diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2017-05-31 08:09:46 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2017-05-31 08:09:46 +0000 |
| commit | 2da473ff11689e73cf400af461cf0566219c06cd (patch) | |
| tree | a87bc1023efa34bdb7b0e98c257c236da55622a2 /usr.bin/ssh/umac.c | |
| parent | 152f1351ac07524726a0b845cfa7597dd4e41490 (diff) | |
clear session keys from memory; ok djm@
Diffstat (limited to 'usr.bin/ssh/umac.c')
| -rw-r--r-- | usr.bin/ssh/umac.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/usr.bin/ssh/umac.c b/usr.bin/ssh/umac.c index 6d07b6365b3..b2fca71436e 100644 --- a/usr.bin/ssh/umac.c +++ b/usr.bin/ssh/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.11 2014/07/22 07:13:42 guenther Exp $ */ +/* $OpenBSD: umac.c,v 1.12 2017/05/31 08:09:45 markus Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -197,6 +197,8 @@ static void kdf(void *buffer_ptr, aes_int_key key, UINT8 ndx, int nbytes) aes_encryption(in_buf, out_buf, key); memcpy(dst_buf,out_buf,nbytes); } + explicit_bzero(in_buf, sizeof(in_buf)); + explicit_bzero(out_buf, sizeof(out_buf)); } /* The final UHASH result is XOR'd with the output of a pseudorandom @@ -221,6 +223,7 @@ static void pdf_init(pdf_ctx *pc, aes_int_key prf_key) /* Initialize pdf and cache */ memset(pc->nonce, 0, sizeof(pc->nonce)); aes_encryption(pc->nonce, pc->cache, pc->prf_key); + explicit_bzero(buf, sizeof(buf)); } static void pdf_gen_xor(pdf_ctx *pc, const UINT8 nonce[8], UINT8 buf[8]) @@ -539,6 +542,7 @@ static void nh_transform(nh_ctx *hc, const UINT8 *buf, UINT32 nbytes) /* ---------------------------------------------------------------------- */ +#if (__LITTLE_ENDIAN__) static void endian_convert(void *buf, UWORD bpw, UINT32 num_bytes) /* We endian convert the keys on little-endian computers to */ /* compensate for the lack of big-endian memory reads during hashing. */ @@ -561,7 +565,6 @@ static void endian_convert(void *buf, UWORD bpw, UINT32 num_bytes) } while (--iters); } } -#if (__LITTLE_ENDIAN__) #define endian_convert_if_le(x,y,z) endian_convert((x),(y),(z)) #else #define endian_convert_if_le(x,y,z) do{}while(0) /* Do nothing */ @@ -985,6 +988,7 @@ static void uhash_init(uhash_ctx_t ahc, aes_int_key prf_key) kdf(ahc->ip_trans, prf_key, 4, STREAMS * sizeof(UINT32)); endian_convert_if_le(ahc->ip_trans, sizeof(UINT32), STREAMS * sizeof(UINT32)); + explicit_bzero(buf, sizeof(buf)); } /* ---------------------------------------------------------------------- */ @@ -1194,6 +1198,7 @@ int umac_delete(struct umac_ctx *ctx) if (ctx) { if (ALLOC_BOUNDARY) ctx = (struct umac_ctx *)ctx->free_ptr; + explicit_bzero(ctx, sizeof(*ctx) + ALLOC_BOUNDARY); free(ctx); } return (1); @@ -1221,6 +1226,7 @@ struct umac_ctx *umac_new(const u_char key[]) aes_key_setup(key, prf_key); pdf_init(&ctx->pdf, prf_key); uhash_init(&ctx->hash, prf_key); + explicit_bzero(prf_key, sizeof(prf_key)); } return (ctx); |