014d5a5df9bc58135470.zip | |
Clean up use of EVP_MD_CTX_{legacy_clear,cleanup} in
RSA_verify_PKCS1_PSS_mgf1
ok jsing@ tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_pss.c | 41 |
1 files changed, 22 insertions, 19 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_pss.c b/src/lib/libcrypto/rsa/rsa_pss.c index 6670866ff6..610ae7c928 100644 --- a/src/lib/libcrypto/rsa/rsa_pss.c +++ b/src/lib/libcrypto/rsa/rsa_pss.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_pss.c,v 1.18 2024/02/18 15:45:42 tb Exp $ */ | 1 | /* $OpenBSD: rsa_pss.c,v 1.19 2024/03/26 05:26:27 joshua Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2005. | 3 | * project 2005. |
| 4 | */ | 4 | */ |
| @@ -89,10 +89,11 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, | |||
| 89 | int hLen, maskedDBLen, MSBits, emLen; | 89 | int hLen, maskedDBLen, MSBits, emLen; |
| 90 | const unsigned char *H; | 90 | const unsigned char *H; |
| 91 | unsigned char *DB = NULL; | 91 | unsigned char *DB = NULL; |
| 92 | EVP_MD_CTX ctx; | 92 | EVP_MD_CTX *md_ctx; |
| 93 | unsigned char H_[EVP_MAX_MD_SIZE]; | 93 | unsigned char H_[EVP_MAX_MD_SIZE]; |
| 94 | 94 | ||
| 95 | EVP_MD_CTX_legacy_clear(&ctx); | 95 | if ((md_ctx = EVP_MD_CTX_new()) == NULL) |
| 96 | goto err; | ||
| 96 | 97 | ||
| 97 | if (mgf1Hash == NULL) | 98 | if (mgf1Hash == NULL) |
| 98 | mgf1Hash = Hash; | 99 | mgf1Hash = Hash; |
| @@ -157,25 +158,26 @@ RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash, | |||
| 157 | RSAerror(RSA_R_SLEN_CHECK_FAILED); | 158 | RSAerror(RSA_R_SLEN_CHECK_FAILED); |
| 158 | goto err; | 159 | goto err; |
| 159 | } | 160 | } |
| 160 | if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || | 161 | if (!EVP_DigestInit_ex(md_ctx, Hash, NULL) || |
| 161 | !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || | 162 | !EVP_DigestUpdate(md_ctx, zeroes, sizeof zeroes) || |
| 162 | !EVP_DigestUpdate(&ctx, mHash, hLen)) | 163 | !EVP_DigestUpdate(md_ctx, mHash, hLen)) |
| 163 | goto err; | 164 | goto err; |
| 164 | if (maskedDBLen - i) { | 165 | if (maskedDBLen - i) { |
| 165 | if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i)) | 166 | if (!EVP_DigestUpdate(md_ctx, DB + i, maskedDBLen - i)) |
| 166 | goto err; | 167 | goto err; |
| 167 | } | 168 | } |
| 168 | if (!EVP_DigestFinal_ex(&ctx, H_, NULL)) | 169 | if (!EVP_DigestFinal_ex(md_ctx, H_, NULL)) |
| 169 | goto err; | 170 | goto err; |
| 170 | if (timingsafe_bcmp(H_, H, hLen)) { | 171 | if (timingsafe_bcmp(H_, H, hLen)) { |
| 171 | RSAerror(RSA_R_BAD_SIGNATURE); | 172 | RSAerror(RSA_R_BAD_SIGNATURE); |
| 172 | ret = 0; | 173 | ret = 0; |
| 173 | } else | 174 | } else { |
| 174 | ret = 1; | 175 | ret = 1; |
| 176 | } | ||
| 175 | 177 | ||
| 176 | err: | 178 | err: |
| 177 | free(DB); | 179 | free(DB); |
| 178 | EVP_MD_CTX_cleanup(&ctx); | 180 | EVP_MD_CTX_free(md_ctx); |
| 179 | 181 | ||
| 180 | return ret; | 182 | return ret; |
| 181 | } | 183 | } |
| @@ -198,9 +200,10 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 198 | int ret = 0; | 200 | int ret = 0; |
| 199 | int hLen, maskedDBLen, MSBits, emLen; | 201 | int hLen, maskedDBLen, MSBits, emLen; |
| 200 | unsigned char *H, *salt = NULL, *p; | 202 | unsigned char *H, *salt = NULL, *p; |
| 201 | EVP_MD_CTX ctx; | 203 | EVP_MD_CTX *md_ctx; |
| 202 | 204 | ||
| 203 | EVP_MD_CTX_legacy_clear(&ctx); | 205 | if ((md_ctx = EVP_MD_CTX_new()) == NULL) |
| 206 | goto err; | ||
| 204 | 207 | ||
| 205 | if (mgf1Hash == NULL) | 208 | if (mgf1Hash == NULL) |
| 206 | mgf1Hash = Hash; | 209 | mgf1Hash = Hash; |
| @@ -245,13 +248,13 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 245 | } | 248 | } |
| 246 | maskedDBLen = emLen - hLen - 1; | 249 | maskedDBLen = emLen - hLen - 1; |
| 247 | H = EM + maskedDBLen; | 250 | H = EM + maskedDBLen; |
| 248 | if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || | 251 | if (!EVP_DigestInit_ex(md_ctx, Hash, NULL) || |
| 249 | !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || | 252 | !EVP_DigestUpdate(md_ctx, zeroes, sizeof zeroes) || |
| 250 | !EVP_DigestUpdate(&ctx, mHash, hLen)) | 253 | !EVP_DigestUpdate(md_ctx, mHash, hLen)) |
| 251 | goto err; | 254 | goto err; |
| 252 | if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen)) | 255 | if (sLen && !EVP_DigestUpdate(md_ctx, salt, sLen)) |
| 253 | goto err; | 256 | goto err; |
| 254 | if (!EVP_DigestFinal_ex(&ctx, H, NULL)) | 257 | if (!EVP_DigestFinal_ex(md_ctx, H, NULL)) |
| 255 | goto err; | 258 | goto err; |
| 256 | 259 | ||
| 257 | /* Generate dbMask in place then perform XOR on it */ | 260 | /* Generate dbMask in place then perform XOR on it */ |
| @@ -281,7 +284,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, | |||
| 281 | 284 | ||
| 282 | err: | 285 | err: |
| 283 | free(salt); | 286 | free(salt); |
| 284 | EVP_MD_CTX_cleanup(&ctx); | 287 | EVP_MD_CTX_free(md_ctx); |
| 285 | 288 | ||
| 286 | return ret; | 289 | return ret; |
| 287 | } | 290 | } |