summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/bn')
-rw-r--r--src/lib/libcrypto/bn/bn_asm.c8
-rw-r--r--src/lib/libcrypto/bn/bn_exp.c13
-rw-r--r--src/lib/libcrypto/bn/bn_lib.c14
-rw-r--r--src/lib/libcrypto/bn/bn_rand.c7
4 files changed, 14 insertions, 28 deletions
diff --git a/src/lib/libcrypto/bn/bn_asm.c b/src/lib/libcrypto/bn/bn_asm.c
index 49f0ba5d7b..993fbb3dc5 100644
--- a/src/lib/libcrypto/bn/bn_asm.c
+++ b/src/lib/libcrypto/bn/bn_asm.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_asm.c,v 1.14 2015/02/25 15:39:49 bcook Exp $ */ 1/* $OpenBSD: bn_asm.c,v 1.15 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -989,8 +989,7 @@ enter:
989 } 989 }
990 memcpy(rp, tp, num * sizeof(BN_ULONG)); 990 memcpy(rp, tp, num * sizeof(BN_ULONG));
991out: 991out:
992 explicit_bzero(tp, (num + 2) * sizeof(BN_ULONG)); 992 freezero(tp, (num + 2) * sizeof(BN_ULONG));
993 free(tp);
994 return 1; 993 return 1;
995} 994}
996#else 995#else
@@ -1081,8 +1080,7 @@ bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
1081 } 1080 }
1082 memcpy(rp, tp, num * sizeof(BN_ULONG)); 1081 memcpy(rp, tp, num * sizeof(BN_ULONG));
1083out: 1082out:
1084 explicit_bzero(tp, (num + 2) * sizeof(BN_ULONG)); 1083 freezero(tp, (num + 2) * sizeof(BN_ULONG));
1085 free(tp);
1086 return 1; 1084 return 1;
1087} 1085}
1088#else 1086#else
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c
index d388758927..b778d5d67c 100644
--- a/src/lib/libcrypto/bn/bn_exp.c
+++ b/src/lib/libcrypto/bn/bn_exp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_exp.c,v 1.30 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: bn_exp.c,v 1.31 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -706,12 +706,10 @@ BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
706 numPowers = 1 << window; 706 numPowers = 1 << window;
707 powerbufLen = sizeof(m->d[0]) * (top * numPowers + 707 powerbufLen = sizeof(m->d[0]) * (top * numPowers +
708 ((2*top) > numPowers ? (2*top) : numPowers)); 708 ((2*top) > numPowers ? (2*top) : numPowers));
709 if ((powerbufFree = malloc(powerbufLen + 709 if ((powerbufFree = calloc(powerbufLen +
710 MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL) 710 MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH, 1)) == NULL)
711 goto err; 711 goto err;
712
713 powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree); 712 powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
714 memset(powerbuf, 0, powerbufLen);
715 713
716 /* lay down tmp and am right after powers table */ 714 /* lay down tmp and am right after powers table */
717 tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers); 715 tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
@@ -901,10 +899,7 @@ BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
901err: 899err:
902 if ((in_mont == NULL) && (mont != NULL)) 900 if ((in_mont == NULL) && (mont != NULL))
903 BN_MONT_CTX_free(mont); 901 BN_MONT_CTX_free(mont);
904 if (powerbuf != NULL) { 902 freezero(powerbufFree, powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
905 explicit_bzero(powerbuf, powerbufLen);
906 free(powerbufFree);
907 }
908 BN_CTX_end(ctx); 903 BN_CTX_end(ctx);
909 return (ret); 904 return (ret);
910} 905}
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index f2736e31c3..8aeeb5304f 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_lib.c,v 1.37 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: bn_lib.c,v 1.38 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -220,10 +220,8 @@ BN_clear_free(BIGNUM *a)
220 if (a == NULL) 220 if (a == NULL)
221 return; 221 return;
222 bn_check_top(a); 222 bn_check_top(a);
223 if (a->d != NULL && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) { 223 if (a->d != NULL && !(BN_get_flags(a, BN_FLG_STATIC_DATA)))
224 explicit_bzero(a->d, a->dmax * sizeof(a->d[0])); 224 freezero(a->d, a->dmax * sizeof(a->d[0]));
225 free(a->d);
226 }
227 i = BN_get_flags(a, BN_FLG_MALLOCED); 225 i = BN_get_flags(a, BN_FLG_MALLOCED);
228 explicit_bzero(a, sizeof(BIGNUM)); 226 explicit_bzero(a, sizeof(BIGNUM));
229 if (i) 227 if (i)
@@ -393,10 +391,8 @@ bn_expand2(BIGNUM *b, int words)
393 BN_ULONG *a = bn_expand_internal(b, words); 391 BN_ULONG *a = bn_expand_internal(b, words);
394 if (!a) 392 if (!a)
395 return NULL; 393 return NULL;
396 if (b->d) { 394 if (b->d)
397 explicit_bzero(b->d, b->dmax * sizeof(b->d[0])); 395 freezero(b->d, b->dmax * sizeof(b->d[0]));
398 free(b->d);
399 }
400 b->d = a; 396 b->d = a;
401 b->dmax = words; 397 b->dmax = words;
402 } 398 }
diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c
index 812fa6a575..8625757140 100644
--- a/src/lib/libcrypto/bn/bn_rand.c
+++ b/src/lib/libcrypto/bn/bn_rand.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_rand.c,v 1.19 2017/01/29 17:49:22 beck Exp $ */ 1/* $OpenBSD: bn_rand.c,v 1.20 2017/05/02 03:59:44 deraadt Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -186,10 +186,7 @@ bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
186 ret = 1; 186 ret = 1;
187 187
188err: 188err:
189 if (buf != NULL) { 189 freezero(buf, bytes);
190 explicit_bzero(buf, bytes);
191 free(buf);
192 }
193 bn_check_top(rnd); 190 bn_check_top(rnd);
194 return (ret); 191 return (ret);
195} 192}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 22:42:08 +0000