forked from wolfSSL/wolfssl
Code review and mp_int memory leak fixes
This commit is contained in:
Juliusz Sosinowicz
@@ -4378,6 +4378,9 @@ then
|
|||||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_BIND"
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_BIND"
|
||||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DWOLFSSL_DES_ECB"
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT -DHAVE_AES_ECB -DWOLFSSL_DES_ECB"
|
||||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA224 -DWOLFSSL_SHA384 -DWOLFSSL_SHA512"
|
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SHA224 -DWOLFSSL_SHA384 -DWOLFSSL_SHA512"
|
||||||
|
ENABLED_SHA224="yes"
|
||||||
|
ENABLED_SHA384="yes"
|
||||||
|
ENABLED_SHA512="yes"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test "$ENABLED_OPENVPN" = "yes"
|
if test "$ENABLED_OPENVPN" = "yes"
|
||||||
|
|||||||
28
src/ssl.c
28
src/ssl.c
@@ -30146,6 +30146,9 @@ int SetDhInternal(WOLFSSL_DH* dh)
|
|||||||
}
|
}
|
||||||
#endif /* WOLFSSL_SMALL_STACK */
|
#endif /* WOLFSSL_SMALL_STACK */
|
||||||
|
|
||||||
|
/* Free so that mp_init's don't leak */
|
||||||
|
wc_FreeDhKey((DhKey*)dh->internal);
|
||||||
|
|
||||||
#ifdef WOLFSSL_DH_EXTRA
|
#ifdef WOLFSSL_DH_EXTRA
|
||||||
privSz = wolfSSL_BN_bn2bin(dh->priv_key, priv_key);
|
privSz = wolfSSL_BN_bn2bin(dh->priv_key, priv_key);
|
||||||
pubSz = wolfSSL_BN_bn2bin(dh->pub_key, pub_key);
|
pubSz = wolfSSL_BN_bn2bin(dh->pub_key, pub_key);
|
||||||
@@ -43615,6 +43618,7 @@ int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH* dh, int prime_len, int generat
|
|||||||
|
|
||||||
WOLFSSL_ENTER("wolfSSL_DH_generate_parameters_ex");
|
WOLFSSL_ENTER("wolfSSL_DH_generate_parameters_ex");
|
||||||
(void)callback;
|
(void)callback;
|
||||||
|
(void)generator;
|
||||||
|
|
||||||
if (dh == NULL) {
|
if (dh == NULL) {
|
||||||
WOLFSSL_MSG("Bad parameter");
|
WOLFSSL_MSG("Bad parameter");
|
||||||
@@ -43626,23 +43630,21 @@ int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH* dh, int prime_len, int generat
|
|||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (dh->inSet == 0) {
|
/* Don't need SetDhInternal call since we are generating
|
||||||
if (SetDhInternal(dh) != WOLFSSL_SUCCESS) {
|
* parameters ourselves */
|
||||||
WOLFSSL_MSG("Unable to set internal DH structure");
|
|
||||||
return WOLFSSL_FAILURE;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
key = (DhKey*)dh->internal;
|
key = (DhKey*)dh->internal;
|
||||||
if (mp_set_int(&key->g, generator) != MP_OKAY) {
|
|
||||||
WOLFSSL_MSG("Unable to set generator");
|
/* Free so that mp_init's don't leak */
|
||||||
return WOLFSSL_FAILURE;
|
wc_FreeDhKey(key);
|
||||||
}
|
|
||||||
|
|
||||||
if (wc_DhGenerateParams(&globalRNG, prime_len, key) != 0) {
|
if (wc_DhGenerateParams(&globalRNG, prime_len, key) != 0) {
|
||||||
WOLFSSL_MSG("wc_DhGenerateParams error");
|
WOLFSSL_MSG("wc_DhGenerateParams error");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
}
|
}
|
||||||
|
dh->inSet = 1;
|
||||||
|
|
||||||
|
WOLFSSL_MSG("wolfSSL does not support using a custom generator.");
|
||||||
|
|
||||||
if (SetDhExternal(dh) != WOLFSSL_SUCCESS) {
|
if (SetDhExternal(dh) != WOLFSSL_SUCCESS) {
|
||||||
WOLFSSL_MSG("SetDhExternal error");
|
WOLFSSL_MSG("SetDhExternal error");
|
||||||
@@ -52491,9 +52493,11 @@ void wolfSSL_DH_get0_key(const WOLFSSL_DH *dh,
|
|||||||
WOLFSSL_ENTER("wolfSSL_DH_get0_key");
|
WOLFSSL_ENTER("wolfSSL_DH_get0_key");
|
||||||
|
|
||||||
if (dh != NULL) {
|
if (dh != NULL) {
|
||||||
if (pub_key != NULL)
|
if (pub_key != NULL && dh->pub_key != NULL &&
|
||||||
|
wolfSSL_BN_is_zero(dh->pub_key) != WOLFSSL_SUCCESS)
|
||||||
*pub_key = dh->pub_key;
|
*pub_key = dh->pub_key;
|
||||||
if (priv_key != NULL)
|
if (priv_key != NULL && dh->priv_key != NULL &&
|
||||||
|
wolfSSL_BN_is_zero(dh->priv_key) != WOLFSSL_SUCCESS)
|
||||||
*priv_key = dh->priv_key;
|
*priv_key = dh->priv_key;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2574,8 +2574,10 @@ static void test_EC_i2d(void)
|
|||||||
buf = NULL;
|
buf = NULL;
|
||||||
|
|
||||||
AssertIntGT((len = i2o_ECPublicKey(key, &buf)), 0);
|
AssertIntGT((len = i2o_ECPublicKey(key, &buf)), 0);
|
||||||
AssertNotNull(o2i_ECPublicKey(©, (const unsigned char **)&buf, len));
|
tmp = buf;
|
||||||
|
AssertNotNull(o2i_ECPublicKey(©, &tmp, len));
|
||||||
AssertIntEQ(EC_KEY_check_key(key), 1);
|
AssertIntEQ(EC_KEY_check_key(key), 1);
|
||||||
|
XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL);
|
||||||
|
|
||||||
EC_KEY_free(key);
|
EC_KEY_free(key);
|
||||||
EC_KEY_free(copy);
|
EC_KEY_free(copy);
|
||||||
@@ -45900,7 +45902,7 @@ static void test_wolfSSL_DH(void)
|
|||||||
|
|
||||||
AssertNotNull(dh = d2i_DHparams(NULL, &pt, len));
|
AssertNotNull(dh = d2i_DHparams(NULL, &pt, len));
|
||||||
AssertNotNull(dh->p);
|
AssertNotNull(dh->p);
|
||||||
AssertNotNull(dh->p);
|
AssertNotNull(dh->g);
|
||||||
AssertTrue(pt != buf);
|
AssertTrue(pt != buf);
|
||||||
AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
|
AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
|
||||||
|
|
||||||
@@ -45920,6 +45922,9 @@ static void test_wolfSSL_DH(void)
|
|||||||
AssertPtrEq(priv, dh->priv_key);
|
AssertPtrEq(priv, dh->priv_key);
|
||||||
|
|
||||||
DH_free(dh);
|
DH_free(dh);
|
||||||
|
|
||||||
|
AssertNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
|
||||||
|
DH_free(dh);
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
printf(testingFmt, "test_wolfSSL_DH");
|
printf(testingFmt, "test_wolfSSL_DH");
|
||||||
|
|||||||
@@ -7390,6 +7390,11 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
|
|||||||
return ECC_BAD_ARG_E;
|
return ECC_BAD_ARG_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* clear if previously allocated */
|
||||||
|
mp_clear(point->x);
|
||||||
|
mp_clear(point->y);
|
||||||
|
mp_clear(point->z);
|
||||||
|
|
||||||
/* init point */
|
/* init point */
|
||||||
#ifdef ALT_ECC_SIZE
|
#ifdef ALT_ECC_SIZE
|
||||||
point->x = (mp_int*)&point->xyz[0];
|
point->x = (mp_int*)&point->xyz[0];
|
||||||
|
|||||||
Reference in New Issue
Block a user