From: tb Date: Fri, 14 Jan 2022 09:12:15 +0000 (+0000) Subject: Convert the new record layers to opaque EVP_AEAD_CTX X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f9a06750c813ba6d3ca4bdcf93c80d1e564e04e0;p=openbsd Convert the new record layers to opaque EVP_AEAD_CTX ok jsing --- diff --git a/lib/libssl/tls12_record_layer.c b/lib/libssl/tls12_record_layer.c index f7264a17c50..3568e1876ac 100644 --- a/lib/libssl/tls12_record_layer.c +++ b/lib/libssl/tls12_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls12_record_layer.c,v 1.35 2021/10/23 15:02:27 jsing Exp $ */ +/* $OpenBSD: tls12_record_layer.c,v 1.36 2022/01/14 09:12:15 tb Exp $ */ /* * Copyright (c) 2020 Joel Sing * @@ -61,10 +61,7 @@ tls12_record_protection_new(void) static void tls12_record_protection_clear(struct tls12_record_protection *rp) { - if (rp->aead_ctx != NULL) { - EVP_AEAD_CTX_cleanup(rp->aead_ctx); - freezero(rp->aead_ctx, sizeof(*rp->aead_ctx)); - } + EVP_AEAD_CTX_free(rp->aead_ctx); freezero(rp->aead_nonce, rp->aead_nonce_len); freezero(rp->aead_fixed_nonce, rp->aead_fixed_nonce_len); @@ -422,7 +419,7 @@ tls12_record_layer_ccs_aead(struct tls12_record_layer *rl, if (!tls12_record_protection_unused(rp)) return 0; - if ((rp->aead_ctx = calloc(1, sizeof(*rp->aead_ctx))) == NULL) + if ((rp->aead_ctx = EVP_AEAD_CTX_new()) == NULL) return 0; /* AES GCM cipher suites use variable nonce in record. */ diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c index b49d237951e..c68ee3b3a5c 100644 --- a/lib/libssl/tls13_record_layer.c +++ b/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.66 2022/01/06 18:18:13 jsing Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.67 2022/01/14 09:12:15 tb Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -40,10 +40,7 @@ tls13_record_protection_new(void) void tls13_record_protection_clear(struct tls13_record_protection *rp) { - if (rp->aead_ctx != NULL) { - EVP_AEAD_CTX_cleanup(rp->aead_ctx); - freezero(rp->aead_ctx, sizeof(*rp->aead_ctx)); - } + EVP_AEAD_CTX_free(rp->aead_ctx); tls13_secret_cleanup(&rp->iv); tls13_secret_cleanup(&rp->nonce); @@ -461,7 +458,7 @@ tls13_record_layer_set_traffic_key(const EVP_AEAD *aead, const EVP_MD *hash, tls13_record_protection_clear(rp); - if ((rp->aead_ctx = calloc(1, sizeof(*rp->aead_ctx))) == NULL) + if ((rp->aead_ctx = EVP_AEAD_CTX_new()) == NULL) return 0; if (!tls13_secret_init(&rp->iv, EVP_AEAD_nonce_length(aead)))