diff options
| author | Rich Salz <rsalz@openssl.org> | 2015-04-30 17:57:32 -0400 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2015-04-30 17:57:32 -0400 |
| commit | 4b45c6e52b208deff7da333d1c7f84bcd3986609 (patch) | |
| tree | db26f7a51ad582f203dce2145a43c3e0d4376f69 /crypto/ec | |
| parent | 68dc682499ea3fe27d909c946d7abd39062d6efd (diff) | |
| download | openssl-4b45c6e52b208deff7da333d1c7f84bcd3986609.tar.gz | |
free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/ec')
| -rw-r--r-- | crypto/ec/ec_key.c | 4 | ||||
| -rw-r--r-- | crypto/ec/ec_lib.c | 13 | ||||
| -rw-r--r-- | crypto/ec/ec_mult.c | 3 | ||||
| -rw-r--r-- | crypto/ec/ec_pmeth.c | 5 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistp224.c | 3 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistp256.c | 3 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistp521.c | 3 | ||||
| -rw-r--r-- | crypto/ec/ecp_nistz256.c | 10 |
8 files changed, 12 insertions, 32 deletions
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index b73263d6c1..dbd91d6f69 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -127,9 +127,7 @@ void EC_KEY_free(EC_KEY *r) EC_EX_DATA_free_all_data(&r->method_data); - OPENSSL_cleanse((void *)r, sizeof(EC_KEY)); - - OPENSSL_free(r); + OPENSSL_clear_free((void *)r, sizeof(EC_KEY)); } EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 0e850d699e..b2a5d79710 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -166,14 +166,8 @@ void EC_GROUP_clear_free(EC_GROUP *group) EC_POINT_clear_free(group->generator); BN_clear_free(group->order); BN_clear_free(group->cofactor); - - if (group->seed) { - OPENSSL_cleanse(group->seed, group->seed_len); - OPENSSL_free(group->seed); - } - - OPENSSL_cleanse(group, sizeof *group); - OPENSSL_free(group); + OPENSSL_clear_free(group->seed, group->seed_len); + OPENSSL_clear_free(group, sizeof *group); } int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) @@ -751,8 +745,7 @@ void EC_POINT_clear_free(EC_POINT *point) point->meth->point_clear_finish(point); else if (point->meth->point_finish != 0) point->meth->point_finish(point); - OPENSSL_cleanse(point, sizeof *point); - OPENSSL_free(point); + OPENSSL_clear_free(point, sizeof *point); } int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 979b4540ef..6dabfc8d99 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -169,8 +169,7 @@ static void ec_pre_comp_clear_free(void *pre_) } OPENSSL_free(pre->points); } - OPENSSL_cleanse(pre, sizeof *pre); - OPENSSL_free(pre); + OPENSSL_clear_free(pre, sizeof *pre); } /* diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c index 37f8fa1316..5b3d197b69 100644 --- a/crypto/ec/ec_pmeth.c +++ b/crypto/ec/ec_pmeth.c @@ -268,10 +268,7 @@ static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx, rv = 1; err: - if (ktmp) { - OPENSSL_cleanse(ktmp, ktmplen); - OPENSSL_free(ktmp); - } + OPENSSL_clear_free(ktmp, ktmplen); return rv; } #endif diff --git a/crypto/ec/ecp_nistp224.c b/crypto/ec/ecp_nistp224.c index 5afe71c70c..a5e76f41b9 100644 --- a/crypto/ec/ecp_nistp224.c +++ b/crypto/ec/ecp_nistp224.c @@ -1247,8 +1247,7 @@ static void nistp224_pre_comp_clear_free(void *pre_) if (i > 0) return; - OPENSSL_cleanse(pre, sizeof *pre); - OPENSSL_free(pre); + OPENSSL_clear_free(pre, sizeof *pre); } /******************************************************************************/ diff --git a/crypto/ec/ecp_nistp256.c b/crypto/ec/ecp_nistp256.c index 2f394bf88e..6fce22eb61 100644 --- a/crypto/ec/ecp_nistp256.c +++ b/crypto/ec/ecp_nistp256.c @@ -1862,8 +1862,7 @@ static void nistp256_pre_comp_clear_free(void *pre_) if (i > 0) return; - OPENSSL_cleanse(pre, sizeof *pre); - OPENSSL_free(pre); + OPENSSL_clear_free(pre, sizeof *pre); } /******************************************************************************/ diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c index b2fe653f1e..8657a8ff05 100644 --- a/crypto/ec/ecp_nistp521.c +++ b/crypto/ec/ecp_nistp521.c @@ -1691,8 +1691,7 @@ static void nistp521_pre_comp_clear_free(void *pre_) if (i > 0) return; - OPENSSL_cleanse(pre, sizeof(*pre)); - OPENSSL_free(pre); + OPENSSL_clear_free(pre, sizeof(*pre)); } /******************************************************************************/ diff --git a/crypto/ec/ecp_nistz256.c b/crypto/ec/ecp_nistz256.c index c527797341..417c29a682 100644 --- a/crypto/ec/ecp_nistz256.c +++ b/crypto/ec/ecp_nistz256.c @@ -1471,13 +1471,9 @@ static void ecp_nistz256_pre_comp_clear_free(void *pre_) if (i > 0) return; - if (pre->precomp_storage) { - OPENSSL_cleanse(pre->precomp, - 32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37); - OPENSSL_free(pre->precomp_storage); - } - OPENSSL_cleanse(pre, sizeof *pre); - OPENSSL_free(pre); + OPENSSL_clear_free(pre->precomp, + 32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37); + OPENSSL_clear_free(pre, sizeof *pre); } static int ecp_nistz256_window_have_precompute_mult(const EC_GROUP *group) |