From: Zhiqi Song <songzhiqi1@huawei.com> 1. Fixup the private key is not securely released. 2. Fixup the abnormal branch may double free br and bs. 3. Check whether the 'siglen' address is empty. Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com> Signed-off-by: JiangShui Yang <yangjiangshui@h-partners.com> --- src/uadk_dh.c | 2 +- src/uadk_sm2.c | 10 ++++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/uadk_dh.c b/src/uadk_dh.c index b7d17c4..011bf56 100644 --- a/src/uadk_dh.c +++ b/src/uadk_dh.c @@ -870,7 +870,7 @@ static int uadk_e_dh_generate_key(DH *dh) free_data: if (dh_sess->key_flag == KEY_GEN_BY_ENGINE) - BN_free(priv_key); + BN_clear_free(priv_key); dh_free_eng_session(dh_sess); soft_log: fprintf(stderr, "switch to execute openssl software calculation.\n"); diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c index b8548d1..170d320 100644 --- a/src/uadk_sm2.c +++ b/src/uadk_sm2.c @@ -413,10 +413,11 @@ static int sign_bin_to_ber(EC_KEY *ec, struct wd_dtb *r, struct wd_dtb *s, return 0; free_s: - BN_free(bs); + BN_clear_free(bs); free_r: - BN_free(br); + BN_clear_free(br); free_sig: + ECDSA_SIG_set0(e_sig, NULL, NULL); ECDSA_SIG_free(e_sig); return ret; @@ -679,6 +680,11 @@ static int sm2_sign_check(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EC_KEY *ec = EVP_PKEY_get0(p_key); const int sig_sz = ECDSA_size(ec); + if (!siglen) { + fprintf(stderr, "siglen is NULL\n"); + return -EINVAL; + } + /* * If 'sig' is NULL, users can use sm2_decrypt API to obtain the valid 'siglen' first, * then users use the value of 'signlen' to alloc the memory of 'sig' and call the -- 2.33.0