forked from enlightenment/efl
* eet: Zero cipher material as soon as possible. Prevent information
leak of temporary data in memory, so improve security. SVN revision: 45630
This commit is contained in:
parent
36270ab981
commit
3cf2432589
|
@ -321,3 +321,7 @@
|
|||
2010-01-22 Cedric BAIL
|
||||
|
||||
* Add VAR_ARRAY tests.
|
||||
|
||||
2010-01-27 Cedric BAIL
|
||||
|
||||
* Improve security by zeroying cipher material as soon as possible.
|
||||
|
|
|
@ -769,11 +769,19 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
|
|||
memcpy(iv, key_material, MAX_IV_LEN);
|
||||
memcpy(ik, key_material + MAX_IV_LEN, MAX_KEY_LEN);
|
||||
|
||||
memset(key_material, 0, sizeof (key_material));
|
||||
|
||||
crypted_length = ((((size + sizeof (unsigned int)) >> 5) + 1) << 5);
|
||||
ret = malloc(crypted_length + sizeof(unsigned int));
|
||||
if (!ret) return EET_ERROR_OUT_OF_MEMORY;
|
||||
if (!ret) {
|
||||
memset(iv, 0, sizeof (iv));
|
||||
memset(ik, 0, sizeof (ik));
|
||||
memset(&salt, 0, sizeof (salt));
|
||||
return EET_ERROR_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
*ret = salt;
|
||||
memset(&salt, 0, sizeof (salt));
|
||||
tmp = htonl(size);
|
||||
|
||||
#ifdef HAVE_GNUTLS
|
||||
|
@ -790,6 +798,9 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
|
|||
err = gcry_cipher_setkey(cipher, ik, MAX_KEY_LEN);
|
||||
if (err) goto on_error;
|
||||
|
||||
memset(iv, 0, sizeof (iv));
|
||||
memset(ik, 0, sizeof (ik));
|
||||
|
||||
/* Gcrypt encrypt */
|
||||
err = gcry_cipher_encrypt(cipher, (unsigned char *)(ret + 1), crypted_length, NULL, 0);
|
||||
if (err) goto on_error;
|
||||
|
@ -808,6 +819,9 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
|
|||
if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv)) goto on_error;
|
||||
opened = 1;
|
||||
|
||||
memset(iv, 0, sizeof (iv));
|
||||
memset(ik, 0, sizeof (ik));
|
||||
|
||||
/* Openssl encrypt */
|
||||
if (!EVP_EncryptUpdate(&ctx, (unsigned char*)(ret + 1), &tmp_len, (unsigned char*) buffer, size + sizeof (unsigned int)))
|
||||
goto on_error;
|
||||
|
@ -826,6 +840,9 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
|
|||
return EET_ERROR_NONE;
|
||||
|
||||
on_error:
|
||||
memset(iv, 0, sizeof (iv));
|
||||
memset(ik, 0, sizeof (ik));
|
||||
|
||||
# ifdef HAVE_GNUTLS
|
||||
/* Gcrypt error */
|
||||
if (opened) gcry_cipher_close(cipher);
|
||||
|
@ -872,9 +889,13 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
|
|||
|
||||
/* Generate the iv and the key with the salt */
|
||||
eet_pbkdf2_sha1(key, length, (unsigned char *)&salt, sizeof(unsigned int), 2048, key_material, MAX_KEY_LEN + MAX_IV_LEN);
|
||||
|
||||
memcpy(iv, key_material, MAX_IV_LEN);
|
||||
memcpy(ik, key_material + MAX_IV_LEN, MAX_KEY_LEN);
|
||||
|
||||
memset(key_material, 0, sizeof (key_material));
|
||||
memset(&salt, 0, sizeof (salt));
|
||||
|
||||
/* Align to AES block size if size is not align */
|
||||
tmp_len = size - sizeof (unsigned int);
|
||||
if ((tmp_len & 0x1F) != 0) goto on_error;
|
||||
|
@ -894,6 +915,9 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
|
|||
err = gcry_cipher_setkey(cipher, ik, MAX_KEY_LEN);
|
||||
if (err) goto on_error;
|
||||
|
||||
memset(iv, 0, sizeof (iv));
|
||||
memset(ik, 0, sizeof (ik));
|
||||
|
||||
/* Gcrypt decrypt */
|
||||
err = gcry_cipher_decrypt(cipher, ret, tmp_len, ((unsigned int *)data) + 1, tmp_len);
|
||||
if (err) goto on_error;
|
||||
|
@ -912,6 +936,9 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
|
|||
if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv))
|
||||
goto on_error;
|
||||
|
||||
memset(iv, 0, sizeof (iv));
|
||||
memset(ik, 0, sizeof (ik));
|
||||
|
||||
/* Openssl decrypt */
|
||||
if (!EVP_DecryptUpdate(&ctx, (unsigned char *) ret, &tmp,
|
||||
(unsigned char *) (over + 1), tmp_len))
|
||||
|
@ -940,6 +967,9 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
|
|||
return EET_ERROR_NONE;
|
||||
|
||||
on_error:
|
||||
memset(iv, 0, sizeof (iv));
|
||||
memset(ik, 0, sizeof (ik));
|
||||
|
||||
# ifdef HAVE_GNUTLS
|
||||
# else
|
||||
if (opened) EVP_CIPHER_CTX_cleanup(&ctx);
|
||||
|
|
Loading…
Reference in New Issue