diff --git a/ChangeLog b/ChangeLog index cbb069a97..aa0c2a4bc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ PolarSSL ChangeLog += Version Master +Bugfix + * Memory leak when using RSA_PKCS_V21 operations fixed + = Version 1.2.3 released 2012-11-26 Bugfix * Server not always sending correct CertificateRequest message diff --git a/library/rsa.c b/library/rsa.c index 637c23a11..5d7129a00 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -440,7 +440,6 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); memset( output, 0, olen ); - memset( &md_ctx, 0, sizeof( md_context_t ) ); md_init_ctx( &md_ctx, md_info ); @@ -470,6 +469,8 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, // mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1, &md_ctx ); + + md_free_ctx( &md_ctx ); break; #endif @@ -566,7 +567,6 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); hlen = md_get_size( md_info ); - memset( &md_ctx, 0, sizeof( md_context_t ) ); md_init_ctx( &md_ctx, md_info ); @@ -585,6 +585,7 @@ int rsa_pkcs1_decrypt( rsa_context *ctx, &md_ctx ); p += hlen; + md_free_ctx( &md_ctx ); // Check validity // @@ -798,7 +799,6 @@ int rsa_pkcs1_sign( rsa_context *ctx, return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); memset( sig, 0, olen ); - memset( &md_ctx, 0, sizeof( md_context_t ) ); md_init_ctx( &md_ctx, md_info ); @@ -834,6 +834,8 @@ int rsa_pkcs1_sign( rsa_context *ctx, // mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx ); + md_free_ctx( &md_ctx ); + msb = mpi_msb( &ctx->N ) - 1; sig[0] &= 0xFF >> ( olen * 8 - msb ); @@ -1012,7 +1014,6 @@ int rsa_pkcs1_verify( rsa_context *ctx, hlen = md_get_size( md_info ); slen = siglen - hlen - 1; - memset( &md_ctx, 0, sizeof( md_context_t ) ); memset( zeros, 0, 8 ); md_init_ctx( &md_ctx, md_info ); @@ -1054,6 +1055,8 @@ int rsa_pkcs1_verify( rsa_context *ctx, md_update( &md_ctx, p, slen ); md_finish( &md_ctx, result ); + md_free_ctx( &md_ctx ); + if( memcmp( p + slen, result, hlen ) == 0 ) return( 0 ); else