diff options
author | Matt Caswell <matt@openssl.org> | 2020-12-22 14:54:16 +0300 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-12-23 23:12:18 +0300 |
commit | ae69da05a7749e21c7526831173405e3570917b2 (patch) | |
tree | 966fb731e2cfe67459801a98842a7d1304d39406 /crypto/evp | |
parent | fdf05eb7611a1fdb283162228985286a09d07940 (diff) |
Move the caching of cipher constants into evp_cipher_from_dispatch
Previously we cached the cipher constants in EVP_CIPHER_fetch(). However,
this means we do the caching every time we call that function, even if
the core has previusly fetched the cipher and cached it already. This
means we can end up re-caching the constants even though they are already
present. This also means we could be updating these constants from
multiple threads at the same time.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13730)
Diffstat (limited to 'crypto/evp')
-rw-r--r-- | crypto/evp/evp_enc.c | 10 | ||||
-rw-r--r-- | crypto/evp/evp_err.c | 2 |
2 files changed, 8 insertions, 4 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 7818ab25ea..c1c8f1cf28 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -1470,6 +1470,12 @@ static void *evp_cipher_from_dispatch(const int name_id, if (prov != NULL) ossl_provider_up_ref(prov); + if (!evp_cipher_cache_constants(cipher)) { + EVP_CIPHER_free(cipher); + ERR_raise(ERR_LIB_EVP, EVP_R_CACHE_CONSTANTS_FAILED); + cipher = NULL; + } + return cipher; } @@ -1491,10 +1497,6 @@ EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, evp_cipher_from_dispatch, evp_cipher_up_ref, evp_cipher_free); - if (cipher != NULL && !evp_cipher_cache_constants(cipher)) { - EVP_CIPHER_free(cipher); - cipher = NULL; - } return cipher; } diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index c2259f0beb..894f0cebcb 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -23,6 +23,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = { {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_DECRYPT), "bad decrypt"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_KEY_LENGTH), "bad key length"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BUFFER_TOO_SMALL), "buffer too small"}, + {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CACHE_CONSTANTS_FAILED), + "cache constants failed"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CAMELLIA_KEY_SETUP_FAILED), "camellia key setup failed"}, {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CANNOT_GET_PARAMETERS), |