[PATCH 1/7] virCryptoEncryptDataAESgnutls: Restructure control flow

Peter Krempa <pkrempa@xxxxxxxxxx> · Tue, 31 Jan 2023 17:02:13 +0100

Prepare the buffer for encryption only after initializing the cipher, so
that there's just one failure point. This allows to remove the 'error'
label.

Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx>
---
 src/util/vircrypto.c | 28 ++++++++++++----------------
 1 file changed, 12 insertions(+), 16 deletions(-)

diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index b28d3fc23d..12d051a55a 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -127,9 +127,17 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
     gnutls_cipher_hd_t handle = NULL;
     gnutls_datum_t enc_key = { .data = enckey, .size = enckeylen };
     gnutls_datum_t iv_buf = { .data = iv, .size = ivlen };
-    uint8_t *ciphertext;
+    g_autofree uint8_t *ciphertext = NULL;
     size_t ciphertextlen;

+    if ((rc = gnutls_cipher_init(&handle, gnutls_enc_alg,
+                                 &enc_key, &iv_buf)) < 0) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("failed to initialize cipher: '%s'"),
+                       gnutls_strerror(rc));
+        return -1;
+    }
+
     /* Allocate a padded buffer, copy in the data.
      *
      * NB, we must *always* have at least 1 byte of
@@ -146,32 +154,20 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
     for (i = datalen; i < ciphertextlen; i++)
         ciphertext[i] = ciphertextlen - datalen;

-    if ((rc = gnutls_cipher_init(&handle, gnutls_enc_alg,
-                                 &enc_key, &iv_buf)) < 0) {
-        virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("failed to initialize cipher: '%s'"),
-                       gnutls_strerror(rc));
-        goto error;
-    }
-
     /* Encrypt the data and free the memory for cipher operations */
     rc = gnutls_cipher_encrypt(handle, ciphertext, ciphertextlen);
     gnutls_cipher_deinit(handle);
     if (rc < 0) {
+        virSecureErase(ciphertext, ciphertextlen);
         virReportError(VIR_ERR_INTERNAL_ERROR,
                        _("failed to encrypt the data: '%s'"),
                        gnutls_strerror(rc));
-        goto error;
+        return -1;
     }

-    *ciphertextret = ciphertext;
+    *ciphertextret = g_steal_pointer(&ciphertext);
     *ciphertextlenret = ciphertextlen;
     return 0;
-
- error:
-    virSecureErase(ciphertext, ciphertextlen);
-    g_free(ciphertext);
-    return -1;
 }


-- 
2.39.1







