Reliably zeroize sensitive data in Crypt-and-Hash sample application

The AES sample application programs/aes/crypt_and_hash could miss
zeroizing the stack-based key buffer in case of an error during
operation. This commit fixes this and also clears all command line
arguments (one of which might be the key) before exit.
This commit is contained in:
Hanno Becker 2017-06-27 08:22:17 +01:00 committed by Simon Butcher
parent 246bf6932d
commit e0c35a6997

View File

@ -219,8 +219,6 @@ int main( int argc, char *argv[] )
} }
} }
memset( argv[6], 0, strlen( argv[6] ) );
#if defined(_WIN32_WCE) #if defined(_WIN32_WCE)
filesize = fseek( fin, 0L, SEEK_END ); filesize = fseek( fin, 0L, SEEK_END );
#else #else
@ -298,8 +296,6 @@ int main( int argc, char *argv[] )
} }
memset( key, 0, sizeof( key ) );
if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen,
MBEDTLS_ENCRYPT ) != 0 ) MBEDTLS_ENCRYPT ) != 0 )
{ {
@ -439,8 +435,6 @@ int main( int argc, char *argv[] )
mbedtls_md_finish( &md_ctx, digest ); mbedtls_md_finish( &md_ctx, digest );
} }
memset( key, 0, sizeof( key ) );
if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen, if( mbedtls_cipher_setkey( &cipher_ctx, digest, cipher_info->key_bitlen,
MBEDTLS_DECRYPT ) != 0 ) MBEDTLS_DECRYPT ) != 0 )
{ {
@ -535,7 +529,16 @@ exit:
if( fout ) if( fout )
fclose( fout ); fclose( fout );
/* Zeroize all command line arguments to also cover
the case when the user has missed or reordered some,
in which case the key might not be in argv[6]. */
for( i = 0; i < argc; i++ )
memset( argv[i], 0, strlen( argv[i] ) );
memset( IV, 0, sizeof( IV ) );
memset( key, 0, sizeof( key ) );
memset( buffer, 0, sizeof( buffer ) ); memset( buffer, 0, sizeof( buffer ) );
memset( output, 0, sizeof( output ) );
memset( digest, 0, sizeof( digest ) ); memset( digest, 0, sizeof( digest ) );
mbedtls_cipher_free( &cipher_ctx ); mbedtls_cipher_free( &cipher_ctx );