Commit e0f9bf1d authored by Rich Salz's avatar Rich Salz Committed by Rich Salz
Browse files

clear/cleanse cleanup 



Where we called openssl_cleanse, make sure we do it on all error
paths.  Be consistent in use of sizeof(foo) when possible.

Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
parent 6218a1f5

ssl/s3_enc.c

+6 −4
Original line number Diff line number Diff line
@@ -206,7 +206,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) 


        km += MD5_DIGEST_LENGTH;

    }

    OPENSSL_cleanse(smd, SHA_DIGEST_LENGTH);

    OPENSSL_cleanse(smd, sizeof(smd));

    EVP_MD_CTX_cleanup(&m5);

    EVP_MD_CTX_cleanup(&s1);

    return 1;
@@ -388,13 +388,15 @@ int ssl3_change_cipher_state(SSL *s, int which) 
    }

#endif



    OPENSSL_cleanse(&(exp_key[0]), sizeof(exp_key));

    OPENSSL_cleanse(&(exp_iv[0]), sizeof(exp_iv));

    OPENSSL_cleanse(exp_key, sizeof(exp_key));

    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));

    EVP_MD_CTX_cleanup(&md);

    return (1);

 err:

    SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);

 err2:

    OPENSSL_cleanse(exp_key, sizeof(exp_key));

    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));

    return (0);

}
@@ -687,7 +689,7 @@ int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, 
                        s, s->msg_callback_arg);

    }

#endif

    OPENSSL_cleanse(buf, sizeof buf);

    OPENSSL_cleanse(buf, sizeof(buf));

    return (ret);

}

ssl/s3_srvr.c

+1 −2
Original line number Diff line number Diff line
@@ -2238,7 +2238,6 @@ int ssl3_get_client_key_exchange(SSL *s) 
    BIGNUM *pub = NULL;

    DH *dh_srvr, *dh_clnt = NULL;

#endif



#ifndef OPENSSL_NO_EC

    EC_KEY *srvr_ecdh = NULL;

    EVP_PKEY *clnt_pub_pkey = NULL;
@@ -2676,7 +2675,7 @@ int ssl3_get_client_key_exchange(SSL *s) 
        psk_len = s->psk_server_callback(s, tmp_id,

                                         psk_or_pre_ms,

                                         sizeof(psk_or_pre_ms));

        OPENSSL_cleanse(tmp_id, PSK_MAX_IDENTITY_LEN + 1);

        OPENSSL_cleanse(tmp_id, sizeof(tmp_id));



        if (psk_len > PSK_MAX_PSK_LEN) {

            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);

ssl/t1_enc.c

+7 −5
Original line number Diff line number Diff line
@@ -563,6 +563,10 @@ int tls1_change_cipher_state(SSL *s, int which) 
 err:

    SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);

 err2:

    OPENSSL_cleanse(tmp1, sizeof(tmp1));

    OPENSSL_cleanse(tmp2, sizeof(tmp1));

    OPENSSL_cleanse(iv1, sizeof(iv1));

    OPENSSL_cleanse(iv2, sizeof(iv2));

    return (0);

}
@@ -721,7 +725,7 @@ int tls1_final_finish_mac(SSL *s, const char *str, int slen, 
        return 0;

    OPENSSL_cleanse(hash, hashlen);

    OPENSSL_cleanse(buf2, sizeof(buf2));

    return sizeof buf2;

    return sizeof(buf2);

}



int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
@@ -871,8 +875,6 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, 
                  NULL, 0,

                  s->session->master_key, s->session->master_key_length,

                  out, buff, olen);

    OPENSSL_cleanse(val, vallen);

    OPENSSL_cleanse(buff, olen);



    goto ret;

 err1:
@@ -884,8 +886,8 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen, 
    SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);

    rv = 0;

 ret:

    OPENSSL_free(buff);

    OPENSSL_free(val);

    CRYPTO_clear_free(val, vallen);

    CRYPTO_clear_free(buff, olen);

    return (rv);

}