diff options
| author |   miod <miod@openbsd.org> | 2014-07-13 12:53:46 +0000 |
|---|---|---|
| committer | miod <miod@openbsd.org> | 2014-07-13 12:53:46 +0000 |
| commit | 40dd9be90a93082c9195fca50ebbc8620fb7244a (patch) | |
| tree | 0c7c67e3ff69a387fbf326e8becdea59c718bc83 | |
| parent | Possible PBEPARAM leak in the error path. (diff) | |
| download | wireguard-openbsd-40dd9be90a93082c9195fca50ebbc8620fb7244a.tar.xz wireguard-openbsd-40dd9be90a93082c9195fca50ebbc8620fb7244a.zip | |
Make sure all error conditions in RSA_padding_add_PKCS1_PSS_mgf1() cause
EVP_MD_CTX_cleanup() to be called.
| -rw-r--r-- | lib/libcrypto/rsa/rsa_pss.c | 7 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/rsa/rsa_pss.c | 7 |
2 files changed, 8 insertions, 6 deletions
diff --git a/lib/libcrypto/rsa/rsa_pss.c b/lib/libcrypto/rsa/rsa_pss.c index e18ca632aab..f841b2f8a31 100644 --- a/lib/libcrypto/rsa/rsa_pss.c +++ b/lib/libcrypto/rsa/rsa_pss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_pss.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */ +/* $OpenBSD: rsa_pss.c,v 1.10 2014/07/13 12:53:46 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -199,6 +199,8 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, unsigned char *H, *salt = NULL, *p; EVP_MD_CTX ctx; + EVP_MD_CTX_init(&ctx); + if (mgf1Hash == NULL) mgf1Hash = Hash; @@ -246,7 +248,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; - EVP_MD_CTX_init(&ctx); if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(&ctx, mHash, hLen)) @@ -255,7 +256,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, goto err; if (!EVP_DigestFinal_ex(&ctx, H, NULL)) goto err; - EVP_MD_CTX_cleanup(&ctx); /* Generate dbMask in place then perform XOR on it */ if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) @@ -284,6 +284,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, err: free(salt); + EVP_MD_CTX_cleanup(&ctx); return ret; } diff --git a/lib/libssl/src/crypto/rsa/rsa_pss.c b/lib/libssl/src/crypto/rsa/rsa_pss.c index e18ca632aab..f841b2f8a31 100644 --- a/lib/libssl/src/crypto/rsa/rsa_pss.c +++ b/lib/libssl/src/crypto/rsa/rsa_pss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_pss.c,v 1.9 2014/07/11 08:44:49 jsing Exp $ */ +/* $OpenBSD: rsa_pss.c,v 1.10 2014/07/13 12:53:46 miod Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2005. */ @@ -199,6 +199,8 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, unsigned char *H, *salt = NULL, *p; EVP_MD_CTX ctx; + EVP_MD_CTX_init(&ctx); + if (mgf1Hash == NULL) mgf1Hash = Hash; @@ -246,7 +248,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, } maskedDBLen = emLen - hLen - 1; H = EM + maskedDBLen; - EVP_MD_CTX_init(&ctx); if (!EVP_DigestInit_ex(&ctx, Hash, NULL) || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes) || !EVP_DigestUpdate(&ctx, mHash, hLen)) @@ -255,7 +256,6 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, goto err; if (!EVP_DigestFinal_ex(&ctx, H, NULL)) goto err; - EVP_MD_CTX_cleanup(&ctx); /* Generate dbMask in place then perform XOR on it */ if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash)) @@ -284,6 +284,7 @@ RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM, err: free(salt); + EVP_MD_CTX_cleanup(&ctx); return ret; } |