mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-25 18:12:57 +01:00
lib/libcrypt: use explicit_bzero() to clear sensitive buffers
Prevent a potentially sufficiently smart compiler from optimising away our attempts to clear sensitive buffers. A related change was discussed and rejected in D16059, but I don't believe the reasoning there applies: the code clearly documents its intent that the `memset` calls clear sensitive buffers so they don't hang around. `explicit_bzero` is the appropriate function for this purpose. A potential performance disadvantage seems less important: the functions in crypt are specifically designed to be slow, so a few extra calls to guarantee that sensitive buffers are cleared does not significantly affect runtime. See also: D16059 Reviewed by: delphij, kevans MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D47037
This commit is contained in:
parent
3ab8697d9e
commit
a2c0d2026f
@ -32,6 +32,7 @@
|
||||
#include <md5.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <strings.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "crypt.h"
|
||||
@ -84,7 +85,7 @@ crypt_md5(const char *pw, const char *salt, char *buffer)
|
||||
(u_int)(pl > MD5_SIZE ? MD5_SIZE : pl));
|
||||
|
||||
/* Don't leave anything around in vm they could use. */
|
||||
memset(final, 0, sizeof(final));
|
||||
explicit_bzero(final, sizeof(final));
|
||||
|
||||
/* Then something really weird... */
|
||||
for (i = strlen(pw); i; i >>= 1)
|
||||
@ -140,7 +141,7 @@ crypt_md5(const char *pw, const char *salt, char *buffer)
|
||||
*buffer = '\0';
|
||||
|
||||
/* Don't leave anything around in vm they could use. */
|
||||
memset(final, 0, sizeof(final));
|
||||
explicit_bzero(final, sizeof(final));
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
@ -41,6 +41,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <strings.h>
|
||||
|
||||
#include "crypt.h"
|
||||
|
||||
@ -234,9 +235,9 @@ crypt_sha256(const char *key, const char *salt, char *buffer)
|
||||
* the SHA256 implementation as well. */
|
||||
SHA256_Init(&ctx);
|
||||
SHA256_Final(alt_result, &ctx);
|
||||
memset(temp_result, '\0', sizeof(temp_result));
|
||||
memset(p_bytes, '\0', key_len);
|
||||
memset(s_bytes, '\0', salt_len);
|
||||
explicit_bzero(temp_result, sizeof(temp_result));
|
||||
explicit_bzero(p_bytes, key_len);
|
||||
explicit_bzero(s_bytes, salt_len);
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
@ -41,6 +41,7 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <strings.h>
|
||||
|
||||
#include "crypt.h"
|
||||
|
||||
@ -246,9 +247,9 @@ crypt_sha512(const char *key, const char *salt, char *buffer)
|
||||
* the SHA512 implementation as well. */
|
||||
SHA512_Init(&ctx);
|
||||
SHA512_Final(alt_result, &ctx);
|
||||
memset(temp_result, '\0', sizeof(temp_result));
|
||||
memset(p_bytes, '\0', key_len);
|
||||
memset(s_bytes, '\0', salt_len);
|
||||
explicit_bzero(temp_result, sizeof(temp_result));
|
||||
explicit_bzero(p_bytes, key_len);
|
||||
explicit_bzero(s_bytes, salt_len);
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user