summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/evp/e_aes.c6
-rw-r--r--src/lib/libcrypto/evp/e_chacha20poly1305.c6
-rw-r--r--src/lib/libcrypto/evp/evp_enc.c13
-rw-r--r--src/lib/libcrypto/evp/evp_locl.h4
4 files changed, 15 insertions, 14 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index 3661abcbfe..d674be3843 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_aes.c,v 1.48 2022/09/10 17:45:10 jsing Exp $ */ 1/* $OpenBSD: e_aes.c,v 1.49 2022/09/13 04:59:18 jsing Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -1255,15 +1255,15 @@ EVP_aes_256_ctr(void)
1255#endif 1255#endif
1256} 1256}
1257 1257
1258static int 1258static void
1259aes_gcm_cleanup(EVP_CIPHER_CTX *c) 1259aes_gcm_cleanup(EVP_CIPHER_CTX *c)
1260{ 1260{
1261 EVP_AES_GCM_CTX *gctx = c->cipher_data; 1261 EVP_AES_GCM_CTX *gctx = c->cipher_data;
1262 1262
1263 if (gctx->iv != c->iv) 1263 if (gctx->iv != c->iv)
1264 free(gctx->iv); 1264 free(gctx->iv);
1265
1265 explicit_bzero(gctx, sizeof(*gctx)); 1266 explicit_bzero(gctx, sizeof(*gctx));
1266 return 1;
1267} 1267}
1268 1268
1269/* increment counter (64-bit int) by 1 */ 1269/* increment counter (64-bit int) by 1 */
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c
index 674a323258..450264846b 100644
--- a/src/lib/libcrypto/evp/e_chacha20poly1305.c
+++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: e_chacha20poly1305.c,v 1.25 2022/08/30 19:33:26 tb Exp $ */ 1/* $OpenBSD: e_chacha20poly1305.c,v 1.26 2022/09/13 04:59:18 jsing Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2022 Joel Sing <jsing@openbsd.org> 4 * Copyright (c) 2022 Joel Sing <jsing@openbsd.org>
@@ -530,14 +530,12 @@ chacha20_poly1305_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
530 return len; 530 return len;
531} 531}
532 532
533static int 533static void
534chacha20_poly1305_cleanup(EVP_CIPHER_CTX *ctx) 534chacha20_poly1305_cleanup(EVP_CIPHER_CTX *ctx)
535{ 535{
536 struct chacha20_poly1305_ctx *cpx = ctx->cipher_data; 536 struct chacha20_poly1305_ctx *cpx = ctx->cipher_data;
537 537
538 explicit_bzero(cpx, sizeof(*cpx)); 538 explicit_bzero(cpx, sizeof(*cpx));
539
540 return 1;
541} 539}
542 540
543static int 541static int
diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c
index c46989b068..49e0ffa144 100644
--- a/src/lib/libcrypto/evp/evp_enc.c
+++ b/src/lib/libcrypto/evp/evp_enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_enc.c,v 1.46 2022/09/04 13:34:13 jsing Exp $ */ 1/* $OpenBSD: evp_enc.c,v 1.47 2022/09/13 04:59:18 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -601,18 +601,21 @@ int
601EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) 601EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
602{ 602{
603 if (c->cipher != NULL) { 603 if (c->cipher != NULL) {
604 if (c->cipher->cleanup && !c->cipher->cleanup(c)) 604 if (c->cipher->cleanup != NULL)
605 return 0; 605 c->cipher->cleanup(c);
606 /* Cleanse cipher context data */ 606 if (c->cipher_data != NULL)
607 if (c->cipher_data)
608 explicit_bzero(c->cipher_data, c->cipher->ctx_size); 607 explicit_bzero(c->cipher_data, c->cipher->ctx_size);
609 } 608 }
609
610 /* XXX - store size of cipher_data so we can always freezero(). */ 610 /* XXX - store size of cipher_data so we can always freezero(). */
611 free(c->cipher_data); 611 free(c->cipher_data);
612
612#ifndef OPENSSL_NO_ENGINE 613#ifndef OPENSSL_NO_ENGINE
613 ENGINE_finish(c->engine); 614 ENGINE_finish(c->engine);
614#endif 615#endif
616
615 explicit_bzero(c, sizeof(EVP_CIPHER_CTX)); 617 explicit_bzero(c, sizeof(EVP_CIPHER_CTX));
618
616 return 1; 619 return 1;
617} 620}
618 621
diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h
index 7b14063c5e..1e79af4c6d 100644
--- a/src/lib/libcrypto/evp/evp_locl.h
+++ b/src/lib/libcrypto/evp/evp_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: evp_locl.h,v 1.27 2022/09/04 09:56:30 jsing Exp $ */ 1/* $OpenBSD: evp_locl.h,v 1.28 2022/09/13 04:59:18 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -143,7 +143,7 @@ struct evp_cipher_st {
143 const unsigned char *iv, int enc); /* init key */ 143 const unsigned char *iv, int enc); /* init key */
144 int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, 144 int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,
145 const unsigned char *in, size_t inl);/* encrypt/decrypt data */ 145 const unsigned char *in, size_t inl);/* encrypt/decrypt data */
146 int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ 146 void (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */
147 int ctx_size; /* how big ctx->cipher_data needs to be */ 147 int ctx_size; /* how big ctx->cipher_data needs to be */
148 int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ 148 int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */
149 int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */ 149 int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 18:45:48 +0000