ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-03-04 02:57:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

clear hash state memory after use

Browse Source
This commit is contained in:
Matt Johnston 2015-01-04 23:10:59 +08:00
parent eabd9f5e60
commit b24984deb3
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
common-kex.c
View File

@ -303,7 +303,7 @@ static void hashkeys(unsigned char *out, unsigned int outlen,
hash_desc->done(&hs2, tmpout); hash_desc->done(&hs2, tmpout);
memcpy(&out[offset], tmpout, MIN(outlen - offset, hash_desc->hashsize)); memcpy(&out[offset], tmpout, MIN(outlen - offset, hash_desc->hashsize));
} }
m_burn(&hs2, sizeof(hash_state));
} }
/* Generate the actual encryption/integrity keys, using the results of the /* Generate the actual encryption/integrity keys, using the results of the
@ -403,6 +403,7 @@ static void gen_new_keys() {
m_burn(C2S_key, sizeof(C2S_key)); m_burn(C2S_key, sizeof(C2S_key));
m_burn(S2C_IV, sizeof(S2C_IV)); m_burn(S2C_IV, sizeof(S2C_IV));
m_burn(S2C_key, sizeof(S2C_key)); m_burn(S2C_key, sizeof(S2C_key));
m_burn(&hs, sizeof(hash_state));
TRACE(("leave gen_new_keys")) TRACE(("leave gen_new_keys"))
} }
@ -798,6 +799,7 @@ static void finish_kexhashbuf(void) {
buf_burn(ses.kexhashbuf); buf_burn(ses.kexhashbuf);
buf_free(ses.kexhashbuf); buf_free(ses.kexhashbuf);
m_burn(&hs, sizeof(hash_state));
ses.kexhashbuf = NULL; ses.kexhashbuf = NULL;
/* first time around, we set the session_id to H */ /* first time around, we set the session_id to H */
@ -805,7 +807,6 @@ static void finish_kexhashbuf(void) {
/* create the session_id, this never needs freeing */ /* create the session_id, this never needs freeing */
ses.session_id = buf_newcopy(ses.hash); ses.session_id = buf_newcopy(ses.hash);
} }
} }
/* read the other side's algo list. buf_match_algo is a callback to match /* read the other side's algo list. buf_match_algo is a callback to match