From 9a4e9da47e17b8b5d32f97a7d39e692df5ffcb1f Mon Sep 17 00:00:00 2001 From: Thom Wiggers Date: Wed, 19 Feb 2020 14:46:48 -0500 Subject: [PATCH] Fix FIPS202 API memory leaks in Dilithium --- crypto_sign/dilithium2/avx2/sign.c | 1 + crypto_sign/dilithium2/clean/sign.c | 1 + crypto_sign/dilithium3/avx2/sign.c | 1 + crypto_sign/dilithium3/clean/sign.c | 1 + crypto_sign/dilithium4/avx2/sign.c | 1 + crypto_sign/dilithium4/clean/sign.c | 1 + 6 files changed, 6 insertions(+) diff --git a/crypto_sign/dilithium2/avx2/sign.c b/crypto_sign/dilithium2/avx2/sign.c index beaca17c..3b7b8c75 100644 --- a/crypto_sign/dilithium2/avx2/sign.c +++ b/crypto_sign/dilithium2/avx2/sign.c @@ -95,6 +95,7 @@ void PQCLEAN_DILITHIUM2_AVX2_challenge(poly *c, c->coeffs[b] ^= -(signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium2/clean/sign.c b/crypto_sign/dilithium2/clean/sign.c index f1557978..24187654 100644 --- a/crypto_sign/dilithium2/clean/sign.c +++ b/crypto_sign/dilithium2/clean/sign.c @@ -85,6 +85,7 @@ void PQCLEAN_DILITHIUM2_CLEAN_challenge(poly *c, c->coeffs[b] ^= -((int32_t)signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium3/avx2/sign.c b/crypto_sign/dilithium3/avx2/sign.c index 1084b653..b605203a 100644 --- a/crypto_sign/dilithium3/avx2/sign.c +++ b/crypto_sign/dilithium3/avx2/sign.c @@ -107,6 +107,7 @@ void PQCLEAN_DILITHIUM3_AVX2_challenge(poly *c, c->coeffs[b] ^= -(signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium3/clean/sign.c b/crypto_sign/dilithium3/clean/sign.c index 6a7ceef0..1715c42f 100644 --- a/crypto_sign/dilithium3/clean/sign.c +++ b/crypto_sign/dilithium3/clean/sign.c @@ -85,6 +85,7 @@ void PQCLEAN_DILITHIUM3_CLEAN_challenge(poly *c, c->coeffs[b] ^= -((int32_t)signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium4/avx2/sign.c b/crypto_sign/dilithium4/avx2/sign.c index b489c463..641adef6 100644 --- a/crypto_sign/dilithium4/avx2/sign.c +++ b/crypto_sign/dilithium4/avx2/sign.c @@ -122,6 +122,7 @@ void PQCLEAN_DILITHIUM4_AVX2_challenge(poly *c, c->coeffs[b] ^= -(signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /************************************************* diff --git a/crypto_sign/dilithium4/clean/sign.c b/crypto_sign/dilithium4/clean/sign.c index ab2da1c2..aebe76be 100644 --- a/crypto_sign/dilithium4/clean/sign.c +++ b/crypto_sign/dilithium4/clean/sign.c @@ -85,6 +85,7 @@ void PQCLEAN_DILITHIUM4_CLEAN_challenge(poly *c, c->coeffs[b] ^= -((int32_t)signs & 1) & (1 ^ (Q - 1)); signs >>= 1; } + shake256_ctx_release(&state); } /*************************************************