Remove redundant calls to |OPENSSL_cleanse| and |OPENSSL_realloc_clean|. Change-Id: I5c85c4d072ec157b37ed95b284a26ab32c0c42d9 Reviewed-on: https://boringssl-review.googlesource.com/19824 Reviewed-by: Martin Kreichgauer <martinkr@google.com> Commit-Queue: Martin Kreichgauer <martinkr@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index 106dab1..3942638 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c
@@ -217,8 +217,7 @@ if (a->data == NULL) c = (unsigned char *)OPENSSL_malloc(w + 1); else - c = (unsigned char *)OPENSSL_realloc_clean(a->data, - a->length, w + 1); + c = (unsigned char *)OPENSSL_realloc(a->data, w + 1); if (c == NULL) { OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); return 0;
diff --git a/crypto/buf/buf.c b/crypto/buf/buf.c index 1305c58..5addc79 100644 --- a/crypto/buf/buf.c +++ b/crypto/buf/buf.c
@@ -82,11 +82,7 @@ return; } - if (buf->data != NULL) { - OPENSSL_cleanse(buf->data, buf->max); - OPENSSL_free(buf->data); - } - + OPENSSL_free(buf->data); OPENSSL_free(buf); } @@ -109,17 +105,7 @@ return 0; } - char *new_buf; - if (buf->data == NULL) { - new_buf = OPENSSL_malloc(alloc_size); - } else { - if (clean) { - new_buf = OPENSSL_realloc_clean(buf->data, buf->max, alloc_size); - } else { - new_buf = OPENSSL_realloc(buf->data, alloc_size); - } - } - + char *new_buf = OPENSSL_realloc(buf->data, alloc_size); if (new_buf == NULL) { OPENSSL_PUT_ERROR(BUF, ERR_R_MALLOC_FAILURE); return 0;
diff --git a/crypto/cipher_extra/e_aesctrhmac.c b/crypto/cipher_extra/e_aesctrhmac.c index 9c357f4..3a0de9b 100644 --- a/crypto/cipher_extra/e_aesctrhmac.c +++ b/crypto/cipher_extra/e_aesctrhmac.c
@@ -102,9 +102,7 @@ } static void aead_aes_ctr_hmac_sha256_cleanup(EVP_AEAD_CTX *ctx) { - struct aead_aes_ctr_hmac_sha256_ctx *aes_ctx = ctx->aead_state; - OPENSSL_cleanse(aes_ctx, sizeof(struct aead_aes_ctr_hmac_sha256_ctx)); - OPENSSL_free(aes_ctx); + OPENSSL_free(ctx->aead_state); } static void hmac_update_uint64(SHA256_CTX *sha256, uint64_t value) {
diff --git a/crypto/cipher_extra/e_aesgcmsiv.c b/crypto/cipher_extra/e_aesgcmsiv.c index 654705b..9de2300 100644 --- a/crypto/cipher_extra/e_aesgcmsiv.c +++ b/crypto/cipher_extra/e_aesgcmsiv.c
@@ -592,9 +592,7 @@ } static void aead_aes_gcm_siv_cleanup(EVP_AEAD_CTX *ctx) { - struct aead_aes_gcm_siv_ctx *gcm_siv_ctx = ctx->aead_state; - OPENSSL_cleanse(gcm_siv_ctx, sizeof(struct aead_aes_gcm_siv_ctx)); - OPENSSL_free(gcm_siv_ctx); + OPENSSL_free(ctx->aead_state); } // gcm_siv_crypt encrypts (or decrypts—it's the same thing) |in_len| bytes from
diff --git a/crypto/cipher_extra/e_chacha20poly1305.c b/crypto/cipher_extra/e_chacha20poly1305.c index d80a910..64ab457 100644 --- a/crypto/cipher_extra/e_chacha20poly1305.c +++ b/crypto/cipher_extra/e_chacha20poly1305.c
@@ -136,9 +136,7 @@ } static void aead_chacha20_poly1305_cleanup(EVP_AEAD_CTX *ctx) { - struct aead_chacha20_poly1305_ctx *c20_ctx = ctx->aead_state; - OPENSSL_cleanse(c20_ctx->key, sizeof(c20_ctx->key)); - OPENSSL_free(c20_ctx); + OPENSSL_free(ctx->aead_state); } static void poly1305_update_length(poly1305_state *poly1305, size_t data_len) {
diff --git a/crypto/cipher_extra/e_tls.c b/crypto/cipher_extra/e_tls.c index 4b87983..72754c0 100644 --- a/crypto/cipher_extra/e_tls.c +++ b/crypto/cipher_extra/e_tls.c
@@ -48,7 +48,6 @@ AEAD_TLS_CTX *tls_ctx = (AEAD_TLS_CTX *)ctx->aead_state; EVP_CIPHER_CTX_cleanup(&tls_ctx->cipher_ctx); HMAC_CTX_cleanup(&tls_ctx->hmac_ctx); - OPENSSL_cleanse(&tls_ctx->mac_key, sizeof(tls_ctx->mac_key)); OPENSSL_free(tls_ctx); ctx->aead_state = NULL; }
diff --git a/crypto/evp/p_ed25519_asn1.c b/crypto/evp/p_ed25519_asn1.c index 37aebe0..65b4112 100644 --- a/crypto/evp/p_ed25519_asn1.c +++ b/crypto/evp/p_ed25519_asn1.c
@@ -24,12 +24,8 @@ static void ed25519_free(EVP_PKEY *pkey) { - if (pkey->pkey.ptr != NULL) { - ED25519_KEY *key = pkey->pkey.ptr; - OPENSSL_cleanse(key, sizeof(ED25519_KEY)); - OPENSSL_free(key); - pkey->pkey.ptr = NULL; - } + OPENSSL_free(pkey->pkey.ptr); + pkey->pkey.ptr = NULL; } static int set_pubkey(EVP_PKEY *pkey, const uint8_t pubkey[32]) {
diff --git a/crypto/fipsmodule/bn/bn.c b/crypto/fipsmodule/bn/bn.c index 9ba1913..4ed6ab0 100644 --- a/crypto/fipsmodule/bn/bn.c +++ b/crypto/fipsmodule/bn/bn.c
@@ -108,16 +108,18 @@ } if (bn->d != NULL) { - OPENSSL_cleanse(bn->d, bn->dmax * sizeof(bn->d[0])); if ((bn->flags & BN_FLG_STATIC_DATA) == 0) { OPENSSL_free(bn->d); + } else { + OPENSSL_cleanse(bn->d, bn->dmax * sizeof(bn->d[0])); } } should_free = (bn->flags & BN_FLG_MALLOCED) != 0; - OPENSSL_cleanse(bn, sizeof(BIGNUM)); if (should_free) { OPENSSL_free(bn); + } else { + OPENSSL_cleanse(bn, sizeof(BIGNUM)); } }
diff --git a/crypto/fipsmodule/bn/exponentiation.c b/crypto/fipsmodule/bn/exponentiation.c index ae78ff9..f4e028b 100644 --- a/crypto/fipsmodule/bn/exponentiation.c +++ b/crypto/fipsmodule/bn/exponentiation.c
@@ -1168,10 +1168,7 @@ err: BN_MONT_CTX_free(new_mont); BN_clear_free(new_a); - if (powerbuf != NULL) { - OPENSSL_cleanse(powerbuf, powerbufLen); - OPENSSL_free(powerbufFree); - } + OPENSSL_free(powerbufFree); return (ret); }
diff --git a/crypto/fipsmodule/bn/random.c b/crypto/fipsmodule/bn/random.c index 64e7605..2257da0 100644 --- a/crypto/fipsmodule/bn/random.c +++ b/crypto/fipsmodule/bn/random.c
@@ -188,11 +188,8 @@ ret = 1; err: - if (buf != NULL) { - OPENSSL_cleanse(buf, bytes); - OPENSSL_free(buf); - } - return (ret); + OPENSSL_free(buf); + return ret; } int BN_rand(BIGNUM *rnd, int bits, int top, int bottom) {
diff --git a/crypto/fipsmodule/cipher/cipher.c b/crypto/fipsmodule/cipher/cipher.c index 8f0d788..00d8390 100644 --- a/crypto/fipsmodule/cipher/cipher.c +++ b/crypto/fipsmodule/cipher/cipher.c
@@ -80,11 +80,8 @@ } int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) { - if (c->cipher != NULL) { - if (c->cipher->cleanup) { - c->cipher->cleanup(c); - } - OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); + if (c->cipher != NULL && c->cipher->cleanup) { + c->cipher->cleanup(c); } OPENSSL_free(c->cipher_data);
diff --git a/crypto/fipsmodule/cipher/e_aes.c b/crypto/fipsmodule/cipher/e_aes.c index bd9847c..b469276 100644 --- a/crypto/fipsmodule/cipher/e_aes.c +++ b/crypto/fipsmodule/cipher/e_aes.c
@@ -1197,9 +1197,7 @@ } static void aead_aes_gcm_cleanup(EVP_AEAD_CTX *ctx) { - struct aead_aes_gcm_ctx *gcm_ctx = ctx->aead_state; - OPENSSL_cleanse(gcm_ctx, sizeof(struct aead_aes_gcm_ctx)); - OPENSSL_free(gcm_ctx); + OPENSSL_free(ctx->aead_state); } static int aead_aes_gcm_seal_scatter(const EVP_AEAD_CTX *ctx, uint8_t *out, @@ -1366,9 +1364,7 @@ } static void aead_aes_gcm_tls12_cleanup(EVP_AEAD_CTX *ctx) { - struct aead_aes_gcm_tls12_ctx *gcm_ctx = ctx->aead_state; - OPENSSL_cleanse(gcm_ctx, sizeof(struct aead_aes_gcm_tls12_ctx)); - OPENSSL_free(gcm_ctx); + OPENSSL_free(ctx->aead_state); } static int aead_aes_gcm_tls12_seal_scatter(
diff --git a/crypto/fipsmodule/digest/digest.c b/crypto/fipsmodule/digest/digest.c index f8a0dd2..886c910 100644 --- a/crypto/fipsmodule/digest/digest.c +++ b/crypto/fipsmodule/digest/digest.c
@@ -91,7 +91,6 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) { if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) { - OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); OPENSSL_free(ctx->md_data); }
diff --git a/crypto/fipsmodule/ec/ec.c b/crypto/fipsmodule/ec/ec.c index d82e58f..a39ca59 100644 --- a/crypto/fipsmodule/ec/ec.c +++ b/crypto/fipsmodule/ec/ec.c
@@ -635,7 +635,6 @@ ec_GFp_simple_point_clear_finish(point); - OPENSSL_cleanse(point, sizeof *point); OPENSSL_free(point); }
diff --git a/crypto/fipsmodule/ec/ec_key.c b/crypto/fipsmodule/ec/ec_key.c index e5e8b1a..bba4402 100644 --- a/crypto/fipsmodule/ec/ec_key.c +++ b/crypto/fipsmodule/ec/ec_key.c
@@ -156,7 +156,6 @@ CRYPTO_free_ex_data(g_ec_ex_data_class_bss_get(), r, &r->ex_data); - OPENSSL_cleanse((void *)r, sizeof(EC_KEY)); OPENSSL_free(r); }
diff --git a/crypto/fipsmodule/rsa/rsa_impl.c b/crypto/fipsmodule/rsa/rsa_impl.c index f8cb9e3..b89eccb 100644 --- a/crypto/fipsmodule/rsa/rsa_impl.c +++ b/crypto/fipsmodule/rsa/rsa_impl.c
@@ -200,10 +200,7 @@ BN_CTX_end(ctx); BN_CTX_free(ctx); } - if (buf != NULL) { - OPENSSL_cleanse(buf, rsa_size); - OPENSSL_free(buf); - } + OPENSSL_free(buf); return ret; } @@ -360,10 +357,7 @@ ret = 1; err: - if (buf != NULL) { - OPENSSL_cleanse(buf, rsa_size); - OPENSSL_free(buf); - } + OPENSSL_free(buf); return ret; } @@ -423,8 +417,7 @@ } err: - if (padding != RSA_NO_PADDING && buf != NULL) { - OPENSSL_cleanse(buf, rsa_size); + if (padding != RSA_NO_PADDING) { OPENSSL_free(buf); }
diff --git a/crypto/mem.c b/crypto/mem.c index 1c19122..09f3159 100644 --- a/crypto/mem.c +++ b/crypto/mem.c
@@ -126,16 +126,6 @@ return ret; } -void *OPENSSL_realloc_clean(void *orig_ptr, size_t old_size, size_t new_size) { - void *ptr = ((uint8_t *)orig_ptr) - OPENSSL_MALLOC_PREFIX; - size_t actual_size = *(size_t *)ptr; - if (actual_size != old_size) { - return NULL; - } - - return OPENSSL_realloc(orig_ptr, new_size); -} - void OPENSSL_cleanse(void *ptr, size_t len) { #if defined(OPENSSL_WINDOWS) SecureZeroMemory(ptr, len);
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 57c87d4..d707e42 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c
@@ -297,7 +297,6 @@ unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { - EVP_CIPHER_CTX ctx; int i, ret = 0; unsigned char *data = NULL; const char *objstr = NULL; @@ -374,8 +373,7 @@ ret = 1; - err: - OPENSSL_cleanse((char *)&ctx, sizeof(ctx)); - OPENSSL_cleanse(buf, PEM_BUFSIZE); - return (ret); +err: + OPENSSL_cleanse(buf, PEM_BUFSIZE); + return ret; }
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 8b7932e..afa39d7 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c
@@ -343,10 +343,7 @@ OPENSSL_cleanse(iv, sizeof(iv)); OPENSSL_cleanse((char *)&ctx, sizeof(ctx)); OPENSSL_cleanse(buf, PEM_BUFSIZE); - if (data != NULL) { - OPENSSL_cleanse(data, (unsigned int)dsize); - OPENSSL_free(data); - } + OPENSSL_free(data); return (ret); } @@ -562,7 +559,6 @@ EVP_EncodeFinal(&ctx, buf, &outl); if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl)) goto err; - OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); OPENSSL_free(buf); buf = NULL; if ((BIO_write(bp, "-----END ", 9) != 9) || @@ -572,7 +568,6 @@ return (i + outl); err: if (buf) { - OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); OPENSSL_free(buf); } OPENSSL_PUT_ERROR(PEM, reason);
diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 9667550..9fbaeef 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c
@@ -140,7 +140,6 @@ err: OPENSSL_free(nm); - OPENSSL_cleanse(data, len); OPENSSL_free(data); return (ret); }
diff --git a/crypto/pkcs8/pkcs8.c b/crypto/pkcs8/pkcs8.c index 388d65e..94205e6 100644 --- a/crypto/pkcs8/pkcs8.c +++ b/crypto/pkcs8/pkcs8.c
@@ -214,14 +214,8 @@ ret = 1; err: - if (I != NULL) { - OPENSSL_cleanse(I, I_len); - OPENSSL_free(I); - } - if (pass_raw != NULL) { - OPENSSL_cleanse(pass_raw, pass_raw_len); - OPENSSL_free(pass_raw); - } + OPENSSL_free(I); + OPENSSL_free(pass_raw); EVP_MD_CTX_cleanup(&ctx); return ret; } @@ -431,7 +425,6 @@ CBS pki; CBS_init(&pki, out, out_len); EVP_PKEY *ret = EVP_parse_private_key(&pki); - OPENSSL_cleanse(out, out_len); OPENSSL_free(out); return ret; } @@ -513,10 +506,7 @@ ret = 1; err: - if (plaintext != NULL) { - OPENSSL_cleanse(plaintext, plaintext_len); - OPENSSL_free(plaintext); - } + OPENSSL_free(plaintext); OPENSSL_free(salt_buf); EVP_CIPHER_CTX_cleanup(&ctx); return ret;
diff --git a/crypto/x509/a_sign.c b/crypto/x509/a_sign.c index b3ea1de..6c7f713 100644 --- a/crypto/x509/a_sign.c +++ b/crypto/x509/a_sign.c
@@ -83,7 +83,7 @@ { EVP_PKEY *pkey; unsigned char *buf_in = NULL, *buf_out = NULL; - size_t inl = 0, outl = 0, outll = 0; + size_t inl = 0, outl = 0; pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); @@ -96,7 +96,7 @@ } inl = ASN1_item_i2d(asn, &buf_in, it); - outll = outl = EVP_PKEY_size(pkey); + outl = EVP_PKEY_size(pkey); buf_out = OPENSSL_malloc((unsigned int)outl); if ((buf_in == NULL) || (buf_out == NULL)) { outl = 0; @@ -122,13 +122,7 @@ signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; err: EVP_MD_CTX_cleanup(ctx); - if (buf_in != NULL) { - OPENSSL_cleanse((char *)buf_in, (unsigned int)inl); - OPENSSL_free(buf_in); - } - if (buf_out != NULL) { - OPENSSL_cleanse((char *)buf_out, outll); - OPENSSL_free(buf_out); - } + OPENSSL_free(buf_in); + OPENSSL_free(buf_out); return (outl); }
diff --git a/crypto/x509/a_verify.c b/crypto/x509/a_verify.c index d203fba..5b75167 100644 --- a/crypto/x509/a_verify.c +++ b/crypto/x509/a_verify.c
@@ -109,10 +109,7 @@ ret = 1; err: - if (buf_in != NULL) { - OPENSSL_cleanse(buf_in, inl); - OPENSSL_free(buf_in); - } + OPENSSL_free(buf_in); EVP_MD_CTX_cleanup(&ctx); return ret; }
diff --git a/include/openssl/mem.h b/include/openssl/mem.h index 6c21512..7d7087e 100644 --- a/include/openssl/mem.h +++ b/include/openssl/mem.h
@@ -87,11 +87,6 @@ // allocated and the data at |ptr| is always wiped and freed. OPENSSL_EXPORT void *OPENSSL_realloc(void *ptr, size_t new_size); -// OPENSSL_realloc_clean behaves exactly like |OPENSSL_realloc|. -// TODO(martinkr): Remove. -OPENSSL_EXPORT void *OPENSSL_realloc_clean(void *ptr, size_t old_size, - size_t new_size); - // OPENSSL_cleanse zeros out |len| bytes of memory at |ptr|. This is similar to // |memset_s| from C11. OPENSSL_EXPORT void OPENSSL_cleanse(void *ptr, size_t len);
diff --git a/ssl/handshake.cc b/ssl/handshake.cc index 5770d6f..cef8a15 100644 --- a/ssl/handshake.cc +++ b/ssl/handshake.cc
@@ -159,11 +159,7 @@ OPENSSL_free(server_params); ssl->ctx->x509_method->hs_flush_cached_ca_names(this); OPENSSL_free(certificate_types); - - if (key_block != NULL) { - OPENSSL_cleanse(key_block, key_block_len); - OPENSSL_free(key_block); - } + OPENSSL_free(key_block); } SSL_HANDSHAKE *ssl_handshake_new(SSL *ssl) {
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc index 18dd58f..8e45331 100644 --- a/ssl/handshake_client.cc +++ b/ssl/handshake_client.cc
@@ -1367,7 +1367,6 @@ OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE); goto err; } - OPENSSL_cleanse(pms, pms_len); OPENSSL_free(pms); pms = new_pms; pms_len = new_pms_len; @@ -1385,19 +1384,14 @@ goto err; } hs->new_session->extended_master_secret = hs->extended_master_secret; - OPENSSL_cleanse(pms, pms_len); OPENSSL_free(pms); hs->state = state_send_client_certificate_verify; return ssl_hs_ok; err: - if (pms != NULL) { - OPENSSL_cleanse(pms, pms_len); - OPENSSL_free(pms); - } + OPENSSL_free(pms); return ssl_hs_error; - } static enum ssl_hs_wait_t do_send_client_certificate_verify(SSL_HANDSHAKE *hs) {
diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc index e885324..0e6c66c 100644 --- a/ssl/ssl_session.cc +++ b/ssl/ssl_session.cc
@@ -983,7 +983,6 @@ CRYPTO_BUFFER_free(session->ocsp_response); OPENSSL_free(session->psk_identity); OPENSSL_free(session->early_alpn); - OPENSSL_cleanse(session, sizeof(*session)); OPENSSL_free(session); }