Commit 9f040d6d authored by Rich Salz's avatar Rich Salz Committed by Rich Salz
Browse files

Some cleanups for crypto/bn 



Create bn_free_d utility routine and use it.
Fix RT3950
Also a missing cleanse, from Loganaden Velvindron (loganaden@gmail.com),
who noticed it in a Cloudflare patch.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
parent 4445704f

crypto/bn/bn_add.c

+2 −1
Original line number Diff line number Diff line
@@ -222,6 +222,7 @@ int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) 
                break;

        }

    }

    if (dif)

        memcpy(rp, ap, sizeof(*rp) * dif);



    r->top = max;

crypto/bn/bn_lib.c

+15 −17
Original line number Diff line number Diff line
@@ -223,6 +223,15 @@ int BN_num_bits(const BIGNUM *a) 
    return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));

}



static void bn_free_d(BIGNUM *a)

{

    if (BN_get_flags(a,BN_FLG_SECURE))

        OPENSSL_secure_free(a->d);

    else

        OPENSSL_free(a->d);

}





void BN_clear_free(BIGNUM *a)

{

    int i;
@@ -232,15 +241,11 @@ void BN_clear_free(BIGNUM *a) 
    bn_check_top(a);

    if (a->d != NULL) {

        OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));

        if (!(BN_get_flags(a, BN_FLG_STATIC_DATA))) {

            if (BN_get_flags(a,BN_FLG_SECURE))

                OPENSSL_secure_free(a->d);

            else

                OPENSSL_free(a->d);

        }

        if (!BN_get_flags(a, BN_FLG_STATIC_DATA))

            bn_free_d(a);

    }

    i = BN_get_flags(a, BN_FLG_MALLOCED);

    OPENSSL_cleanse(a, sizeof(BIGNUM));

    OPENSSL_cleanse(a, sizeof(*a));

    if (i)

        OPENSSL_free(a);

}
@@ -251,12 +256,7 @@ void BN_free(BIGNUM *a) 
        return;

    bn_check_top(a);

    if (!BN_get_flags(a, BN_FLG_STATIC_DATA))

    if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) {

        if (BN_get_flags(a, BN_FLG_SECURE))

            OPENSSL_secure_free(a->d);

        else

            OPENSSL_free(a->d);

    }

        bn_free_d(a);

    if (a->flags & BN_FLG_MALLOCED)

        OPENSSL_free(a);

    else {
@@ -399,10 +399,8 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) 
        if (!a)

            return NULL;

        if (b->d) {

            if (BN_get_flags(b,BN_FLG_SECURE))

                OPENSSL_secure_free(b->d);

            else

                OPENSSL_free(b->d);

            OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0]));

            bn_free_d(b);

        }

        b->d = a;

        b->dmax = words;

crypto/bn/bn_mont.c

+3 −1
Original line number Diff line number Diff line
@@ -196,7 +196,9 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) 
    rp = r->d;



    /* clear the top words of T */

    memset(&rp[r->top], 0, sizeof(*rp) * (max - r->top));

    i = max - r->top;

    if (i)

        memset(&rp[r->top], 0, sizeof(*rp) * i);



    r->top = max;

    n0 = mont->n0[0];