From d8e2dc576571de48f85d106d1f3e5da604bd2c9a Mon Sep 17 00:00:00 2001 From: Kan Date: Sun, 12 Jun 2022 21:11:01 +0800 Subject: Add sensitive memory clean in priv encode Fixes #18540 Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18541) (cherry picked from commit 16249341bb64329c2542c3d1e23b97ed3c44fad3) --- crypto/dh/dh_ameth.c | 8 +++----- crypto/dsa/dsa_ameth.c | 8 +++----- crypto/ec/ec_ameth.c | 22 +++++++--------------- crypto/rsa/rsa_ameth.c | 1 + 4 files changed, 14 insertions(+), 25 deletions(-) diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 47a6ab7d0c..6ec582f5f3 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -206,18 +206,16 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_STRING_clear_free(prkey); - prkey = NULL; if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0, - V_ASN1_SEQUENCE, params, dp, dplen)) + V_ASN1_SEQUENCE, params, dp, dplen)) { + OPENSSL_clear_free(dp, dplen); goto err; - + } return 1; err: - OPENSSL_free(dp); ASN1_STRING_free(params); - ASN1_STRING_clear_free(prkey); return 0; } diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 234fc44ed7..1da67485e8 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -197,18 +197,16 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) dplen = i2d_ASN1_INTEGER(prkey, &dp); ASN1_STRING_clear_free(prkey); - prkey = NULL; if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, - V_ASN1_SEQUENCE, params, dp, dplen)) + V_ASN1_SEQUENCE, params, dp, dplen)) { + OPENSSL_clear_free(dp, dplen); goto err; - + } return 1; err: - OPENSSL_free(dp); ASN1_STRING_free(params); - ASN1_STRING_clear_free(prkey); return 0; } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 9ca023bbe3..1086ae4321 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -165,7 +165,7 @@ static int eckey_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8, static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) { EC_KEY ec_key = *(pkey->pkey.ec); - unsigned char *ep, *p; + unsigned char *ep = NULL; int eplen, ptype; void *pval; unsigned int old_flags; @@ -184,26 +184,18 @@ static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) old_flags = EC_KEY_get_enc_flags(&ec_key); EC_KEY_set_enc_flags(&ec_key, old_flags | EC_PKEY_NO_PARAMETERS); - eplen = i2d_ECPrivateKey(&ec_key, NULL); - if (!eplen) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - return 0; - } - ep = OPENSSL_malloc(eplen); - if (ep == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); - return 0; - } - p = ep; - if (!i2d_ECPrivateKey(&ec_key, &p)) { - OPENSSL_free(ep); + eplen = i2d_ECPrivateKey(&ec_key, &ep); + if (eplen <= 0) { ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); + ASN1_STRING_free(pval); return 0; } if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, ptype, pval, ep, eplen)) { - OPENSSL_free(ep); + ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); + ASN1_STRING_free(pval); + OPENSSL_clear_free(ep, eplen); return 0; } diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 6980176b5a..c15554505b 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -160,6 +160,7 @@ static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) strtype, str, rk, rklen)) { ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(str); + OPENSSL_clear_free(rk, rklen); return 0; } -- cgit v1.2.3