From: Matt Caswell Date: Tue, 23 Jun 2020 15:47:31 +0000 (+0100) Subject: Ensure any allocated MAC is freed in the provider code X-Git-Tag: openssl-3.0.0-alpha5~69 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=63ee6ec17714f5446a3656083e438ec941bdd542;p=thirdparty%2Fopenssl.git Ensure any allocated MAC is freed in the provider code Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/12288) --- diff --git a/providers/implementations/ciphers/cipher_aes.c b/providers/implementations/ciphers/cipher_aes.c index ea23e1eed97..decc27517ca 100644 --- a/providers/implementations/ciphers/cipher_aes.c +++ b/providers/implementations/ciphers/cipher_aes.c @@ -26,6 +26,7 @@ static void aes_freectx(void *vctx) { PROV_AES_CTX *ctx = (PROV_AES_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c index d684914c5ac..046a66c56db 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c @@ -283,8 +283,10 @@ static void aes_cbc_hmac_sha1_freectx(void *vctx) { PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; - if (ctx != NULL) + if (ctx != NULL) { + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); + } } static void *aes_cbc_hmac_sha256_newctx(void *provctx, size_t kbits, @@ -304,8 +306,10 @@ static void aes_cbc_hmac_sha256_freectx(void *vctx) { PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; - if (ctx != NULL) + if (ctx != NULL) { + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); + } } # define IMPLEMENT_CIPHER(nm, sub, kbits, blkbits, ivbits, flags) \ diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index 09c38b7ef46..2f30b7ffdf3 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -305,6 +305,7 @@ static void aes_ocb_freectx(void *vctx) if (ctx != NULL) { aes_generic_ocb_cleanup(ctx); + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } diff --git a/providers/implementations/ciphers/cipher_aes_wrp.c b/providers/implementations/ciphers/cipher_aes_wrp.c index 9782afa137a..5c2ab1c5074 100644 --- a/providers/implementations/ciphers/cipher_aes_wrp.c +++ b/providers/implementations/ciphers/cipher_aes_wrp.c @@ -64,6 +64,7 @@ static void aes_wrap_freectx(void *vctx) { PROV_AES_WRAP_CTX *wctx = (PROV_AES_WRAP_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(wctx, sizeof(*wctx)); } diff --git a/providers/implementations/ciphers/cipher_aes_xts.c b/providers/implementations/ciphers/cipher_aes_xts.c index 96e885e2ca9..f564075abe7 100644 --- a/providers/implementations/ciphers/cipher_aes_xts.c +++ b/providers/implementations/ciphers/cipher_aes_xts.c @@ -120,6 +120,7 @@ static void aes_xts_freectx(void *vctx) { PROV_AES_XTS_CTX *ctx = (PROV_AES_XTS_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_aria.c b/providers/implementations/ciphers/cipher_aria.c index 67dfe0d35fb..a0796179281 100644 --- a/providers/implementations/ciphers/cipher_aria.c +++ b/providers/implementations/ciphers/cipher_aria.c @@ -19,6 +19,7 @@ static void aria_freectx(void *vctx) { PROV_ARIA_CTX *ctx = (PROV_ARIA_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_blowfish.c b/providers/implementations/ciphers/cipher_blowfish.c index bb2fa88f6ae..3eb4ebead26 100644 --- a/providers/implementations/ciphers/cipher_blowfish.c +++ b/providers/implementations/ciphers/cipher_blowfish.c @@ -27,6 +27,7 @@ static void blowfish_freectx(void *vctx) { PROV_BLOWFISH_CTX *ctx = (PROV_BLOWFISH_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_camellia.c b/providers/implementations/ciphers/cipher_camellia.c index abb24621a66..ffb23b475ae 100644 --- a/providers/implementations/ciphers/cipher_camellia.c +++ b/providers/implementations/ciphers/cipher_camellia.c @@ -25,6 +25,7 @@ static void camellia_freectx(void *vctx) { PROV_CAMELLIA_CTX *ctx = (PROV_CAMELLIA_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_cast5.c b/providers/implementations/ciphers/cipher_cast5.c index febadfb62b7..938b8d20130 100644 --- a/providers/implementations/ciphers/cipher_cast5.c +++ b/providers/implementations/ciphers/cipher_cast5.c @@ -28,6 +28,7 @@ static void cast5_freectx(void *vctx) { PROV_CAST_CTX *ctx = (PROV_CAST_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_chacha20.c b/providers/implementations/ciphers/cipher_chacha20.c index 45571180c8f..6759b0e0f93 100644 --- a/providers/implementations/ciphers/cipher_chacha20.c +++ b/providers/implementations/ciphers/cipher_chacha20.c @@ -55,6 +55,7 @@ static void chacha20_freectx(void *vctx) PROV_CHACHA20_CTX *ctx = (PROV_CHACHA20_CTX *)vctx; if (ctx != NULL) { + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c index 3fa4684125e..a93f722551c 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c @@ -65,8 +65,10 @@ static void chacha20_poly1305_freectx(void *vctx) { PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)vctx; - if (ctx != NULL) + if (ctx != NULL) { + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); + } } static int chacha20_poly1305_get_params(OSSL_PARAM params[]) diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index 7a7f16e4542..7a60e0501ce 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -58,6 +58,7 @@ static void des_freectx(void *vctx) { PROV_DES_CTX *ctx = (PROV_DES_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_idea.c b/providers/implementations/ciphers/cipher_idea.c index 68cca45f92f..7fc5d8403dd 100644 --- a/providers/implementations/ciphers/cipher_idea.c +++ b/providers/implementations/ciphers/cipher_idea.c @@ -26,6 +26,7 @@ static void idea_freectx(void *vctx) { PROV_IDEA_CTX *ctx = (PROV_IDEA_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_rc2.c b/providers/implementations/ciphers/cipher_rc2.c index f2304b7c0f1..d1558be002c 100644 --- a/providers/implementations/ciphers/cipher_rc2.c +++ b/providers/implementations/ciphers/cipher_rc2.c @@ -32,6 +32,7 @@ static void rc2_freectx(void *vctx) { PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_rc4.c b/providers/implementations/ciphers/cipher_rc4.c index 97d66660f0c..4660185d45b 100644 --- a/providers/implementations/ciphers/cipher_rc4.c +++ b/providers/implementations/ciphers/cipher_rc4.c @@ -28,6 +28,7 @@ static void rc4_freectx(void *vctx) { PROV_RC4_CTX *ctx = (PROV_RC4_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c index 836274abb0a..d9535e23ce0 100644 --- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c +++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c @@ -62,6 +62,7 @@ static void rc4_hmac_md5_freectx(void *vctx) { PROV_RC4_HMAC_MD5_CTX *ctx = (PROV_RC4_HMAC_MD5_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_rc5.c b/providers/implementations/ciphers/cipher_rc5.c index 4d719279148..68ce6fdd915 100644 --- a/providers/implementations/ciphers/cipher_rc5.c +++ b/providers/implementations/ciphers/cipher_rc5.c @@ -28,6 +28,7 @@ static void rc5_freectx(void *vctx) { PROV_RC5_CTX *ctx = (PROV_RC5_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_seed.c b/providers/implementations/ciphers/cipher_seed.c index 3a3e012fe01..53520b3c4da 100644 --- a/providers/implementations/ciphers/cipher_seed.c +++ b/providers/implementations/ciphers/cipher_seed.c @@ -25,6 +25,7 @@ static void seed_freectx(void *vctx) { PROV_SEED_CTX *ctx = (PROV_SEED_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_sm4.c b/providers/implementations/ciphers/cipher_sm4.c index e7208ad16cb..a5920562fcb 100644 --- a/providers/implementations/ciphers/cipher_sm4.c +++ b/providers/implementations/ciphers/cipher_sm4.c @@ -19,6 +19,7 @@ static void sm4_freectx(void *vctx) { PROV_SM4_CTX *ctx = (PROV_SM4_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index 4e50450e4dc..6cdc88749c0 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -48,6 +48,7 @@ void tdes_freectx(void *vctx) { PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx; + cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c index 9c71a7df2a2..2cd5b6f571b 100644 --- a/providers/implementations/ciphers/ciphercommon.c +++ b/providers/implementations/ciphers/ciphercommon.c @@ -133,6 +133,15 @@ const OSSL_PARAM *cipher_aead_settable_ctx_params(void) return cipher_aead_known_settable_ctx_params; } +void cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx) +{ + if (ctx != NULL && ctx->alloced) { + OPENSSL_free(ctx->tlsmac); + ctx->alloced = 0; + ctx->tlsmac = NULL; + } +} + static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, const unsigned char *key, size_t keylen, const unsigned char *iv, size_t ivlen, @@ -203,8 +212,13 @@ int cipher_generic_block_update(void *vctx, unsigned char *out, size_t *outl, return 0; } + if (ctx->alloced) { + OPENSSL_free(ctx->tlsmac); + ctx->alloced = 0; + ctx->tlsmac = NULL; + } + /* This only fails if padding is publicly invalid */ - /* TODO(3.0): FIX ME FIX ME - Figure out aead */ *outl = inl; if (!ctx->enc && !tlsunpadblock(ctx->libctx, ctx->tlsversion, out, outl, diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h index 83f64e77281..a5ffbc48a1a 100644 --- a/providers/implementations/include/prov/ciphercommon.h +++ b/providers/implementations/include/prov/ciphercommon.h @@ -87,6 +87,7 @@ struct prov_cipher_hw_st { void (*copyctx)(PROV_CIPHER_CTX *dst, const PROV_CIPHER_CTX *src); }; +void cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx); OSSL_FUNC_cipher_encrypt_init_fn cipher_generic_einit; OSSL_FUNC_cipher_decrypt_init_fn cipher_generic_dinit; OSSL_FUNC_cipher_update_fn cipher_generic_block_update; @@ -103,6 +104,7 @@ OSSL_FUNC_cipher_set_ctx_params_fn cipher_var_keylen_set_ctx_params; OSSL_FUNC_cipher_settable_ctx_params_fn cipher_var_keylen_settable_ctx_params; OSSL_FUNC_cipher_gettable_ctx_params_fn cipher_aead_gettable_ctx_params; OSSL_FUNC_cipher_settable_ctx_params_fn cipher_aead_settable_ctx_params; + int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, unsigned long flags, size_t kbits, size_t blkbits, size_t ivbits);