mirror of
https://codeberg.org/scip/pcp.git
synced 2025-12-17 12:00:56 +01:00
fixed memory leak during decrypt, reported in #10
This commit is contained in:
git@daemon.de
@@ -90,7 +90,7 @@ byte *pcp_box_decrypt(PCPCTX *ptx, pcp_key_t *secret, pcp_pubkey_t *pub,
|
||||
|
||||
/* resulting size: */
|
||||
/* ciphersize - crypto_secretbox_ZEROBYTES */
|
||||
*dsize = ciphersize - LNONCE - PCP_CRYPTO_ADD;
|
||||
*dsize = ciphersize - LNONCE - LMAC;
|
||||
return message;
|
||||
|
||||
errbed:
|
||||
@@ -109,10 +109,10 @@ size_t pcp_sodium_mac(byte **cipher,
|
||||
byte *nonce,
|
||||
byte *key) {
|
||||
|
||||
*cipher = ucmalloc(clearsize + crypto_secretbox_MACBYTES);
|
||||
*cipher = ucmalloc(clearsize + LMAC);
|
||||
crypto_secretbox_easy(*cipher, cleartext, clearsize, nonce, key);
|
||||
|
||||
return clearsize + crypto_secretbox_MACBYTES;
|
||||
return clearsize + LMAC;
|
||||
}
|
||||
|
||||
/* sym decr */
|
||||
@@ -120,13 +120,12 @@ int pcp_sodium_verify_mac(byte **cleartext, byte* message,
|
||||
size_t messagesize, byte *nonce,
|
||||
byte *key) {
|
||||
|
||||
*cleartext = ucmalloc(messagesize - crypto_secretbox_MACBYTES);
|
||||
return crypto_secretbox_open_easy(*cleartext, message, messagesize, nonce, key);
|
||||
}
|
||||
|
||||
|
||||
size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t *s, byte *symkey, int verify, int anon) {
|
||||
pcp_pubkey_t *cur = NULL;
|
||||
pcp_pubkey_t *cur = NULL, *fromsec = NULL;
|
||||
byte *reccipher = NULL;
|
||||
int recmatch, self;
|
||||
uint32_t lenrec;
|
||||
@@ -248,15 +247,20 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
|
||||
if(recmatch == 0) {
|
||||
pcp_key_t *k;
|
||||
pcphash_iterate(ptx, k) {
|
||||
cur = pcpkey_pub_from_secret(k);
|
||||
if(fromsec != NULL)
|
||||
ucfree(fromsec, sizeof(pcp_pubkey_t)); /* avoid overwrite of used mem */
|
||||
fromsec = pcpkey_pub_from_secret(k);
|
||||
|
||||
byte *recipient;
|
||||
recipient = pcp_box_decrypt(ptx, s, cur, rec_buf, PCP_ASYM_RECIPIENT_SIZE, &rec_size);
|
||||
recipient = pcp_box_decrypt(ptx, s, fromsec, rec_buf, PCP_ASYM_RECIPIENT_SIZE, &rec_size);
|
||||
|
||||
if(recipient != NULL && rec_size == crypto_secretbox_KEYBYTES) {
|
||||
/* found a match */
|
||||
recmatch = 1;
|
||||
symkey = smalloc(crypto_secretbox_KEYBYTES);
|
||||
memcpy(symkey, recipient, crypto_secretbox_KEYBYTES);
|
||||
free(recipient);
|
||||
cur = fromsec;
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -279,19 +283,23 @@ size_t pcp_decrypt_stream(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, pcp_key_t
|
||||
/* step 5, actually decrypt the file, finally */
|
||||
if(verify) {
|
||||
pcp_rec_t *rec = pcp_rec_new(reccipher, nrec * PCP_ASYM_RECIPIENT_SIZE, NULL, cur);
|
||||
size_t s = pcp_decrypt_stream_sym(ptx, in, out, symkey, rec);
|
||||
nrec = pcp_decrypt_stream_sym(ptx, in, out, symkey, rec);
|
||||
pcp_rec_free(rec);
|
||||
ucfree(reccipher, lenrec * PCP_ASYM_RECIPIENT_SIZE);
|
||||
sfree(symkey);
|
||||
return s;
|
||||
}
|
||||
else {
|
||||
size_t s = pcp_decrypt_stream_sym(ptx, in, out, symkey, NULL);
|
||||
sfree(symkey);
|
||||
return s;
|
||||
nrec = pcp_decrypt_stream_sym(ptx, in, out, symkey, NULL);
|
||||
}
|
||||
|
||||
if(fromsec != NULL)
|
||||
ucfree(fromsec, sizeof(pcp_pubkey_t));
|
||||
|
||||
sfree(symkey);
|
||||
return nrec;
|
||||
|
||||
errdef1:
|
||||
if(fromsec != NULL)
|
||||
ucfree(fromsec, sizeof(pcp_pubkey_t));
|
||||
sfree(symkey);
|
||||
return 0;
|
||||
}
|
||||
@@ -530,7 +538,7 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
||||
byte *signature = NULL;
|
||||
byte *signature_cr = NULL;
|
||||
size_t siglen = crypto_sign_BYTES + crypto_generichash_BYTES_MAX;
|
||||
size_t siglen_cr = siglen + PCP_CRYPTO_ADD + LNONCE;
|
||||
size_t siglen_cr = siglen + LMAC + LNONCE;
|
||||
crypto_generichash_state *st = NULL;
|
||||
byte *hash = NULL;
|
||||
|
||||
@@ -539,13 +547,14 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
||||
hash = ucmalloc(crypto_generichash_BYTES_MAX);
|
||||
crypto_generichash_init(st, NULL, 0, 0);
|
||||
signature_cr = ucmalloc(siglen_cr);
|
||||
signature = ucmalloc(siglen);
|
||||
}
|
||||
|
||||
|
||||
in_buf = ucmalloc(PCP_BLOCK_SIZE_IN);
|
||||
while(!ps_end(in)) {
|
||||
cur_bufsize = ps_read(in, in_buf, PCP_BLOCK_SIZE_IN);
|
||||
if(cur_bufsize <= PCP_CRYPTO_ADD)
|
||||
if(cur_bufsize <= LMAC)
|
||||
break; /* no valid cipher block */
|
||||
|
||||
if(recverify != NULL) {
|
||||
@@ -573,10 +582,10 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
||||
pastctr = ctr;
|
||||
es = pcp_sodium_verify_mac(&buf_clear, buf_cipher, ciphersize, buf_nonce, symkey);
|
||||
|
||||
out_size += ciphersize - PCP_CRYPTO_ADD;
|
||||
out_size += ciphersize - LMAC;
|
||||
|
||||
if(es == 0) {
|
||||
ps_write(out, buf_clear, ciphersize - PCP_CRYPTO_ADD);
|
||||
ps_write(out, buf_clear, ciphersize - LMAC);
|
||||
|
||||
if(recverify != NULL)
|
||||
crypto_generichash_update(st, buf_cipher, ciphersize);
|
||||
@@ -596,7 +605,7 @@ size_t pcp_decrypt_stream_sym(PCPCTX *ptx, Pcpstream *in, Pcpstream* out, byte *
|
||||
|
||||
ucfree(in_buf, PCP_BLOCK_SIZE_IN);
|
||||
ucfree(buf_cipher, ciphersize);
|
||||
ucfree(buf_clear, ciphersize - PCP_CRYPTO_ADD);
|
||||
ucfree(buf_clear, ciphersize - LMAC);
|
||||
|
||||
if(recverify != NULL) {
|
||||
/* decrypt the signature */
|
||||
|
||||
@@ -192,7 +192,7 @@ pcp_key_t *pcpkey_encrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
|
||||
pcp_key_t *pcpkey_decrypt(PCPCTX *ptx, pcp_key_t *key, char *passphrase) {
|
||||
byte *encryptkey = pcp_derivekey(ptx, passphrase, key->nonce);
|
||||
|
||||
byte *decrypted;
|
||||
byte *decrypted = ucmalloc(LSEC - crypto_secretbox_MACBYTES);
|
||||
size_t es;
|
||||
|
||||
es = pcp_sodium_verify_mac(&decrypted, key->encrypted, LSEC, key->nonce, encryptkey);
|
||||
|
||||
@@ -788,6 +788,7 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
||||
}
|
||||
|
||||
/* decrypt the blob */
|
||||
clear = ucmalloc(cipherlen - LMAC);
|
||||
if(pcp_sodium_verify_mac(&clear, buffer_get_remainder(cipher),
|
||||
cipherlen, nonce, symkey) != 0) {
|
||||
|
||||
@@ -796,7 +797,7 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
||||
}
|
||||
|
||||
/* prepare the extraction buffer */
|
||||
buffer_add(blob, clear, cipherlen - PCP_CRYPTO_ADD);
|
||||
buffer_add(blob, clear, cipherlen - LMAC);
|
||||
|
||||
/* extract the raw data into the structure */
|
||||
buffer_get_chunk(blob, sk->mastersecret, LEDSEC);
|
||||
@@ -837,7 +838,7 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
||||
sk->type = PCP_KEY_TYPE_SECRET;
|
||||
|
||||
/* ready */
|
||||
ucfree(clear, cipherlen - PCP_CRYPTO_ADD);
|
||||
ucfree(clear, cipherlen - LMAC);
|
||||
ucfree(nonce, LNONCE);
|
||||
buffer_free(blob);
|
||||
sfree(symkey);
|
||||
@@ -846,7 +847,7 @@ pcp_key_t *pcp_import_secret_native(PCPCTX *ptx, Buffer *cipher, char *passphras
|
||||
return sk;
|
||||
|
||||
impserr2:
|
||||
ucfree(clear, cipherlen - PCP_CRYPTO_ADD);
|
||||
ucfree(clear, cipherlen - LMAC);
|
||||
|
||||
impserr1:
|
||||
ucfree(nonce, LNONCE);
|
||||
|
||||
Reference in New Issue
Block a user