A few more memset()s converted to OPENSSL_cleanse().
authorRichard Levitte <levitte@openssl.org>
Fri, 29 Nov 2002 11:30:45 +0000 (11:30 +0000)
committerRichard Levitte <levitte@openssl.org>
Fri, 29 Nov 2002 11:30:45 +0000 (11:30 +0000)
I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343

crypto/bn/bn_lib.c
crypto/bn/bn_rand.c
crypto/evp/evp_enc.c
crypto/md2/md2_dgst.c
crypto/md2/md2_one.c
crypto/md4/md4_one.c
crypto/md5/md5_one.c
crypto/mdc2/mdc2_one.c
crypto/pem/pem_lib.c
ssl/s3_srvr.c

index fc610e0..bbcc62d 100644 (file)
@@ -263,12 +263,12 @@ void BN_clear_free(BIGNUM *a)
        if (a == NULL) return;
        if (a->d != NULL)
                {
-               memset(a->d,0,a->dmax*sizeof(a->d[0]));
+               OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
                if (!(BN_get_flags(a,BN_FLG_STATIC_DATA)))
                        OPENSSL_free(a->d);
                }
        i=BN_get_flags(a,BN_FLG_MALLOCED);
-       memset(a,0,sizeof(BIGNUM));
+       OPENSSL_cleanse(a,sizeof(BIGNUM));
        if (i)
                OPENSSL_free(a);
        }
index e6705f7..480817a 100644 (file)
@@ -201,7 +201,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
 err:
        if (buf != NULL)
                {
-               memset(buf,0,bytes);
+               OPENSSL_cleanse(buf,bytes);
                OPENSSL_free(buf);
                }
        return(ret);
index 39a66f1..66c48d1 100644 (file)
@@ -454,9 +454,9 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
                {
                if(c->cipher->cleanup && !c->cipher->cleanup(c))
                        return 0;
-               /* Zero cipher context data */
+               /* Cleanse cipher context data */
                if (c->cipher_data)
-                       memset(c->cipher_data, 0, c->cipher->ctx_size);
+                       OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
                }
        if (c->cipher_data)
                OPENSSL_free(c->cipher_data);
index f98009a..47866c3 100644 (file)
@@ -196,7 +196,7 @@ static void md2_block(MD2_CTX *c, const unsigned char *d)
                t=(t+i)&0xff;
                }
        memcpy(sp1,state,16*sizeof(MD2_INT));
-       memset(state,0,48*sizeof(MD2_INT));
+       OPENSSL_cleanse(state,48*sizeof(MD2_INT));
        }
 
 int MD2_Final(unsigned char *md, MD2_CTX *c)
index b12c37c..835160e 100644 (file)
@@ -88,6 +88,6 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
        }
 #endif
        MD2_Final(md,&c);
-       memset(&c,0,sizeof(c)); /* Security consideration */
+       OPENSSL_cleanse(&c,sizeof(c));  /* Security consideration */
        return(md);
        }
index 87a995d..53efd43 100644 (file)
@@ -89,7 +89,7 @@ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md)
        }
 #endif
        MD4_Final(md,&c);
-       memset(&c,0,sizeof(c)); /* security consideration */
+       OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
        return(md);
        }
 
index b89dec8..c67eb79 100644 (file)
@@ -89,7 +89,7 @@ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
        }
 #endif
        MD5_Final(md,&c);
-       memset(&c,0,sizeof(c)); /* security consideration */
+       OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
        return(md);
        }
 
index 6cd141b..37f06c8 100644 (file)
@@ -69,7 +69,7 @@ unsigned char *MDC2(const unsigned char *d, unsigned long n, unsigned char *md)
        MDC2_Init(&c);
        MDC2_Update(&c,d,n);
         MDC2_Final(md,&c);
-       memset(&c,0,sizeof(c)); /* security consideration */
+       OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
        return(md);
        }
 
index d3e9ce8..900af73 100644 (file)
@@ -343,7 +343,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
                 * NOT taken from the BytesToKey function */
                EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
 
-               if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
+               if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
 
                OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
 
index c687da9..3db3e78 100644 (file)
@@ -1717,7 +1717,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
                        s->method->ssl3_enc->generate_master_secret(s,
                                s->session->master_key,
                                p,i);
-               memset(p,0,i);
+               OPENSSL_cleanse(p,i);
                }
        else
 #endif
@@ -1780,7 +1780,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
                s->session->master_key_length=
                        s->method->ssl3_enc->generate_master_secret(s,
                                s->session->master_key,p,i);
-               memset(p,0,i);
+               OPENSSL_cleanse(p,i);
                }
        else
 #endif