git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b1c6a93)
lib:crypto: Clean up HMAC handle in one place
authorJoseph Sutton <josephsutton@catalyst.net.nz>
Tue, 28 Nov 2023 23:27:03 +0000 (12:27 +1300)
committerAndrew Bartlett <abartlet@samba.org>
Thu, 30 Nov 2023 00:02:33 +0000 (00:02 +0000)
This is less error prone than having to ensure it’s cleaned up in every
error path.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
lib/crypto/gnutls_sp800_108.c patch | blob | history

diff --git a/lib/crypto/gnutls_sp800_108.c b/lib/crypto/gnutls_sp800_108.c
index 599a79162db88dc27cd6db9fa151738e0a45a6d0..7fd7461c9ebf59be2e10a184fc84df8738c3c4d6 100644 (file)
--- a/lib/crypto/gnutls_sp800_108.c
+++ b/lib/crypto/gnutls_sp800_108.c
@@ -42,37 +42,32 @@ static NTSTATUS samba_gnutls_sp800_108_derive_key_part(
        RSIVAL(buf, 0, i);
        rc = gnutls_hmac(hmac_hnd, buf, sizeof(buf));
        if (rc < 0) {
-               gnutls_hmac_deinit(hmac_hnd, NULL);
                return gnutls_error_to_ntstatus(rc,
                                                NT_STATUS_HMAC_NOT_SUPPORTED);
        }
        rc = gnutls_hmac(hmac_hnd, Label, Label_len);
        if (rc < 0) {
-               gnutls_hmac_deinit(hmac_hnd, NULL);
                return gnutls_error_to_ntstatus(rc,
                                                NT_STATUS_HMAC_NOT_SUPPORTED);
        }
        rc = gnutls_hmac(hmac_hnd, &zero, 1);
        if (rc < 0) {
-               gnutls_hmac_deinit(hmac_hnd, NULL);
                return gnutls_error_to_ntstatus(rc,
                                                NT_STATUS_HMAC_NOT_SUPPORTED);
        }
        rc = gnutls_hmac(hmac_hnd, Context, Context_len);
        if (rc < 0) {
-               gnutls_hmac_deinit(hmac_hnd, NULL);
                return gnutls_error_to_ntstatus(rc,
                                                NT_STATUS_HMAC_NOT_SUPPORTED);
        }
        RSIVAL(buf, 0, L);
        rc = gnutls_hmac(hmac_hnd, buf, sizeof(buf));
        if (rc < 0) {
-               gnutls_hmac_deinit(hmac_hnd, NULL);
                return gnutls_error_to_ntstatus(rc,
                                                NT_STATUS_HMAC_NOT_SUPPORTED);
        }
 
-       gnutls_hmac_deinit(hmac_hnd, digest);
+       gnutls_hmac_output(hmac_hnd, digest);
 
        return NT_STATUS_OK;
 }
@@ -168,5 +163,9 @@ NTSTATUS samba_gnutls_sp800_108_derive_key(
        ZERO_ARRAY(digest);
 
 out:
+       if (hmac_hnd != NULL) {
+               gnutls_hmac_deinit(hmac_hnd, NULL);
+       }
+
        return status;
 }
Samba Shared Repository