shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 18:04:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

crypto: Add ssh_crypto_free().

Browse Source 
The intention is that this releases memory allocated by the crypto
library, for functions like bignum_bn2hex() and bignum_bn2dec().
Consequently, ssh_gcry_bn2dec and ssh_mbedcry_bn2num should use
gcry_malloc() and mbedtls_calloc() respectively to allocate
memory since it will/should be released by ssh_crypto_free() so
that the internal APIs are consistent between crypto libraries.

Signed-off-by: Simon Josefsson <simon@josefsson.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This commit is contained in:
Simon Josefsson
2023-08-23 09:16:34 +02:00
committed by Jakub Jelen
parent 06fbf5c159
commit 504faca67a
6 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
include/libssh/libcrypto.h
View File

@@ -59,8 +59,15 @@ typedef void *EVPCTX;
#define EVP_DIGEST_LEN EVP_MAX_MD_SIZE #define EVP_DIGEST_LEN EVP_MAX_MD_SIZE
#endif #endif
/* Use ssh_crypto_free() to release memory allocated by bignum_bn2dec(),
bignum_bn2hex() and other functions that use crypto-library functions that
are documented to allocate memory that needs to be de-allocate with
OPENSSL_free. */
#define ssh_crypto_free(x) OPENSSL_free(x)
#include <openssl/bn.h> #include <openssl/bn.h>
#include <openssl/opensslv.h> #include <openssl/opensslv.h>
typedef BIGNUM* bignum; typedef BIGNUM* bignum;
typedef const BIGNUM* const_bignum; typedef const BIGNUM* const_bignum;
typedef BN_CTX* bignum_CTX; typedef BN_CTX* bignum_CTX;

2
include/libssh/libgcrypt.h
View File

@@ -49,6 +49,8 @@ typedef gcry_md_hd_t EVPCTX;
#define EVP_DIGEST_LEN EVP_MAX_MD_SIZE #define EVP_DIGEST_LEN EVP_MAX_MD_SIZE
#define ssh_crypto_free(x) gcry_free(x)
typedef gcry_mpi_t bignum; typedef gcry_mpi_t bignum;
typedef const struct gcry_mpi *const_bignum; typedef const struct gcry_mpi *const_bignum;
typedef void* bignum_CTX; typedef void* bignum_CTX;

3
include/libssh/libmbedcrypto.h
View File

@@ -34,6 +34,7 @@
#include <mbedtls/cipher.h> #include <mbedtls/cipher.h>
#include <mbedtls/entropy.h> #include <mbedtls/entropy.h>
#include <mbedtls/ctr_drbg.h> #include <mbedtls/ctr_drbg.h>
#include <mbedtls/platform.h>
typedef mbedtls_md_context_t *SHACTX; typedef mbedtls_md_context_t *SHACTX;
typedef mbedtls_md_context_t *SHA256CTX; typedef mbedtls_md_context_t *SHA256CTX;
@@ -59,6 +60,8 @@ typedef mbedtls_md_context_t *EVPCTX;
#define EVP_DIGEST_LEN EVP_MAX_MD_SIZE #define EVP_DIGEST_LEN EVP_MAX_MD_SIZE
#define ssh_crypto_free(x) mbedtls_free(x)
typedef mbedtls_mpi *bignum; typedef mbedtls_mpi *bignum;
typedef const mbedtls_mpi *const_bignum; typedef const mbedtls_mpi *const_bignum;
typedef void* bignum_CTX; typedef void* bignum_CTX;

8
src/bignum.c
View File

@@ -88,11 +88,5 @@ void ssh_print_bignum(const char *name, const_bignum num)
} }
SSH_LOG(SSH_LOG_DEBUG, "%s value: %s", name, SSH_LOG(SSH_LOG_DEBUG, "%s value: %s", name,
(hex == NULL) ? "(null)" : (char *)hex); (hex == NULL) ? "(null)" : (char *)hex);
#ifdef HAVE_LIBGCRYPT ssh_crypto_free(hex);
SAFE_FREE(hex);
#elif defined HAVE_LIBCRYPTO
OPENSSL_free(hex);
#elif defined HAVE_LIBMBEDCRYPTO
SAFE_FREE(hex);
#endif
} }

2
src/gcrypt_missing.c
View File

@@ -55,7 +55,7 @@ char *ssh_gcry_bn2dec(bignum bn) {
size = gcry_mpi_get_nbits(bn) * 3; size = gcry_mpi_get_nbits(bn) * 3;
rsize = size / 10 + size / 1000 + 2; rsize = size / 10 + size / 1000 + 2;
ret = malloc(rsize + 1); ret = gcry_malloc(rsize + 1);
if (ret == NULL) { if (ret == NULL) {
return NULL; return NULL;
} }

2
src/mbedcrypto_missing.c
View File

@@ -56,7 +56,7 @@ char *ssh_mbedcry_bn2num(const_bignum num, int radix)
return NULL; return NULL;
} }
buf = malloc(olen); buf = mbedtls_calloc(1, olen);
if (buf == NULL) { if (buf == NULL) {
return NULL; return NULL;
} }