memory leaks in OpenSSL based SPHINCS+-SHA256 versions

open-quantum-safe / liboqs

C library for prototyping and experimenting with quantum-resistant cryptography

https://openquantumsafe.org/

Other

1.87k stars 459 forks source link

memory leaks in OpenSSL based SPHINCS+-SHA256 versions #566

Closed 0xa5a5 closed 4 years ago

0xa5a5 commented 5 years ago

For SPHINCS+-SHA256-* using the OpenSSL hash there are memory leaks because the hash context created by PREFIX_initialize_hash_function callee sha256_inc_init is not cleaned up.

Ideally there'd be some hook that allows proper destruction of hash_state_seeded at the end of sign.c functions

PREFIX_crypto_sign_seed_keypair
PREFIX_crypto_sign_signature
PREFIX_crypto_sign_verify

dstebila commented 5 years ago

I saw there's been some work over at PQClean related to this -- once that's finished on the PQClean side, do we need to do anything extra here, other than re-sync the code with PQClean?

0xa5a5 commented 5 years ago

In case we solve it as described above, it's only the OQS specific shims src/common/pqclean_shims that need to be extended, can take care of that.

See https://github.com/PQClean/PQClean/pull/247