oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

hcrypto WinCNG backend: don't leak handles on crypto reinit

Browse Source 
Similar fix to a88d0066, but for the WinCNG EVP backend. However this
is just a fix for leaking handles if the same EVP context is used with
a new key; there is no functionality issue as cipherstate is maintained
directly in the EVP context, not internally by WinCNG.
This commit is contained in:
Luke Howard
2018-05-11 21:31:34 +10:00
parent bd0b6f8c2b
commit 3224a282a6
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/hcrypto/evp-wincng.c
View File

@@ -196,6 +196,11 @@ wincng_key_init(EVP_CIPHER_CTX *ctx,
if (ctx->cipher->app_data == NULL) if (ctx->cipher->app_data == NULL)
return 0; return 0;
if (cng->hKey) {
BCryptDestroyKey(cng->hKey); /* allow reinitialization */
cng->hKey = (BCRYPT_KEY_HANDLE)0;
}
/* /*
* Note: ctx->key_len not EVP_CIPHER_CTX_key_length() for * Note: ctx->key_len not EVP_CIPHER_CTX_key_length() for
* variable length key support. * variable length key support.