summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/asn1/a_object.c16
-rw-r--r--src/lib/libcrypto/asn1/a_sign.c12
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c5
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c12
4 files changed, 14 insertions, 31 deletions
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
index 711b01f149..e10af97d36 100644
--- a/src/lib/libcrypto/asn1/a_object.c
+++ b/src/lib/libcrypto/asn1/a_object.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_object.c,v 1.29 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: a_object.c,v 1.30 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -231,8 +231,7 @@ i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
231 return -1; 231 return -1;
232 i = i2t_ASN1_OBJECT(tmp, tlen, a); 232 i = i2t_ASN1_OBJECT(tmp, tlen, a);
233 if (i > (int)(tlen - 1)) { 233 if (i > (int)(tlen - 1)) {
234 explicit_bzero(tmp, tlen); 234 freezero(tmp, tlen);
235 free(tmp);
236 if ((tmp = malloc(i + 1)) == NULL) 235 if ((tmp = malloc(i + 1)) == NULL)
237 return -1; 236 return -1;
238 tlen = i + 1; 237 tlen = i + 1;
@@ -242,8 +241,7 @@ i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
242 i = BIO_write(bp, "<INVALID>", 9); 241 i = BIO_write(bp, "<INVALID>", 9);
243 else 242 else
244 i = BIO_write(bp, tmp, i); 243 i = BIO_write(bp, tmp, i);
245 explicit_bzero(tmp, tlen); 244 freezero(tmp, tlen);
246 free(tmp);
247 return (i); 245 return (i);
248} 246}
249 247
@@ -319,9 +317,7 @@ c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len)
319 317
320 /* detach data from object */ 318 /* detach data from object */
321 data = (unsigned char *)ret->data; 319 data = (unsigned char *)ret->data;
322 if (data != NULL) 320 freezero(data, ret->length);
323 explicit_bzero(data, ret->length);
324 free(data);
325 321
326 data = malloc(length); 322 data = malloc(length);
327 if (data == NULL) { 323 if (data == NULL) {
@@ -380,9 +376,7 @@ ASN1_OBJECT_free(ASN1_OBJECT *a)
380 a->sn = a->ln = NULL; 376 a->sn = a->ln = NULL;
381 } 377 }
382 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { 378 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
383 if (a->data != NULL) 379 freezero((void *)a->data, a->length);
384 explicit_bzero((void *)a->data, a->length);
385 free((void *)a->data);
386 a->data = NULL; 380 a->data = NULL;
387 a->length = 0; 381 a->length = 0;
388 } 382 }
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
index 4e545eb719..df955be745 100644
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ b/src/lib/libcrypto/asn1/a_sign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_sign.c,v 1.22 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: a_sign.c,v 1.23 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -227,13 +227,7 @@ ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
227 227
228err: 228err:
229 EVP_MD_CTX_cleanup(ctx); 229 EVP_MD_CTX_cleanup(ctx);
230 if (buf_in != NULL) { 230 freezero((char *)buf_in, inl);
231 explicit_bzero((char *)buf_in, inl); 231 freezero((char *)buf_out, outll);
232 free(buf_in);
233 }
234 if (buf_out != NULL) {
235 explicit_bzero((char *)buf_out, outll);
236 free(buf_out);
237 }
238 return (outl); 232 return (outl);
239} 233}
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
index 8f8e58c095..6f0cd1080b 100644
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ b/src/lib/libcrypto/asn1/a_verify.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: a_verify.c,v 1.23 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: a_verify.c,v 1.24 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -148,8 +148,7 @@ ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
148 goto err; 148 goto err;
149 } 149 }
150 150
151 explicit_bzero(buf_in, (unsigned int)inl); 151 freezero(buf_in, (unsigned int)inl);
152 free(buf_in);
153 152
154 if (EVP_DigestVerifyFinal(&ctx, signature->data, 153 if (EVP_DigestVerifyFinal(&ctx, signature->data,
155 (size_t)signature->length) <= 0) { 154 (size_t)signature->length) <= 0) {
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index a90873d54a..852644a781 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: asn1_lib.c,v 1.38 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: asn1_lib.c,v 1.39 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -401,9 +401,7 @@ ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
401void 401void
402ASN1_STRING_set0(ASN1_STRING *str, void *data, int len) 402ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
403{ 403{
404 if (str->data != NULL) 404 freezero(str->data, str->length);
405 explicit_bzero(str->data, str->length);
406 free(str->data);
407 str->data = data; 405 str->data = data;
408 str->length = len; 406 str->length = len;
409} 407}
@@ -436,10 +434,8 @@ ASN1_STRING_free(ASN1_STRING *a)
436{ 434{
437 if (a == NULL) 435 if (a == NULL)
438 return; 436 return;
439 if (a->data != NULL && !(a->flags & ASN1_STRING_FLAG_NDEF)) { 437 if (a->data != NULL && !(a->flags & ASN1_STRING_FLAG_NDEF))
440 explicit_bzero(a->data, a->length); 438 freezero(a->data, a->length);
441 free(a->data);
442 }
443 free(a); 439 free(a);
444} 440}
445 441
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2026-01-02 23:36:49 +0000