diff options
author | Matt Caswell <matt@openssl.org> | 2016-06-24 23:37:27 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-06-30 15:51:57 +0100 |
commit | 3ce2fdabe6e33952bf3011acf5b68107e6352603 (patch) | |
tree | 1db552127f77d0e0615ea2e3019183fd64b9e8dd /crypto/include | |
parent | 6f4ae777f5100715a96b45355a1195c2efa96b4e (diff) |
Convert memset calls to OPENSSL_cleanse
Ensure things really do get cleared when we intend them to.
Addresses an OCAP Audit issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'crypto/include')
-rw-r--r-- | crypto/include/internal/md32_common.h | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/crypto/include/internal/md32_common.h b/crypto/include/internal/md32_common.h index 21133a37d7..6e4ce14e99 100644 --- a/crypto/include/internal/md32_common.h +++ b/crypto/include/internal/md32_common.h @@ -65,6 +65,8 @@ * <appro@fy.chalmers.se> */ +#include <openssl/crypto.h> + #if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) # error "DATA_ORDER must be defined!" #endif @@ -276,6 +278,12 @@ int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len) data += n; len -= n; c->num = 0; + /* + * We use memset rather than OPENSSL_cleanse() here deliberately. + * Using OPENSSL_cleanse() here could be a performance issue. It + * will get properly cleansed on finalisation so this isn't a + * security problem. + */ memset(p, 0, HASH_CBLOCK); /* keep it zeroed */ } else { memcpy(p + n, data, len); @@ -331,7 +339,7 @@ int HASH_FINAL(unsigned char *md, HASH_CTX *c) p -= HASH_CBLOCK; HASH_BLOCK_DATA_ORDER(c, p, 1); c->num = 0; - memset(p, 0, HASH_CBLOCK); + OPENSSL_cleanse(p, HASH_CBLOCK); #ifndef HASH_MAKE_STRING # error "HASH_MAKE_STRING must be defined!" |