summaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2013-11-18 03:53:37 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2013-11-18 03:53:37 +0100
commit7476dc0e9ae620afa4a5a5fba90997a0af18fadc (patch)
tree0a9c476249a4b9918a993606e844c72a467c2b43 /src/crypto
parent3e8e646b91b7256ab46eb767951d2028f0dda0eb (diff)
downloadfastd-7476dc0e9ae620afa4a5a5fba90997a0af18fadc.tar
fastd-7476dc0e9ae620afa4a5a5fba90997a0af18fadc.zip
secure_memzero all cipher and MAC states
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c5
-rw-r--r--src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c5
-rw-r--r--src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c5
-rw-r--r--src/crypto/mac/ghash/builtin/ghash_builtin.c5
4 files changed, 16 insertions, 4 deletions
diff --git a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c
index 4302157..5cb4bc7 100644
--- a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c
+++ b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c
@@ -65,7 +65,10 @@ static bool aes128_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_sta
}
static void aes128_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
- free(state);
+ if (state) {
+ secure_memzero(state, sizeof(*state));
+ free(state);
+ }
}
static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
diff --git a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c
index bc5b85c..fb95359 100644
--- a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c
+++ b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c
@@ -316,7 +316,10 @@ static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_s
}
static void blowfish_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
- free(state);
+ if (state) {
+ secure_memzero(state, sizeof(*state));
+ free(state);
+ }
}
static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
diff --git a/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c b/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c
index 1eafb97..67dec0d 100644
--- a/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c
+++ b/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c
@@ -91,7 +91,10 @@ static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_s
}
static void blowfish_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) {
- free(state);
+ if (state) {
+ secure_memzero(state, sizeof(*state));
+ free(state);
+ }
}
static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) {
diff --git a/src/crypto/mac/ghash/builtin/ghash_builtin.c b/src/crypto/mac/ghash/builtin/ghash_builtin.c
index 34e118a..a243b2a 100644
--- a/src/crypto/mac/ghash/builtin/ghash_builtin.c
+++ b/src/crypto/mac/ghash/builtin/ghash_builtin.c
@@ -126,7 +126,10 @@ static bool ghash_hash(fastd_context_t *ctx UNUSED, const fastd_mac_state_t *sta
}
static void ghash_free_state(fastd_context_t *ctx UNUSED, fastd_mac_state_t *state) {
- free(state);
+ if (state) {
+ secure_memzero(state, sizeof(*state));
+ free(state);
+ }
}
static void ghash_free(fastd_context_t *ctx UNUSED, fastd_mac_context_t *mctx UNUSED) {