mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix potential resource leaks with scr and normal math on key reuse

Browse Source
This commit is contained in:
toddouska 2014-10-01 11:15:36 -07:00
parent 8e96234513
commit 2f5520d14c
1 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/internal.c
View File

@ -4214,7 +4214,15 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
case RSAk:
{
word32 idx = 0;
if (RsaPublicKeyDecode(dCert.publicKey, &idx,
int keyRet = 0;
if (ssl->peerRsaKeyPresent) { /* don't leak on reuse */
FreeRsaKey(ssl->peerRsaKey);
ssl->peerRsaKeyPresent = 0;
keyRet = InitRsaKey(ssl->peerRsaKey, ssl->heap);
}
if (keyRet != 0 || RsaPublicKeyDecode(dCert.publicKey, &idx,
ssl->peerRsaKey, dCert.pubKeySize) != 0) {
ret = PEER_KEY_ERROR;
}
@ -4256,6 +4264,11 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
#ifdef HAVE_ECC
case ECDSAk:
{
if (ssl->peerEccDsaKeyPresent) { /* don't leak on reuse */
ecc_free(ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0;
ecc_init(ssl->peerEccDsaKey);
}
if (ecc_import_x963(dCert.publicKey, dCert.pubKeySize,
ssl->peerEccDsaKey) != 0) {
ret = PEER_KEY_ERROR;
@ -9336,6 +9349,12 @@ static void PickHashSigAlgo(CYASSL* ssl,
if ((*inOutIdx - begin) + length > size)
return BUFFER_ERROR;
if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
ecc_free(ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
ecc_init(ssl->peerEccKey);
}
if (ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey) != 0)
return ECC_PEERKEY_ERROR;
@ -12408,6 +12427,12 @@ static void PickHashSigAlgo(CYASSL* ssl,
if ((*inOutIdx - begin) + length > size)
return BUFFER_ERROR;
if (ssl->peerEccKeyPresent) { /* don't leak on reuse */
ecc_free(ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
ecc_init(ssl->peerEccKey);
}
if (ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey))
return ECC_PEERKEY_ERROR;