Commit 3cf24325 authored by Cedric BAIL's avatar Cedric BAIL

* eet: Zero cipher material as soon as possible. Prevent information

	leak of temporary data in memory, so improve security.



SVN revision: 45630
parent 36270ab9
......@@ -321,3 +321,7 @@
2010-01-22 Cedric BAIL
* Add VAR_ARRAY tests.
2010-01-27 Cedric BAIL
* Improve security by zeroying cipher material as soon as possible.
......@@ -769,11 +769,19 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
memcpy(iv, key_material, MAX_IV_LEN);
memcpy(ik, key_material + MAX_IV_LEN, MAX_KEY_LEN);
memset(key_material, 0, sizeof (key_material));
crypted_length = ((((size + sizeof (unsigned int)) >> 5) + 1) << 5);
ret = malloc(crypted_length + sizeof(unsigned int));
if (!ret) return EET_ERROR_OUT_OF_MEMORY;
if (!ret) {
memset(iv, 0, sizeof (iv));
memset(ik, 0, sizeof (ik));
memset(&salt, 0, sizeof (salt));
return EET_ERROR_OUT_OF_MEMORY;
}
*ret = salt;
memset(&salt, 0, sizeof (salt));
tmp = htonl(size);
#ifdef HAVE_GNUTLS
......@@ -790,6 +798,9 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
err = gcry_cipher_setkey(cipher, ik, MAX_KEY_LEN);
if (err) goto on_error;
memset(iv, 0, sizeof (iv));
memset(ik, 0, sizeof (ik));
/* Gcrypt encrypt */
err = gcry_cipher_encrypt(cipher, (unsigned char *)(ret + 1), crypted_length, NULL, 0);
if (err) goto on_error;
......@@ -808,6 +819,9 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
if (!EVP_EncryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv)) goto on_error;
opened = 1;
memset(iv, 0, sizeof (iv));
memset(ik, 0, sizeof (ik));
/* Openssl encrypt */
if (!EVP_EncryptUpdate(&ctx, (unsigned char*)(ret + 1), &tmp_len, (unsigned char*) buffer, size + sizeof (unsigned int)))
goto on_error;
......@@ -826,6 +840,9 @@ eet_cipher(const void *data, unsigned int size, const char *key, unsigned int le
return EET_ERROR_NONE;
on_error:
memset(iv, 0, sizeof (iv));
memset(ik, 0, sizeof (ik));
# ifdef HAVE_GNUTLS
/* Gcrypt error */
if (opened) gcry_cipher_close(cipher);
......@@ -872,9 +889,13 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
/* Generate the iv and the key with the salt */
eet_pbkdf2_sha1(key, length, (unsigned char *)&salt, sizeof(unsigned int), 2048, key_material, MAX_KEY_LEN + MAX_IV_LEN);
memcpy(iv, key_material, MAX_IV_LEN);
memcpy(ik, key_material + MAX_IV_LEN, MAX_KEY_LEN);
memset(key_material, 0, sizeof (key_material));
memset(&salt, 0, sizeof (salt));
/* Align to AES block size if size is not align */
tmp_len = size - sizeof (unsigned int);
if ((tmp_len & 0x1F) != 0) goto on_error;
......@@ -894,6 +915,9 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
err = gcry_cipher_setkey(cipher, ik, MAX_KEY_LEN);
if (err) goto on_error;
memset(iv, 0, sizeof (iv));
memset(ik, 0, sizeof (ik));
/* Gcrypt decrypt */
err = gcry_cipher_decrypt(cipher, ret, tmp_len, ((unsigned int *)data) + 1, tmp_len);
if (err) goto on_error;
......@@ -912,6 +936,9 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
if (!EVP_DecryptInit_ex(&ctx, EVP_aes_256_cbc(), NULL, ik, iv))
goto on_error;
memset(iv, 0, sizeof (iv));
memset(ik, 0, sizeof (ik));
/* Openssl decrypt */
if (!EVP_DecryptUpdate(&ctx, (unsigned char *) ret, &tmp,
(unsigned char *) (over + 1), tmp_len))
......@@ -940,6 +967,9 @@ eet_decipher(const void *data, unsigned int size, const char *key, unsigned int
return EET_ERROR_NONE;
on_error:
memset(iv, 0, sizeof (iv));
memset(ik, 0, sizeof (ik));
# ifdef HAVE_GNUTLS
# else
if (opened) EVP_CIPHER_CTX_cleanup(&ctx);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment