提交 69569dd1 编写于 作者: D Dr. Stephen Henson

Add support for memory leak checking in fips_algvs.

Fix many memory leaks in algorithm test utilities.
上级 12cc4378
...@@ -535,7 +535,7 @@ static int do_mct(char *amode, ...@@ -535,7 +535,7 @@ static int do_mct(char *amode,
} }
} }
} }
FIPS_cipher_ctx_cleanup(&ctx);
return ret; return ret;
} }
...@@ -850,6 +850,7 @@ static int proc_file(char *rqfile, char *rspfile) ...@@ -850,6 +850,7 @@ static int proc_file(char *rqfile, char *rspfile)
fclose(rfp); fclose(rfp);
if (afp) if (afp)
fclose(afp); fclose(afp);
FIPS_cipher_ctx_cleanup(&ctx);
return err; return err;
} }
......
...@@ -261,6 +261,7 @@ static void gcmtest(FILE *in, FILE *out, int encrypt) ...@@ -261,6 +261,7 @@ static void gcmtest(FILE *in, FILE *out, int encrypt)
iv = aad = ct = pt = key = tag = NULL; iv = aad = ct = pt = key = tag = NULL;
} }
} }
FIPS_cipher_ctx_cleanup(&ctx);
} }
static void xtstest(FILE *in, FILE *out) static void xtstest(FILE *in, FILE *out)
...@@ -335,6 +336,7 @@ static void xtstest(FILE *in, FILE *out) ...@@ -335,6 +336,7 @@ static void xtstest(FILE *in, FILE *out)
iv = key = inbuf = outbuf = NULL; iv = key = inbuf = outbuf = NULL;
} }
} }
FIPS_cipher_ctx_cleanup(&ctx);
} }
static void ccmtest(FILE *in, FILE *out) static void ccmtest(FILE *in, FILE *out)
...@@ -428,6 +430,8 @@ static void ccmtest(FILE *in, FILE *out) ...@@ -428,6 +430,8 @@ static void ccmtest(FILE *in, FILE *out)
} }
else if (!strcmp(keyword,"Adata")) else if (!strcmp(keyword,"Adata"))
{ {
if (Adata)
OPENSSL_free(Adata);
Adata = hex2bin_m(value, &l); Adata = hex2bin_m(value, &l);
if (Alen && l != Alen) if (Alen && l != Alen)
{ {
...@@ -493,6 +497,8 @@ static void ccmtest(FILE *in, FILE *out) ...@@ -493,6 +497,8 @@ static void ccmtest(FILE *in, FILE *out)
OPENSSL_free(Key); OPENSSL_free(Key);
if (Nonce) if (Nonce)
OPENSSL_free(Nonce); OPENSSL_free(Nonce);
if (Adata)
OPENSSL_free(Adata);
FIPS_cipher_ctx_cleanup(&ctx); FIPS_cipher_ctx_cleanup(&ctx);
} }
......
...@@ -263,6 +263,7 @@ static int do_tmct(char *amode, ...@@ -263,6 +263,7 @@ static int do_tmct(char *amode,
if(imode == TOFB) if(imode == TOFB)
for(n=0 ; n < 8 ; ++n) for(n=0 ; n < 8 ; ++n)
text[n]=text0[n]^old_iv[n]; text[n]=text0[n]^old_iv[n];
FIPS_cipher_ctx_cleanup(&ctx);
} }
return 1; return 1;
} }
...@@ -622,6 +623,7 @@ static int tproc_file(char *rqfile, char *rspfile) ...@@ -622,6 +623,7 @@ static int tproc_file(char *rqfile, char *rspfile)
fclose(rfp); fclose(rfp);
if (afp) if (afp)
fclose(afp); fclose(afp);
FIPS_cipher_ctx_cleanup(&ctx);
return err; return err;
} }
......
...@@ -199,6 +199,7 @@ static void pqg(FILE *in, FILE *out) ...@@ -199,6 +199,7 @@ static void pqg(FILE *in, FILE *out)
{ {
fprintf(out, "counter = %d" RESP_EOL RESP_EOL, counter); fprintf(out, "counter = %d" RESP_EOL RESP_EOL, counter);
} }
FIPS_dsa_free(dsa);
} }
} }
else if(!strcmp(keyword,"P")) else if(!strcmp(keyword,"P"))
...@@ -519,6 +520,8 @@ static void keyver(FILE *in, FILE *out) ...@@ -519,6 +520,8 @@ static void keyver(FILE *in, FILE *out)
BN_free(g); BN_free(g);
if (Y2) if (Y2)
BN_free(Y2); BN_free(Y2);
if (ctx)
BN_CTX_free(ctx);
} }
static void keypair(FILE *in, FILE *out) static void keypair(FILE *in, FILE *out)
...@@ -575,6 +578,8 @@ static void keypair(FILE *in, FILE *out) ...@@ -575,6 +578,8 @@ static void keypair(FILE *in, FILE *out)
do_bn_print_name(out, "Y",dsa->pub_key); do_bn_print_name(out, "Y",dsa->pub_key);
fputs(RESP_EOL, out); fputs(RESP_EOL, out);
} }
if (dsa)
FIPS_dsa_free(dsa);
} }
} }
} }
...@@ -648,8 +653,8 @@ static void siggen(FILE *in, FILE *out) ...@@ -648,8 +653,8 @@ static void siggen(FILE *in, FILE *out)
FIPS_md_ctx_cleanup(&mctx); FIPS_md_ctx_cleanup(&mctx);
} }
} }
if (dsa) if (dsa)
FIPS_dsa_free(dsa); FIPS_dsa_free(dsa);
} }
static void sigver(FILE *in, FILE *out) static void sigver(FILE *in, FILE *out)
...@@ -687,15 +692,15 @@ static void sigver(FILE *in, FILE *out) ...@@ -687,15 +692,15 @@ static void sigver(FILE *in, FILE *out)
dsa = FIPS_dsa_new(); dsa = FIPS_dsa_new();
} }
else if(!strcmp(keyword,"P")) else if(!strcmp(keyword,"P"))
dsa->p=hex2bn(value); do_hex2bn(&dsa->p, value);
else if(!strcmp(keyword,"Q")) else if(!strcmp(keyword,"Q"))
dsa->q=hex2bn(value); do_hex2bn(&dsa->q, value);
else if(!strcmp(keyword,"G")) else if(!strcmp(keyword,"G"))
dsa->g=hex2bn(value); do_hex2bn(&dsa->g, value);
else if(!strcmp(keyword,"Msg")) else if(!strcmp(keyword,"Msg"))
n=hex2bin(value,msg); n=hex2bin(value,msg);
else if(!strcmp(keyword,"Y")) else if(!strcmp(keyword,"Y"))
dsa->pub_key=hex2bn(value); do_hex2bn(&dsa->pub_key, value);
else if(!strcmp(keyword,"R")) else if(!strcmp(keyword,"R"))
sig->r=hex2bn(value); sig->r=hex2bn(value);
else if(!strcmp(keyword,"S")) else if(!strcmp(keyword,"S"))
...@@ -711,10 +716,22 @@ static void sigver(FILE *in, FILE *out) ...@@ -711,10 +716,22 @@ static void sigver(FILE *in, FILE *out)
r = FIPS_dsa_verify_ctx(dsa, &mctx, sig); r = FIPS_dsa_verify_ctx(dsa, &mctx, sig);
no_err = 0; no_err = 0;
FIPS_md_ctx_cleanup(&mctx); FIPS_md_ctx_cleanup(&mctx);
if (sig->s)
{
BN_free(sig->s);
sig->s = NULL;
}
if (sig->r)
{
BN_free(sig->r);
sig->r = NULL;
}
fprintf(out, "Result = %c" RESP_EOL RESP_EOL, r == 1 ? 'P' : 'F'); fprintf(out, "Result = %c" RESP_EOL RESP_EOL, r == 1 ? 'P' : 'F');
} }
} }
if (dsa)
FIPS_dsa_free(dsa);
} }
#ifdef FIPS_ALGVS #ifdef FIPS_ALGVS
......
...@@ -319,6 +319,7 @@ int main(int argc, char **argv) ...@@ -319,6 +319,7 @@ int main(int argc, char **argv)
EC_GROUP *group = NULL; EC_GROUP *group = NULL;
char *keyword = NULL, *value = NULL; char *keyword = NULL, *value = NULL;
int do_verify = -1, exout = 0; int do_verify = -1, exout = 0;
int rv = 1;
int curve_nids[5] = {0,0,0,0,0}; int curve_nids[5] = {0,0,0,0,0};
int param_set = -1; int param_set = -1;
...@@ -463,10 +464,23 @@ int main(int argc, char **argv) ...@@ -463,10 +464,23 @@ int main(int argc, char **argv)
md, rhash, rhashlen); md, rhash, rhashlen);
} }
} }
return 0; rv = 0;
parse_error: parse_error:
fprintf(stderr, "Error Parsing request file\n"); if (id)
exit(1); BN_free(id);
if (ix)
BN_free(ix);
if (iy)
BN_free(iy);
if (cx)
BN_free(cx);
if (cy)
BN_free(cy);
if (group)
EC_GROUP_free(group);
if (rv)
fprintf(stderr, "Error Parsing request file\n");
return rv;
} }
#endif #endif
...@@ -287,10 +287,13 @@ static int PKV(FILE *in, FILE *out) ...@@ -287,10 +287,13 @@ static int PKV(FILE *in, FILE *out)
no_err = 1; no_err = 1;
rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy); rv = EC_KEY_set_public_key_affine_coordinates(key, Qx, Qy);
no_err = 0; no_err = 0;
EC_KEY_free(key);
fprintf(out, "Result = %s" RESP_EOL, rv ? "P":"F"); fprintf(out, "Result = %s" RESP_EOL, rv ? "P":"F");
} }
} }
BN_free(Qx);
BN_free(Qy);
return 1; return 1;
} }
...@@ -358,7 +361,7 @@ static int SigGen(FILE *in, FILE *out) ...@@ -358,7 +361,7 @@ static int SigGen(FILE *in, FILE *out)
do_bn_print_name(out, "S", sig->s); do_bn_print_name(out, "S", sig->s);
EC_KEY_free(key); EC_KEY_free(key);
OPENSSL_free(msg);
FIPS_ecdsa_sig_free(sig); FIPS_ecdsa_sig_free(sig);
} }
...@@ -451,12 +454,24 @@ static int SigVer(FILE *in, FILE *out) ...@@ -451,12 +454,24 @@ static int SigVer(FILE *in, FILE *out)
FIPS_digestupdate(&mctx, msg, mlen); FIPS_digestupdate(&mctx, msg, mlen);
no_err = 1; no_err = 1;
rv = FIPS_ecdsa_verify_ctx(key, &mctx, sig); rv = FIPS_ecdsa_verify_ctx(key, &mctx, sig);
EC_KEY_free(key);
if (msg)
OPENSSL_free(msg);
no_err = 0; no_err = 0;
fprintf(out, "Result = %s" RESP_EOL, rv ? "P":"F"); fprintf(out, "Result = %s" RESP_EOL, rv ? "P":"F");
} }
} }
if (sig->r)
BN_free(sig->r);
if (sig->s)
BN_free(sig->s);
if (Qx)
BN_free(Qx);
if (Qy)
BN_free(Qy);
EVP_MD_CTX_cleanup(&mctx);
return 1; return 1;
} }
#ifdef FIPS_ALGVS #ifdef FIPS_ALGVS
......
...@@ -651,6 +651,8 @@ static int Zeroize() ...@@ -651,6 +651,8 @@ static int Zeroize()
for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]); for(i = 0; i < sizeof(userkey); i++) printf("%02x", userkey[i]);
printf("\n"); printf("\n");
FIPS_rsa_free(key);
return 1; return 1;
} }
...@@ -696,7 +698,7 @@ static int do_drbg_test(int type, int flags) ...@@ -696,7 +698,7 @@ static int do_drbg_test(int type, int flags)
} }
rv = 1; rv = 1;
err: err:
FIPS_drbg_uninstantiate(dctx); FIPS_drbg_free(dctx);
return rv; return rv;
} }
......
...@@ -362,6 +362,9 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst, ...@@ -362,6 +362,9 @@ static int rsa_printsig(FILE *out, RSA *rsa, const EVP_MD *dgst,
error: error:
if (sigbuf)
OPENSSL_free(sigbuf);
return ret; return ret;
} }
#endif #endif
...@@ -229,9 +229,23 @@ int main(int argc, char **argv) ...@@ -229,9 +229,23 @@ int main(int argc, char **argv)
char **xargv; char **xargv;
int lineno = 0, badarg = 0; int lineno = 0, badarg = 0;
int nerr = 0, quiet = 0, verbose = 0; int nerr = 0, quiet = 0, verbose = 0;
int rv;
FILE *in = NULL; FILE *in = NULL;
#ifdef FIPS_ALGVS_MEMCHECK
CRYPTO_malloc_debug_init();
OPENSSL_init();
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#endif
if (*args && *args[0] != '-') if (*args && *args[0] != '-')
return run_prg(argc - 1, args); {
rv = run_prg(argc - 1, args);
#ifdef FIPS_ALGVS_MEMCHECK
CRYPTO_mem_leaks_fp(stderr);
#endif
return rv;
}
while (!badarg && *args && *args[0] == '-') while (!badarg && *args && *args[0] == '-')
{ {
if (!strcmp(*args, "-script")) if (!strcmp(*args, "-script"))
...@@ -276,7 +290,6 @@ int main(int argc, char **argv) ...@@ -276,7 +290,6 @@ int main(int argc, char **argv)
fprintf(stderr, "Error processing line %d\n", lineno); fprintf(stderr, "Error processing line %d\n", lineno);
else else
{ {
int rv;
if (!quiet) if (!quiet)
{ {
int i; int i;
...@@ -303,10 +316,15 @@ int main(int argc, char **argv) ...@@ -303,10 +316,15 @@ int main(int argc, char **argv)
if (!quiet) if (!quiet)
printf("Completed with %d errors\n", nerr); printf("Completed with %d errors\n", nerr);
if (arg.data)
OPENSSL_free(arg.data);
fclose(in); fclose(in);
#ifdef FIPS_ALGVS_MEMCHECK
CRYPTO_mem_leaks_fp(stderr);
#endif
if (nerr == 0) if (nerr == 0)
return 0; return 0;
return 1; return 1;
} }
#endif #endif
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册