}
if (PKCS1_MGF1(dbmask, emlen - mdlen, seed, mdlen, mgf1md) < 0)
- return 0;
+ goto err;
for (i = 0; i < emlen - mdlen; i++)
db[i] ^= dbmask[i];
if (PKCS1_MGF1(seedmask, mdlen, db, emlen - mdlen, mgf1md) < 0)
- return 0;
+ goto err;
for (i = 0; i < mdlen; i++)
seed[i] ^= seedmask[i];
OPENSSL_free(dbmask);
return 1;
+
+ err:
+ OPENSSL_free(dbmask);
+ return 0;
}
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1,
RSA_R_OAEP_DECODING_ERROR);
cleanup:
- if (db != NULL)
+ if (db != NULL) {
+ OPENSSL_cleanse(db, dblen);
OPENSSL_free(db);
- if (em != NULL)
+ }
+ if (em != NULL) {
+ OPENSSL_cleanse(em, num);
OPENSSL_free(em);
+ }
return mlen;
}