diff options
author | Richard Levitte <levitte@openssl.org> | 2002-11-28 08:04:36 +0000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2002-11-28 08:04:36 +0000 |
commit | 4579924b7e55fccc7013e6de196f2e2ab175ce39 (patch) | |
tree | fa19611a704cc901d3ba338cefbbb98878de7ee5 /crypto/des | |
parent | 2047bda6fb8bedab1103b7bd5df5ea55eb7ccc9b (diff) |
Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
Diffstat (limited to 'crypto/des')
-rw-r--r-- | crypto/des/des.c | 32 | ||||
-rw-r--r-- | crypto/des/read2pwd.c | 8 | ||||
-rw-r--r-- | crypto/des/read_pwd.c | 2 | ||||
-rw-r--r-- | crypto/des/str2key.c | 4 |
4 files changed, 23 insertions, 23 deletions
diff --git a/crypto/des/des.c b/crypto/des/des.c index d8c846b23d..343135ff9e 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -427,7 +427,7 @@ void doencryption(void) k2[i-8]=k; } DES_set_key_unchecked(&k2,&ks2); - memset(k2,0,sizeof(k2)); + OPENSSL_cleanse(k2,sizeof(k2)); } else if (longk || flag3) { @@ -435,7 +435,7 @@ void doencryption(void) { DES_string_to_2keys(key,&kk,&k2); DES_set_key_unchecked(&k2,&ks2); - memset(k2,0,sizeof(k2)); + OPENSSL_cleanse(k2,sizeof(k2)); } else DES_string_to_key(key,&kk); @@ -457,8 +457,8 @@ void doencryption(void) } DES_set_key_unchecked(&kk,&ks); - memset(key,0,sizeof(key)); - memset(kk,0,sizeof(kk)); + OPENSSL_cleanse(key,sizeof(key)); + OPENSSL_cleanse(kk,sizeof(kk)); /* woops - A bug that does not showup under unix :-( */ memset(iv,0,sizeof(iv)); memset(iv2,0,sizeof(iv2)); @@ -666,18 +666,18 @@ void doencryption(void) if (l) fclose(CKSUM_OUT); } problems: - memset(buf,0,sizeof(buf)); - memset(obuf,0,sizeof(obuf)); - memset(&ks,0,sizeof(ks)); - memset(&ks2,0,sizeof(ks2)); - memset(iv,0,sizeof(iv)); - memset(iv2,0,sizeof(iv2)); - memset(kk,0,sizeof(kk)); - memset(k2,0,sizeof(k2)); - memset(uubuf,0,sizeof(uubuf)); - memset(b,0,sizeof(b)); - memset(bb,0,sizeof(bb)); - memset(cksum,0,sizeof(cksum)); + OPENSSL_cleanse(buf,sizeof(buf)); + OPENSSL_cleanse(obuf,sizeof(obuf)); + OPENSSL_cleanse(&ks,sizeof(ks)); + OPENSSL_cleanse(&ks2,sizeof(ks2)); + OPENSSL_cleanse(iv,sizeof(iv)); + OPENSSL_cleanse(iv2,sizeof(iv2)); + OPENSSL_cleanse(kk,sizeof(kk)); + OPENSSL_cleanse(k2,sizeof(k2)); + OPENSSL_cleanse(uubuf,sizeof(uubuf)); + OPENSSL_cleanse(b,sizeof(b)); + OPENSSL_cleanse(bb,sizeof(bb)); + OPENSSL_cleanse(cksum,sizeof(cksum)); if (Exit) EXIT(Exit); } diff --git a/crypto/des/read2pwd.c b/crypto/des/read2pwd.c index 241adfa342..430da4e994 100644 --- a/crypto/des/read2pwd.c +++ b/crypto/des/read2pwd.c @@ -123,8 +123,8 @@ int DES_read_password(DES_cblock *key, const char *prompt, int verify) if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) DES_string_to_key(buf,key); - memset(buf,0,BUFSIZ); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ok); } @@ -136,7 +136,7 @@ int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt, if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) DES_string_to_2keys(buf,key1,key2); - memset(buf,0,BUFSIZ); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ok); } diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c index c79c9a0e2a..ce5fa00a37 100644 --- a/crypto/des/read_pwd.c +++ b/crypto/des/read_pwd.c @@ -220,7 +220,7 @@ int des_read_pw_string(char *buf, int length, const char *prompt, int ret; ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ret); } diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c index 36c3f81d99..0373db469c 100644 --- a/crypto/des/str2key.c +++ b/crypto/des/str2key.c @@ -94,7 +94,7 @@ void DES_string_to_key(const char *str, DES_cblock *key) DES_set_key_unchecked(key,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); - memset(&ks,0,sizeof(ks)); + OPENSSL_cleanse(&ks,sizeof(ks)); DES_set_odd_parity(key); } @@ -167,7 +167,7 @@ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2) DES_set_key_unchecked(key2,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2); - memset(&ks,0,sizeof(ks)); + OPENSSL_cleanse(&ks,sizeof(ks)); DES_set_odd_parity(key1); DES_set_odd_parity(key2); } |