From 36971258e3e47f04671f5f8e828293b253b4a79a Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Tue, 3 Mar 2015 14:20:23 +0000 Subject: [PATCH] Cleanse PKCS#8 private key components. New function ASN1_STRING_clear_free which cleanses an ASN1_STRING structure before freeing it. Call ASN1_STRING_clear_free on PKCS#8 private key components. Reviewed-by: Rich Salz (cherry picked from commit a8ae0891d4bfd18f224777aed1fbb172504421f1) Conflicts: crypto/dh/dh_ameth.c --- crypto/asn1/asn1.h | 1 + crypto/asn1/asn1_lib.c | 7 +++++++ crypto/dh/dh_ameth.c | 8 +++++--- crypto/dsa/dsa_ameth.c | 10 +++++----- 4 files changed, 18 insertions(+), 8 deletions(-) diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index ed2b9e6db4..8709849155 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -796,6 +796,7 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT) ASN1_STRING *ASN1_STRING_new(void); void ASN1_STRING_free(ASN1_STRING *a); +void ASN1_STRING_clear_free(ASN1_STRING *a); int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); ASN1_STRING *ASN1_STRING_type_new(int type); diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 00733a6a89..0b61fc9309 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -430,6 +430,13 @@ void ASN1_STRING_free(ASN1_STRING *a) OPENSSL_free(a); } +void ASN1_STRING_clear_free(ASN1_STRING *a) +{ + if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF)) + OPENSSL_cleanse(a->data, a->length); + ASN1_STRING_free(a); +} + int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) { int i; diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 2323f227e7..8a68aea5c0 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -215,7 +215,7 @@ static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) EVP_PKEY_assign_DH(pkey, dh); - ASN1_INTEGER_free(privkey); + ASN1_STRING_clear_free(privkey); return 1; @@ -223,6 +223,7 @@ static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR); dherr: DH_free(dh); + ASN1_STRING_clear_free(privkey); return 0; } @@ -257,7 +258,8 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) dplen = i2d_ASN1_INTEGER(prkey, &dp); - ASN1_INTEGER_free(prkey); + ASN1_STRING_clear_free(prkey); + prkey = NULL; if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dhKeyAgreement), 0, V_ASN1_SEQUENCE, params, dp, dplen)) @@ -271,7 +273,7 @@ static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) if (params != NULL) ASN1_STRING_free(params); if (prkey != NULL) - ASN1_INTEGER_free(prkey); + ASN1_STRING_clear_free(prkey); return 0; } diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 150a3ed874..9fdce81196 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -226,7 +226,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) goto decerr; if (privkey->type == V_ASN1_NEG_INTEGER) { p8->broken = PKCS8_NEG_PRIVKEY; - ASN1_INTEGER_free(privkey); + ASN1_STRING_clear_free(privkey); if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen))) goto decerr; } @@ -264,7 +264,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) if (ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); else - ASN1_INTEGER_free(privkey); + ASN1_STRING_clear_free(privkey); return 1; @@ -273,7 +273,7 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) dsaerr: BN_CTX_free(ctx); if (privkey) - ASN1_INTEGER_free(privkey); + ASN1_STRING_clear_free(privkey); sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); DSA_free(dsa); return 0; @@ -315,7 +315,7 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) dplen = i2d_ASN1_INTEGER(prkey, &dp); - ASN1_INTEGER_free(prkey); + ASN1_STRING_clear_free(prkey); if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0, V_ASN1_SEQUENCE, params, dp, dplen)) @@ -329,7 +329,7 @@ static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) if (params != NULL) ASN1_STRING_free(params); if (prkey != NULL) - ASN1_INTEGER_free(prkey); + ASN1_STRING_clear_free(prkey); return 0; } -- 2.25.1