aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2018-02-12 14:35:55 +0100
committerAndreas Schneider <asn@cryptomilk.org>2018-02-12 14:41:27 +0100
commitebcff9fd630f8bd26b0cda23e39c63805f2b781b (patch)
tree117d6f7a61ebf2dbef4df9e3f09f487077afb79c /src
parent25ff1214a40531cea33a91eed6225d4f4bf51cbc (diff)
downloadlibssh-ebcff9fd630f8bd26b0cda23e39c63805f2b781b.tar.gz
libssh-ebcff9fd630f8bd26b0cda23e39c63805f2b781b.tar.xz
libssh-ebcff9fd630f8bd26b0cda23e39c63805f2b781b.zip
src: Use explicit_bzero() if available on the platform
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r--src/auth.c11
-rw-r--r--src/buffer.c10
-rw-r--r--src/external/bcrypt_pbkdf.c6
-rw-r--r--src/libcrypto.c4
-rw-r--r--src/messages.c6
-rw-r--r--src/packet_crypt.c4
-rw-r--r--src/pki.c2
-rw-r--r--src/pki_container_openssh.c8
-rw-r--r--src/pki_crypto.c2
-rw-r--r--src/pki_ed25519.c4
-rw-r--r--src/pki_mbedcrypto.c2
-rw-r--r--src/session.c2
-rw-r--r--src/string.c2
-rw-r--r--src/wrapper.c2
14 files changed, 34 insertions, 31 deletions
diff --git a/src/auth.c b/src/auth.c
index abfb5948..6462086f 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -1249,7 +1249,7 @@ void ssh_kbdint_free(ssh_kbdint kbd) {
n = kbd->nprompts;
if (kbd->prompts) {
for (i = 0; i < n; i++) {
- BURN_STRING(kbd->prompts[i]);
+ explicit_bzero(kbd->prompts[i], strlen(kbd->prompts[i]));
SAFE_FREE(kbd->prompts[i]);
}
SAFE_FREE(kbd->prompts);
@@ -1258,7 +1258,7 @@ void ssh_kbdint_free(ssh_kbdint kbd) {
n = kbd->nanswers;
if (kbd->answers) {
for (i = 0; i < n; i++) {
- BURN_STRING(kbd->answers[i]);
+ explicit_bzero(kbd->answers[i], strlen(kbd->answers[i]));
SAFE_FREE(kbd->answers[i]);
}
SAFE_FREE(kbd->answers);
@@ -1281,7 +1281,7 @@ void ssh_kbdint_clean(ssh_kbdint kbd) {
n = kbd->nprompts;
if (kbd->prompts) {
for (i = 0; i < n; i++) {
- BURN_STRING(kbd->prompts[i]);
+ explicit_bzero(kbd->prompts[i], strlen(kbd->prompts[i]));
SAFE_FREE(kbd->prompts[i]);
}
SAFE_FREE(kbd->prompts);
@@ -1291,7 +1291,7 @@ void ssh_kbdint_clean(ssh_kbdint kbd) {
if (kbd->answers) {
for (i = 0; i < n; i++) {
- BURN_STRING(kbd->answers[i]);
+ explicit_bzero(kbd->answers[i], strlen(kbd->answers[i]));
SAFE_FREE(kbd->answers[i]);
}
SAFE_FREE(kbd->answers);
@@ -1759,7 +1759,8 @@ int ssh_userauth_kbdint_setanswer(ssh_session session, unsigned int i,
}
if (session->kbdint->answers[i]) {
- BURN_STRING(session->kbdint->answers[i]);
+ explicit_bzero(session->kbdint->answers[i],
+ strlen(session->kbdint->answers[i]));
SAFE_FREE(session->kbdint->answers[i]);
}
diff --git a/src/buffer.c b/src/buffer.c
index 96250e90..28a345c6 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -107,10 +107,10 @@ void ssh_buffer_free(struct ssh_buffer_struct *buffer) {
if (buffer->data) {
/* burn the data */
- BURN_BUFFER(buffer->data, buffer->allocated);
+ explicit_bzero(buffer->data, buffer->allocated);
SAFE_FREE(buffer->data);
}
- BURN_BUFFER(buffer, sizeof(struct ssh_buffer_struct));
+ explicit_bzero(buffer, sizeof(struct ssh_buffer_struct));
SAFE_FREE(buffer);
}
@@ -146,7 +146,7 @@ static int realloc_buffer(struct ssh_buffer_struct *buffer, size_t needed) {
return -1;
}
memcpy(new, buffer->data,buffer->used);
- BURN_BUFFER(buffer->data, buffer->used);
+ explicit_bzero(buffer->data, buffer->used);
SAFE_FREE(buffer->data);
} else {
new = realloc(buffer->data, needed);
@@ -177,7 +177,7 @@ static void buffer_shift(ssh_buffer buffer){
if (buffer->secure){
void *ptr = buffer->data + buffer->used;
- BURN_BUFFER(ptr, burn_pos);
+ explicit_bzero(ptr, burn_pos);
}
buffer_verify(buffer);
@@ -193,7 +193,7 @@ static void buffer_shift(ssh_buffer buffer){
int ssh_buffer_reinit(struct ssh_buffer_struct *buffer)
{
buffer_verify(buffer);
- BURN_BUFFER(buffer->data, buffer->used);
+ explicit_bzero(buffer->data, buffer->used);
buffer->used = 0;
buffer->pos = 0;
if(buffer->allocated > 127) {
diff --git a/src/external/bcrypt_pbkdf.c b/src/external/bcrypt_pbkdf.c
index fdf84d0f..6fb35ff7 100644
--- a/src/external/bcrypt_pbkdf.c
+++ b/src/external/bcrypt_pbkdf.c
@@ -98,8 +98,8 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out)
}
/* zap */
- BURN_BUFFER(ciphertext, sizeof(ciphertext));
- BURN_BUFFER(cdata, sizeof(cdata));
+ explicit_bzero(ciphertext, sizeof(ciphertext));
+ explicit_bzero(cdata, sizeof(cdata));
ZERO_STRUCT(state);
}
@@ -175,7 +175,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltl
}
/* zap */
- BURN_BUFFER(out, sizeof(out));
+ explicit_bzero(out, sizeof(out));
free(countsalt);
return 0;
diff --git a/src/libcrypto.c b/src/libcrypto.c
index 59c99568..66453666 100644
--- a/src/libcrypto.c
+++ b/src/libcrypto.c
@@ -606,7 +606,7 @@ static void aes_ctr_encrypt(struct ssh_cipher_struct *cipher, void *in, void *ou
}
static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){
- BURN_BUFFER(cipher->aes_key, sizeof(*cipher->aes_key));
+ explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key));
SAFE_FREE(cipher->aes_key);
}
@@ -695,7 +695,7 @@ static void des1_1_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out
}
static void des_cleanup(struct ssh_cipher_struct *cipher){
- BURN_BUFFER(cipher->des3_key, sizeof(*cipher->des3_key));
+ explicit_bzero(cipher->des3_key, sizeof(*cipher->des3_key));
SAFE_FREE(cipher->des3_key);
}
diff --git a/src/messages.c b/src/messages.c
index 763a2732..af885314 100644
--- a/src/messages.c
+++ b/src/messages.c
@@ -554,7 +554,8 @@ void ssh_message_free(ssh_message msg){
case SSH_REQUEST_AUTH:
SAFE_FREE(msg->auth_request.username);
if (msg->auth_request.password) {
- BURN_STRING(msg->auth_request.password);
+ explicit_bzero(msg->auth_request.password,
+ strlen(msg->auth_request.password));
SAFE_FREE(msg->auth_request.password);
}
ssh_key_free(msg->auth_request.pubkey);
@@ -973,7 +974,8 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){
uint32_t n;
for (n = 0; n < session->kbdint->nanswers; n++) {
- BURN_STRING(session->kbdint->answers[n]);
+ explicit_bzero(session->kbdint->answers[n],
+ strlen(session->kbdint->answers[n]));
SAFE_FREE(session->kbdint->answers[n]);
}
SAFE_FREE(session->kbdint->answers);
diff --git a/src/packet_crypt.c b/src/packet_crypt.c
index 94fd10e4..7a30e661 100644
--- a/src/packet_crypt.c
+++ b/src/packet_crypt.c
@@ -75,7 +75,7 @@ int ssh_packet_decrypt(ssh_session session, void *data,uint32_t len) {
crypto->decrypt(crypto,data,out,len);
memcpy(data,out,len);
- BURN_BUFFER(out, len);
+ explicit_bzero(out, len);
SAFE_FREE(out);
return 0;
}
@@ -127,7 +127,7 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len)
crypto->encrypt(crypto, data, out, len);
memcpy(data, out, len);
- BURN_BUFFER(out, len);
+ explicit_bzero(out, len);
SAFE_FREE(out);
if (session->version == 2) {
diff --git a/src/pki.c b/src/pki.c
index 763b4070..d2e6f61c 100644
--- a/src/pki.c
+++ b/src/pki.c
@@ -150,7 +150,7 @@ void ssh_key_clean (ssh_key key){
}
#endif
if (key->ed25519_privkey != NULL){
- BURN_BUFFER(key->ed25519_privkey, sizeof(ed25519_privkey));
+ explicit_bzero(key->ed25519_privkey, sizeof(ed25519_privkey));
SAFE_FREE(key->ed25519_privkey);
}
SAFE_FREE(key->ed25519_pubkey);
diff --git a/src/pki_container_openssh.c b/src/pki_container_openssh.c
index 551a7f03..47447421 100644
--- a/src/pki_container_openssh.c
+++ b/src/pki_container_openssh.c
@@ -256,7 +256,7 @@ static int pki_private_key_decrypt(ssh_string blob,
if (rc < 0){
return SSH_ERROR;
}
- BURN_BUFFER(passphrase_buffer, sizeof(passphrase_buffer));
+ explicit_bzero(passphrase_buffer, sizeof(passphrase_buffer));
cipher.set_decrypt_key(&cipher,
key_material,
@@ -547,7 +547,7 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer,
ssh_buffer_get(privkey_buffer),
ssh_buffer_get_len(privkey_buffer));
ssh_cipher_clear(&cipher);
- BURN_BUFFER(passphrase_buffer, sizeof(passphrase_buffer));
+ explicit_bzero(passphrase_buffer, sizeof(passphrase_buffer));
return SSH_OK;
}
@@ -691,7 +691,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
"\n",
OPENSSH_HEADER_END,
"\n");
- BURN_BUFFER(b64, strlen((char *)b64));
+ explicit_bzero(b64, strlen((char *)b64));
SAFE_FREE(b64);
if (rc != SSH_OK){
@@ -713,7 +713,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
error:
if (privkey_buffer != NULL) {
void *bufptr = ssh_buffer_get(privkey_buffer);
- BURN_BUFFER(bufptr, ssh_buffer_get_len(privkey_buffer));
+ explicit_bzero(bufptr, ssh_buffer_get_len(privkey_buffer));
ssh_buffer_free(privkey_buffer);
}
SAFE_FREE(pubkey_s);
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index a2c89325..91e534e1 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -1434,7 +1434,7 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey,
blob_orig = (char *) ssh_string_data(sig_blob);
/* front-pad the buffer with zeroes */
- BURN_BUFFER(blob_padded_data, pad_len);
+ explicit_bzero(blob_padded_data, pad_len);
/* fill the rest with the actual signature blob */
memcpy(blob_padded_data + pad_len, blob_orig, len);
diff --git a/src/pki_ed25519.c b/src/pki_ed25519.c
index 8ff398cb..c33cacb6 100644
--- a/src/pki_ed25519.c
+++ b/src/pki_ed25519.c
@@ -132,8 +132,8 @@ int pki_ed25519_verify(const ssh_key pubkey,
hlen + ED25519_SIG_LEN,
*pubkey->ed25519_pubkey);
- BURN_BUFFER(buffer, hlen + ED25519_SIG_LEN);
- BURN_BUFFER(buffer2, hlen);
+ explicit_bzero(buffer, hlen + ED25519_SIG_LEN);
+ explicit_bzero(buffer2, hlen);
SAFE_FREE(buffer);
SAFE_FREE(buffer2);
if (rc == 0) {
diff --git a/src/pki_mbedcrypto.c b/src/pki_mbedcrypto.c
index c3508540..5b412cc4 100644
--- a/src/pki_mbedcrypto.c
+++ b/src/pki_mbedcrypto.c
@@ -832,7 +832,7 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey, const
blob_padded_data = (char *) ssh_string_data(sig_blob_padded);
blob_orig = (char *) ssh_string_data(sig_blob);
- BURN_BUFFER(blob_padded_data, pad_len);
+ explicit_bzero(blob_padded_data, pad_len);
memcpy(blob_padded_data + pad_len, blob_orig, len);
sig->rsa_sig = sig_blob_padded;
diff --git a/src/session.c b/src/session.c
index b372dad6..1c03b62b 100644
--- a/src/session.c
+++ b/src/session.c
@@ -307,7 +307,7 @@ void ssh_free(ssh_session session) {
}
/* burn connection, it could contain sensitive data */
- BURN_BUFFER(session, sizeof(struct ssh_session_struct));
+ explicit_bzero(session, sizeof(struct ssh_session_struct));
SAFE_FREE(session);
}
diff --git a/src/string.c b/src/string.c
index 67bce7dc..a6151aee 100644
--- a/src/string.c
+++ b/src/string.c
@@ -246,7 +246,7 @@ void ssh_string_burn(struct ssh_string_struct *s) {
return;
}
- BURN_BUFFER(s->data, ssh_string_len(s));
+ explicit_bzero(s->data, ssh_string_len(s));
}
/**
diff --git a/src/wrapper.c b/src/wrapper.c
index 8ee04b49..7ecb3101 100644
--- a/src/wrapper.c
+++ b/src/wrapper.c
@@ -214,7 +214,7 @@ void crypto_free(struct ssh_crypto_struct *crypto){
SAFE_FREE(crypto->kex_methods[i]);
}
- BURN_BUFFER(crypto, sizeof(struct ssh_crypto_struct));
+ explicit_bzero(crypto, sizeof(struct ssh_crypto_struct));
SAFE_FREE(crypto);
}