From 4de90efbe2797998e392a3c59ec90ac6bf9c5d99 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Thu, 23 Jun 2022 14:21:53 -0700 Subject: [PATCH] clear out PKEY when setting new key --- wolfcrypt/src/evp.c | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 59003f219..c1181f8c8 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -7410,15 +7410,21 @@ void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx) } int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key) { + int ret; + if (pkey == NULL || key == NULL) return WOLFSSL_FAILURE; - pkey->type = EVP_PKEY_EC; - pkey->ecc = key; - pkey->ownEcc = 1; - /* try and populate public pkey_sz and pkey.ptr */ - return ECC_populate_EVP_PKEY(pkey, key); + ret = ECC_populate_EVP_PKEY(pkey, key); + if (ret == WOLFSSL_SUCCESS) { /* take ownership of key if can be used */ + clearEVPPkeyKeys(pkey); /* clear out any previous keys */ + + pkey->type = EVP_PKEY_EC; + pkey->ecc = key; + pkey->ownEcc = 1; + } + return ret; } #endif /* HAVE_ECC */ @@ -7905,6 +7911,7 @@ int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key) if (pkey == NULL || key == NULL) return WOLFSSL_FAILURE; + clearEVPPkeyKeys(pkey); pkey->type = EVP_PKEY_RSA; pkey->rsa = key; pkey->ownRsa = 1; @@ -7940,6 +7947,7 @@ int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key) if (pkey == NULL || key == NULL) return WOLFSSL_FAILURE; + clearEVPPkeyKeys(pkey); pkey->type = EVP_PKEY_DSA; pkey->dsa = key; pkey->ownDsa = 1; @@ -7954,6 +7962,7 @@ int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key) if (pkey == NULL || key == NULL) return WOLFSSL_FAILURE; + clearEVPPkeyKeys(pkey); pkey->type = EVP_PKEY_DH; pkey->dh = key; pkey->ownDh = 1;