From 4579924b7e55fccc7013e6de196f2e2ab175ce39 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 28 Nov 2002 08:04:36 +0000 Subject: Cleanse memory using the new OPENSSL_cleanse() function. I've covered all the memset()s I felt safe modifying, but may have missed some. --- apps/apps.c | 6 +++--- apps/ca.c | 2 +- apps/dgst.c | 2 +- apps/enc.c | 4 ++-- apps/s_client.c | 6 +++--- apps/s_server.c | 2 +- apps/s_socket.c | 16 ++++++++-------- crypto/asn1/a_sign.c | 8 ++++---- crypto/asn1/a_verify.c | 4 ++-- crypto/asn1/n_pkey.c | 6 +++--- crypto/asn1/p8_pkey.c | 4 ++-- crypto/des/des.c | 32 ++++++++++++++++---------------- crypto/des/read2pwd.c | 8 ++++---- crypto/des/read_pwd.c | 2 +- crypto/des/str2key.c | 4 ++-- crypto/ec/ec_key.c | 2 +- crypto/ec/ec_lib.c | 6 +++--- crypto/ecdh/ech_lib.c | 2 +- crypto/ecdsa/ecs_lib.c | 2 +- crypto/evp/bio_enc.c | 2 +- crypto/evp/bio_ok.c | 2 +- crypto/evp/digest.c | 2 +- crypto/evp/e_idea.c | 2 +- crypto/evp/evp_key.c | 4 ++-- crypto/evp/p5_crpt.c | 6 +++--- crypto/evp/p5_crpt2.c | 2 +- crypto/evp/p_open.c | 2 +- crypto/md32_common.h | 2 +- crypto/mem.c | 2 +- crypto/pem/pem_info.c | 4 ++-- crypto/pem/pem_lib.c | 14 +++++++------- crypto/pem/pem_pk8.c | 2 +- crypto/pem/pem_seal.c | 2 +- crypto/pkcs12/p12_crpt.c | 4 ++-- crypto/pkcs12/p12_decr.c | 4 ++-- crypto/pkcs12/p12_key.c | 2 +- crypto/pkcs7/bio_ber.c | 2 +- crypto/pkcs7/pk7_doit.c | 4 ++-- crypto/rand/md_rand.c | 4 ++-- crypto/rand/rand_unix.c | 2 +- crypto/rand/randfile.c | 4 ++-- crypto/rc4/rc4.c | 4 ++-- crypto/ripemd/rmd_one.c | 2 +- crypto/rsa/rsa_eay.c | 8 ++++---- crypto/rsa/rsa_saos.c | 4 ++-- crypto/rsa/rsa_sign.c | 4 ++-- crypto/sha/sha1_one.c | 2 +- crypto/sha/sha_one.c | 2 +- crypto/ui/ui_openssl.c | 2 +- crypto/ui/ui_util.c | 2 +- crypto/x509/x509_vfy.c | 2 +- engines/e_4758_cca.c | 4 ++-- engines/e_sureware.c | 2 +- ssl/kssl.c | 4 ++-- ssl/s2_lib.c | 2 +- ssl/s3_clnt.c | 6 +++--- ssl/s3_enc.c | 8 ++++---- ssl/s3_lib.c | 2 +- ssl/s3_srvr.c | 2 +- ssl/ssl_sess.c | 8 ++++---- ssl/t1_enc.c | 12 ++++++------ 61 files changed, 137 insertions(+), 137 deletions(-) diff --git a/apps/apps.c b/apps/apps.c index 271dfa1439..4a8c9263a7 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -615,7 +615,7 @@ int password_callback(char *buf, int bufsiz, int verify, if (buff) { - memset(buff,0,(unsigned int)bufsiz); + OPENSSL_cleanse(buff,(unsigned int)bufsiz); OPENSSL_free(buff); } @@ -625,13 +625,13 @@ int password_callback(char *buf, int bufsiz, int verify, { BIO_printf(bio_err, "User interface error\n"); ERR_print_errors(bio_err); - memset(buf,0,(unsigned int)bufsiz); + OPENSSL_cleanse(buf,(unsigned int)bufsiz); res = 0; } if (ok == -2) { BIO_printf(bio_err,"aborted!\n"); - memset(buf,0,(unsigned int)bufsiz); + OPENSSL_cleanse(buf,(unsigned int)bufsiz); res = 0; } UI_free(ui); diff --git a/apps/ca.c b/apps/ca.c index 42738deb3a..cac83a114f 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -706,7 +706,7 @@ bad: } pkey = load_key(bio_err, keyfile, keyform, 0, key, e, "CA private key"); - if (key) memset(key,0,strlen(key)); + if (key) OPENSSL_cleanse(key,strlen(key)); if (pkey == NULL) { /* load_key() has already printed an appropriate message */ diff --git a/apps/dgst.c b/apps/dgst.c index dd65a591f5..c4bb7a1061 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -356,7 +356,7 @@ int MAIN(int argc, char **argv) end: if (buf != NULL) { - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); OPENSSL_free(buf); } if (in != NULL) BIO_free(in); diff --git a/apps/enc.c b/apps/enc.c index eff5c5610e..bae7f21d79 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -481,9 +481,9 @@ bad: * bug picked up by * Larry J. Hughes Jr. */ if (str == strbuf) - memset(str,0,SIZE); + OPENSSL_cleanse(str,SIZE); else - memset(str,0,strlen(str)); + OPENSSL_cleanse(str,strlen(str)); } if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv)) { diff --git a/apps/s_client.c b/apps/s_client.c index 3b018ff0e0..7b1fa7b22b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -908,9 +908,9 @@ end: if (con != NULL) SSL_free(con); if (con2 != NULL) SSL_free(con2); if (ctx != NULL) SSL_CTX_free(ctx); - if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); } - if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); } - if (mbuf != NULL) { memset(mbuf,0,BUFSIZZ); OPENSSL_free(mbuf); } + if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } + if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } + if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } if (bio_c_out != NULL) { BIO_free(bio_c_out); diff --git a/apps/s_server.c b/apps/s_server.c index 4d87567a62..7380fcc85f 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1262,7 +1262,7 @@ err: BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); if (buf != NULL) { - memset(buf,0,bufsize); + OPENSSL_cleanse(buf,bufsize); OPENSSL_free(buf); } if (ret >= 0) diff --git a/apps/s_socket.c b/apps/s_socket.c index 77908b6380..9a696d5f93 100644 --- a/apps/s_socket.c +++ b/apps/s_socket.c @@ -62,14 +62,6 @@ #include #include -#ifdef FLAT_INC -#include "e_os.h" -#else -#include "../e_os.h" -#endif - -#ifndef OPENSSL_NO_SOCK - /* With IPv6, it looks like Digital has mixed up the proper order of recursive header file inclusion, resulting in the compiler complaining that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which @@ -87,6 +79,14 @@ typedef unsigned int u_int; #include "s_apps.h" #include +#ifdef FLAT_INC +#include "e_os.h" +#else +#include "../e_os.h" +#endif + +#ifndef OPENSSL_NO_SOCK + static struct hostent *GetHostByName(char *name); #ifdef OPENSSL_SYS_WINDOWS static void ssl_sock_cleanup(void); diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index de53b44144..52ce7e3974 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -204,9 +204,9 @@ int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, err: EVP_MD_CTX_cleanup(&ctx); if (buf_in != NULL) - { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } + { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } if (buf_out != NULL) - { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } + { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } return(outl); } @@ -287,8 +287,8 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, err: EVP_MD_CTX_cleanup(&ctx); if (buf_in != NULL) - { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } + { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); OPENSSL_free(buf_in); } if (buf_out != NULL) - { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } + { OPENSSL_cleanse((char *)buf_out,outll); OPENSSL_free(buf_out); } return(outl); } diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index bf41de5146..da2a0a6d69 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -103,7 +103,7 @@ int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, EVP_VerifyInit_ex(&ctx,type, NULL); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); - memset(buf_in,0,(unsigned int)inl); + OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, @@ -153,7 +153,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat EVP_VerifyInit_ex(&ctx,type, NULL); EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); - memset(buf_in,0,(unsigned int)inl); + OPENSSL_cleanse(buf_in,(unsigned int)inl); OPENSSL_free(buf_in); if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index 9146ee02c9..766b51c538 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -187,7 +187,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) i2d_NETSCAPE_PKEY(pkey,&zz); /* Wipe the private key encoding */ - memset(pkey->private_key->data, 0, rsalen); + OPENSSL_cleanse(pkey->private_key->data, rsalen); if (cb == NULL) cb=EVP_read_pw_string; @@ -206,7 +206,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) } EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); + OPENSSL_cleanse(buf,256); /* Encrypt private key in place */ zz = enckey->enckey->digest->data; @@ -294,7 +294,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, } EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); + OPENSSL_cleanse(buf,256); EVP_CIPHER_CTX_init(&ctx); EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL); diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index b634d5bc85..24b409132f 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -68,8 +68,8 @@ static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) if(operation == ASN1_OP_FREE_PRE) { PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; if (key->pkey->value.octet_string) - memset(key->pkey->value.octet_string->data, - 0, key->pkey->value.octet_string->length); + OPENSSL_cleanse(key->pkey->value.octet_string->data, + key->pkey->value.octet_string->length); } return 1; } diff --git a/crypto/des/des.c b/crypto/des/des.c index d8c846b23d..343135ff9e 100644 --- a/crypto/des/des.c +++ b/crypto/des/des.c @@ -427,7 +427,7 @@ void doencryption(void) k2[i-8]=k; } DES_set_key_unchecked(&k2,&ks2); - memset(k2,0,sizeof(k2)); + OPENSSL_cleanse(k2,sizeof(k2)); } else if (longk || flag3) { @@ -435,7 +435,7 @@ void doencryption(void) { DES_string_to_2keys(key,&kk,&k2); DES_set_key_unchecked(&k2,&ks2); - memset(k2,0,sizeof(k2)); + OPENSSL_cleanse(k2,sizeof(k2)); } else DES_string_to_key(key,&kk); @@ -457,8 +457,8 @@ void doencryption(void) } DES_set_key_unchecked(&kk,&ks); - memset(key,0,sizeof(key)); - memset(kk,0,sizeof(kk)); + OPENSSL_cleanse(key,sizeof(key)); + OPENSSL_cleanse(kk,sizeof(kk)); /* woops - A bug that does not showup under unix :-( */ memset(iv,0,sizeof(iv)); memset(iv2,0,sizeof(iv2)); @@ -666,18 +666,18 @@ void doencryption(void) if (l) fclose(CKSUM_OUT); } problems: - memset(buf,0,sizeof(buf)); - memset(obuf,0,sizeof(obuf)); - memset(&ks,0,sizeof(ks)); - memset(&ks2,0,sizeof(ks2)); - memset(iv,0,sizeof(iv)); - memset(iv2,0,sizeof(iv2)); - memset(kk,0,sizeof(kk)); - memset(k2,0,sizeof(k2)); - memset(uubuf,0,sizeof(uubuf)); - memset(b,0,sizeof(b)); - memset(bb,0,sizeof(bb)); - memset(cksum,0,sizeof(cksum)); + OPENSSL_cleanse(buf,sizeof(buf)); + OPENSSL_cleanse(obuf,sizeof(obuf)); + OPENSSL_cleanse(&ks,sizeof(ks)); + OPENSSL_cleanse(&ks2,sizeof(ks2)); + OPENSSL_cleanse(iv,sizeof(iv)); + OPENSSL_cleanse(iv2,sizeof(iv2)); + OPENSSL_cleanse(kk,sizeof(kk)); + OPENSSL_cleanse(k2,sizeof(k2)); + OPENSSL_cleanse(uubuf,sizeof(uubuf)); + OPENSSL_cleanse(b,sizeof(b)); + OPENSSL_cleanse(bb,sizeof(bb)); + OPENSSL_cleanse(cksum,sizeof(cksum)); if (Exit) EXIT(Exit); } diff --git a/crypto/des/read2pwd.c b/crypto/des/read2pwd.c index 241adfa342..430da4e994 100644 --- a/crypto/des/read2pwd.c +++ b/crypto/des/read2pwd.c @@ -123,8 +123,8 @@ int DES_read_password(DES_cblock *key, const char *prompt, int verify) if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) DES_string_to_key(buf,key); - memset(buf,0,BUFSIZ); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ok); } @@ -136,7 +136,7 @@ int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2, const char *prompt, if ((ok=UI_UTIL_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0) DES_string_to_2keys(buf,key1,key2); - memset(buf,0,BUFSIZ); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ok); } diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c index c79c9a0e2a..ce5fa00a37 100644 --- a/crypto/des/read_pwd.c +++ b/crypto/des/read_pwd.c @@ -220,7 +220,7 @@ int des_read_pw_string(char *buf, int length, const char *prompt, int ret; ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ret); } diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c index 36c3f81d99..0373db469c 100644 --- a/crypto/des/str2key.c +++ b/crypto/des/str2key.c @@ -94,7 +94,7 @@ void DES_string_to_key(const char *str, DES_cblock *key) DES_set_key_unchecked(key,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key,length,&ks,key); - memset(&ks,0,sizeof(ks)); + OPENSSL_cleanse(&ks,sizeof(ks)); DES_set_odd_parity(key); } @@ -167,7 +167,7 @@ void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2) DES_set_key_unchecked(key2,&ks); #endif DES_cbc_cksum((const unsigned char*)str,key2,length,&ks,key2); - memset(&ks,0,sizeof(ks)); + OPENSSL_cleanse(&ks,sizeof(ks)); DES_set_odd_parity(key1); DES_set_odd_parity(key2); } diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index d537fe7de6..d7758c91d3 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -118,7 +118,7 @@ void EC_KEY_free(EC_KEY *r) if (r->meth_data && r->meth_data->finish) r->meth_data->finish(r); - memset((void *)r, 0x0, sizeof(EC_KEY)); + OPENSSL_cleanse((void *)r, sizeof(EC_KEY)); OPENSSL_free(r); } diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 9669f42aab..2cc0dc0ec1 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -162,11 +162,11 @@ void EC_GROUP_clear_free(EC_GROUP *group) if (group->seed) { - memset(group->seed, 0, group->seed_len); + OPENSSL_cleanse(group->seed, group->seed_len); OPENSSL_free(group->seed); } - memset(group, 0, sizeof *group); + OPENSSL_cleanse(group, sizeof *group); OPENSSL_free(group); } @@ -591,7 +591,7 @@ void EC_POINT_clear_free(EC_POINT *point) point->meth->point_clear_finish(point); else if (point->meth != NULL && point->meth->point_finish != 0) point->meth->point_finish(point); - memset(point, 0, sizeof *point); + OPENSSL_cleanse(point, sizeof *point); OPENSSL_free(point); } diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c index fd8cb19fdd..59526f33bd 100644 --- a/crypto/ecdh/ech_lib.c +++ b/crypto/ecdh/ech_lib.c @@ -176,7 +176,7 @@ void ECDH_DATA_free(ECDH_DATA *r) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data); - memset((void *)r, 0x0, sizeof(ECDH_DATA)); + OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA)); OPENSSL_free(r); } diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index 8eb1c30865..9465dee625 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -170,7 +170,7 @@ void ECDSA_DATA_free(ECDSA_DATA *r) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data); - memset((void *)r, 0x0, sizeof(ECDSA_DATA)); + OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA)); OPENSSL_free(r); } diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c index 64fb2353af..510e1bc8a4 100644 --- a/crypto/evp/bio_enc.c +++ b/crypto/evp/bio_enc.c @@ -132,7 +132,7 @@ static int enc_free(BIO *a) if (a == NULL) return(0); b=(BIO_ENC_CTX *)a->ptr; EVP_CIPHER_CTX_cleanup(&(b->cipher)); - memset(a->ptr,0,sizeof(BIO_ENC_CTX)); + OPENSSL_cleanse(a->ptr,sizeof(BIO_ENC_CTX)); OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c index 3cbc6e7848..530ab937ce 100644 --- a/crypto/evp/bio_ok.c +++ b/crypto/evp/bio_ok.c @@ -211,7 +211,7 @@ static int ok_free(BIO *a) { if (a == NULL) return(0); EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md); - memset(a->ptr,0,sizeof(BIO_OK_CTX)); + OPENSSL_cleanse(a->ptr,sizeof(BIO_OK_CTX)); OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 9d18728d30..33013c41a6 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -301,7 +301,7 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) ctx->digest->cleanup(ctx); if (ctx->digest && ctx->digest->ctx_size && ctx->md_data) { - memset(ctx->md_data,0,ctx->digest->ctx_size); + OPENSSL_cleanse(ctx->md_data,ctx->digest->ctx_size); OPENSSL_free(ctx->md_data); } if(ctx->engine) diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index ed838d3e62..b9efa75ae7 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -109,7 +109,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, idea_set_encrypt_key(key,&tmp); idea_set_decrypt_key(&tmp,ctx->cipher_data); - memset((unsigned char *)&tmp,0, + OPENSSL_cleanse((unsigned char *)&tmp, sizeof(IDEA_KEY_SCHEDULE)); } return 1; diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index dc103bd1d7..5f387a94d3 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -103,7 +103,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); ret = UI_process(ui); UI_free(ui); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return ret; } @@ -168,7 +168,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, if ((nkey == 0) && (niv == 0)) break; } EVP_MD_CTX_cleanup(&c); - memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); + OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); return(type->key_len); } diff --git a/crypto/evp/p5_crpt.c b/crypto/evp/p5_crpt.c index d15b799281..a1874e83b2 100644 --- a/crypto/evp/p5_crpt.c +++ b/crypto/evp/p5_crpt.c @@ -146,8 +146,8 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), EVP_CIPHER_iv_length(cipher)); EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de); - memset(md_tmp, 0, EVP_MAX_MD_SIZE); - memset(key, 0, EVP_MAX_KEY_LENGTH); - memset(iv, 0, EVP_MAX_IV_LENGTH); + OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE); + OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); + OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); return 1; } diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 098ce8afa0..1f94e1ef88 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -231,7 +231,7 @@ int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, iter = ASN1_INTEGER_get(kdf->iter); PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de); - memset(key, 0, keylen); + OPENSSL_cleanse(key, keylen); PBKDF2PARAM_free(kdf); return 1; diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c index 6976f2a867..5a933d1cda 100644 --- a/crypto/evp/p_open.c +++ b/crypto/evp/p_open.c @@ -101,7 +101,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *ek, ret=1; err: - if (key != NULL) memset(key,0,size); + if (key != NULL) OPENSSL_cleanse(key,size); OPENSSL_free(key); return(ret); } diff --git a/crypto/md32_common.h b/crypto/md32_common.h index 86e41bf6df..275b93618b 100644 --- a/crypto/md32_common.h +++ b/crypto/md32_common.h @@ -606,7 +606,7 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c) c->num=0; /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack * but I'm not worried :-) - memset((void *)c,0,sizeof(HASH_CTX)); + OPENSSL_cleanse((void *)c,sizeof(HASH_CTX)); */ return 1; } diff --git a/crypto/mem.c b/crypto/mem.c index 46a00697ce..d7d3cda5dc 100644 --- a/crypto/mem.c +++ b/crypto/mem.c @@ -343,7 +343,7 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file, ret=malloc_ex_func(num,file,line); if(ret) memcpy(ret,str,old_len); - memset(str,'\0',old_len); + OPENSSL_cleanse(str,old_len); free_func(str); #ifdef LEVITTE_DEBUG_MEM fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num); diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 5412408584..17ea85e4d7 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -383,7 +383,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc, ret=1; err: - memset((char *)&ctx,0,sizeof(ctx)); - memset(buf,0,PEM_BUFSIZE); + OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); + OPENSSL_cleanse(buf,PEM_BUFSIZE); return(ret); } diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 8e213c11c4..d3e9ce8577 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -368,13 +368,13 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, i=PEM_write_bio(bp,name,buf,data,i); if (i <= 0) ret=0; err: - memset(key,0,sizeof(key)); - memset(iv,0,sizeof(iv)); - memset((char *)&ctx,0,sizeof(ctx)); - memset(buf,0,PEM_BUFSIZE); + OPENSSL_cleanse(key,sizeof(key)); + OPENSSL_cleanse(iv,sizeof(iv)); + OPENSSL_cleanse((char *)&ctx,sizeof(ctx)); + OPENSSL_cleanse(buf,PEM_BUFSIZE); if (data != NULL) { - memset(data,0,(unsigned int)dsize); + OPENSSL_cleanse(data,(unsigned int)dsize); OPENSSL_free(data); } return(ret); @@ -415,8 +415,8 @@ int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, EVP_DecryptUpdate(&ctx,data,&i,data,j); o=EVP_DecryptFinal_ex(&ctx,&(data[i]),&j); EVP_CIPHER_CTX_cleanup(&ctx); - memset((char *)buf,0,sizeof(buf)); - memset((char *)key,0,sizeof(key)); + OPENSSL_cleanse((char *)buf,sizeof(buf)); + OPENSSL_cleanse((char *)key,sizeof(key)); j+=i; if (!o) { diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c index f44182ffb5..db38a2a79d 100644 --- a/crypto/pem/pem_pk8.c +++ b/crypto/pem/pem_pk8.c @@ -136,7 +136,7 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER kstr = buf; } p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf); - if(kstr == buf) memset(buf, 0, klen); + if(kstr == buf) OPENSSL_cleanse(buf, klen); PKCS8_PRIV_KEY_INFO_free(p8inf); if(isder) ret = i2d_PKCS8_bio(bp, p8); else ret = PEM_write_bio_PKCS8(bp, p8); diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c index ae463a301d..56e08abd70 100644 --- a/crypto/pem/pem_seal.c +++ b/crypto/pem/pem_seal.c @@ -112,7 +112,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, ret=npubk; err: if (s != NULL) OPENSSL_free(s); - memset(key,0,EVP_MAX_KEY_LENGTH); + OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH); return(ret); } diff --git a/crypto/pkcs12/p12_crpt.c b/crypto/pkcs12/p12_crpt.c index 97be6a5fb5..5e8958612b 100644 --- a/crypto/pkcs12/p12_crpt.c +++ b/crypto/pkcs12/p12_crpt.c @@ -118,7 +118,7 @@ int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, } PBEPARAM_free(pbe); EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de); - memset(key, 0, EVP_MAX_KEY_LENGTH); - memset(iv, 0, EVP_MAX_IV_LENGTH); + OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH); + OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH); return 1; } diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 394af368f4..b5684a83ba 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -136,7 +136,7 @@ void * PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, } #endif ret = ASN1_item_d2i(NULL, &p, outlen, it); - if (zbuf) memset(out, 0, outlen); + if (zbuf) OPENSSL_cleanse(out, outlen); if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); OPENSSL_free(out); return ret; @@ -168,7 +168,7 @@ ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor, const ASN1_ITEM *i OPENSSL_free(in); return NULL; } - if (zbuf) memset(in, 0, inlen); + if (zbuf) OPENSSL_cleanse(in, inlen); OPENSSL_free(in); return oct; } diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index 0d39ebde8c..9196a34b4a 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -91,7 +91,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, id, iter, n, out, md_type); if(unipass) { - memset(unipass, 0, uniplen); /* Clear password from memory */ + OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */ OPENSSL_free(unipass); } return ret; diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c index 42331f7ab0..895a91177b 100644 --- a/crypto/pkcs7/bio_ber.c +++ b/crypto/pkcs7/bio_ber.c @@ -145,7 +145,7 @@ static int ber_free(BIO *a) if (a == NULL) return(0); b=(BIO_BER_CTX *)a->ptr; - memset(a->ptr,0,sizeof(BIO_BER_CTX)); + OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX)); OPENSSL_free(a->ptr); a->ptr=NULL; a->init=0; diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index d1ab612eaa..123671b43e 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -241,7 +241,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); } OPENSSL_free(tmp); - memset(key, 0, keylen); + OPENSSL_cleanse(key, keylen); if (out == NULL) out=btmp; @@ -448,7 +448,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) } EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0); - memset(tmp,0,jj); + OPENSSL_cleanse(tmp,jj); if (out == NULL) out=etmp; diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c index a00ed70718..eeffc0df4c 100644 --- a/crypto/rand/md_rand.c +++ b/crypto/rand/md_rand.c @@ -177,10 +177,10 @@ RAND_METHOD *RAND_SSLeay(void) static void ssleay_rand_cleanup(void) { - memset(state,0,sizeof(state)); + OPENSSL_cleanse(state,sizeof(state)); state_num=0; state_index=0; - memset(md,0,MD_DIGEST_LENGTH); + OPENSSL_cleanse(md,MD_DIGEST_LENGTH); md_count[0]=0; md_count[1]=0; entropy=0; diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 4175576fcc..a776e52243 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -215,7 +215,7 @@ int RAND_poll(void) if (n > 0) { RAND_add(tmpbuf,sizeof tmpbuf,n); - memset(tmpbuf,0,n); + OPENSSL_cleanse(tmpbuf,n); } #endif diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 7c2673a61f..41574768ab 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -124,7 +124,7 @@ int RAND_load_file(const char *file, long bytes) } } fclose(in); - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); err: return(ret); } @@ -189,7 +189,7 @@ int RAND_write_file(const char *file) #endif /* OPENSSL_SYS_VMS */ fclose(out); - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); err: return (rand_err ? -1 : ret); } diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c index c2165b0b75..b39c070292 100644 --- a/crypto/rc4/rc4.c +++ b/crypto/rc4/rc4.c @@ -155,7 +155,7 @@ bad: i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0); if (i != 0) { - memset(buf,0,BUFSIZ); + OPENSSL_cleanse(buf,BUFSIZ); fprintf(stderr,"bad password read\n"); exit(1); } @@ -163,7 +163,7 @@ bad: } EVP_Digest((unsigned char *)keystr,(unsigned long)strlen(keystr),md,NULL,EVP_md5()); - memset(keystr,0,strlen(keystr)); + OPENSSL_cleanse(keystr,strlen(keystr)); RC4_set_key(&key,MD5_DIGEST_LENGTH,md); for(;;) diff --git a/crypto/ripemd/rmd_one.c b/crypto/ripemd/rmd_one.c index efdf2dd6ef..a783282282 100644 --- a/crypto/ripemd/rmd_one.c +++ b/crypto/ripemd/rmd_one.c @@ -70,7 +70,7 @@ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, RIPEMD160_Init(&c); RIPEMD160_Update(&c,d,n); RIPEMD160_Final(md,&c); - memset(&c,0,sizeof(c)); /* security consideration */ + OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */ return(md); } diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 963c34a948..c4e6d1e22a 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -187,7 +187,7 @@ err: BN_clear_free(&ret); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); @@ -271,7 +271,7 @@ err: BN_clear_free(&f); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); @@ -370,7 +370,7 @@ err: BN_clear_free(&ret); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); @@ -467,7 +467,7 @@ err: BN_clear_free(&ret); if (buf != NULL) { - memset(buf,0,num); + OPENSSL_cleanse(buf,num); OPENSSL_free(buf); } return(r); diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c index 423cb50652..f462716a57 100644 --- a/crypto/rsa/rsa_saos.c +++ b/crypto/rsa/rsa_saos.c @@ -96,7 +96,7 @@ int RSA_sign_ASN1_OCTET_STRING(int type, else *siglen=i; - memset(s,0,(unsigned int)j+1); + OPENSSL_cleanse(s,(unsigned int)j+1); OPENSSL_free(s); return(ret); } @@ -139,7 +139,7 @@ int RSA_verify_ASN1_OCTET_STRING(int dtype, ret=1; err: if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); - memset(s,0,(unsigned int)siglen); + OPENSSL_cleanse(s,(unsigned int)siglen); OPENSSL_free(s); return(ret); } diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index c53ca73914..4ac2de3407 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -136,7 +136,7 @@ int RSA_sign(int type, const unsigned char *m, unsigned int m_len, *siglen=i; if(type != NID_md5_sha1) { - memset(tmps,0,(unsigned int)j+1); + OPENSSL_cleanse(tmps,(unsigned int)j+1); OPENSSL_free(tmps); } return(ret); @@ -221,7 +221,7 @@ int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len, } err: if (sig != NULL) X509_SIG_free(sig); - memset(s,0,(unsigned int)siglen); + OPENSSL_cleanse(s,(unsigned int)siglen); OPENSSL_free(s); return(ret); } diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c index e6a24888ed..ad235d6cdc 100644 --- a/crypto/sha/sha1_one.c +++ b/crypto/sha/sha1_one.c @@ -70,7 +70,7 @@ unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) SHA1_Init(&c); SHA1_Update(&c,d,n); SHA1_Final(md,&c); - memset(&c,0,sizeof(c)); + OPENSSL_cleanse(&c,sizeof(c)); return(md); } #endif diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c index 5426faae4a..66b083144a 100644 --- a/crypto/sha/sha_one.c +++ b/crypto/sha/sha_one.c @@ -70,7 +70,7 @@ unsigned char *SHA(const unsigned char *d, unsigned long n, unsigned char *md) SHA_Init(&c); SHA_Update(&c,d,n); SHA_Final(md,&c); - memset(&c,0,sizeof(c)); + OPENSSL_cleanse(&c,sizeof(c)); return(md); } #endif diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c index 6d5f9cd8b1..e1a872ef7c 100644 --- a/crypto/ui/ui_openssl.c +++ b/crypto/ui/ui_openssl.c @@ -449,7 +449,7 @@ error: ok=1; #endif - memset(result,0,BUFSIZ); + OPENSSL_cleanse(result,BUFSIZ); return ok; } diff --git a/crypto/ui/ui_util.c b/crypto/ui/ui_util.c index 8876128e56..fc8b691a87 100644 --- a/crypto/ui/ui_util.c +++ b/crypto/ui/ui_util.c @@ -65,7 +65,7 @@ int UI_UTIL_read_pw_string(char *buf,int length,const char *prompt,int verify) int ret; ret=UI_UTIL_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify); - memset(buff,0,BUFSIZ); + OPENSSL_cleanse(buff,BUFSIZ); return(ret); } diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 552d1e7251..568c629367 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -1158,7 +1158,7 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) ctx->chain=NULL; } CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data)); - memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); + OPENSSL_cleanse(&ctx->ex_data,sizeof(CRYPTO_EX_DATA)); } void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags) diff --git a/engines/e_4758_cca.c b/engines/e_4758_cca.c index 84de02df92..091e2dd317 100644 --- a/engines/e_4758_cca.c +++ b/engines/e_4758_cca.c @@ -717,7 +717,7 @@ static int cca_rsa_verify(int type, const unsigned char *m, unsigned int m_len, if (type == NID_sha1 || type == NID_md5) { - memset(hashBuffer, 0, keyLength+1); + OPENSSL_cleanse(hashBuffer, keyLength+1); OPENSSL_free(hashBuffer); } @@ -840,7 +840,7 @@ static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len, if (type == NID_sha1 || type == NID_md5) { - memset(hashBuffer, 0, keyLength+1); + OPENSSL_cleanse(hashBuffer, keyLength+1); OPENSSL_free(hashBuffer); } diff --git a/engines/e_sureware.c b/engines/e_sureware.c index 9c2279c195..270ee0934e 100644 --- a/engines/e_sureware.c +++ b/engines/e_sureware.c @@ -906,7 +906,7 @@ static int surewarehk_rsa_priv_dec(int flen,const unsigned char *from,unsigned c err: if (buf) { - memset(buf,0,tlen); + OPENSSL_cleanse(buf,tlen); OPENSSL_free(buf); } return ret; diff --git a/ssl/kssl.c b/ssl/kssl.c index c294166b9d..1a49f43a83 100644 --- a/ssl/kssl.c +++ b/ssl/kssl.c @@ -1550,7 +1550,7 @@ kssl_ctx_free(KSSL_CTX *kssl_ctx) { if (kssl_ctx == NULL) return kssl_ctx; - if (kssl_ctx->key) memset(kssl_ctx->key, 0, + if (kssl_ctx->key) OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length); if (kssl_ctx->key) free(kssl_ctx->key); if (kssl_ctx->client_princ) free(kssl_ctx->client_princ); @@ -1654,7 +1654,7 @@ kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session) if (kssl_ctx->key) { - memset(kssl_ctx->key, 0, kssl_ctx->length); + OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length); free(kssl_ctx->key); } diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c index 096e38d316..910b9fe097 100644 --- a/ssl/s2_lib.c +++ b/ssl/s2_lib.c @@ -308,7 +308,7 @@ void ssl2_free(SSL *s) s2=s->s2; if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf); if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf); - memset(s2,0,sizeof *s2); + OPENSSL_cleanse(s2,sizeof *s2); OPENSSL_free(s2); s->s2=NULL; } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 45bea069f2..aff0d9e61b 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1657,7 +1657,7 @@ static int ssl3_send_client_key_exchange(SSL *s) s->method->ssl3_enc->generate_master_secret(s, s->session->master_key, tmp_buf,sizeof tmp_buf); - memset(tmp_buf,0,sizeof tmp_buf); + OPENSSL_cleanse(tmp_buf,sizeof tmp_buf); } #endif #ifndef OPENSSL_NO_KRB5 @@ -1788,8 +1788,8 @@ static int ssl3_send_client_key_exchange(SSL *s) s->session->master_key, tmp_buf, sizeof tmp_buf); - memset(tmp_buf, 0, sizeof tmp_buf); - memset(epms, 0, outl); + OPENSSL_cleanse(tmp_buf, sizeof tmp_buf); + OPENSSL_cleanse(epms, outl); } #endif #ifndef OPENSSL_NO_DH diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index cec8fcd376..35fde29c8a 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -182,7 +182,7 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) km+=MD5_DIGEST_LENGTH; } - memset(smd,0,SHA_DIGEST_LENGTH); + OPENSSL_cleanse(smd,SHA_DIGEST_LENGTH); EVP_MD_CTX_cleanup(&m5); EVP_MD_CTX_cleanup(&s1); return 1; @@ -333,8 +333,8 @@ int ssl3_change_cipher_state(SSL *s, int which) EVP_CipherInit_ex(dd,c,NULL,key,iv,(which & SSL3_CC_WRITE)); - memset(&(exp_key[0]),0,sizeof(exp_key)); - memset(&(exp_iv[0]),0,sizeof(exp_iv)); + OPENSSL_cleanse(&(exp_key[0]),sizeof(exp_key)); + OPENSSL_cleanse(&(exp_iv[0]),sizeof(exp_iv)); EVP_MD_CTX_cleanup(&md); return(1); err: @@ -408,7 +408,7 @@ void ssl3_cleanup_key_block(SSL *s) { if (s->s3->tmp.key_block != NULL) { - memset(s->s3->tmp.key_block,0, + OPENSSL_cleanse(s->s3->tmp.key_block, s->s3->tmp.key_block_length); OPENSSL_free(s->s3->tmp.key_block); s->s3->tmp.key_block=NULL; diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index be4325886d..2145385ccd 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -1468,7 +1468,7 @@ void ssl3_free(SSL *s) sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); EVP_MD_CTX_cleanup(&s->s3->finish_dgst1); EVP_MD_CTX_cleanup(&s->s3->finish_dgst2); - memset(s->s3,0,sizeof *s->s3); + OPENSSL_cleanse(s->s3,sizeof *s->s3); OPENSSL_free(s->s3); s->s3=NULL; } diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index fbd5ff54da..c687da9b2e 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -2069,7 +2069,7 @@ static int ssl3_get_client_key_exchange(SSL *s) s->session->master_key_length = s->method->ssl3_enc-> \ generate_master_secret(s, s->session->master_key, p, i); - memset(p, 0, i); + OPENSSL_cleanse(p, i); return (ret); } else diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index a969d8fdce..fbc30b94e6 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -528,13 +528,13 @@ void SSL_SESSION_free(SSL_SESSION *ss) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data); - memset(ss->key_arg,0,sizeof ss->key_arg); - memset(ss->master_key,0,sizeof ss->master_key); - memset(ss->session_id,0,sizeof ss->session_id); + OPENSSL_cleanse(ss->key_arg,sizeof ss->key_arg); + OPENSSL_cleanse(ss->master_key,sizeof ss->master_key); + OPENSSL_cleanse(ss->session_id,sizeof ss->session_id); if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); if (ss->peer != NULL) X509_free(ss->peer); if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); - memset(ss,0,sizeof(*ss)); + OPENSSL_cleanse(ss,sizeof(*ss)); OPENSSL_free(ss); } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 872c629989..bfcd7d9191 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -161,7 +161,7 @@ static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, } HMAC_CTX_cleanup(&ctx); HMAC_CTX_cleanup(&ctx_tmp); - memset(A1,0,sizeof(A1)); + OPENSSL_cleanse(A1,sizeof(A1)); } static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, @@ -418,10 +418,10 @@ printf("\niv="); printf("\n"); #endif - memset(tmp1,0,sizeof(tmp1)); - memset(tmp2,0,sizeof(tmp1)); - memset(iv1,0,sizeof(iv1)); - memset(iv2,0,sizeof(iv2)); + OPENSSL_cleanse(tmp1,sizeof(tmp1)); + OPENSSL_cleanse(tmp2,sizeof(tmp1)); + OPENSSL_cleanse(iv1,sizeof(iv1)); + OPENSSL_cleanse(iv2,sizeof(iv2)); return(1); err: SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE); @@ -476,7 +476,7 @@ printf("pre-master\n"); { int z; for (z=0; zsession->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } #endif tls1_generate_key_block(s,p1,p2,num); - memset(p2,0,num); + OPENSSL_cleanse(p2,num); OPENSSL_free(p2); #ifdef TLS_DEBUG printf("\nkey block\n"); -- cgit v1.2.3