From: Joseph Sutton Date: Tue, 28 Nov 2023 23:27:03 +0000 (+1300) Subject: lib:crypto: Clean up HMAC handle in one place X-Git-Tag: talloc-2.4.2~448 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6b5ccd2508312e9c89262a123203c8eb7e25839d;p=thirdparty%2Fsamba.git lib:crypto: Clean up HMAC handle in one place This is less error prone than having to ensure it’s cleaned up in every error path. Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- diff --git a/lib/crypto/gnutls_sp800_108.c b/lib/crypto/gnutls_sp800_108.c index 599a79162db..7fd7461c9eb 100644 --- a/lib/crypto/gnutls_sp800_108.c +++ b/lib/crypto/gnutls_sp800_108.c @@ -42,37 +42,32 @@ static NTSTATUS samba_gnutls_sp800_108_derive_key_part( RSIVAL(buf, 0, i); rc = gnutls_hmac(hmac_hnd, buf, sizeof(buf)); if (rc < 0) { - gnutls_hmac_deinit(hmac_hnd, NULL); return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_hmac(hmac_hnd, Label, Label_len); if (rc < 0) { - gnutls_hmac_deinit(hmac_hnd, NULL); return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_hmac(hmac_hnd, &zero, 1); if (rc < 0) { - gnutls_hmac_deinit(hmac_hnd, NULL); return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } rc = gnutls_hmac(hmac_hnd, Context, Context_len); if (rc < 0) { - gnutls_hmac_deinit(hmac_hnd, NULL); return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } RSIVAL(buf, 0, L); rc = gnutls_hmac(hmac_hnd, buf, sizeof(buf)); if (rc < 0) { - gnutls_hmac_deinit(hmac_hnd, NULL); return gnutls_error_to_ntstatus(rc, NT_STATUS_HMAC_NOT_SUPPORTED); } - gnutls_hmac_deinit(hmac_hnd, digest); + gnutls_hmac_output(hmac_hnd, digest); return NT_STATUS_OK; } @@ -168,5 +163,9 @@ NTSTATUS samba_gnutls_sp800_108_derive_key( ZERO_ARRAY(digest); out: + if (hmac_hnd != NULL) { + gnutls_hmac_deinit(hmac_hnd, NULL); + } + return status; }