Merge pull request #327 from libtom/fix/ccm_segfault

Fix ccm_memory() cleaning user-supplied key
(cherry picked from commit 85ac227862eceb3b22c0852a7dc363d46c2dd532)
This commit is contained in:
Steffen Jaeckel 2017-11-20 14:25:45 +01:00 committed by Steffen Jaeckel
parent 368dc60ff3
commit 13d91e7c8b
2 changed files with 14 additions and 1 deletions

View File

@ -333,6 +333,9 @@ int ccm_memory(int cipher,
if (skey != uskey) { if (skey != uskey) {
cipher_descriptor[cipher].done(skey); cipher_descriptor[cipher].done(skey);
#ifdef LTC_CLEAN_STACK
zeromem(skey, sizeof(*skey));
#endif
} }
if (direction == CCM_ENCRYPT) { if (direction == CCM_ENCRYPT) {
@ -380,7 +383,6 @@ int ccm_memory(int cipher,
fastMask = 0; fastMask = 0;
#endif #endif
mask = 0; mask = 0;
zeromem(skey, sizeof(*skey));
zeromem(PAD, sizeof(PAD)); zeromem(PAD, sizeof(PAD));
zeromem(CTRPAD, sizeof(CTRPAD)); zeromem(CTRPAD, sizeof(CTRPAD));
if (pt_work != NULL) { if (pt_work != NULL) {

View File

@ -145,6 +145,17 @@ int ccm_test(void)
tag, &taglen, 0)) != CRYPT_OK) { tag, &taglen, 0)) != CRYPT_OK) {
return err; return err;
} }
/* run a second time to make sure skey is not touched */
if ((err = ccm_memory(idx,
tests[x].key, 16,
&skey,
tests[x].nonce, tests[x].noncelen,
tests[x].header, tests[x].headerlen,
(unsigned char*)tests[x].pt, tests[x].ptlen,
buf,
tag, &taglen, 0)) != CRYPT_OK) {
return err;
}
} else { } else {
if ((err = ccm_init(&ccm, idx, tests[x].key, 16, tests[x].ptlen, tests[x].taglen, tests[x].headerlen)) != CRYPT_OK) { if ((err = ccm_init(&ccm, idx, tests[x].key, 16, tests[x].ptlen, tests[x].taglen, tests[x].headerlen)) != CRYPT_OK) {
return err; return err;