From: Richard Levitte Date: Thu, 28 Nov 2002 08:06:36 +0000 (+0000) Subject: Cleanse memory using the new OPENSSL_cleanse() function. X-Git-Tag: OpenSSL_0_9_6h~15 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=920b700d4ad48557e8cc498ce6754b4323855a83;p=oweals%2Fopenssl.git Cleanse memory using the new OPENSSL_cleanse() function. I've covered all the memset()s I felt safe modifying, but may have missed some. --- diff --git a/apps/ca.c b/apps/ca.c index 1563d99317..8301f0f38f 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -543,7 +543,7 @@ bad: goto err; } pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); - if(key) memset(key,0,strlen(key)); + if(key) OPENSSL_cleanse(key,strlen(key)); if (pkey == NULL) { BIO_printf(bio_err,"unable to load CA private key\n"); diff --git a/apps/dgst.c b/apps/dgst.c index 482b023857..8da784771a 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -327,7 +327,7 @@ int MAIN(int argc, char **argv) end: if (buf != NULL) { - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); OPENSSL_free(buf); } if (in != NULL) BIO_free(in); diff --git a/apps/enc.c b/apps/enc.c index e375363242..1e554053ea 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -506,9 +506,9 @@ bad: * bug picked up by * Larry J. Hughes Jr. */ if (str == strbuf) - memset(str,0,SIZE); + OPENSSL_cleanse(str,SIZE); else - memset(str,0,strlen(str)); + OPENSSL_cleanse(str,strlen(str)); } if ((hiv != NULL) && !set_hex(hiv,iv,8)) { diff --git a/apps/s_client.c b/apps/s_client.c index 9cfe2b1580..a637fec0a6 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -768,8 +768,8 @@ end: if (con != NULL) SSL_free(con); if (con2 != NULL) SSL_free(con2); if (ctx != NULL) SSL_CTX_free(ctx); - if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); } - if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); } + if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } + if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (bio_c_out != NULL) { BIO_free(bio_c_out); diff --git a/apps/s_server.c b/apps/s_server.c index 1a082f63f2..0cff7f8ade 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1043,7 +1043,7 @@ err: BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); if (buf != NULL) { - memset(buf,0,bufsize); + OPENSSL_cleanse(buf,bufsize); OPENSSL_free(buf); } if (ret >= 0) diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 94829d889e..c5cf0e3133 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -199,10 +199,10 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; err: - memset(&ctx,0,sizeof(ctx)); + OPENSSL_cleanse(&ctx,sizeof(ctx)); if (buf_in != NULL) - { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } + { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } if (buf_out != NULL) - { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } + { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } return(outl); } diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 2a11927e5c..faa34501b9 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -100,7 +100,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, EVP_VerifyInit(&ctx,type); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); - memset(buf_in,0,(unsigned int)inl); + OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 9840193538..5f8ba3cc32 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -181,7 +181,7 @@ int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey) } EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); + OPENSSL_cleanse(buf,256); EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); @@ -292,7 +292,7 @@ RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, } EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); + OPENSSL_cleanse(buf,256); EVP_CIPHER_CTX_init(&ctx); EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL); diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index fa6cbfb6f8..3e0ebef507 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -119,8 +119,8 @@ void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a) X509_ALGOR_free(a->pkeyalg); /* Clear sensitive data */ if (a->pkey->value.octet_string) - memset (a->pkey->value.octet_string->data, - 0, a->pkey->value.octet_string->length); + OPENSSL_cleanse(a->pkey->value.octet_string->data, + a->pkey->value.octet_string->length); ASN1_TYPE_free (a->pkey); sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free); OPENSSL_free (a); diff --git a/crypto/des/des.c b/crypto/des/des.c index 215d7413c0..22596648e8 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -423,7 +423,7 @@ void doencryption(void) k2[i-8]=k; } des_set_key_unchecked(&k2,ks2); - memset(k2,0,sizeof(k2)); + OPENSSL_cleanse(k2,sizeof(k2)); } else if (longk || flag3) { @@ -431,7 +431,7 @@ void doencryption(void) { des_string_to_2keys(key,&kk,&k2); des_set_key_unchecked(&k2,ks2); - memset(k2,0,sizeof(k2)); + OPENSSL_cleanse(k2,sizeof(k2)); } else des_string_to_key(key,&kk); @@ -453,8 +453,8 @@ void doencryption(void) } des_set_key_unchecked(&kk,ks); - memset(key,0,sizeof(key)); - memset(kk,0,sizeof(kk)); + OPENSSL_cleanse(key,sizeof(key)); + OPENSSL_cleanse(kk,sizeof(kk)); /* woops - A bug that does not showup under unix :-( */ memset(iv,0,sizeof(iv)); memset(iv2,0,sizeof(iv2)); @@ -662,18 +662,18 @@ void doencryption(void) if (l) fclose(CKSUM_OUT); } problems: - memset(buf,0,sizeof(buf)); - memset(obuf,0,sizeof(obuf)); - memset(ks,0,sizeof(ks)); - memset(ks2,0,sizeof(ks2)); - memset(iv,0,sizeof(iv)); - memset(iv2,0,sizeof(iv2)); - memset(kk,0,sizeof(kk)); - memset(k2,0,sizeof(k2)); - memset(uubuf,0,sizeof(uubuf)); - memset(b,0,sizeof(b)); - memset(bb,0,sizeof(bb)); - memset(cksum,0,sizeof(cksum)); + OPENSSL_cleanse(buf,sizeof(buf)); + OPENSSL_cleanse(obuf,sizeof(obuf)); + OPENSSL_cleanse(ks,sizeof(ks)); + OPENSSL_cleanse(ks2,sizeof(ks2)); + OPENSSL_cleanse(iv,sizeof(iv)); + OPENSSL_cleanse(iv2,sizeof(iv2)); + OPENSSL_cleanse(kk,sizeof(kk)); + OPENSSL_cleanse(k2,sizeof(k2)); + OPENSSL_cleanse(uubuf,sizeof(uubuf)); + OPENSSL_cleanse(b,sizeof(b)); + OPENSSL_cleanse(bb,sizeof(bb)); + OPENSSL_cleanse(cksum,sizeof(cksum)); if (Exit) EXIT(Exit); } diff --git a/crypto/des/read2pwd.c b/crypto/des/read2pwd.c index a8ceaf088a..25d3c63131 100644 --- a/crypto/des/read2pwd.c +++ b/crypto/des/read2pwd.c @@ -65,8 +65,8 @@ int des_read_password(des_cblock *key, const char *prompt, int verify) if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) des_string_to_key(buf,key); - memset(buf,0,BUFSIZ); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ok); } @@ -78,7 +78,7 @@ int des_read_2passwords(des_cblock *key1, des_cblock *key2, const char *prompt, if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) des_string_to_2keys(buf,key1,key2); - memset(buf,0,BUFSIZ); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ok); } diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c index cba52cad78..a8f1590943 100644 --- a/crypto/des/read_pwd.c +++ b/crypto/des/read_pwd.c @@ -218,7 +218,7 @@ int des_read_pw_string(char *buf, int length, const char *prompt, int ret; ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ret); } diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c index c6abb87201..fc5b96ee87 100644 --- a/crypto/des/str2key.c +++ b/crypto/des/str2key.c @@ -88,7 +88,7 @@ void des_string_to_key(const char *str, des_cblock *key) des_set_odd_parity(key); des_set_key_unchecked(key,ks); des_cbc_cksum((const unsigned char*)str,key,length,ks,key); - memset(ks,0,sizeof(ks)); + OPENSSL_cleanse(ks,sizeof(ks)); des_set_odd_parity(key); } @@ -149,7 +149,7 @@ void des_string_to_2keys(const char *str, des_cblock *key1, des_cblock *key2) des_cbc_cksum((const unsigned char*)str,key1,length,ks,key1); des_set_key_unchecked(key2,ks); des_cbc_cksum((const unsigned char*)str,key2,length,ks,key2); - memset(ks,0,sizeof(ks)); + OPENSSL_cleanse(ks,sizeof(ks)); des_set_odd_parity(key1); des_set_odd_parity(key2); } diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index c425a971af..a04e8b11b2 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -128,7 +128,7 @@ static int enc_free(BIO *a) if (a == NULL) return(0); b=(BIO_ENC_CTX *)a->ptr; EVP_CIPHER_CTX_cleanup(&(b->cipher)); - memset(a->ptr,0,sizeof(BIO_ENC_CTX)); + OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX)); OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index e617ce1d43..e884552a44 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -208,7 +208,7 @@ static int ok_new(BIO *bi) static int ok_free(BIO *a) { if (a == NULL) return(0); - memset(a->ptr,0,sizeof(BIO_OK_CTX)); + OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX)); OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index 8d3c88deb7..50f7503f32 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -103,7 +103,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, idea_set_encrypt_key(key,&tmp); idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks)); - memset((unsigned char *)&tmp,0, + OPENSSL_cleanse((unsigned char *)&tmp, sizeof(IDEA_KEY_SCHEDULE)); } return 1; diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index e7434ef9b2..a31af2924e 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -152,8 +152,8 @@ int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, } if ((nkey == 0) && (niv == 0)) break; } - memset(&c,0,sizeof(c)); - memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); + OPENSSL_cleanse(&c,sizeof(c)); + OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); return(type->key_len); } diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index 6bfa2c5acb..0422fa5883 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -142,8 +142,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), EVP_CIPHER_iv_length(cipher)); EVP_CipherInit(cctx, cipher, key, iv, en_de); - memset(md_tmp, 0, EVP_MAX_MD_SIZE); - memset(key, 0, EVP_MAX_KEY_LENGTH); - memset(iv, 0, EVP_MAX_IV_LENGTH); + OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); + OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); + OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); return 1; } diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 717fad68ca..74c8769e46 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -228,7 +228,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, iter = ASN1_INTEGER_get(kdf->iter); PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); EVP_CipherInit(ctx, NULL, key, NULL, en_de); - memset(key, 0, keylen); + OPENSSL_cleanse(key, keylen); PBKDF2PARAM_free(kdf); return 1; diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index 2760c00fec..c766a3a912 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -101,7 +101,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, ret=1; err: - if (key != NULL) memset(key,0,size); + if (key != NULL) OPENSSL_cleanse(key,size); OPENSSL_free(key); return(ret); } diff --git a/crypto/md32_common.h b/crypto/md32_common.h index ad7c4194c2..07f6010c4e 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -602,6 +602,6 @@ void HASH_FINAL (unsigned char *md, HASH_CTX *c) c->num=0; /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack * but I'm not worried :-) - memset((void *)c,0,sizeof(HASH_CTX)); + OPENSSL_cleanse((void *)c,sizeof(HASH_CTX)); */ } diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index ef02599d55..2453e933dc 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -358,7 +358,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, ret=1; err: - memset((char *)&ctx,0,sizeof(ctx)); - memset(buf,0,PEM_BUFSIZE); + OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); + OPENSSL_cleanse(buf,PEM_BUFSIZE); return(ret); } diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 043b578e22..a86a98f419 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -401,13 +401,13 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, i=PEM_write_bio(bp,name,buf,data,i); if (i <= 0) ret=0; err: - memset(key,0,sizeof(key)); - memset(iv,0,sizeof(iv)); - memset((char *)&ctx,0,sizeof(ctx)); - memset(buf,0,PEM_BUFSIZE); + OPENSSL_cleanse(key,sizeof(key)); + OPENSSL_cleanse(iv,sizeof(iv)); + OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); + OPENSSL_cleanse(buf,PEM_BUFSIZE); if (data != NULL) { - memset(data,0,(unsigned int)dsize); + OPENSSL_cleanse(data,(unsigned int)dsize); OPENSSL_free(data); } return(ret); @@ -447,8 +447,8 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, EVP_DecryptUpdate(&ctx,data,&i,data,j); o=EVP_DecryptFinal(&ctx,&(data[i]),&j); EVP_CIPHER_CTX_cleanup(&ctx); - memset((char *)buf,0,sizeof(buf)); - memset((char *)key,0,sizeof(key)); + OPENSSL_cleanse((char *)buf,sizeof(buf)); + OPENSSL_cleanse((char *)key,sizeof(key)); j+=i; if (!o) { diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c index 2a6c513348..ed1d3412cf 100644 --- a/crypto/pem/pem_seal.c +++ b/crypto/pem/pem_seal.c @@ -109,7 +109,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, ret=npubk; err: if (s != NULL) OPENSSL_free(s); - memset(key,0,EVP_MAX_KEY_LENGTH); + OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH); return(ret); } diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c index 7b96584f07..17d8d546f1 100644 --- a/crypto/pkcs12/p12_crpt.c +++ b/crypto/pkcs12/p12_crpt.c @@ -118,7 +118,7 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, } PBEPARAM_free(pbe); EVP_CipherInit(ctx, cipher, key, iv, en_de); - memset(key, 0, EVP_MAX_KEY_LENGTH); - memset(iv, 0, EVP_MAX_IV_LENGTH); + OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); + OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); return 1; } diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 8cd7e2f414..68488db864 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -137,7 +137,7 @@ char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(), if (seq & 1) ret = (char *) d2i_ASN1_SET(NULL, &p, outlen, d2i, free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); else ret = d2i(NULL, &p, outlen); - if (seq & 2) memset(out, 0, outlen); + if (seq & 2) OPENSSL_cleanse(out, outlen); if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); OPENSSL_free (out); return ret; diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index a4fd5b98ec..298e4c506b 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -91,7 +91,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, id, iter, n, out, md_type); if(unipass) { - memset(unipass, 0, uniplen); /* Clear password from memory */ + OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ OPENSSL_free(unipass); } return ret; diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c index 5447e69818..e73556e302 100644 --- a/crypto/pkcs7/bio_ber.c +++ b/crypto/pkcs7/bio_ber.c @@ -145,7 +145,7 @@ static int ber_free(BIO *a) if (a == NULL) return(0); b=(BIO_BER_CTX *)a->ptr; - memset(a->ptr,0,sizeof(BIO_BER_CTX)); + OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX)); OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index a45cf76c68..aa4d49e28b 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -241,7 +241,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); } OPENSSL_free(tmp); - memset(key, 0, keylen); + OPENSSL_cleanse(key, keylen); if (out == NULL) out=btmp; @@ -448,7 +448,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) } EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0); - memset(tmp,0,jj); + OPENSSL_cleanse(tmp,jj); if (out == NULL) out=etmp; diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index 349629c484..5df32b4fe6 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -177,10 +177,10 @@ RAND_METHOD *RAND_SSLeay(void) static void ssleay_rand_cleanup(void) { - memset(state,0,sizeof(state)); + OPENSSL_cleanse(state,sizeof(state)); state_num=0; state_index=0; - memset(md,0,MD_DIGEST_LENGTH); + OPENSSL_cleanse(md,MD_DIGEST_LENGTH); md_count[0]=0; md_count[1]=0; entropy=0; diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index c94f7bba52..f64c7383b2 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -125,7 +125,7 @@ int RAND_load_file(const char *file, long bytes) } } fclose(in); - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); err: return(ret); } @@ -190,7 +190,7 @@ int RAND_write_file(const char *file) #endif /* VMS */ fclose(out); - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); err: return (rand_err ? -1 : ret); } diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c index 709b7aff35..04799009e6 100644 --- a/crypto/rc4/rc4.c +++ b/crypto/rc4/rc4.c @@ -155,7 +155,7 @@ bad: i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0); if (i != 0) { - memset(buf,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); fprintf(stderr,"bad password read\n"); exit(1); } @@ -163,7 +163,7 @@ bad: } MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md); - memset(keystr,0,strlen(keystr)); + OPENSSL_cleanse(keystr,strlen(keystr)); RC4_set_key(&key,MD5_DIGEST_LENGTH,md); for(;;) diff --git a/crypto/ripemd/rmd_one.c b/crypto/ripemd/rmd_one.c index efdf2dd6ef..a783282282 100644 --- a/crypto/ripemd/rmd_one.c +++ b/crypto/ripemd/rmd_one.c @@ -70,7 +70,7 @@ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, RIPEMD160_Init(&c); RIPEMD160_Update(&c,d,n); RIPEMD160_Final(md,&c); - memset(&c,0,sizeof(c)); /* security consideration */ + OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ return(md); } diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 0112b5c632..c49abe6e3e 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -184,7 +184,7 @@ err: BN_clear_free(&ret); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); @@ -268,7 +268,7 @@ err: BN_clear_free(&f); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); @@ -367,7 +367,7 @@ err: BN_clear_free(&ret); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); @@ -464,7 +464,7 @@ err: BN_clear_free(&ret); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index ffbc4d85a4..749fb20965 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -95,7 +95,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, else *siglen=i; - memset(s,0,(unsigned int)j+1); + OPENSSL_cleanse(s,(unsigned int)j+1); OPENSSL_free(s); return(ret); } @@ -137,7 +137,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, ret=1; err: if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); - memset(s,0,(unsigned int)siglen); + OPENSSL_cleanse(s,(unsigned int)siglen); OPENSSL_free(s); return(ret); } diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 68542f25c0..83764a2ce3 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -131,7 +131,7 @@ int RSA_sign(int type, unsigned char *m, unsigned int m_len, *siglen=i; if(type != NID_md5_sha1) { - memset(s,0,(unsigned int)j+1); + OPENSSL_cleanse(s,(unsigned int)j+1); OPENSSL_free(s); } return(ret); @@ -214,7 +214,7 @@ int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, } err: if (sig != NULL) X509_SIG_free(sig); - memset(s,0,(unsigned int)siglen); + OPENSSL_cleanse(s,(unsigned int)siglen); OPENSSL_free(s); return(ret); } diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c index 861752eaa7..e32847ef6c 100644 --- a/crypto/sha/sha1_one.c +++ b/crypto/sha/sha1_one.c @@ -70,7 +70,7 @@ unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) SHA1_Init(&c); SHA1_Update(&c,d,n); SHA1_Final(md,&c); - memset(&c,0,sizeof(c)); + OPENSSL_cleanse(&c,sizeof(c)); return(md); } #endif diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c index 2d955de162..65e15befb7 100644 --- a/crypto/sha/sha_one.c +++ b/crypto/sha/sha_one.c @@ -70,7 +70,7 @@ unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) SHA_Init(&c); SHA_Update(&c,d,n); SHA_Final(md,&c); - memset(&c,0,sizeof(c)); + OPENSSL_cleanse(&c,sizeof(c)); return(md); } #endif diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 9ad9276ff7..90b18a0464 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -897,7 +897,7 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) ctx->chain=NULL; } CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data)); - memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); + OPENSSL_cleanse(&ctx->ex_data,sizeof(CRYPTO_EX_DATA)); } void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags) diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 0c96064675..bc4113cd68 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -307,7 +307,7 @@ void ssl2_free(SSL *s) s2=s->s2; if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); - memset(s2,0,sizeof *s2); + OPENSSL_cleanse(s2,sizeof *s2); OPENSSL_free(s2); s->s2=NULL; } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 727fae88f1..c32a95581d 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1461,7 +1461,7 @@ static int ssl3_send_client_key_exchange(SSL *s) s->method->ssl3_enc->generate_master_secret(s, s->session->master_key, tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); - memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); + OPENSSL_cleanse(tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); } else #endif diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 79fa4f97c2..e7743aba2a 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -174,7 +174,7 @@ static void ssl3_generate_key_block(SSL *s, unsigned char *km, int num) km+=MD5_DIGEST_LENGTH; } - memset(smd,0,SHA_DIGEST_LENGTH); + OPENSSL_cleanse(smd,SHA_DIGEST_LENGTH); } int ssl3_change_cipher_state(SSL *s, int which) @@ -318,8 +318,8 @@ int ssl3_change_cipher_state(SSL *s, int which) EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); - memset(&(exp_key[0]),0,sizeof(exp_key)); - memset(&(exp_iv[0]),0,sizeof(exp_iv)); + OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key)); + OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv)); return(1); err: SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); @@ -390,7 +390,7 @@ void ssl3_cleanup_key_block(SSL *s) { if (s->s3->tmp.key_block != NULL) { - memset(s->s3->tmp.key_block,0, + OPENSSL_cleanse(s->s3->tmp.key_block, s->s3->tmp.key_block_length); OPENSSL_free(s->s3->tmp.key_block); s->s3->tmp.key_block=NULL; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index c231d9d06f..fb8ce5e2e3 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -732,7 +732,7 @@ void ssl3_free(SSL *s) #endif if (s->s3->tmp.ca_names != NULL) sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); - memset(s->s3,0,sizeof *s->s3); + OPENSSL_cleanse(s->s3,sizeof *s->s3); OPENSSL_free(s->s3); s->s3=NULL; } diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index cd122da8f1..7a89993b48 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1534,7 +1534,7 @@ static int ssl3_get_client_key_exchange(SSL *s) s->session->master_key_length= s->method->ssl3_enc->generate_master_secret(s, s->session->master_key,p,i); - memset(p,0,i); + OPENSSL_cleanse(p,i); } else #endif diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 130fe1018a..a8668e42e6 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -477,13 +477,13 @@ void SSL_SESSION_free(SSL_SESSION *ss) CRYPTO_free_ex_data(ssl_session_meth,ss,&ss->ex_data); - memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); - memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); - memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); + OPENSSL_cleanse(ss->key_arg,SSL_MAX_KEY_ARG_LENGTH); + OPENSSL_cleanse(ss->master_key,SSL_MAX_MASTER_KEY_LENGTH); + OPENSSL_cleanse(ss->session_id,SSL_MAX_SSL_SESSION_ID_LENGTH); if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); if (ss->peer != NULL) X509_free(ss->peer); if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); - memset(ss,0,sizeof(*ss)); + OPENSSL_cleanse(ss,sizeof(*ss)); OPENSSL_free(ss); } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index f3ecc5f586..a11e1130d8 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -158,7 +158,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, } HMAC_cleanup(&ctx); HMAC_cleanup(&ctx_tmp); - memset(A1,0,sizeof(A1)); + OPENSSL_cleanse(A1,sizeof(A1)); } static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, @@ -372,10 +372,10 @@ printf("\niv="); printf("\n"); #endif - memset(tmp1,0,sizeof(tmp1)); - memset(tmp2,0,sizeof(tmp1)); - memset(iv1,0,sizeof(iv1)); - memset(iv2,0,sizeof(iv2)); + OPENSSL_cleanse(tmp1,sizeof(tmp1)); + OPENSSL_cleanse(tmp2,sizeof(tmp1)); + OPENSSL_cleanse(iv1,sizeof(iv1)); + OPENSSL_cleanse(iv2,sizeof(iv2)); return(1); err: SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); @@ -426,7 +426,7 @@ printf("pre-master\n"); { int z; for (z=0; zsession->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } #endif tls1_generate_key_block(s,p1,p2,num); - memset(p2,0,num); + OPENSSL_cleanse(p2,num); OPENSSL_free(p2); #ifdef TLS_DEBUG printf("\nkey block\n");