src/internal.c: peer review: refactor wolfssl_priv_der_unblind() and wolfssl_priv_der_unblind_free() to use AllocDer() and FreeDer().

douzzer · douzzer · commit c29abccc9fcb · 2025-11-14T18:13:44.000-06:00
diff --git a/src/internal.c b/src/internal.c
@@ -295,36 +295,28 @@ int wolfssl_priv_der_blind(WC_RNG* rng, DerBuffer* key, DerBuffer** mask)
 
 void wolfssl_priv_der_blind_toggle(DerBuffer* key, const DerBuffer* mask)
 {
-    if (key != NULL) {
+    if ((key != NULL) && (mask != NULL)) {
         xorbuf(key->buffer, mask->buffer, mask->length);
     }
 }
 
 DerBuffer *wolfssl_priv_der_unblind(const DerBuffer* key, const DerBuffer* mask)
 {
     DerBuffer *ret;
-    if (key == NULL)
+    if ((key == NULL) || (mask == NULL))
         return NULL;
     if (mask->length > key->length)
         return NULL;
-    ret = (DerBuffer *)XMALLOC(sizeof(*key) + key->length, key->heap,
-                               DYNAMIC_TYPE_TMP_BUFFER);
-    if (ret == NULL)
+    if (AllocDer(&ret, key->length, key->type, key->heap) != 0)
         return NULL;
-    XMEMCPY(ret, key, sizeof(*key));
-    ret->buffer = (byte *)ret + sizeof(*key);
     xorbufout(ret->buffer, key->buffer, mask->buffer, mask->length);
     return ret;
 }
 
 void wolfssl_priv_der_unblind_free(DerBuffer* key)
 {
-    if (key != NULL) {
-        void *heap = key->heap;
-        ForceZero(key->buffer, key->length);
-        ForceZero(key, sizeof(*key));
-        XFREE(key, heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
+    if (key != NULL)
+        FreeDer(&key);
 }
 
 #endif /* !NO_CERT && WOLFSSL_BLIND_PRIVATE_KEY */

Original file line number	Diff line number	Diff line change
`@@ -295,36 +295,28 @@ int wolfssl_priv_der_blind(WC_RNG* rng, DerBuffer* key, DerBuffer** mask)`
`295`	`295`
`296`	`296`	`void wolfssl_priv_der_blind_toggle(DerBuffer* key, const DerBuffer* mask)`
`297`	`297`	`{`
`298`		`- if (key != NULL) {`
	`298`	`+ if ((key != NULL) && (mask != NULL)) {`
`299`	`299`	`xorbuf(key->buffer, mask->buffer, mask->length);`
`300`	`300`	`}`
`301`	`301`	`}`
`302`	`302`
`303`	`303`	`DerBuffer wolfssl_priv_der_unblind(const DerBuffer key, const DerBuffer* mask)`
`304`	`304`	`{`
`305`	`305`	`DerBuffer *ret;`
`306`		`- if (key == NULL)`
	`306`	`+ if ((key == NULL) \|\| (mask == NULL))`
`307`	`307`	`return NULL;`
`308`	`308`	`if (mask->length > key->length)`
`309`	`309`	`return NULL;`
`310`		`- ret = (DerBuffer )XMALLOC(sizeof(key) + key->length, key->heap,`
`311`		`- DYNAMIC_TYPE_TMP_BUFFER);`
`312`		`- if (ret == NULL)`
	`310`	`+ if (AllocDer(&ret, key->length, key->type, key->heap) != 0)`
`313`	`311`	`return NULL;`
`314`		`- XMEMCPY(ret, key, sizeof(*key));`
`315`		`- ret->buffer = (byte )ret + sizeof(key);`
`316`	`312`	`xorbufout(ret->buffer, key->buffer, mask->buffer, mask->length);`
`317`	`313`	`return ret;`
`318`	`314`	`}`
`319`	`315`
`320`	`316`	`void wolfssl_priv_der_unblind_free(DerBuffer* key)`
`321`	`317`	`{`
`322`		`- if (key != NULL) {`
`323`		`- void *heap = key->heap;`
`324`		`- ForceZero(key->buffer, key->length);`
`325`		`- ForceZero(key, sizeof(*key));`
`326`		`- XFREE(key, heap, DYNAMIC_TYPE_TMP_BUFFER);`
`327`		`- }`
	`318`	`+ if (key != NULL)`
	`319`	`+ FreeDer(&key);`
`328`	`320`	`}`
`329`	`321`
`330`	`322`	`#endif /* !NO_CERT && WOLFSSL_BLIND_PRIVATE_KEY */`