Browse Source

explicit_bzero where useful

OPENBSD_5_5
tedu 11 years ago
parent
commit
a0c81f7a45
2 changed files with 11 additions and 11 deletions
  1. +6
    -6
      src/lib/libutil/bcrypt_pbkdf.c
  2. +5
    -5
      src/lib/libutil/pkcs5_pbkdf2.c

+ 6
- 6
src/lib/libutil/bcrypt_pbkdf.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: bcrypt_pbkdf.c,v 1.5 2013/12/22 03:29:07 tedu Exp $ */
/* $OpenBSD: bcrypt_pbkdf.c,v 1.6 2014/01/31 16:56:32 tedu Exp $ */
/*
* Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
*
@ -87,9 +87,9 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
}
/* zap */
memset(ciphertext, 0, sizeof(ciphertext));
memset(cdata, 0, sizeof(cdata));
memset(&state, 0, sizeof(state));
explicit_bzero(ciphertext, sizeof(ciphertext));
explicit_bzero(cdata, sizeof(cdata));
explicit_bzero(&state, sizeof(state));
}
int
@ -155,8 +155,8 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltl
}
/* zap */
memset(&ctx, 0, sizeof(ctx));
memset(out, 0, sizeof(out));
explicit_bzero(&ctx, sizeof(ctx));
explicit_bzero(out, sizeof(out));
return 0;
}

+ 5
- 5
src/lib/libutil/pkcs5_pbkdf2.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: pkcs5_pbkdf2.c,v 1.5 2014/01/18 07:12:04 jsing Exp $ */
/* $OpenBSD: pkcs5_pbkdf2.c,v 1.6 2014/01/31 16:56:32 tedu Exp $ */
/*-
* Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@ -111,11 +111,11 @@ pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
key += r;
key_len -= r;
};
bzero(asalt, salt_len + 4);
explicit_bzero(asalt, salt_len + 4);
free(asalt);
bzero(d1, sizeof(d1));
bzero(d2, sizeof(d2));
bzero(obuf, sizeof(obuf));
explicit_bzero(d1, sizeof(d1));
explicit_bzero(d2, sizeof(d2));
explicit_bzero(obuf, sizeof(obuf));
return 0;
}

Loading…
Cancel
Save