From 5904cc0e04409fde39a97e6580535da34eeb4291 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Tue, 2 May 2017 03:59:45 +0000
Subject: use freezero() instead of memset/explicit_bzero + free. 
 Substantially reduces conditional logic (-218, +82).

MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c
wasn'tt quite right.  Two other tricky bits with ASN1_STRING_FLAG_NDEF and
BN_FLG_STATIC_DATA where the condition cannot be collapsed completely.

Passes regress.  ok beck
---
 src/lib/libcrypto/evp/bio_enc.c            |  5 ++---
 src/lib/libcrypto/evp/digest.c             | 11 ++++-------
 src/lib/libcrypto/evp/e_aes.c              |  5 ++---
 src/lib/libcrypto/evp/e_chacha20poly1305.c |  5 ++---
 src/lib/libcrypto/evp/p_open.c             |  6 ++----
 5 files changed, 12 insertions(+), 20 deletions(-)

(limited to 'src/lib/libcrypto/evp')

diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c
index 1920c6d180..7c7cf9a8b3 100644
--- a/src/lib/libcrypto/evp/bio_enc.c
+++ b/src/lib/libcrypto/evp/bio_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bio_enc.c,v 1.19 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: bio_enc.c,v 1.20 2017/05/02 03:59:44 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -135,8 +135,7 @@ enc_free(BIO *a)
 		return (0);
 	b = (BIO_ENC_CTX *)a->ptr;
 	EVP_CIPHER_CTX_cleanup(&(b->cipher));
-	explicit_bzero(a->ptr, sizeof(BIO_ENC_CTX));
-	free(a->ptr);
+	freezero(a->ptr, sizeof(BIO_ENC_CTX));
 	a->ptr = NULL;
 	a->init = 0;
 	a->flags = 0;
diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c
index ee1f955959..7471c1e822 100644
--- a/src/lib/libcrypto/evp/digest.c
+++ b/src/lib/libcrypto/evp/digest.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest.c,v 1.27 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: digest.c,v 1.28 2017/05/02 03:59:44 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -193,8 +193,7 @@ EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 	if (ctx->digest != type) {
 		if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
 		    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
-			explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
-			free(ctx->md_data);
+			freezero(ctx->md_data, ctx->digest->ctx_size);
 			ctx->md_data = NULL;
 		}
 		ctx->digest = type;
@@ -360,10 +359,8 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
 	    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
 		ctx->digest->cleanup(ctx);
 	if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
-	    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
-		explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
-		free(ctx->md_data);
-	}
+	    !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
+		freezero(ctx->md_data, ctx->digest->ctx_size);
 	EVP_PKEY_CTX_free(ctx->pctx);
 #ifndef OPENSSL_NO_ENGINE
 	if (ctx->engine)
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c
index 97cb5154a5..7c713db026 100644
--- a/src/lib/libcrypto/evp/e_aes.c
+++ b/src/lib/libcrypto/evp/e_aes.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_aes.c,v 1.33 2017/01/31 13:17:21 inoguchi Exp $ */
+/* $OpenBSD: e_aes.c,v 1.34 2017/05/02 03:59:44 deraadt Exp $ */
 /* ====================================================================
  * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -1422,8 +1422,7 @@ aead_aes_gcm_cleanup(EVP_AEAD_CTX *ctx)
 {
 	struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
 
-	explicit_bzero(gcm_ctx, sizeof(*gcm_ctx));
-	free(gcm_ctx);
+	freezero(gcm_ctx, sizeof(*gcm_ctx));
 }
 
 static int
diff --git a/src/lib/libcrypto/evp/e_chacha20poly1305.c b/src/lib/libcrypto/evp/e_chacha20poly1305.c
index e135f9a104..051d5548b5 100644
--- a/src/lib/libcrypto/evp/e_chacha20poly1305.c
+++ b/src/lib/libcrypto/evp/e_chacha20poly1305.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: e_chacha20poly1305.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: e_chacha20poly1305.c,v 1.16 2017/05/02 03:59:44 deraadt Exp $ */
 
 /*
  * Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
@@ -83,8 +83,7 @@ aead_chacha20_poly1305_cleanup(EVP_AEAD_CTX *ctx)
 {
 	struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
 
-	explicit_bzero(c20_ctx->key, sizeof(c20_ctx->key));
-	free(c20_ctx);
+	freezero(c20_ctx, sizeof(c20_ctx));
 }
 
 static void
diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c
index 1eb238dfde..57a46706b9 100644
--- a/src/lib/libcrypto/evp/p_open.c
+++ b/src/lib/libcrypto/evp/p_open.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p_open.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: p_open.c,v 1.19 2017/05/02 03:59:44 deraadt Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -109,9 +109,7 @@ EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
 	ret = 1;
 
 err:
-	if (key != NULL)
-		explicit_bzero(key, size);
-	free(key);
+	freezero(key, size);
 	return (ret);
 }
 
-- 
cgit v1.2.3-55-g6feb