Avoid new/delete in BearSSL ECDSA code

Especially storing private key that way was bad, wasn't zeroed.
author: Jack Lloyd <[email protected]> 2017-09-22 19:47:54 -0400
committer: Jack Lloyd <[email protected]> 2017-09-22 19:48:17 -0400
commit: de581bbf6dfc1fadc0755925300d047f392bf986 (patch)
tree: e2af8a23e5d317c08ab4d26ad6695a8537e38c70 /src/lib/prov
parent: bac9f93cd68994710f2a2b916a0f121f715458b1 (diff)
1 files changed, 10 insertions, 17 deletions
diff --git a/src/lib/prov/bearssl/bearssl_ec.cpp b/src/lib/prov/bearssl/bearssl_ec.cpp
index 7a0808c47..29ff1b5ad 100644
--- a/src/lib/prov/bearssl/bearssl_ec.cpp
+++ b/src/lib/prov/bearssl/bearssl_ec.cpp
@@ -92,10 +92,10 @@ class BearSSL_ECDSA_Verification_Operation final : public PK_Ops::Verification
          if (m_hf == nullptr)
             throw Lookup_Error("BearSSL ECDSA does not support hash " + req.arg(0));
 
-         const secure_vector<uint8_t> enc = EC2OSP(ecdsa.public_point(), PointGFp::UNCOMPRESSED);
-         m_key.qlen = enc.size();
-         m_key.q = new uint8_t[m_key.qlen];
-         memcpy(m_key.q, enc.data(), m_key.qlen);
+         m_q_buf = EC2OSP(ecdsa.public_point(), PointGFp::UNCOMPRESSED);
+
+         m_key.qlen = m_q_buf.size();
+         m_key.q = m_q_buf.data();
          m_key.curve = curve;
          }
 
@@ -120,14 +120,10 @@ class BearSSL_ECDSA_Verification_Operation final : public PK_Ops::Verification
 
       size_t max_input_bits() const { return m_order_bits; }
 
-      ~BearSSL_ECDSA_Verification_Operation()
-         {
-         delete m_key.q;
-         }
-
    private:
       br_ec_public_key m_key;
       std::unique_ptr<HashFunction> m_hf;
+      secure_vector<uint8_t> m_q_buf;
       const br_hash_class *m_hash;
       size_t m_order_bits;
    };
@@ -151,9 +147,10 @@ class BearSSL_ECDSA_Signing_Operation final : public PK_Ops::Signature
          if (m_hf == nullptr)
             throw Lookup_Error("BearSSL ECDSA does not support hash " + req.arg(0));
 
-         m_key.xlen = ecdsa.private_value().bytes();
-         m_key.x = new uint8_t[m_key.xlen];
-         ecdsa.private_value().binary_encode(m_key.x);
+         m_x_buf = BigInt::encode_locked(ecdsa.private_value());
+
+         m_key.xlen = m_x_buf.size();
+         m_key.x = m_x_buf.data();
          m_key.curve = curve;
          }
 
@@ -178,14 +175,10 @@ class BearSSL_ECDSA_Signing_Operation final : public PK_Ops::Signature
 
       size_t max_input_bits() const { return m_order_bits; }
 
-      ~BearSSL_ECDSA_Signing_Operation()
-         {
-         delete m_key.x;
-         }
-
    private:
       br_ec_private_key m_key;
       std::unique_ptr<HashFunction> m_hf;
+      secure_vector<uint8_t> m_x_buf;
       const br_hash_class *m_hash;
       size_t m_order_bits;
    };
author	Jack Lloyd <[email protected]>	2017-09-22 19:47:54 -0400
committer	Jack Lloyd <[email protected]>	2017-09-22 19:48:17 -0400
commit	de581bbf6dfc1fadc0755925300d047f392bf986 (patch)
tree	e2af8a23e5d317c08ab4d26ad6695a8537e38c70 /src/lib/prov
parent	bac9f93cd68994710f2a2b916a0f121f715458b1 (diff)