Use plain memset() in context init functions

We call xxx_init() on a structure when it has been freshly allocated (on the
stack or heap).

At this point it contains random-looking data none of which should be
sensitive, as all sensitive data is wiped using mbedtls_platform_zeroize()
when we're done using it and the memory area is going to be reclaimed (by
exiting the function or free()ing the buffer).
This commit is contained in:
Manuel Pégourié-Gonnard 2019-10-03 10:40:57 +02:00
parent 14f33e74c0
commit 994193326b
10 changed files with 15 additions and 15 deletions

View file

@ -519,7 +519,7 @@ void mbedtls_aes_init( mbedtls_aes_context *ctx )
{
AES_VALIDATE( ctx != NULL );
mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_aes_context ) );
memset( ctx, 0, sizeof( mbedtls_aes_context ) );
}
void mbedtls_aes_free( mbedtls_aes_context *ctx )

View file

@ -66,7 +66,7 @@
void mbedtls_ccm_init( mbedtls_ccm_context *ctx )
{
CCM_VALIDATE( ctx != NULL );
mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
}
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,

View file

@ -156,7 +156,7 @@ const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_ciph
void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
{
CIPHER_VALIDATE( ctx != NULL );
mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
}
void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )

View file

@ -65,7 +65,7 @@
void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
{
ctx->source_count = 0;
mbedtls_platform_memset( ctx->source, 0, sizeof( ctx->source ) );
memset( ctx->source, 0, sizeof( ctx->source ) );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &ctx->mutex );

View file

@ -56,7 +56,7 @@
*/
void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx )
{
mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &ctx->mutex );

View file

@ -387,7 +387,7 @@ mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
void mbedtls_md_init( mbedtls_md_context_t *ctx )
{
mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
#if defined(MBEDTLS_MD_SINGLE_HASH)
mbedtls_md_info_init( mbedtls_md_get_handle( ctx ),

View file

@ -1291,7 +1291,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx )
ctx->pk_info = MBEDTLS_PK_INVALID_HANDLE;
ctx->pk_ctx = NULL;
#else
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
memset( ctx, 0, sizeof( mbedtls_pk_context ) );
#endif
}

View file

@ -59,7 +59,7 @@ void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
SHA256_VALIDATE( ctx != NULL );
mbedtls_platform_memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_free( mbedtls_sha256_context *ctx )

View file

@ -7955,7 +7955,7 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
{
mbedtls_platform_memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) );
memset( handshake, 0, sizeof( mbedtls_ssl_handshake_params ) );
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
@ -8010,7 +8010,7 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
{
mbedtls_platform_memset( transform, 0, sizeof(mbedtls_ssl_transform) );
memset( transform, 0, sizeof(mbedtls_ssl_transform) );
mbedtls_cipher_init( &transform->cipher_ctx_enc );
mbedtls_cipher_init( &transform->cipher_ctx_dec );
@ -8023,7 +8023,7 @@ void mbedtls_ssl_transform_init( mbedtls_ssl_transform *transform )
void mbedtls_ssl_session_init( mbedtls_ssl_session *session )
{
mbedtls_platform_memset( session, 0, sizeof(mbedtls_ssl_session) );
memset( session, 0, sizeof(mbedtls_ssl_session) );
}
static int ssl_handshake_init( mbedtls_ssl_context *ssl )
@ -8226,7 +8226,7 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl )
*/
void mbedtls_ssl_init( mbedtls_ssl_context *ssl )
{
mbedtls_platform_memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
memset( ssl, 0, sizeof( mbedtls_ssl_context ) );
}
/*
@ -11773,7 +11773,7 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
*/
void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
{
mbedtls_platform_memset( conf, 0, sizeof( mbedtls_ssl_config ) );
memset( conf, 0, sizeof( mbedtls_ssl_config ) );
#if !defined(MBEDTLS_SSL_PROTO_TLS)
conf->transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;

View file

@ -292,7 +292,7 @@ int mbedtls_x509_crt_cache_provide_pk( mbedtls_x509_crt const *crt )
static void x509_crt_cache_init( mbedtls_x509_crt_cache *cache )
{
mbedtls_platform_memset( cache, 0, sizeof( *cache ) );
memset( cache, 0, sizeof( *cache ) );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &cache->frame_mutex );
mbedtls_mutex_init( &cache->pk_mutex );
@ -3834,7 +3834,7 @@ exit:
*/
void mbedtls_x509_crt_init( mbedtls_x509_crt *crt )
{
mbedtls_platform_memset( crt, 0, sizeof(mbedtls_x509_crt) );
memset( crt, 0, sizeof(mbedtls_x509_crt) );
}
/*