diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2021-01-05 17:49:05 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2021-01-05 17:49:05 +0000 |
| commit | 0dd0db54f0ac9cceb5bea704d216d02e96d60810 (patch) | |
| tree | 40b27b893ef6a3b30cb4e6e2a2827d8bf1350374 /lib/libssl/tls13_record_layer.c | |
| parent | 1e0c384c5e94d7e41657bf68e8f9914a8a24d25f (diff) | |
Convert tls13_record_layer.c to tls13_secret_{init,cleanup}()
ok jsing
Diffstat (limited to 'lib/libssl/tls13_record_layer.c')
| -rw-r--r-- | lib/libssl/tls13_record_layer.c | 32 |
1 files changed, 11 insertions, 21 deletions
diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c index 6d3f3f4929b..bbecc60674d 100644 --- a/lib/libssl/tls13_record_layer.c +++ b/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.57 2021/01/04 16:46:07 tb Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.58 2021/01/05 17:49:04 tb Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -146,10 +146,10 @@ tls13_record_layer_free(struct tls13_record_layer *rl) EVP_AEAD_CTX_cleanup(&rl->read_aead_ctx); EVP_AEAD_CTX_cleanup(&rl->write_aead_ctx); - freezero(rl->read_iv.data, rl->read_iv.len); - freezero(rl->write_iv.data, rl->write_iv.len); - freezero(rl->read_nonce.data, rl->read_nonce.len); - freezero(rl->write_nonce.data, rl->write_nonce.len); + tls13_secret_cleanup(&rl->read_iv); + tls13_secret_cleanup(&rl->write_iv); + tls13_secret_cleanup(&rl->read_nonce); + tls13_secret_cleanup(&rl->write_nonce); freezero(rl, sizeof(struct tls13_record_layer)); } @@ -440,25 +440,15 @@ tls13_record_layer_set_traffic_key(const EVP_AEAD *aead, EVP_AEAD_CTX *aead_ctx, EVP_AEAD_CTX_cleanup(aead_ctx); - freezero(iv->data, iv->len); - iv->data = NULL; - iv->len = 0; + tls13_secret_cleanup(iv); + tls13_secret_cleanup(nonce); - freezero(nonce->data, nonce->len); - nonce->data = NULL; - nonce->len = 0; - - if ((iv->data = calloc(1, EVP_AEAD_nonce_length(aead))) == NULL) + if (!tls13_secret_init(iv, EVP_AEAD_nonce_length(aead))) goto err; - iv->len = EVP_AEAD_nonce_length(aead); - - if ((nonce->data = calloc(1, EVP_AEAD_nonce_length(aead))) == NULL) + if (!tls13_secret_init(nonce, EVP_AEAD_nonce_length(aead))) goto err; - nonce->len = EVP_AEAD_nonce_length(aead); - - if ((key.data = calloc(1, EVP_AEAD_key_length(aead))) == NULL) + if (!tls13_secret_init(&key, EVP_AEAD_key_length(aead))) goto err; - key.len = EVP_AEAD_key_length(aead); if (!tls13_hkdf_expand_label(iv, hash, traffic_key, "iv", &context)) goto err; @@ -472,7 +462,7 @@ tls13_record_layer_set_traffic_key(const EVP_AEAD *aead, EVP_AEAD_CTX *aead_ctx, ret = 1; err: - freezero(key.data, key.len); + tls13_secret_cleanup(&key); return ret; } |