Modify zeroize internal buffers in md modules

Modify all the following functions to zeroize an internal buffer before
exiting the function. The buffer could potentially contain confidential
data read from a file.

* md2_file()
* md4_file()
* md5_file()
* ripemd160_file()
* sha1_file()
* sha256_file()
* sha512_file()
This commit is contained in:
Andres Amaya Garcia 2017-09-20 11:47:49 +01:00
parent 2d829fb4b3
commit 3d98b97442
7 changed files with 56 additions and 56 deletions

View file

@ -217,6 +217,7 @@ void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
*/
int md2_file( const char *path, unsigned char output[16] )
{
int ret = 0;
FILE *f;
size_t n;
md2_context ctx;
@ -231,17 +232,16 @@ int md2_file( const char *path, unsigned char output[16] )
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md2_update( &ctx, buf, n );
md2_finish( &ctx, output );
md2_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
}
ret = POLARSSL_ERR_MD2_FILE_IO_ERROR;
else
md2_finish( &ctx, output );
md2_free( &ctx );
polarssl_zeroize( buf, sizeof( buf ) );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_FS_IO */

View file

@ -313,6 +313,7 @@ void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
*/
int md4_file( const char *path, unsigned char output[16] )
{
int ret = 0;
FILE *f;
size_t n;
md4_context ctx;
@ -327,17 +328,16 @@ int md4_file( const char *path, unsigned char output[16] )
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md4_update( &ctx, buf, n );
md4_finish( &ctx, output );
md4_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
}
ret = POLARSSL_ERR_MD4_FILE_IO_ERROR;
else
md4_finish( &ctx, output );
md4_free( &ctx );
polarssl_zeroize( buf, sizeof( buf ) );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_FS_IO */

View file

@ -330,6 +330,7 @@ void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
*/
int md5_file( const char *path, unsigned char output[16] )
{
int ret = 0;
FILE *f;
size_t n;
md5_context ctx;
@ -344,17 +345,16 @@ int md5_file( const char *path, unsigned char output[16] )
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md5_update( &ctx, buf, n );
md5_finish( &ctx, output );
md5_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
}
ret = POLARSSL_ERR_MD5_FILE_IO_ERROR;
else
md5_finish( &ctx, output );
md5_free( &ctx );
polarssl_zeroize( buf, sizeof( buf ) );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_FS_IO */

View file

@ -388,6 +388,7 @@ void ripemd160( const unsigned char *input, size_t ilen,
*/
int ripemd160_file( const char *path, unsigned char output[20] )
{
int ret = 0;
FILE *f;
size_t n;
ripemd160_context ctx;
@ -402,17 +403,16 @@ int ripemd160_file( const char *path, unsigned char output[20] )
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
ripemd160_update( &ctx, buf, n );
ripemd160_finish( &ctx, output );
ripemd160_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR );
}
ret = POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR;
else
ripemd160_finish( &ctx, output );
ripemd160_free( &ctx );
polarssl_zeroize( buf, sizeof( buf ) );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_FS_IO */

View file

@ -363,6 +363,7 @@ void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
*/
int sha1_file( const char *path, unsigned char output[20] )
{
int ret = 0;
FILE *f;
size_t n;
sha1_context ctx;
@ -377,17 +378,16 @@ int sha1_file( const char *path, unsigned char output[20] )
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha1_update( &ctx, buf, n );
sha1_finish( &ctx, output );
sha1_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
}
ret = POLARSSL_ERR_SHA1_FILE_IO_ERROR;
else
sha1_finish( &ctx, output );
sha1_free( &ctx );
polarssl_zeroize( buf, sizeof( buf ) );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_FS_IO */

View file

@ -366,6 +366,7 @@ void sha256( const unsigned char *input, size_t ilen,
*/
int sha256_file( const char *path, unsigned char output[32], int is224 )
{
int ret = 0;
FILE *f;
size_t n;
sha256_context ctx;
@ -380,17 +381,16 @@ int sha256_file( const char *path, unsigned char output[32], int is224 )
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha256_update( &ctx, buf, n );
sha256_finish( &ctx, output );
sha256_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
}
ret = POLARSSL_ERR_SHA256_FILE_IO_ERROR;
else
sha256_finish( &ctx, output );
sha256_free( &ctx );
polarssl_zeroize( buf, sizeof( buf ) );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_FS_IO */

View file

@ -370,6 +370,7 @@ void sha512( const unsigned char *input, size_t ilen,
*/
int sha512_file( const char *path, unsigned char output[64], int is384 )
{
int ret = 0;
FILE *f;
size_t n;
sha512_context ctx;
@ -384,17 +385,16 @@ int sha512_file( const char *path, unsigned char output[64], int is384 )
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha512_update( &ctx, buf, n );
sha512_finish( &ctx, output );
sha512_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
}
ret = POLARSSL_ERR_SHA512_FILE_IO_ERROR;
else
sha512_finish( &ctx, output );
sha512_free( &ctx );
polarssl_zeroize( buf, sizeof( buf ) );
fclose( f );
return( 0 );
return( ret );
}
#endif /* POLARSSL_FS_IO */