mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 16:55:43 +01:00
Introduce polarssl_zeroize() instead of memset() for zeroization
This commit is contained in:
parent
bbcb1ce703
commit
3461772559
@ -14,6 +14,8 @@ Features
|
||||
Changes
|
||||
* Add LINK_WITH_PTHREAD option in CMake for explicit linking that is
|
||||
required on some platforms (e.g. OpenBSD)
|
||||
* Migrate zeroizing of data to polarssl_zeroize() instead of memset()
|
||||
against unwanted compiler optimizations
|
||||
|
||||
Bugfix
|
||||
* Fix in debug_print_msg()
|
||||
|
@ -53,6 +53,11 @@
|
||||
|
||||
#if !defined(POLARSSL_AES_ALT)
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (little endian)
|
||||
*/
|
||||
@ -633,7 +638,7 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
|
||||
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
|
||||
done:
|
||||
#endif
|
||||
memset( &cty, 0, sizeof( aes_context ) );
|
||||
polarssl_zeroize( &cty, sizeof( aes_context ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -51,6 +51,11 @@
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#define ciL (sizeof(t_uint)) /* chars in limb */
|
||||
#define biL (ciL << 3) /* bits in limb */
|
||||
#define biH (ciL << 2) /* half limb size */
|
||||
@ -84,7 +89,7 @@ void mpi_free( mpi *X )
|
||||
|
||||
if( X->p != NULL )
|
||||
{
|
||||
memset( X->p, 0, X->n * ciL );
|
||||
polarssl_zeroize( X->p, X->n * ciL );
|
||||
polarssl_free( X->p );
|
||||
}
|
||||
|
||||
@ -113,7 +118,7 @@ int mpi_grow( mpi *X, size_t nblimbs )
|
||||
if( X->p != NULL )
|
||||
{
|
||||
memcpy( p, X->p, X->n * ciL );
|
||||
memset( X->p, 0, X->n * ciL );
|
||||
polarssl_zeroize( X->p, X->n * ciL );
|
||||
polarssl_free( X->p );
|
||||
}
|
||||
|
||||
@ -153,7 +158,7 @@ int mpi_shrink( mpi *X, size_t nblimbs )
|
||||
if( X->p != NULL )
|
||||
{
|
||||
memcpy( p, X->p, i * ciL );
|
||||
memset( X->p, 0, X->n * ciL );
|
||||
polarssl_zeroize( X->p, X->n * ciL );
|
||||
polarssl_free( X->p );
|
||||
}
|
||||
|
||||
|
@ -47,6 +47,11 @@
|
||||
|
||||
#if !defined(POLARSSL_CAMELLIA_ALT)
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
@ -463,7 +468,7 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
|
||||
*RK++ = *SK++;
|
||||
*RK++ = *SK++;
|
||||
|
||||
memset( &cty, 0, sizeof( camellia_context ) );
|
||||
polarssl_zeroize( &cty, sizeof( camellia_context ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -42,6 +42,11 @@
|
||||
|
||||
#include "polarssl/ccm.h"
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#define CCM_ENCRYPT 0
|
||||
#define CCM_DECRYPT 1
|
||||
|
||||
@ -81,7 +86,7 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher,
|
||||
void ccm_free( ccm_context *ctx )
|
||||
{
|
||||
(void) cipher_free_ctx( &ctx->cipher_ctx );
|
||||
memset( ctx, 0, sizeof( ccm_context ) );
|
||||
polarssl_zeroize( ctx, sizeof( ccm_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -320,7 +325,7 @@ int ccm_auth_decrypt( ccm_context *ctx, size_t length,
|
||||
|
||||
if( diff != 0 )
|
||||
{
|
||||
memset( output, 0, length );
|
||||
polarssl_zeroize( output, length );
|
||||
return( POLARSSL_ERR_CCM_AUTH_FAILED );
|
||||
}
|
||||
|
||||
|
@ -57,6 +57,11 @@
|
||||
#define strcasecmp _stricmp
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
static int supported_init = 0;
|
||||
|
||||
const int *cipher_list( void )
|
||||
@ -152,6 +157,7 @@ int cipher_free_ctx( cipher_context_t *ctx )
|
||||
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
|
||||
|
||||
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
|
||||
polarssl_zeroize( ctx, sizeof(cipher_context_t) );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -74,6 +74,11 @@
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
/* shared by all GCM ciphers */
|
||||
static void *gcm_ctx_alloc( void )
|
||||
@ -187,6 +192,7 @@ static void * aes_ctx_alloc( void )
|
||||
|
||||
static void aes_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( aes_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -540,6 +546,7 @@ static void * camellia_ctx_alloc( void )
|
||||
|
||||
static void camellia_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( camellia_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -948,6 +955,13 @@ static void * des3_ctx_alloc( void )
|
||||
|
||||
static void des_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( des_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
static void des3_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( des3_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -998,7 +1012,7 @@ const cipher_base_t des_ede_info = {
|
||||
des3_set2key_enc_wrap,
|
||||
des3_set2key_dec_wrap,
|
||||
des3_ctx_alloc,
|
||||
des_ctx_free
|
||||
des3_ctx_free
|
||||
};
|
||||
|
||||
const cipher_info_t des_ede_ecb_info = {
|
||||
@ -1035,7 +1049,7 @@ const cipher_base_t des_ede3_info = {
|
||||
des3_set3key_enc_wrap,
|
||||
des3_set3key_dec_wrap,
|
||||
des3_ctx_alloc,
|
||||
des_ctx_free
|
||||
des3_ctx_free
|
||||
};
|
||||
|
||||
const cipher_info_t des_ede3_ecb_info = {
|
||||
@ -1143,6 +1157,7 @@ static void * blowfish_ctx_alloc( void )
|
||||
|
||||
static void blowfish_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( blowfish_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -1236,6 +1251,7 @@ static void * arc4_ctx_alloc( void )
|
||||
|
||||
static void arc4_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( arc4_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
|
@ -47,6 +47,11 @@
|
||||
|
||||
#if !defined(POLARSSL_DES_ALT)
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
@ -519,7 +524,7 @@ int des3_set2key_enc( des3_context *ctx,
|
||||
uint32_t sk[96];
|
||||
|
||||
des3_set2key( ctx->sk, sk, key );
|
||||
memset( sk, 0, sizeof( sk ) );
|
||||
polarssl_zeroize( sk, sizeof( sk ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -533,7 +538,7 @@ int des3_set2key_dec( des3_context *ctx,
|
||||
uint32_t sk[96];
|
||||
|
||||
des3_set2key( sk, ctx->sk, key );
|
||||
memset( sk, 0, sizeof( sk ) );
|
||||
polarssl_zeroize( sk, sizeof( sk ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -570,7 +575,7 @@ int des3_set3key_enc( des3_context *ctx,
|
||||
uint32_t sk[96];
|
||||
|
||||
des3_set3key( ctx->sk, sk, key );
|
||||
memset( sk, 0, sizeof( sk ) );
|
||||
polarssl_zeroize( sk, sizeof( sk ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -584,7 +589,7 @@ int des3_set3key_dec( des3_context *ctx,
|
||||
uint32_t sk[96];
|
||||
|
||||
des3_set3key( sk, ctx->sk, key );
|
||||
memset( sk, 0, sizeof( sk ) );
|
||||
polarssl_zeroize( sk, sizeof( sk ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -55,6 +55,11 @@
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* helper to validate the mpi size and import it
|
||||
*/
|
||||
@ -395,7 +400,7 @@ void dhm_free( dhm_context *ctx )
|
||||
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G );
|
||||
mpi_free( &ctx->P );
|
||||
|
||||
memset( ctx, 0, sizeof( dhm_context ) );
|
||||
polarssl_zeroize( ctx, sizeof( dhm_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ASN1_PARSE_C)
|
||||
@ -535,7 +540,7 @@ int dhm_parse_dhmfile( dhm_context *dhm, const char *path )
|
||||
|
||||
ret = dhm_parse_dhm( dhm, buf, n );
|
||||
|
||||
memset( buf, 0, n + 1 );
|
||||
polarssl_zeroize( buf, n + 1 );
|
||||
polarssl_free( buf );
|
||||
|
||||
return( ret );
|
||||
|
@ -77,6 +77,11 @@
|
||||
#endif /* __ARMCC_VERSION */
|
||||
#endif /*_MSC_VER */
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
/*
|
||||
* Counts of point addition and doubling, and field multiplications.
|
||||
@ -344,7 +349,7 @@ void ecp_group_free( ecp_group *grp )
|
||||
polarssl_free( grp->T );
|
||||
}
|
||||
|
||||
memset( grp, 0, sizeof( ecp_group ) );
|
||||
polarssl_zeroize( grp, sizeof( ecp_group ) );
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -42,6 +42,11 @@
|
||||
#include "polarssl/havege.h"
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */
|
||||
|
||||
void entropy_init( entropy_context *ctx )
|
||||
@ -78,7 +83,7 @@ void entropy_init( entropy_context *ctx )
|
||||
|
||||
void entropy_free( entropy_context *ctx )
|
||||
{
|
||||
((void) ctx);
|
||||
polarssl_zeroize( ctx, sizeof( entropy_context ) );
|
||||
#if defined(POLARSSL_THREADING_C)
|
||||
polarssl_mutex_free( &ctx->mutex );
|
||||
#endif
|
||||
|
@ -76,6 +76,11 @@
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Precompute small multiples of H, that is set
|
||||
* HH[i] || HL[i] = H times i,
|
||||
@ -464,7 +469,7 @@ int gcm_auth_decrypt( gcm_context *ctx,
|
||||
|
||||
if( diff != 0 )
|
||||
{
|
||||
memset( output, 0, length );
|
||||
polarssl_zeroize( output, length );
|
||||
return( POLARSSL_ERR_GCM_AUTH_FAILED );
|
||||
}
|
||||
|
||||
@ -474,7 +479,7 @@ int gcm_auth_decrypt( gcm_context *ctx,
|
||||
void gcm_free( gcm_context *ctx )
|
||||
{
|
||||
(void) cipher_free_ctx( &ctx->cipher_ctx );
|
||||
memset( ctx, 0, sizeof( gcm_context ) );
|
||||
polarssl_zeroize( ctx, sizeof( gcm_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
|
||||
|
@ -49,6 +49,11 @@
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* HMAC_DRBG update, using optional additional data (10.1.2.2)
|
||||
*/
|
||||
@ -305,7 +310,7 @@ void hmac_drbg_free( hmac_drbg_context *ctx )
|
||||
|
||||
md_free_ctx( &ctx->md_ctx );
|
||||
|
||||
memset( ctx, 0, sizeof( hmac_drbg_context ) );
|
||||
polarssl_zeroize( ctx, sizeof( hmac_drbg_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
|
@ -45,6 +45,11 @@
|
||||
#define strcasecmp _stricmp
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
static const int supported_digests[] = {
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
@ -190,7 +195,8 @@ int md_free_ctx( md_context_t *ctx )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->ctx_free_func( ctx->md_ctx );
|
||||
ctx->md_ctx = NULL;
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( md_context_t ) );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -49,6 +49,11 @@
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_MD2_ALT)
|
||||
|
||||
static const unsigned char PI_SUBST[256] =
|
||||
@ -188,7 +193,7 @@ void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
|
||||
md2_update( &ctx, input, ilen );
|
||||
md2_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md2_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md2_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
@ -212,7 +217,7 @@ int md2_file( const char *path, unsigned char output[16] )
|
||||
|
||||
md2_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md2_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md2_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
@ -253,7 +258,7 @@ void md2_hmac_starts( md2_context *ctx, const unsigned char *key,
|
||||
md2_starts( ctx );
|
||||
md2_update( ctx, ctx->ipad, 16 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -278,7 +283,7 @@ void md2_hmac_finish( md2_context *ctx, unsigned char output[16] )
|
||||
md2_update( ctx, tmpbuf, 16 );
|
||||
md2_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -303,7 +308,7 @@ void md2_hmac( const unsigned char *key, size_t keylen,
|
||||
md2_hmac_update( &ctx, input, ilen );
|
||||
md2_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md2_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md2_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
@ -49,6 +49,11 @@
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_MD4_ALT)
|
||||
|
||||
/*
|
||||
@ -284,7 +289,7 @@ void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
|
||||
md4_update( &ctx, input, ilen );
|
||||
md4_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md4_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md4_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
@ -308,7 +313,7 @@ int md4_file( const char *path, unsigned char output[16] )
|
||||
|
||||
md4_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md4_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md4_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
@ -349,7 +354,7 @@ void md4_hmac_starts( md4_context *ctx, const unsigned char *key,
|
||||
md4_starts( ctx );
|
||||
md4_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -374,7 +379,7 @@ void md4_hmac_finish( md4_context *ctx, unsigned char output[16] )
|
||||
md4_update( ctx, tmpbuf, 16 );
|
||||
md4_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -399,7 +404,7 @@ void md4_hmac( const unsigned char *key, size_t keylen,
|
||||
md4_hmac_update( &ctx, input, ilen );
|
||||
md4_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md4_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md4_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
@ -48,6 +48,11 @@
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_MD5_ALT)
|
||||
|
||||
/*
|
||||
@ -301,7 +306,7 @@ void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
|
||||
md5_update( &ctx, input, ilen );
|
||||
md5_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md5_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
@ -325,7 +330,7 @@ int md5_file( const char *path, unsigned char output[16] )
|
||||
|
||||
md5_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md5_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md5_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
@ -366,7 +371,7 @@ void md5_hmac_starts( md5_context *ctx, const unsigned char *key,
|
||||
md5_starts( ctx );
|
||||
md5_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -391,7 +396,7 @@ void md5_hmac_finish( md5_context *ctx, unsigned char output[16] )
|
||||
md5_update( ctx, tmpbuf, 16 );
|
||||
md5_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -416,7 +421,7 @@ void md5_hmac( const unsigned char *key, size_t keylen,
|
||||
md5_hmac_update( &ctx, input, ilen );
|
||||
md5_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md5_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
@ -74,6 +74,11 @@
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
|
||||
static void md2_starts_wrap( void *ctx )
|
||||
@ -132,6 +137,7 @@ static void * md2_ctx_alloc( void )
|
||||
|
||||
static void md2_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( md2_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -221,6 +227,7 @@ static void *md4_ctx_alloc( void )
|
||||
|
||||
static void md4_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( md4_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -308,6 +315,7 @@ static void * md5_ctx_alloc( void )
|
||||
|
||||
static void md5_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( md5_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -395,6 +403,7 @@ static void * ripemd160_ctx_alloc( void )
|
||||
|
||||
static void ripemd160_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -482,6 +491,7 @@ static void * sha1_ctx_alloc( void )
|
||||
|
||||
static void sha1_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha1_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -585,6 +595,7 @@ static void * sha224_ctx_alloc( void )
|
||||
|
||||
static void sha224_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha256_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -681,6 +692,7 @@ static void * sha256_ctx_alloc( void )
|
||||
|
||||
static void sha256_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha256_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -781,6 +793,7 @@ static void * sha384_ctx_alloc( void )
|
||||
|
||||
static void sha384_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha512_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
@ -877,6 +890,7 @@ static void * sha512_ctx_alloc( void )
|
||||
|
||||
static void sha512_ctx_free( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( sha512_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
|
@ -52,6 +52,11 @@
|
||||
#define polarssl_fprintf fprintf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#define MAGIC1 0xFF00AA55
|
||||
#define MAGIC2 0xEE119966
|
||||
#define MAX_BT 20
|
||||
@ -578,7 +583,7 @@ void memory_buffer_alloc_free()
|
||||
#if defined(POLARSSL_THREADING_C)
|
||||
polarssl_mutex_free( &heap.mutex );
|
||||
#endif
|
||||
memset( &heap, 0, sizeof(buffer_alloc_ctx) );
|
||||
polarssl_zeroize( &heap, sizeof(buffer_alloc_ctx) );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */
|
||||
|
@ -46,6 +46,11 @@
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_PEM_PARSE_C)
|
||||
void pem_init( pem_context *ctx )
|
||||
{
|
||||
@ -99,8 +104,8 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
|
||||
{
|
||||
memcpy( key, md5sum, keylen );
|
||||
|
||||
memset( &md5_ctx, 0, sizeof( md5_ctx ) );
|
||||
memset( md5sum, 0, 16 );
|
||||
polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
|
||||
polarssl_zeroize( md5sum, 16 );
|
||||
return;
|
||||
}
|
||||
|
||||
@ -121,8 +126,8 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
|
||||
|
||||
memcpy( key + 16, md5sum, use_len );
|
||||
|
||||
memset( &md5_ctx, 0, sizeof( md5_ctx ) );
|
||||
memset( md5sum, 0, 16 );
|
||||
polarssl_zeroize( &md5_ctx, sizeof( md5_ctx ) );
|
||||
polarssl_zeroize( md5sum, 16 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
@ -142,8 +147,8 @@ static void pem_des_decrypt( unsigned char des_iv[8],
|
||||
des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
|
||||
des_iv, buf, buf );
|
||||
|
||||
memset( &des_ctx, 0, sizeof( des_ctx ) );
|
||||
memset( des_key, 0, 8 );
|
||||
polarssl_zeroize( &des_ctx, sizeof( des_ctx ) );
|
||||
polarssl_zeroize( des_key, 8 );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -162,8 +167,8 @@ static void pem_des3_decrypt( unsigned char des3_iv[8],
|
||||
des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
|
||||
des3_iv, buf, buf );
|
||||
|
||||
memset( &des3_ctx, 0, sizeof( des3_ctx ) );
|
||||
memset( des3_key, 0, 24 );
|
||||
polarssl_zeroize( &des3_ctx, sizeof( des3_ctx ) );
|
||||
polarssl_zeroize( des3_key, 24 );
|
||||
}
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
@ -184,8 +189,8 @@ static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
|
||||
aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
|
||||
aes_iv, buf, buf );
|
||||
|
||||
memset( &aes_ctx, 0, sizeof( aes_ctx ) );
|
||||
memset( aes_key, 0, keylen );
|
||||
polarssl_zeroize( &aes_ctx, sizeof( aes_ctx ) );
|
||||
polarssl_zeroize( aes_key, keylen );
|
||||
}
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
@ -373,7 +378,7 @@ void pem_free( pem_context *ctx )
|
||||
polarssl_free( ctx->buf );
|
||||
polarssl_free( ctx->info );
|
||||
|
||||
memset( ctx, 0, sizeof( pem_context ) );
|
||||
polarssl_zeroize( ctx, sizeof( pem_context ) );
|
||||
}
|
||||
#endif /* POLARSSL_PEM_PARSE_C */
|
||||
|
||||
|
@ -44,6 +44,11 @@
|
||||
#include "polarssl/ecdsa.h"
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialise a pk_context
|
||||
*/
|
||||
@ -65,9 +70,8 @@ void pk_free( pk_context *ctx )
|
||||
return;
|
||||
|
||||
ctx->pk_info->ctx_free_func( ctx->pk_ctx );
|
||||
ctx->pk_ctx = NULL;
|
||||
|
||||
ctx->pk_info = NULL;
|
||||
polarssl_zeroize( ctx, sizeof( pk_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -52,6 +52,11 @@
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
static int rsa_can_do( pk_type_t type )
|
||||
{
|
||||
@ -426,6 +431,7 @@ static void *rsa_alt_alloc_wrap( void )
|
||||
|
||||
static void rsa_alt_free_wrap( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( rsa_alt_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
|
@ -62,6 +62,11 @@
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* Load all data from a file into a given buffer.
|
||||
@ -124,7 +129,7 @@ int pk_parse_keyfile( pk_context *ctx,
|
||||
ret = pk_parse_key( ctx, buf, n,
|
||||
(const unsigned char *) pwd, strlen( pwd ) );
|
||||
|
||||
memset( buf, 0, n + 1 );
|
||||
polarssl_zeroize( buf, n + 1 );
|
||||
polarssl_free( buf );
|
||||
|
||||
return( ret );
|
||||
@ -144,7 +149,7 @@ int pk_parse_public_keyfile( pk_context *ctx, const char *path )
|
||||
|
||||
ret = pk_parse_public_key( ctx, buf, n );
|
||||
|
||||
memset( buf, 0, n + 1 );
|
||||
polarssl_zeroize( buf, n + 1 );
|
||||
polarssl_free( buf );
|
||||
|
||||
return( ret );
|
||||
|
@ -76,6 +76,11 @@
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* RIPEMD-160 context setup
|
||||
*/
|
||||
@ -363,7 +368,7 @@ void ripemd160( const unsigned char *input, size_t ilen,
|
||||
ripemd160_update( &ctx, input, ilen );
|
||||
ripemd160_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( ripemd160_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
@ -387,7 +392,7 @@ int ripemd160_file( const char *path, unsigned char output[20] )
|
||||
|
||||
ripemd160_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( ripemd160_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
@ -428,7 +433,7 @@ void ripemd160_hmac_starts( ripemd160_context *ctx,
|
||||
ripemd160_starts( ctx );
|
||||
ripemd160_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -453,7 +458,7 @@ void ripemd160_hmac_finish( ripemd160_context *ctx, unsigned char output[20] )
|
||||
ripemd160_update( ctx, tmpbuf, 20 );
|
||||
ripemd160_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -478,7 +483,7 @@ void ripemd160_hmac( const unsigned char *key, size_t keylen,
|
||||
ripemd160_hmac_update( &ctx, input, ilen );
|
||||
ripemd160_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( ripemd160_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( ripemd160_context ) );
|
||||
}
|
||||
|
||||
|
||||
|
@ -48,6 +48,11 @@
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_SHA1_ALT)
|
||||
|
||||
/*
|
||||
@ -334,7 +339,7 @@ void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
|
||||
sha1_update( &ctx, input, ilen );
|
||||
sha1_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha1_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
@ -358,7 +363,7 @@ int sha1_file( const char *path, unsigned char output[20] )
|
||||
|
||||
sha1_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha1_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
@ -399,7 +404,7 @@ void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
|
||||
sha1_starts( ctx );
|
||||
sha1_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -424,7 +429,7 @@ void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
|
||||
sha1_update( ctx, tmpbuf, 20 );
|
||||
sha1_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -449,7 +454,7 @@ void sha1_hmac( const unsigned char *key, size_t keylen,
|
||||
sha1_hmac_update( &ctx, input, ilen );
|
||||
sha1_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha1_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha1_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
@ -48,6 +48,11 @@
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_SHA256_ALT)
|
||||
|
||||
/*
|
||||
@ -337,7 +342,7 @@ void sha256( const unsigned char *input, size_t ilen,
|
||||
sha256_update( &ctx, input, ilen );
|
||||
sha256_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha256_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
@ -361,7 +366,7 @@ int sha256_file( const char *path, unsigned char output[32], int is224 )
|
||||
|
||||
sha256_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha256_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
@ -402,7 +407,7 @@ void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key,
|
||||
sha256_starts( ctx, is224 );
|
||||
sha256_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -431,7 +436,7 @@ void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] )
|
||||
sha256_update( ctx, tmpbuf, hlen );
|
||||
sha256_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -456,7 +461,7 @@ void sha256_hmac( const unsigned char *key, size_t keylen,
|
||||
sha256_hmac_update( &ctx, input, ilen );
|
||||
sha256_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha256_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha256_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
@ -48,6 +48,11 @@
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_SHA512_ALT)
|
||||
|
||||
/*
|
||||
@ -335,7 +340,7 @@ void sha512( const unsigned char *input, size_t ilen,
|
||||
sha512_update( &ctx, input, ilen );
|
||||
sha512_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha512_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
@ -359,7 +364,7 @@ int sha512_file( const char *path, unsigned char output[64], int is384 )
|
||||
|
||||
sha512_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha512_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
@ -400,7 +405,7 @@ void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key,
|
||||
sha512_starts( ctx, is384 );
|
||||
sha512_update( ctx, ctx->ipad, 128 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -429,7 +434,7 @@ void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] )
|
||||
sha512_update( ctx, tmpbuf, hlen );
|
||||
sha512_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -454,7 +459,7 @@ void sha512_hmac( const unsigned char *key, size_t keylen,
|
||||
sha512_hmac_update( &ctx, input, ilen );
|
||||
sha512_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha512_context ) );
|
||||
polarssl_zeroize( &ctx, sizeof( sha512_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
@ -55,6 +55,13 @@ typedef UINT32 uint32_t;
|
||||
#include <time.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SSL_SESSION_TICKETS)
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
|
||||
static void ssl_write_hostname_ext( ssl_context *ssl,
|
||||
unsigned char *buf,
|
||||
@ -2466,6 +2473,8 @@ static int ssl_parse_new_session_ticket( ssl_context *ssl )
|
||||
if( ticket_len == 0)
|
||||
return( 0 );
|
||||
|
||||
polarssl_zeroize( ssl->session_negotiate->ticket,
|
||||
ssl->session_negotiate->ticket_len );
|
||||
polarssl_free( ssl->session_negotiate->ticket );
|
||||
ssl->session_negotiate->ticket = NULL;
|
||||
ssl->session_negotiate->ticket_len = 0;
|
||||
|
@ -52,6 +52,11 @@
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SSL_SESSION_TICKETS)
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Serialize a session in the following format:
|
||||
* 0 . n-1 session structure, n = sizeof(ssl_session)
|
||||
@ -337,7 +342,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
|
||||
|
||||
ssl_session_free( ssl->session_negotiate );
|
||||
memcpy( ssl->session_negotiate, &session, sizeof( ssl_session ) );
|
||||
memset( &session, 0, sizeof( ssl_session ) );
|
||||
polarssl_zeroize( &session, sizeof( ssl_session ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
#define strcasecmp _stricmp
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
||||
/*
|
||||
* Convert max_fragment_length codes to length.
|
||||
@ -175,11 +180,11 @@ static int ssl3_prf( const unsigned char *secret, size_t slen,
|
||||
md5_finish( &md5, dstbuf + i * 16 );
|
||||
}
|
||||
|
||||
memset( &md5, 0, sizeof( md5 ) );
|
||||
memset( &sha1, 0, sizeof( sha1 ) );
|
||||
polarssl_zeroize( &md5, sizeof( md5 ) );
|
||||
polarssl_zeroize( &sha1, sizeof( sha1 ) );
|
||||
|
||||
memset( padding, 0, sizeof( padding ) );
|
||||
memset( sha1sum, 0, sizeof( sha1sum ) );
|
||||
polarssl_zeroize( padding, sizeof( padding ) );
|
||||
polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -241,8 +246,8 @@ static int tls1_prf( const unsigned char *secret, size_t slen,
|
||||
dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] );
|
||||
}
|
||||
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
memset( h_i, 0, sizeof( h_i ) );
|
||||
polarssl_zeroize( tmp, sizeof( tmp ) );
|
||||
polarssl_zeroize( h_i, sizeof( h_i ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -284,8 +289,8 @@ static int tls_prf_sha256( const unsigned char *secret, size_t slen,
|
||||
dstbuf[i + j] = h_i[j];
|
||||
}
|
||||
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
memset( h_i, 0, sizeof( h_i ) );
|
||||
polarssl_zeroize( tmp, sizeof( tmp ) );
|
||||
polarssl_zeroize( h_i, sizeof( h_i ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -326,8 +331,8 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen,
|
||||
dstbuf[i + j] = h_i[j];
|
||||
}
|
||||
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
memset( h_i, 0, sizeof( h_i ) );
|
||||
polarssl_zeroize( tmp, sizeof( tmp ) );
|
||||
polarssl_zeroize( h_i, sizeof( h_i ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -466,7 +471,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
"master secret",
|
||||
handshake->randbytes, 64, session->master, 48 );
|
||||
|
||||
memset( handshake->premaster, 0, sizeof( handshake->premaster ) );
|
||||
polarssl_zeroize( handshake->premaster, sizeof(handshake->premaster) );
|
||||
}
|
||||
else
|
||||
SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
|
||||
@ -477,7 +482,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
memcpy( tmp, handshake->randbytes, 64 );
|
||||
memcpy( handshake->randbytes, tmp + 32, 32 );
|
||||
memcpy( handshake->randbytes + 32, tmp, 32 );
|
||||
memset( tmp, 0, sizeof( tmp ) );
|
||||
polarssl_zeroize( tmp, sizeof( tmp ) );
|
||||
|
||||
/*
|
||||
* SSLv3:
|
||||
@ -500,7 +505,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 );
|
||||
SSL_DEBUG_BUF( 4, "key block", keyblk, 256 );
|
||||
|
||||
memset( handshake->randbytes, 0, sizeof( handshake->randbytes ) );
|
||||
polarssl_zeroize( handshake->randbytes, sizeof( handshake->randbytes ) );
|
||||
|
||||
/*
|
||||
* Determine the appropriate key, IV and MAC length.
|
||||
@ -699,7 +704,7 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
}
|
||||
#endif /* POLARSSL_CIPHER_MODE_CBC */
|
||||
|
||||
memset( keyblk, 0, sizeof( keyblk ) );
|
||||
polarssl_zeroize( keyblk, sizeof( keyblk ) );
|
||||
|
||||
#if defined(POLARSSL_ZLIB_SUPPORT)
|
||||
// Initialize compression
|
||||
@ -2846,12 +2851,12 @@ static void ssl_calc_finished_ssl(
|
||||
|
||||
SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 );
|
||||
|
||||
memset( &md5, 0, sizeof( md5_context ) );
|
||||
memset( &sha1, 0, sizeof( sha1_context ) );
|
||||
polarssl_zeroize( &md5, sizeof( md5_context ) );
|
||||
polarssl_zeroize( &sha1, sizeof( sha1_context ) );
|
||||
|
||||
memset( padbuf, 0, sizeof( padbuf ) );
|
||||
memset( md5sum, 0, sizeof( md5sum ) );
|
||||
memset( sha1sum, 0, sizeof( sha1sum ) );
|
||||
polarssl_zeroize( padbuf, sizeof( padbuf ) );
|
||||
polarssl_zeroize( md5sum, sizeof( md5sum ) );
|
||||
polarssl_zeroize( sha1sum, sizeof( sha1sum ) );
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
|
||||
}
|
||||
@ -2904,10 +2909,10 @@ static void ssl_calc_finished_tls(
|
||||
|
||||
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
|
||||
|
||||
memset( &md5, 0, sizeof( md5_context ) );
|
||||
memset( &sha1, 0, sizeof( sha1_context ) );
|
||||
polarssl_zeroize( &md5, sizeof( md5_context ) );
|
||||
polarssl_zeroize( &sha1, sizeof( sha1_context ) );
|
||||
|
||||
memset( padbuf, 0, sizeof( padbuf ) );
|
||||
polarssl_zeroize( padbuf, sizeof( padbuf ) );
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
|
||||
}
|
||||
@ -2953,9 +2958,9 @@ static void ssl_calc_finished_tls_sha256(
|
||||
|
||||
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
|
||||
|
||||
memset( &sha256, 0, sizeof( sha256_context ) );
|
||||
polarssl_zeroize( &sha256, sizeof( sha256_context ) );
|
||||
|
||||
memset( padbuf, 0, sizeof( padbuf ) );
|
||||
polarssl_zeroize( padbuf, sizeof( padbuf ) );
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
|
||||
}
|
||||
@ -3000,9 +3005,9 @@ static void ssl_calc_finished_tls_sha384(
|
||||
|
||||
SSL_DEBUG_BUF( 3, "calc finished result", buf, len );
|
||||
|
||||
memset( &sha512, 0, sizeof( sha512_context ) );
|
||||
polarssl_zeroize( &sha512, sizeof( sha512_context ) );
|
||||
|
||||
memset( padbuf, 0, sizeof( padbuf ) );
|
||||
polarssl_zeroize( padbuf, sizeof( padbuf ) );
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "<= calc finished" ) );
|
||||
}
|
||||
@ -4402,7 +4407,7 @@ void ssl_transform_free( ssl_transform *transform )
|
||||
md_free_ctx( &transform->md_ctx_enc );
|
||||
md_free_ctx( &transform->md_ctx_dec );
|
||||
|
||||
memset( transform, 0, sizeof( ssl_transform ) );
|
||||
polarssl_zeroize( transform, sizeof( ssl_transform ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_X509_CRT_PARSE_C)
|
||||
@ -4459,7 +4464,7 @@ void ssl_handshake_free( ssl_handshake_params *handshake )
|
||||
}
|
||||
#endif /* POLARSSL_X509_CRT_PARSE_C && POLARSSL_SSL_SERVER_NAME_INDICATION */
|
||||
|
||||
memset( handshake, 0, sizeof( ssl_handshake_params ) );
|
||||
polarssl_zeroize( handshake, sizeof( ssl_handshake_params ) );
|
||||
}
|
||||
|
||||
void ssl_session_free( ssl_session *session )
|
||||
@ -4476,7 +4481,7 @@ void ssl_session_free( ssl_session *session )
|
||||
polarssl_free( session->ticket );
|
||||
#endif
|
||||
|
||||
memset( session, 0, sizeof( ssl_session ) );
|
||||
polarssl_zeroize( session, sizeof( ssl_session ) );
|
||||
}
|
||||
|
||||
/*
|
||||
@ -4488,20 +4493,20 @@ void ssl_free( ssl_context *ssl )
|
||||
|
||||
if( ssl->out_ctr != NULL )
|
||||
{
|
||||
memset( ssl->out_ctr, 0, SSL_BUFFER_LEN );
|
||||
polarssl_zeroize( ssl->out_ctr, SSL_BUFFER_LEN );
|
||||
polarssl_free( ssl->out_ctr );
|
||||
}
|
||||
|
||||
if( ssl->in_ctr != NULL )
|
||||
{
|
||||
memset( ssl->in_ctr, 0, SSL_BUFFER_LEN );
|
||||
polarssl_zeroize( ssl->in_ctr, SSL_BUFFER_LEN );
|
||||
polarssl_free( ssl->in_ctr );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ZLIB_SUPPORT)
|
||||
if( ssl->compress_buf != NULL )
|
||||
{
|
||||
memset( ssl->compress_buf, 0, SSL_BUFFER_LEN );
|
||||
polarssl_zeroize( ssl->compress_buf, SSL_BUFFER_LEN );
|
||||
polarssl_free( ssl->compress_buf );
|
||||
}
|
||||
#endif
|
||||
@ -4541,7 +4546,7 @@ void ssl_free( ssl_context *ssl )
|
||||
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
|
||||
if ( ssl->hostname != NULL )
|
||||
{
|
||||
memset( ssl->hostname, 0, ssl->hostname_len );
|
||||
polarssl_zeroize( ssl->hostname, ssl->hostname_len );
|
||||
polarssl_free( ssl->hostname );
|
||||
ssl->hostname_len = 0;
|
||||
}
|
||||
@ -4550,8 +4555,8 @@ void ssl_free( ssl_context *ssl )
|
||||
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
|
||||
if( ssl->psk != NULL )
|
||||
{
|
||||
memset( ssl->psk, 0, ssl->psk_len );
|
||||
memset( ssl->psk_identity, 0, ssl->psk_identity_len );
|
||||
polarssl_zeroize( ssl->psk, ssl->psk_len );
|
||||
polarssl_zeroize( ssl->psk_identity, ssl->psk_identity_len );
|
||||
polarssl_free( ssl->psk );
|
||||
polarssl_free( ssl->psk_identity );
|
||||
ssl->psk_len = 0;
|
||||
@ -4574,7 +4579,7 @@ void ssl_free( ssl_context *ssl )
|
||||
SSL_DEBUG_MSG( 2, ( "<= free" ) );
|
||||
|
||||
/* Actually clear after last debug message */
|
||||
memset( ssl, 0, sizeof( ssl_context ) );
|
||||
polarssl_zeroize( ssl, sizeof( ssl_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_PK_C)
|
||||
|
@ -68,6 +68,11 @@
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Version ::= INTEGER { v1(0), v2(1) }
|
||||
*/
|
||||
@ -552,7 +557,7 @@ int x509_crl_parse_file( x509_crl *chain, const char *path )
|
||||
|
||||
ret = x509_crl_parse( chain, buf, n );
|
||||
|
||||
memset( buf, 0, n + 1 );
|
||||
polarssl_zeroize( buf, n + 1 );
|
||||
polarssl_free( buf );
|
||||
|
||||
return( ret );
|
||||
@ -725,7 +730,7 @@ void x509_crl_free( x509_crl *crl )
|
||||
{
|
||||
name_prv = name_cur;
|
||||
name_cur = name_cur->next;
|
||||
memset( name_prv, 0, sizeof( x509_name ) );
|
||||
polarssl_zeroize( name_prv, sizeof( x509_name ) );
|
||||
polarssl_free( name_prv );
|
||||
}
|
||||
|
||||
@ -734,13 +739,13 @@ void x509_crl_free( x509_crl *crl )
|
||||
{
|
||||
entry_prv = entry_cur;
|
||||
entry_cur = entry_cur->next;
|
||||
memset( entry_prv, 0, sizeof( x509_crl_entry ) );
|
||||
polarssl_zeroize( entry_prv, sizeof( x509_crl_entry ) );
|
||||
polarssl_free( entry_prv );
|
||||
}
|
||||
|
||||
if( crl_cur->raw.p != NULL )
|
||||
{
|
||||
memset( crl_cur->raw.p, 0, crl_cur->raw.len );
|
||||
polarssl_zeroize( crl_cur->raw.p, crl_cur->raw.len );
|
||||
polarssl_free( crl_cur->raw.p );
|
||||
}
|
||||
|
||||
@ -754,7 +759,7 @@ void x509_crl_free( x509_crl *crl )
|
||||
crl_prv = crl_cur;
|
||||
crl_cur = crl_cur->next;
|
||||
|
||||
memset( crl_prv, 0, sizeof( x509_crl ) );
|
||||
polarssl_zeroize( crl_prv, sizeof( x509_crl ) );
|
||||
if( crl_prv != crl )
|
||||
polarssl_free( crl_prv );
|
||||
}
|
||||
|
@ -80,6 +80,11 @@
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
|
||||
*/
|
||||
@ -946,7 +951,7 @@ int x509_crt_parse_file( x509_crt *chain, const char *path )
|
||||
|
||||
ret = x509_crt_parse( chain, buf, n );
|
||||
|
||||
memset( buf, 0, n + 1 );
|
||||
polarssl_zeroize( buf, n + 1 );
|
||||
polarssl_free( buf );
|
||||
|
||||
return( ret );
|
||||
@ -1930,7 +1935,7 @@ void x509_crt_free( x509_crt *crt )
|
||||
{
|
||||
name_prv = name_cur;
|
||||
name_cur = name_cur->next;
|
||||
memset( name_prv, 0, sizeof( x509_name ) );
|
||||
polarssl_zeroize( name_prv, sizeof( x509_name ) );
|
||||
polarssl_free( name_prv );
|
||||
}
|
||||
|
||||
@ -1939,7 +1944,7 @@ void x509_crt_free( x509_crt *crt )
|
||||
{
|
||||
name_prv = name_cur;
|
||||
name_cur = name_cur->next;
|
||||
memset( name_prv, 0, sizeof( x509_name ) );
|
||||
polarssl_zeroize( name_prv, sizeof( x509_name ) );
|
||||
polarssl_free( name_prv );
|
||||
}
|
||||
|
||||
@ -1948,7 +1953,7 @@ void x509_crt_free( x509_crt *crt )
|
||||
{
|
||||
seq_prv = seq_cur;
|
||||
seq_cur = seq_cur->next;
|
||||
memset( seq_prv, 0, sizeof( x509_sequence ) );
|
||||
polarssl_zeroize( seq_prv, sizeof( x509_sequence ) );
|
||||
polarssl_free( seq_prv );
|
||||
}
|
||||
|
||||
@ -1957,13 +1962,13 @@ void x509_crt_free( x509_crt *crt )
|
||||
{
|
||||
seq_prv = seq_cur;
|
||||
seq_cur = seq_cur->next;
|
||||
memset( seq_prv, 0, sizeof( x509_sequence ) );
|
||||
polarssl_zeroize( seq_prv, sizeof( x509_sequence ) );
|
||||
polarssl_free( seq_prv );
|
||||
}
|
||||
|
||||
if( cert_cur->raw.p != NULL )
|
||||
{
|
||||
memset( cert_cur->raw.p, 0, cert_cur->raw.len );
|
||||
polarssl_zeroize( cert_cur->raw.p, cert_cur->raw.len );
|
||||
polarssl_free( cert_cur->raw.p );
|
||||
}
|
||||
|
||||
@ -1977,7 +1982,7 @@ void x509_crt_free( x509_crt *crt )
|
||||
cert_prv = cert_cur;
|
||||
cert_cur = cert_cur->next;
|
||||
|
||||
memset( cert_prv, 0, sizeof( x509_crt ) );
|
||||
polarssl_zeroize( cert_prv, sizeof( x509_crt ) );
|
||||
if( cert_prv != crt )
|
||||
polarssl_free( cert_prv );
|
||||
}
|
||||
|
@ -62,6 +62,11 @@
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Version ::= INTEGER { v1(0) }
|
||||
*/
|
||||
@ -295,7 +300,7 @@ int x509_csr_parse_file( x509_csr *csr, const char *path )
|
||||
|
||||
ret = x509_csr_parse( csr, buf, n );
|
||||
|
||||
memset( buf, 0, n + 1 );
|
||||
polarssl_zeroize( buf, n + 1 );
|
||||
polarssl_free( buf );
|
||||
|
||||
return( ret );
|
||||
@ -429,17 +434,17 @@ void x509_csr_free( x509_csr *csr )
|
||||
{
|
||||
name_prv = name_cur;
|
||||
name_cur = name_cur->next;
|
||||
memset( name_prv, 0, sizeof( x509_name ) );
|
||||
polarssl_zeroize( name_prv, sizeof( x509_name ) );
|
||||
polarssl_free( name_prv );
|
||||
}
|
||||
|
||||
if( csr->raw.p != NULL )
|
||||
{
|
||||
memset( csr->raw.p, 0, csr->raw.len );
|
||||
polarssl_zeroize( csr->raw.p, csr->raw.len );
|
||||
polarssl_free( csr->raw.p );
|
||||
}
|
||||
|
||||
memset( csr, 0, sizeof( x509_csr ) );
|
||||
polarssl_zeroize( csr, sizeof( x509_csr ) );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_X509_CSR_PARSE_C */
|
||||
|
@ -46,6 +46,11 @@
|
||||
#include "polarssl/pem.h"
|
||||
#endif /* POLARSSL_PEM_WRITE_C */
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
void x509write_crt_init( x509write_cert *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof(x509write_cert) );
|
||||
@ -62,7 +67,7 @@ void x509write_crt_free( x509write_cert *ctx )
|
||||
asn1_free_named_data_list( &ctx->issuer );
|
||||
asn1_free_named_data_list( &ctx->extensions );
|
||||
|
||||
memset( ctx, 0, sizeof(x509write_cert) );
|
||||
polarssl_zeroize( ctx, sizeof(x509write_cert) );
|
||||
}
|
||||
|
||||
void x509write_crt_set_version( x509write_cert *ctx, int version )
|
||||
|
@ -47,6 +47,11 @@
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
void x509write_csr_init( x509write_csr *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof(x509write_csr) );
|
||||
@ -57,7 +62,7 @@ void x509write_csr_free( x509write_csr *ctx )
|
||||
asn1_free_named_data_list( &ctx->subject );
|
||||
asn1_free_named_data_list( &ctx->extensions );
|
||||
|
||||
memset( ctx, 0, sizeof(x509write_csr) );
|
||||
polarssl_zeroize( ctx, sizeof(x509write_csr) );
|
||||
}
|
||||
|
||||
void x509write_csr_set_md_alg( x509write_csr *ctx, md_type_t md_alg )
|
||||
|
@ -261,8 +261,6 @@ void md_hmac_multi( char *text_md_name, int trunc_size, char *hex_key_string,
|
||||
|
||||
hexify( hash_str, output, md_get_size(md_info) );
|
||||
TEST_ASSERT( strncmp( (char *) hash_str, hex_hash_string, trunc_size * 2 ) == 0 );
|
||||
|
||||
TEST_ASSERT ( 0 == md_free_ctx( &ctx ) );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user