diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-07-19 18:57:15 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-07-20 14:02:54 +0100 |
commit | 8cc44d970ced1004db0727d7a7b3e2709c442e55 (patch) | |
tree | 02912af41ffa73021c9389112886b35026370f6e /crypto | |
parent | 36b53720eb4cd23eb7e6c0b3a3fed94f757f27ef (diff) |
Don't allocate r/s in DSA_SIG and ECDSA_SIG
To avoid having to immediately free up r/s when setting them
don't allocate them automatically in DSA_SIG_new() and ECDSA_SIG_new().
RT#4590
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/dsa/dsa_asn1.c | 19 | ||||
-rw-r--r-- | crypto/dsa/dsa_err.c | 1 | ||||
-rw-r--r-- | crypto/dsa/dsa_ossl.c | 4 | ||||
-rw-r--r-- | crypto/ec/ec_asn1.c | 19 | ||||
-rw-r--r-- | crypto/ec/ec_err.c | 1 | ||||
-rw-r--r-- | crypto/ec/ecdsa_ossl.c | 6 |
6 files changed, 48 insertions, 2 deletions
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 540d01fdce..551c107506 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -19,7 +19,24 @@ ASN1_SEQUENCE(DSA_SIG) = { ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) } static_ASN1_SEQUENCE_END(DSA_SIG) -IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG) + +DSA_SIG *DSA_SIG_new(void) +{ + DSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig)); + if (sig == NULL) + DSAerr(DSA_F_DSA_SIG_NEW, ERR_R_MALLOC_FAILURE); + return sig; +} + +void DSA_SIG_free(DSA_SIG *sig) +{ + if (sig == NULL) + return; + BN_clear_free(sig->r); + BN_clear_free(sig->s); + OPENSSL_free(sig); +} void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) { diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c index 96bd4d3a8f..028f79f32a 100644 --- a/crypto/dsa/dsa_err.c +++ b/crypto/dsa/dsa_err.c @@ -37,6 +37,7 @@ static ERR_STRING_DATA DSA_str_functs[] = { {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "dsa_pub_encode"}, {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"}, {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"}, + {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"}, {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "old_dsa_priv_decode"}, {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "pkey_dsa_ctrl"}, {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "pkey_dsa_keygen"}, diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 8913fcccd3..f9f6a136fb 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -69,6 +69,10 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) ret = DSA_SIG_new(); if (ret == NULL) goto err; + ret->r = BN_new(); + ret->s = BN_new(); + if (ret->r == NULL || ret->s == NULL) + goto err; ctx = BN_CTX_new(); if (ctx == NULL) diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index be7a96b74b..8714a4b1d8 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -1170,7 +1170,24 @@ ASN1_SEQUENCE(ECDSA_SIG) = { DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG) DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG) -IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG) +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSA_SIG, ECDSA_SIG, ECDSA_SIG) + +ECDSA_SIG *ECDSA_SIG_new(void) +{ + ECDSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig)); + if (sig == NULL) + ECerr(EC_F_ECDSA_SIG_NEW, ERR_R_MALLOC_FAILURE); + return sig; +} + +void ECDSA_SIG_free(ECDSA_SIG *sig) +{ + if (sig == NULL) + return; + BN_clear_free(sig->r); + BN_clear_free(sig->s); + OPENSSL_free(sig); +} void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) { diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c index 56aacd4a00..25dea231b8 100644 --- a/crypto/ec/ec_err.c +++ b/crypto/ec/ec_err.c @@ -32,6 +32,7 @@ static ERR_STRING_DATA EC_str_functs[] = { {ERR_FUNC(EC_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"}, {ERR_FUNC(EC_F_ECDSA_SIGN_EX), "ECDSA_sign_ex"}, {ERR_FUNC(EC_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup"}, + {ERR_FUNC(EC_F_ECDSA_SIG_NEW), "ECDSA_SIG_new"}, {ERR_FUNC(EC_F_ECDSA_VERIFY), "ECDSA_verify"}, {ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "eckey_param2type"}, {ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "eckey_param_decode"}, diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index 6ff5a462d3..d67c48524a 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -221,6 +221,12 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE); return NULL; } + ret->r = BN_new(); + ret->s = BN_new(); + if (ret->r == NULL || ret->s == NULL) { + ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE); + goto err; + } s = ret->s; if ((ctx = BN_CTX_new()) == NULL || |