diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/auth.c | 11 | ||||
-rw-r--r-- | src/buffer.c | 10 | ||||
-rw-r--r-- | src/external/bcrypt_pbkdf.c | 6 | ||||
-rw-r--r-- | src/libcrypto.c | 4 | ||||
-rw-r--r-- | src/messages.c | 6 | ||||
-rw-r--r-- | src/packet_crypt.c | 4 | ||||
-rw-r--r-- | src/pki.c | 2 | ||||
-rw-r--r-- | src/pki_container_openssh.c | 8 | ||||
-rw-r--r-- | src/pki_crypto.c | 2 | ||||
-rw-r--r-- | src/pki_ed25519.c | 4 | ||||
-rw-r--r-- | src/pki_mbedcrypto.c | 2 | ||||
-rw-r--r-- | src/session.c | 2 | ||||
-rw-r--r-- | src/string.c | 2 | ||||
-rw-r--r-- | src/wrapper.c | 2 |
14 files changed, 34 insertions, 31 deletions
@@ -1249,7 +1249,7 @@ void ssh_kbdint_free(ssh_kbdint kbd) { n = kbd->nprompts; if (kbd->prompts) { for (i = 0; i < n; i++) { - BURN_STRING(kbd->prompts[i]); + explicit_bzero(kbd->prompts[i], strlen(kbd->prompts[i])); SAFE_FREE(kbd->prompts[i]); } SAFE_FREE(kbd->prompts); @@ -1258,7 +1258,7 @@ void ssh_kbdint_free(ssh_kbdint kbd) { n = kbd->nanswers; if (kbd->answers) { for (i = 0; i < n; i++) { - BURN_STRING(kbd->answers[i]); + explicit_bzero(kbd->answers[i], strlen(kbd->answers[i])); SAFE_FREE(kbd->answers[i]); } SAFE_FREE(kbd->answers); @@ -1281,7 +1281,7 @@ void ssh_kbdint_clean(ssh_kbdint kbd) { n = kbd->nprompts; if (kbd->prompts) { for (i = 0; i < n; i++) { - BURN_STRING(kbd->prompts[i]); + explicit_bzero(kbd->prompts[i], strlen(kbd->prompts[i])); SAFE_FREE(kbd->prompts[i]); } SAFE_FREE(kbd->prompts); @@ -1291,7 +1291,7 @@ void ssh_kbdint_clean(ssh_kbdint kbd) { if (kbd->answers) { for (i = 0; i < n; i++) { - BURN_STRING(kbd->answers[i]); + explicit_bzero(kbd->answers[i], strlen(kbd->answers[i])); SAFE_FREE(kbd->answers[i]); } SAFE_FREE(kbd->answers); @@ -1759,7 +1759,8 @@ int ssh_userauth_kbdint_setanswer(ssh_session session, unsigned int i, } if (session->kbdint->answers[i]) { - BURN_STRING(session->kbdint->answers[i]); + explicit_bzero(session->kbdint->answers[i], + strlen(session->kbdint->answers[i])); SAFE_FREE(session->kbdint->answers[i]); } diff --git a/src/buffer.c b/src/buffer.c index 96250e90..28a345c6 100644 --- a/src/buffer.c +++ b/src/buffer.c @@ -107,10 +107,10 @@ void ssh_buffer_free(struct ssh_buffer_struct *buffer) { if (buffer->data) { /* burn the data */ - BURN_BUFFER(buffer->data, buffer->allocated); + explicit_bzero(buffer->data, buffer->allocated); SAFE_FREE(buffer->data); } - BURN_BUFFER(buffer, sizeof(struct ssh_buffer_struct)); + explicit_bzero(buffer, sizeof(struct ssh_buffer_struct)); SAFE_FREE(buffer); } @@ -146,7 +146,7 @@ static int realloc_buffer(struct ssh_buffer_struct *buffer, size_t needed) { return -1; } memcpy(new, buffer->data,buffer->used); - BURN_BUFFER(buffer->data, buffer->used); + explicit_bzero(buffer->data, buffer->used); SAFE_FREE(buffer->data); } else { new = realloc(buffer->data, needed); @@ -177,7 +177,7 @@ static void buffer_shift(ssh_buffer buffer){ if (buffer->secure){ void *ptr = buffer->data + buffer->used; - BURN_BUFFER(ptr, burn_pos); + explicit_bzero(ptr, burn_pos); } buffer_verify(buffer); @@ -193,7 +193,7 @@ static void buffer_shift(ssh_buffer buffer){ int ssh_buffer_reinit(struct ssh_buffer_struct *buffer) { buffer_verify(buffer); - BURN_BUFFER(buffer->data, buffer->used); + explicit_bzero(buffer->data, buffer->used); buffer->used = 0; buffer->pos = 0; if(buffer->allocated > 127) { diff --git a/src/external/bcrypt_pbkdf.c b/src/external/bcrypt_pbkdf.c index fdf84d0f..6fb35ff7 100644 --- a/src/external/bcrypt_pbkdf.c +++ b/src/external/bcrypt_pbkdf.c @@ -98,8 +98,8 @@ bcrypt_hash(uint8_t *sha2pass, uint8_t *sha2salt, uint8_t *out) } /* zap */ - BURN_BUFFER(ciphertext, sizeof(ciphertext)); - BURN_BUFFER(cdata, sizeof(cdata)); + explicit_bzero(ciphertext, sizeof(ciphertext)); + explicit_bzero(cdata, sizeof(cdata)); ZERO_STRUCT(state); } @@ -175,7 +175,7 @@ bcrypt_pbkdf(const char *pass, size_t passlen, const uint8_t *salt, size_t saltl } /* zap */ - BURN_BUFFER(out, sizeof(out)); + explicit_bzero(out, sizeof(out)); free(countsalt); return 0; diff --git a/src/libcrypto.c b/src/libcrypto.c index 59c99568..66453666 100644 --- a/src/libcrypto.c +++ b/src/libcrypto.c @@ -606,7 +606,7 @@ static void aes_ctr_encrypt(struct ssh_cipher_struct *cipher, void *in, void *ou } static void aes_ctr_cleanup(struct ssh_cipher_struct *cipher){ - BURN_BUFFER(cipher->aes_key, sizeof(*cipher->aes_key)); + explicit_bzero(cipher->aes_key, sizeof(*cipher->aes_key)); SAFE_FREE(cipher->aes_key); } @@ -695,7 +695,7 @@ static void des1_1_decrypt(struct ssh_cipher_struct *cipher, void *in, void *out } static void des_cleanup(struct ssh_cipher_struct *cipher){ - BURN_BUFFER(cipher->des3_key, sizeof(*cipher->des3_key)); + explicit_bzero(cipher->des3_key, sizeof(*cipher->des3_key)); SAFE_FREE(cipher->des3_key); } diff --git a/src/messages.c b/src/messages.c index 763a2732..af885314 100644 --- a/src/messages.c +++ b/src/messages.c @@ -554,7 +554,8 @@ void ssh_message_free(ssh_message msg){ case SSH_REQUEST_AUTH: SAFE_FREE(msg->auth_request.username); if (msg->auth_request.password) { - BURN_STRING(msg->auth_request.password); + explicit_bzero(msg->auth_request.password, + strlen(msg->auth_request.password)); SAFE_FREE(msg->auth_request.password); } ssh_key_free(msg->auth_request.pubkey); @@ -973,7 +974,8 @@ SSH_PACKET_CALLBACK(ssh_packet_userauth_info_response){ uint32_t n; for (n = 0; n < session->kbdint->nanswers; n++) { - BURN_STRING(session->kbdint->answers[n]); + explicit_bzero(session->kbdint->answers[n], + strlen(session->kbdint->answers[n])); SAFE_FREE(session->kbdint->answers[n]); } SAFE_FREE(session->kbdint->answers); diff --git a/src/packet_crypt.c b/src/packet_crypt.c index 94fd10e4..7a30e661 100644 --- a/src/packet_crypt.c +++ b/src/packet_crypt.c @@ -75,7 +75,7 @@ int ssh_packet_decrypt(ssh_session session, void *data,uint32_t len) { crypto->decrypt(crypto,data,out,len); memcpy(data,out,len); - BURN_BUFFER(out, len); + explicit_bzero(out, len); SAFE_FREE(out); return 0; } @@ -127,7 +127,7 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) crypto->encrypt(crypto, data, out, len); memcpy(data, out, len); - BURN_BUFFER(out, len); + explicit_bzero(out, len); SAFE_FREE(out); if (session->version == 2) { @@ -150,7 +150,7 @@ void ssh_key_clean (ssh_key key){ } #endif if (key->ed25519_privkey != NULL){ - BURN_BUFFER(key->ed25519_privkey, sizeof(ed25519_privkey)); + explicit_bzero(key->ed25519_privkey, sizeof(ed25519_privkey)); SAFE_FREE(key->ed25519_privkey); } SAFE_FREE(key->ed25519_pubkey); diff --git a/src/pki_container_openssh.c b/src/pki_container_openssh.c index 551a7f03..47447421 100644 --- a/src/pki_container_openssh.c +++ b/src/pki_container_openssh.c @@ -256,7 +256,7 @@ static int pki_private_key_decrypt(ssh_string blob, if (rc < 0){ return SSH_ERROR; } - BURN_BUFFER(passphrase_buffer, sizeof(passphrase_buffer)); + explicit_bzero(passphrase_buffer, sizeof(passphrase_buffer)); cipher.set_decrypt_key(&cipher, key_material, @@ -547,7 +547,7 @@ static int pki_private_key_encrypt(ssh_buffer privkey_buffer, ssh_buffer_get(privkey_buffer), ssh_buffer_get_len(privkey_buffer)); ssh_cipher_clear(&cipher); - BURN_BUFFER(passphrase_buffer, sizeof(passphrase_buffer)); + explicit_bzero(passphrase_buffer, sizeof(passphrase_buffer)); return SSH_OK; } @@ -691,7 +691,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, "\n", OPENSSH_HEADER_END, "\n"); - BURN_BUFFER(b64, strlen((char *)b64)); + explicit_bzero(b64, strlen((char *)b64)); SAFE_FREE(b64); if (rc != SSH_OK){ @@ -713,7 +713,7 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey, error: if (privkey_buffer != NULL) { void *bufptr = ssh_buffer_get(privkey_buffer); - BURN_BUFFER(bufptr, ssh_buffer_get_len(privkey_buffer)); + explicit_bzero(bufptr, ssh_buffer_get_len(privkey_buffer)); ssh_buffer_free(privkey_buffer); } SAFE_FREE(pubkey_s); diff --git a/src/pki_crypto.c b/src/pki_crypto.c index a2c89325..91e534e1 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -1434,7 +1434,7 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey, blob_orig = (char *) ssh_string_data(sig_blob); /* front-pad the buffer with zeroes */ - BURN_BUFFER(blob_padded_data, pad_len); + explicit_bzero(blob_padded_data, pad_len); /* fill the rest with the actual signature blob */ memcpy(blob_padded_data + pad_len, blob_orig, len); diff --git a/src/pki_ed25519.c b/src/pki_ed25519.c index 8ff398cb..c33cacb6 100644 --- a/src/pki_ed25519.c +++ b/src/pki_ed25519.c @@ -132,8 +132,8 @@ int pki_ed25519_verify(const ssh_key pubkey, hlen + ED25519_SIG_LEN, *pubkey->ed25519_pubkey); - BURN_BUFFER(buffer, hlen + ED25519_SIG_LEN); - BURN_BUFFER(buffer2, hlen); + explicit_bzero(buffer, hlen + ED25519_SIG_LEN); + explicit_bzero(buffer2, hlen); SAFE_FREE(buffer); SAFE_FREE(buffer2); if (rc == 0) { diff --git a/src/pki_mbedcrypto.c b/src/pki_mbedcrypto.c index c3508540..5b412cc4 100644 --- a/src/pki_mbedcrypto.c +++ b/src/pki_mbedcrypto.c @@ -832,7 +832,7 @@ static ssh_signature pki_signature_from_rsa_blob(const ssh_key pubkey, const blob_padded_data = (char *) ssh_string_data(sig_blob_padded); blob_orig = (char *) ssh_string_data(sig_blob); - BURN_BUFFER(blob_padded_data, pad_len); + explicit_bzero(blob_padded_data, pad_len); memcpy(blob_padded_data + pad_len, blob_orig, len); sig->rsa_sig = sig_blob_padded; diff --git a/src/session.c b/src/session.c index b372dad6..1c03b62b 100644 --- a/src/session.c +++ b/src/session.c @@ -307,7 +307,7 @@ void ssh_free(ssh_session session) { } /* burn connection, it could contain sensitive data */ - BURN_BUFFER(session, sizeof(struct ssh_session_struct)); + explicit_bzero(session, sizeof(struct ssh_session_struct)); SAFE_FREE(session); } diff --git a/src/string.c b/src/string.c index 67bce7dc..a6151aee 100644 --- a/src/string.c +++ b/src/string.c @@ -246,7 +246,7 @@ void ssh_string_burn(struct ssh_string_struct *s) { return; } - BURN_BUFFER(s->data, ssh_string_len(s)); + explicit_bzero(s->data, ssh_string_len(s)); } /** diff --git a/src/wrapper.c b/src/wrapper.c index 8ee04b49..7ecb3101 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -214,7 +214,7 @@ void crypto_free(struct ssh_crypto_struct *crypto){ SAFE_FREE(crypto->kex_methods[i]); } - BURN_BUFFER(crypto, sizeof(struct ssh_crypto_struct)); + explicit_bzero(crypto, sizeof(struct ssh_crypto_struct)); SAFE_FREE(crypto); } |