diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/config.h.in | 1 | ||||
| -rw-r--r-- | src/lib/crypt.c | 21 | ||||
| -rw-r--r-- | src/lib/crypt/openssl.c | 6 | ||||
| -rw-r--r-- | src/lib/crypt/openssl.h | 3 | ||||
| -rw-r--r-- | src/lib/dev.c | 6 | ||||
| -rw-r--r-- | src/lib/tests/kex_test.c | 2 |
6 files changed, 35 insertions, 4 deletions
diff --git a/src/lib/config.h.in b/src/lib/config.h.in index b2b17669..6065ac41 100644 --- a/src/lib/config.h.in +++ b/src/lib/config.h.in @@ -21,6 +21,7 @@ */ #cmakedefine HAVE_SYS_RANDOM +#cmakedefine HAVE_EXPLICIT_BZERO #cmakedefine HAVE_LIBGCRYPT #cmakedefine HAVE_OPENSSL #ifdef HAVE_OPENSSL diff --git a/src/lib/crypt.c b/src/lib/crypt.c index fdbae776..38dd9f29 100644 --- a/src/lib/crypt.c +++ b/src/lib/crypt.c @@ -1064,3 +1064,24 @@ void crypt_secure_free(void * ptr, free(ptr); #endif } + +void crypt_secure_clear(void * ptr, + size_t size) +{ + volatile uint8_t * p; + + if (ptr == NULL) + return; + +#ifdef HAVE_OPENSSL + (void) p; + openssl_secure_clear(ptr, size); +#elif defined(HAVE_EXPLICIT_BZERO) + (void) p; + explicit_bzero(ptr, size); +#else /* best effort to avoid optimizing out */ + p = ptr; + while (size-- > 0) + *p++ = 0; +#endif +} diff --git a/src/lib/crypt/openssl.c b/src/lib/crypt/openssl.c index b8233593..232aa6c9 100644 --- a/src/lib/crypt/openssl.c +++ b/src/lib/crypt/openssl.c @@ -1872,3 +1872,9 @@ void openssl_secure_free(void * ptr) { OPENSSL_secure_free(ptr); } + +void openssl_secure_clear(void * ptr, + size_t size) +{ + OPENSSL_cleanse(ptr, size); +} diff --git a/src/lib/crypt/openssl.h b/src/lib/crypt/openssl.h index 083e8dde..a6bb5840 100644 --- a/src/lib/crypt/openssl.h +++ b/src/lib/crypt/openssl.h @@ -166,4 +166,7 @@ void * openssl_secure_malloc(size_t size); void openssl_secure_free(void * ptr, size_t size); +void openssl_secure_clear(void * ptr, + size_t size); + #endif /* OUROBOROS_LIB_CRYPT_OPENSSL_H */ diff --git a/src/lib/dev.c b/src/lib/dev.c index 35ea701b..fb06c496 100644 --- a/src/lib/dev.c +++ b/src/lib/dev.c @@ -870,7 +870,7 @@ int flow_accept(qosspec_t * qs, fd = flow_init(&flow, &crypt); - explicit_bzero(key, SYMMKEYSZ); + crypt_secure_clear(key, SYMMKEYSZ); if (qs != NULL) *qs = flow.qs; @@ -917,7 +917,7 @@ int flow_alloc(const char * dst, fd = flow_init(&flow, &crypt); - explicit_bzero(key, SYMMKEYSZ); + crypt_secure_clear(key, SYMMKEYSZ); if (qs != NULL) *qs = flow.qs; @@ -956,7 +956,7 @@ int flow_join(const char * dst, fd = flow_init(&flow, &crypt); - explicit_bzero(key, SYMMKEYSZ); + crypt_secure_clear(key, SYMMKEYSZ); return fd; } diff --git a/src/lib/tests/kex_test.c b/src/lib/tests/kex_test.c index 58cf8b43..0a588550 100644 --- a/src/lib/tests/kex_test.c +++ b/src/lib/tests/kex_test.c @@ -574,7 +574,7 @@ static int test_kex_parse_config_empty(void) memset(&kex, 0, sizeof(kex)); - fp = FMEMOPEN_STR(""); + fp = FMEMOPEN_STR("\n"); if (fp == NULL) { printf("Failed to open memory stream.\n"); goto fail; |