From 7476dc0e9ae620afa4a5a5fba90997a0af18fadc Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Mon, 18 Nov 2013 03:53:37 +0100 Subject: secure_memzero all cipher and MAC states --- src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c | 5 ++++- src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c | 5 ++++- src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c | 5 ++++- 3 files changed, 12 insertions(+), 3 deletions(-) (limited to 'src/crypto/cipher') diff --git a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c index 4302157..5cb4bc7 100644 --- a/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c +++ b/src/crypto/cipher/aes128_ctr/nacl/cipher_aes128_ctr_nacl.c @@ -65,7 +65,10 @@ static bool aes128_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_sta } static void aes128_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { - free(state); + if (state) { + secure_memzero(state, sizeof(*state)); + free(state); + } } static void aes128_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) { diff --git a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c index bc5b85c..fb95359 100644 --- a/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c +++ b/src/crypto/cipher/blowfish_ctr/builtin/blowfish_ctr.c @@ -316,7 +316,10 @@ static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_s } static void blowfish_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { - free(state); + if (state) { + secure_memzero(state, sizeof(*state)); + free(state); + } } static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) { diff --git a/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c b/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c index 1eafb97..67dec0d 100644 --- a/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c +++ b/src/crypto/cipher/blowfish_ctr/openssl/blowfish_ctr.c @@ -91,7 +91,10 @@ static bool blowfish_ctr_crypt(fastd_context_t *ctx UNUSED, const fastd_cipher_s } static void blowfish_ctr_free_state(fastd_context_t *ctx UNUSED, fastd_cipher_state_t *state) { - free(state); + if (state) { + secure_memzero(state, sizeof(*state)); + free(state); + } } static void blowfish_ctr_free(fastd_context_t *ctx UNUSED, fastd_cipher_context_t *cctx UNUSED) { -- cgit v1.2.3