reduces conditional logic (-218, +82).
MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c
wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and
BN_FLG_STATIC_DATA where the condition cannot be collapsed completely.
Passes regress. ok beck
-/* $OpenBSD: a_object.c,v 1.29 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: a_object.c,v 1.30 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
return -1;
i = i2t_ASN1_OBJECT(tmp, tlen, a);
if (i > (int)(tlen - 1)) {
- explicit_bzero(tmp, tlen);
- free(tmp);
+ freezero(tmp, tlen);
if ((tmp = malloc(i + 1)) == NULL)
return -1;
tlen = i + 1;
i = BIO_write(bp, "<INVALID>", 9);
else
i = BIO_write(bp, tmp, i);
- explicit_bzero(tmp, tlen);
- free(tmp);
+ freezero(tmp, tlen);
return (i);
}
/* detach data from object */
data = (unsigned char *)ret->data;
- if (data != NULL)
- explicit_bzero(data, ret->length);
- free(data);
+ freezero(data, ret->length);
data = malloc(length);
if (data == NULL) {
a->sn = a->ln = NULL;
}
if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
- if (a->data != NULL)
- explicit_bzero((void *)a->data, a->length);
- free((void *)a->data);
+ freezero((void *)a->data, a->length);
a->data = NULL;
a->length = 0;
}
-/* $OpenBSD: a_sign.c,v 1.22 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: a_sign.c,v 1.23 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
err:
EVP_MD_CTX_cleanup(ctx);
- if (buf_in != NULL) {
- explicit_bzero((char *)buf_in, inl);
- free(buf_in);
- }
- if (buf_out != NULL) {
- explicit_bzero((char *)buf_out, outll);
- free(buf_out);
- }
+ freezero((char *)buf_in, inl);
+ freezero((char *)buf_out, outll);
return (outl);
}
-/* $OpenBSD: a_verify.c,v 1.23 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: a_verify.c,v 1.24 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
goto err;
}
- explicit_bzero(buf_in, (unsigned int)inl);
- free(buf_in);
+ freezero(buf_in, (unsigned int)inl);
if (EVP_DigestVerifyFinal(&ctx, signature->data,
(size_t)signature->length) <= 0) {
-/* $OpenBSD: asn1_lib.c,v 1.38 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: asn1_lib.c,v 1.39 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
void
ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
{
- if (str->data != NULL)
- explicit_bzero(str->data, str->length);
- free(str->data);
+ freezero(str->data, str->length);
str->data = data;
str->length = len;
}
{
if (a == NULL)
return;
- if (a->data != NULL && !(a->flags & ASN1_STRING_FLAG_NDEF)) {
- explicit_bzero(a->data, a->length);
- free(a->data);
- }
+ if (a->data != NULL && !(a->flags & ASN1_STRING_FLAG_NDEF))
+ freezero(a->data, a->length);
free(a);
}
-/* $OpenBSD: bn_asm.c,v 1.14 2015/02/25 15:39:49 bcook Exp $ */
+/* $OpenBSD: bn_asm.c,v 1.15 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
}
memcpy(rp, tp, num * sizeof(BN_ULONG));
out:
- explicit_bzero(tp, (num + 2) * sizeof(BN_ULONG));
- free(tp);
+ freezero(tp, (num + 2) * sizeof(BN_ULONG));
return 1;
}
#else
}
memcpy(rp, tp, num * sizeof(BN_ULONG));
out:
- explicit_bzero(tp, (num + 2) * sizeof(BN_ULONG));
- free(tp);
+ freezero(tp, (num + 2) * sizeof(BN_ULONG));
return 1;
}
#else
-/* $OpenBSD: bn_exp.c,v 1.30 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: bn_exp.c,v 1.31 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
numPowers = 1 << window;
powerbufLen = sizeof(m->d[0]) * (top * numPowers +
((2*top) > numPowers ? (2*top) : numPowers));
- if ((powerbufFree = malloc(powerbufLen +
- MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH)) == NULL)
+ if ((powerbufFree = calloc(powerbufLen +
+ MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH, 1)) == NULL)
goto err;
-
powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
- memset(powerbuf, 0, powerbufLen);
/* lay down tmp and am right after powers table */
tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
err:
if ((in_mont == NULL) && (mont != NULL))
BN_MONT_CTX_free(mont);
- if (powerbuf != NULL) {
- explicit_bzero(powerbuf, powerbufLen);
- free(powerbufFree);
- }
+ freezero(powerbufFree, powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
BN_CTX_end(ctx);
return (ret);
}
-/* $OpenBSD: bn_lib.c,v 1.37 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.38 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (a == NULL)
return;
bn_check_top(a);
- if (a->d != NULL && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) {
- explicit_bzero(a->d, a->dmax * sizeof(a->d[0]));
- free(a->d);
- }
+ if (a->d != NULL && !(BN_get_flags(a, BN_FLG_STATIC_DATA)))
+ freezero(a->d, a->dmax * sizeof(a->d[0]));
i = BN_get_flags(a, BN_FLG_MALLOCED);
explicit_bzero(a, sizeof(BIGNUM));
if (i)
BN_ULONG *a = bn_expand_internal(b, words);
if (!a)
return NULL;
- if (b->d) {
- explicit_bzero(b->d, b->dmax * sizeof(b->d[0]));
- free(b->d);
- }
+ if (b->d)
+ freezero(b->d, b->dmax * sizeof(b->d[0]));
b->d = a;
b->dmax = words;
}
-/* $OpenBSD: bn_rand.c,v 1.19 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: bn_rand.c,v 1.20 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
ret = 1;
err:
- if (buf != NULL) {
- explicit_bzero(buf, bytes);
- free(buf);
- }
+ freezero(buf, bytes);
bn_check_top(rnd);
return (ret);
}
-/* $OpenBSD: buffer.c,v 1.26 2017/04/09 15:06:20 jsing Exp $ */
+/* $OpenBSD: buffer.c,v 1.27 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (a == NULL)
return;
- if (a->data != NULL) {
- explicit_bzero(a->data, a->max);
- free(a->data);
- }
+ freezero(a->data, a->max);
free(a);
}
-/* $OpenBSD: dsa_asn1.c,v 1.19 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: dsa_asn1.c,v 1.20 2017/05/02 03:59:44 deraadt Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2000.
*/
goto err;
ret = DSA_do_verify(dgst, dgst_len, s, dsa);
err:
- if (derlen > 0) {
- explicit_bzero(der, derlen);
- free(der);
- }
+ freezero(der, derlen);
DSA_SIG_free(s);
return ret;
}
-/* $OpenBSD: ec_key.c,v 1.13 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ec_key.c,v 1.14 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project.
*/
EC_EX_DATA_free_all_data(&r->method_data);
- explicit_bzero((void *) r, sizeof(EC_KEY));
-
- free(r);
+ freezero(r, sizeof(EC_KEY));
}
EC_KEY *
-/* $OpenBSD: ec_lib.c,v 1.23 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.24 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
BN_clear_free(&group->order);
BN_clear_free(&group->cofactor);
- if (group->seed) {
- explicit_bzero(group->seed, group->seed_len);
- free(group->seed);
- }
- explicit_bzero(group, sizeof *group);
- free(group);
+ freezero(group->seed, group->seed_len);
+ freezero(group, sizeof *group);
}
point->meth->point_clear_finish(point);
else if (point->meth->point_finish != 0)
point->meth->point_finish(point);
- explicit_bzero(point, sizeof *point);
- free(point);
+ freezero(point, sizeof *point);
}
-/* $OpenBSD: ec_mult.c,v 1.20 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.21 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
*/
}
free(pre->points);
}
- explicit_bzero(pre, sizeof *pre);
- free(pre);
+ freezero(pre, sizeof *pre);
}
-/* $OpenBSD: ecp_nistp224.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ecp_nistp224.c,v 1.19 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Written by Emilia Kasper (Google) for the OpenSSL project.
*/
if (i > 0)
return;
- explicit_bzero(pre, sizeof *pre);
- free(pre);
+ freezero(pre, sizeof *pre);
}
/******************************************************************************/
-/* $OpenBSD: ecp_nistp256.c,v 1.17 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ecp_nistp256.c,v 1.18 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Written by Adam Langley (Google) for the OpenSSL project
*/
if (i > 0)
return;
- explicit_bzero(pre, sizeof *pre);
- free(pre);
+ freezero(pre, sizeof *pre);
}
/******************************************************************************/
-/* $OpenBSD: ecp_nistp521.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ecp_nistp521.c,v 1.19 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Written by Adam Langley (Google) for the OpenSSL project
*/
if (i > 0)
return;
- explicit_bzero(pre, sizeof(*pre));
- free(pre);
+ freezero(pre, sizeof(*pre));
}
/******************************************************************************/
-/* $OpenBSD: ecp_nistz256.c,v 1.2 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ecp_nistz256.c,v 1.3 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (c) 2014, Intel Corporation.
*
* Permission to use, copy, modify, and/or distribute this software for any
* here, but the only place where we allocate this uses
* PRECOMP256_ROW (i.e. 64 P256_POINT_AFFINE) but sets w == 7.
*/
- explicit_bzero(pre->precomp, 37 * sizeof(PRECOMP256_ROW));
- free(pre->precomp);
+ freezero(pre->precomp, 37 * sizeof(PRECOMP256_ROW));
}
- explicit_bzero(pre, sizeof *pre);
- free(pre);
+ freezero(pre, sizeof *pre);
}
static int
-/* $OpenBSD: ech_lib.c,v 1.12 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ech_lib.c,v 1.13 2017/05/02 03:59:44 deraadt Exp $ */
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
*
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
- explicit_bzero((void *)r, sizeof(ECDH_DATA));
-
- free(r);
+ freezero(r, sizeof(ECDH_DATA));
}
ECDH_DATA *
-/* $OpenBSD: ecs_lib.c,v 1.11 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ecs_lib.c,v 1.12 2017/05/02 03:59:44 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
- explicit_bzero((void *)r, sizeof(ECDSA_DATA));
-
- free(r);
+ freezero(r, sizeof(ECDSA_DATA));
}
ECDSA_DATA *
-/* $OpenBSD: ecs_vrf.c,v 1.5 2015/02/08 13:35:07 jsing Exp $ */
+/* $OpenBSD: ecs_vrf.c,v 1.6 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Written by Nils Larsch for the OpenSSL project
*/
ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
err:
- if (derlen > 0) {
- explicit_bzero(der, derlen);
- free(der);
- }
+ freezero(der, derlen);
ECDSA_SIG_free(s);
return (ret);
}
-/* $OpenBSD: bio_enc.c,v 1.19 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: bio_enc.c,v 1.20 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
return (0);
b = (BIO_ENC_CTX *)a->ptr;
EVP_CIPHER_CTX_cleanup(&(b->cipher));
- explicit_bzero(a->ptr, sizeof(BIO_ENC_CTX));
- free(a->ptr);
+ freezero(a->ptr, sizeof(BIO_ENC_CTX));
a->ptr = NULL;
a->init = 0;
a->flags = 0;
-/* $OpenBSD: digest.c,v 1.27 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: digest.c,v 1.28 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (ctx->digest != type) {
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
- explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
- free(ctx->md_data);
+ freezero(ctx->md_data, ctx->digest->ctx_size);
ctx->md_data = NULL;
}
ctx->digest = type;
!EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
ctx->digest->cleanup(ctx);
if (ctx->digest && ctx->digest->ctx_size && ctx->md_data &&
- !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
- explicit_bzero(ctx->md_data, ctx->digest->ctx_size);
- free(ctx->md_data);
- }
+ !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE))
+ freezero(ctx->md_data, ctx->digest->ctx_size);
EVP_PKEY_CTX_free(ctx->pctx);
#ifndef OPENSSL_NO_ENGINE
if (ctx->engine)
-/* $OpenBSD: e_aes.c,v 1.33 2017/01/31 13:17:21 inoguchi Exp $ */
+/* $OpenBSD: e_aes.c,v 1.34 2017/05/02 03:59:44 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved.
*
{
struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state;
- explicit_bzero(gcm_ctx, sizeof(*gcm_ctx));
- free(gcm_ctx);
+ freezero(gcm_ctx, sizeof(*gcm_ctx));
}
static int
-/* $OpenBSD: e_chacha20poly1305.c,v 1.15 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: e_chacha20poly1305.c,v 1.16 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Copyright (c) 2015 Reyk Floter <reyk@openbsd.org>
{
struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state;
- explicit_bzero(c20_ctx->key, sizeof(c20_ctx->key));
- free(c20_ctx);
+ freezero(c20_ctx, sizeof(c20_ctx));
}
static void
-/* $OpenBSD: p_open.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: p_open.c,v 1.19 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
ret = 1;
err:
- if (key != NULL)
- explicit_bzero(key, size);
- free(key);
+ freezero(key, size);
return (ret);
}
-/* $OpenBSD: gostr341001_key.c,v 1.7 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: gostr341001_key.c,v 1.8 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Copyright (c) 2005-2006 Cryptocom LTD
EC_POINT_free(r->pub_key);
BN_clear_free(r->priv_key);
- explicit_bzero((void *)r, sizeof(GOST_KEY));
- free(r);
+ freezero(r, sizeof(GOST_KEY));
}
int
-/* $OpenBSD: hm_pmeth.c,v 1.9 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: hm_pmeth.c,v 1.10 2017/05/02 03:59:44 deraadt Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2007.
*/
HMAC_PKEY_CTX *hctx = ctx->data;
HMAC_CTX_cleanup(&hctx->ctx);
- if (hctx->ktmp.data) {
- if (hctx->ktmp.length)
- explicit_bzero(hctx->ktmp.data, hctx->ktmp.length);
- free(hctx->ktmp.data);
- hctx->ktmp.data = NULL;
- }
+ freezero(hctx->ktmp.data, hctx->ktmp.length);
free(hctx);
}
-/* $OpenBSD: malloc-wrapper.c,v 1.5 2017/04/28 22:46:40 beck Exp $ */
+/* $OpenBSD: malloc-wrapper.c,v 1.6 2017/05/02 03:59:44 deraadt Exp $ */
/*
* Copyright (c) 2014 Bob Beck
*
ret = malloc(num);
if (ret && ptr && old_len > 0) {
memcpy(ret, ptr, old_len);
- explicit_bzero(ptr, old_len);
- free(ptr);
+ freezero(ptr, old_len);
}
return ret;
}
-/* $OpenBSD: gcm128.c,v 1.15 2016/11/04 17:30:30 miod Exp $ */
+/* $OpenBSD: gcm128.c,v 1.16 2017/05/02 03:59:44 deraadt Exp $ */
/* ====================================================================
* Copyright (c) 2010 The OpenSSL Project. All rights reserved.
*
void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx)
{
- if (ctx) {
- explicit_bzero(ctx,sizeof(*ctx));
- free(ctx);
- }
+ freezero(ctx, sizeof(*ctx));
}
-/* $OpenBSD: pem_lib.c,v 1.44 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: pem_lib.c,v 1.45 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
explicit_bzero(iv, sizeof(iv));
explicit_bzero((char *)&ctx, sizeof(ctx));
explicit_bzero(buf, PEM_BUFSIZE);
- if (data != NULL) {
- explicit_bzero(data, (unsigned int)dsize);
- free(data);
- }
+ freezero(data, (unsigned int)dsize);
return (ret);
}
EVP_EncodeFinal(&ctx, buf, &outl);
if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
goto err;
- explicit_bzero(buf, PEM_BUFSIZE * 8);
- free(buf);
+ freezero(buf, PEM_BUFSIZE * 8);
buf = NULL;
if ((BIO_write(bp, "-----END ", 9) != 9) ||
(BIO_write(bp, name, nlen) != nlen) ||
return (i + outl);
err:
- if (buf) {
- explicit_bzero(buf, PEM_BUFSIZE * 8);
- free(buf);
- }
+ freezero(buf, PEM_BUFSIZE * 8);
PEMerror(reason);
return (0);
}
-/* $OpenBSD: pem_pkey.c,v 1.22 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: pem_pkey.c,v 1.23 2017/05/02 03:59:44 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
PEMerror(ERR_R_ASN1_LIB);
err:
free(nm);
- explicit_bzero(data, len);
- free(data);
+ freezero(data, len);
return (ret);
}
-/* $OpenBSD: pvkfmt.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: pvkfmt.c,v 1.19 2017/05/02 03:59:44 deraadt Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2005.
*/
ret = do_PVK_body(&p, saltlen, keylen, cb, u);
err:
- if (buf) {
- explicit_bzero(buf, buflen);
- free(buf);
- }
+ freezero(buf, buflen);
return ret;
}
-/* $OpenBSD: p12_key.c,v 1.25 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: p12_key.c,v 1.26 2017/05/02 03:59:45 deraadt Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 1999.
*/
id, iter, n, out, md_type);
if (ret <= 0)
return 0;
- if (unipass) {
- explicit_bzero(unipass, uniplen);
- free(unipass);
- }
+ freezero(unipass, uniplen);
return ret;
}
-/* $OpenBSD: pk7_doit.c,v 1.41 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: pk7_doit.c,v 1.42 2017/05/02 03:59:45 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
ret = 1;
- if (*pek) {
- explicit_bzero(*pek, *peklen);
- free(*pek);
- }
+ freezero(*pek, *peklen);
*pek = ek;
*peklen = eklen;
*/
if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
/* Use random key as MMA defence */
- explicit_bzero(ek, eklen);
- free(ek);
+ freezero(ek, eklen);
ek = tkey;
eklen = tkeylen;
tkey = NULL;
if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
goto err;
- if (ek) {
- explicit_bzero(ek, eklen);
- free(ek);
- ek = NULL;
- }
- if (tkey) {
- explicit_bzero(tkey, tkeylen);
- free(tkey);
- tkey = NULL;
- }
+ freezero(ek, eklen);
+ ek = NULL;
+ freezero(tkey, tkeylen);
+ tkey = NULL;
if (out == NULL)
out = etmp;
if (0) {
err:
- if (ek) {
- explicit_bzero(ek, eklen);
- free(ek);
- }
- if (tkey) {
- explicit_bzero(tkey, tkeylen);
- free(tkey);
- }
+ freezero(ek, eklen);
+ freezero(tkey, tkeylen);
if (out != NULL)
BIO_free_all(out);
if (btmp != NULL)
-/* $OpenBSD: rsa_eay.c,v 1.48 2017/04/28 22:46:40 beck Exp $ */
+/* $OpenBSD: rsa_eay.c,v 1.49 2017/05/02 03:59:45 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- explicit_bzero(buf, num);
- free(buf);
- }
+ freezero(buf, num);
return r;
}
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- explicit_bzero(buf, num);
- free(buf);
- }
+ freezero(buf, num);
return r;
}
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- explicit_bzero(buf, num);
- free(buf);
- }
+ freezero(buf, num);
return r;
}
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- explicit_bzero(buf, num);
- free(buf);
- }
+ freezero(buf, num);
return r;
}
-/* $OpenBSD: rsa_saos.c,v 1.22 2017/04/28 22:46:40 beck Exp $ */
+/* $OpenBSD: rsa_saos.c,v 1.23 2017/05/02 03:59:45 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
else
*siglen = i;
- explicit_bzero(s, (unsigned int)j + 1);
- free(s);
+ freezero(s, (unsigned int)j + 1);
return ret;
}
ret = 1;
err:
ASN1_OCTET_STRING_free(sig);
- if (s != NULL) {
- explicit_bzero(s, (unsigned int)siglen);
- free(s);
- }
+ freezero(s, (unsigned int)siglen);
return ret;
}
-/* $OpenBSD: rsa_sign.c,v 1.28 2017/04/28 22:46:40 beck Exp $ */
+/* $OpenBSD: rsa_sign.c,v 1.29 2017/05/02 03:59:45 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
else
*siglen = i;
- if (type != NID_md5_sha1) {
- explicit_bzero(tmps, (unsigned int)j + 1);
- free(tmps);
- }
+ if (type != NID_md5_sha1)
+ freezero(tmps, (unsigned int)j + 1);
return (ret);
}
ret = 1;
}
err:
- if (sig != NULL)
- X509_SIG_free(sig);
- if (s != NULL) {
- explicit_bzero(s, (unsigned int)siglen);
- free(s);
- }
+ X509_SIG_free(sig);
+ freezero(s, (unsigned int)siglen);
return ret;
}
-/* $OpenBSD: tls_config.c,v 1.38 2017/04/30 02:10:22 jsing Exp $ */
+/* $OpenBSD: tls_config.c,v 1.39 2017/05/02 03:59:45 deraadt Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
fail:
if (fd != -1)
close(fd);
- if (*buf != NULL)
- explicit_bzero(*buf, *len);
- free(*buf);
+ freezero(*buf, *len);
*buf = NULL;
*len = 0;
projects / openbsd / commitdiff