2
0

More standard memset_s

This commit is contained in:
Maarten Billemont 2017-09-25 02:53:34 -04:00
parent f2ae35080d
commit 6b554c67ed
7 changed files with 38 additions and 27 deletions

View File

@ -39,6 +39,7 @@ NOTE: String length must be evenly divisible by 16byte (str_len % 16 == 0)
/*****************************************************************************/ /*****************************************************************************/
#include <string.h> #include <string.h>
#include "aes.h" #include "aes.h"
#include "mpw-util.h"
/*****************************************************************************/ /*****************************************************************************/
/* Defines: */ /* Defines: */
@ -487,7 +488,7 @@ void AES_ECB_encrypt(uint8_t *output, const uint8_t *input, const uint32_t lengt
// The next function call encrypts the PlainText with the Key using AES algorithm. // The next function call encrypts the PlainText with the Key using AES algorithm.
Cipher(); Cipher();
memset_s( RoundKey, keyExpSize, 0, keyExpSize ); mpw_zero( RoundKey, keyExpSize );
} }
void AES_ECB_decrypt(uint8_t *output, const uint8_t *input, const uint32_t length, const uint8_t *key) void AES_ECB_decrypt(uint8_t *output, const uint8_t *input, const uint32_t length, const uint8_t *key)
@ -502,7 +503,7 @@ void AES_ECB_decrypt(uint8_t *output, const uint8_t *input, const uint32_t lengt
InvCipher(); InvCipher();
memset_s( RoundKey, keyExpSize, 0, keyExpSize ); mpw_zero( RoundKey, keyExpSize );
} }
@ -560,7 +561,7 @@ void AES_CBC_encrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, co
Cipher(); Cipher();
} }
memset_s( RoundKey, keyExpSize, 0, keyExpSize ); mpw_zero( RoundKey, keyExpSize );
} }
void AES_CBC_decrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv) void AES_CBC_decrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, const uint8_t* key, const uint8_t* iv)
@ -599,7 +600,7 @@ void AES_CBC_decrypt_buffer(uint8_t* output, uint8_t* input, uint32_t length, co
InvCipher(); InvCipher();
} }
memset_s( RoundKey, keyExpSize, 0, keyExpSize ); mpw_zero( RoundKey, keyExpSize );
} }
#endif // #if defined(AES_CBC) && (AES_CBC == 1) #endif // #if defined(AES_CBC) && (AES_CBC == 1)

View File

@ -137,31 +137,38 @@ bool __mpw_realloc(const void **buffer, size_t *bufferSize, const size_t deltaSi
return true; return true;
} }
bool __mpw_free(const void **buffer, const size_t bufferSize) { void mpw_zero(void *buffer, size_t bufferSize) {
uint8_t *b = buffer;
for (; bufferSize > 0; --bufferSize)
*b++ = 0;
}
bool __mpw_free(void **buffer, const size_t bufferSize) {
if (!buffer || !*buffer) if (!buffer || !*buffer)
return false; return false;
memset( (void *)*buffer, 0, bufferSize ); mpw_zero( *buffer, bufferSize );
free( (void *)*buffer ); free( *buffer );
*buffer = NULL; *buffer = NULL;
return true; return true;
} }
bool __mpw_free_string(const char **string) { bool __mpw_free_string(char **string) {
return *string && __mpw_free( (const void **)string, strlen( *string ) ); return *string && __mpw_free( (void **)string, strlen( *string ) );
} }
bool __mpw_free_strings(const char **strings, ...) { bool __mpw_free_strings(char **strings, ...) {
bool success = true; bool success = true;
va_list args; va_list args;
va_start( args, strings ); va_start( args, strings );
success &= mpw_free_string( strings ); success &= mpw_free_string( strings );
for (const char **string; (string = va_arg( args, const char ** ));) for (char **string; (string = va_arg( args, char ** ));)
success &= mpw_free_string( string ); success &= mpw_free_string( string );
va_end( args ); va_end( args );
@ -217,12 +224,12 @@ uint8_t const *mpw_kdf_blake2b(const size_t subkeySize, const uint8_t *key, cons
} }
uint8_t saltBuf[crypto_generichash_blake2b_SALTBYTES]; uint8_t saltBuf[crypto_generichash_blake2b_SALTBYTES];
memset( saltBuf, 0, sizeof saltBuf ); mpw_zero( saltBuf, sizeof saltBuf );
if (id) if (id)
mpw_uint64( id, saltBuf ); mpw_uint64( id, saltBuf );
uint8_t personalBuf[crypto_generichash_blake2b_PERSONALBYTES]; uint8_t personalBuf[crypto_generichash_blake2b_PERSONALBYTES];
memset( personalBuf, 0, sizeof personalBuf ); mpw_zero( personalBuf, sizeof personalBuf );
if (personal && strlen( personal )) if (personal && strlen( personal ))
memcpy( personalBuf, personal, strlen( personal ) ); memcpy( personalBuf, personal, strlen( personal ) );
@ -274,7 +281,7 @@ static uint8_t const *mpw_aes(bool encrypt, const uint8_t *key, const size_t key
// IV = zero // IV = zero
uint8_t iv[16]; uint8_t iv[16];
memset( iv, 0, sizeof iv ); mpw_zero( iv, sizeof iv );
// Add PKCS#7 padding // Add PKCS#7 padding
uint32_t aesSize = (uint32_t)*bufSize; uint32_t aesSize = (uint32_t)*bufSize;
@ -289,8 +296,8 @@ static uint8_t const *mpw_aes(bool encrypt, const uint8_t *key, const size_t key
AES_CBC_encrypt_buffer( resultBuf, aesBuf, aesSize, key, iv ); AES_CBC_encrypt_buffer( resultBuf, aesBuf, aesSize, key, iv );
else else
AES_CBC_decrypt_buffer( resultBuf, aesBuf, aesSize, key, iv ); AES_CBC_decrypt_buffer( resultBuf, aesBuf, aesSize, key, iv );
memset_s( aesBuf, aesSize, 0, aesSize ); mpw_zero( aesBuf, aesSize );
memset_s( iv, 16, 0, 16 ); mpw_zero( iv, 16 );
// Truncate PKCS#7 padding // Truncate PKCS#7 padding
if (encrypt) if (encrypt)

View File

@ -136,21 +136,23 @@ bool mpw_push_int(
* @return true if successful, false if reallocation failed. * @return true if successful, false if reallocation failed.
*/ */
#define mpw_realloc(buffer, bufferSize, deltaSize) \ #define mpw_realloc(buffer, bufferSize, deltaSize) \
({ typeof(buffer) _b = buffer; const void *__b = *_b; (void)__b; __mpw_realloc( (const void **)_b, bufferSize, deltaSize ); }) ({ __typeof__(buffer) _b = buffer; const void *__b = *_b; (void)__b; __mpw_realloc( (const void **)_b, bufferSize, deltaSize ); })
bool __mpw_realloc(const void **buffer, size_t *bufferSize, const size_t deltaSize); bool __mpw_realloc(const void **buffer, size_t *bufferSize, const size_t deltaSize);
void mpw_zero(
void *buffer, size_t bufferSize);
/** Free a buffer after zero'ing its contents, then set the reference to NULL. */ /** Free a buffer after zero'ing its contents, then set the reference to NULL. */
#define mpw_free(buffer, bufferSize) \ #define mpw_free(buffer, bufferSize) \
({ typeof(buffer) _b = buffer; const void *__b = *_b; (void)__b; __mpw_free( (const void **)_b, bufferSize ); }) ({ __typeof__(buffer) _b = buffer; const void *__b = *_b; (void)__b; __mpw_free( (const void **)_b, bufferSize ); })
bool __mpw_free( bool __mpw_free(
const void **buffer, const size_t bufferSize); const void **buffer, const size_t bufferSize);
/** Free a string after zero'ing its contents, then set the reference to NULL. */ /** Free a string after zero'ing its contents, then set the reference to NULL. */
#define mpw_free_string(string) \ #define mpw_free_string(string) \
({ typeof(string) _s = string; const char *__s = *_s; (void)__s; __mpw_free_string( (const char **)_s ); }) ({ __typeof__(string) _s = string; const char *__s = *_s; (void)__s; __mpw_free_string( (const char **)_s ); })
bool __mpw_free_string( bool __mpw_free_string(
const char **string); const char **string);
/** Free strings after zero'ing their contents, then set the references to NULL. Terminate the va_list with NULL. */ /** Free strings after zero'ing their contents, then set the references to NULL. Terminate the va_list with NULL. */
#define mpw_free_strings(strings, ...) \ #define mpw_free_strings(strings, ...) \
({ typeof(strings) _s = strings; const char *__s = *_s; (void)__s; __mpw_free_strings( (const char **)_s, __VA_ARGS__ ); }) ({ __typeof__(strings) _s = strings; const char *__s = *_s; (void)__s; __mpw_free_strings( (const char **)_s, __VA_ARGS__ ); })
bool __mpw_free_strings( bool __mpw_free_strings(
const char **strings, ...); const char **strings, ...);

View File

@ -138,7 +138,7 @@ cc() {
if hash llvm-gcc 2>/dev/null; then if hash llvm-gcc 2>/dev/null; then
llvm-gcc "$@" llvm-gcc "$@"
elif hash gcc 2>/dev/null; then elif hash gcc 2>/dev/null; then
gcc -std=gnu99 "$@" gcc -std=c11 "$@"
elif hash clang 2>/dev/null; then elif hash clang 2>/dev/null; then
clang "$@" clang "$@"
else else

View File

@ -41,6 +41,7 @@
#include "blf.h" #include "blf.h"
#include "blowfish.h" #include "blowfish.h"
#include "mpw-util.h"
/* This implementation is adaptable to current computing power. /* This implementation is adaptable to current computing power.
* You can have up to 2^31 rounds which should be enough for some * You can have up to 2^31 rounds which should be enough for some
@ -186,10 +187,10 @@ bcrypt_hashpass(const char *key, const uint8_t *salt, char *encrypted,
snprintf( encrypted, 8, "$2%c$%2.2u$", minor, logr ); snprintf( encrypted, 8, "$2%c$%2.2u$", minor, logr );
encode_base64( encrypted + 7, csalt, BCRYPT_MAXSALT ); encode_base64( encrypted + 7, csalt, BCRYPT_MAXSALT );
encode_base64( encrypted + 7 + 22, ciphertext, 4 * BCRYPT_WORDS - 1 ); encode_base64( encrypted + 7 + 22, ciphertext, 4 * BCRYPT_WORDS - 1 );
memset_s( &state, sizeof state, 0, sizeof state ); mpw_zero( &state, sizeof state );
memset_s( ciphertext, sizeof ciphertext, 0, sizeof ciphertext ); mpw_zero( ciphertext, sizeof ciphertext );
memset_s( csalt, sizeof csalt, 0, sizeof csalt ); mpw_zero( csalt, sizeof csalt );
memset_s( cdata, sizeof cdata, 0, sizeof cdata ); mpw_zero( cdata, sizeof cdata );
return 0; return 0;
inval: inval:

View File

@ -128,7 +128,7 @@ const char *mpw_getpass(const char *prompt) {
return NULL; return NULL;
password = strdup( answer ); password = strdup( answer );
memset_s( answer, strlen( answer ), 0, strlen( answer ) ); mpw_zero( answer, strlen( answer ) );
return password; return password;
} }

View File

@ -273,7 +273,7 @@ void cli_free(Arguments *args, Operation *operation) {
void cli_args(Arguments *args, Operation *operation, const int argc, char *const argv[]) { void cli_args(Arguments *args, Operation *operation, const int argc, char *const argv[]) {
for (int opt; (opt = getopt( argc, argv, "u:U:m:M:t:P:c:a:p:C:f:F:R:vqh" )) != EOF; for (int opt; (opt = getopt( argc, argv, "u:U:m:M:t:P:c:a:p:C:f:F:R:vqh" )) != EOF;
optarg? memset_s( optarg, strlen( optarg ), 0, strlen( optarg ) ): 0) optarg? mpw_zero( optarg, strlen( optarg ) ): NULL)
switch (opt) { switch (opt) {
case 'u': case 'u':
args->fullName = optarg && strlen( optarg )? strdup( optarg ): NULL; args->fullName = optarg && strlen( optarg )? strdup( optarg ): NULL;