diff options
author | Yann Ylavic <ylavic@apache.org> | 2022-06-28 16:09:12 +0000 |
---|---|---|
committer | Yann Ylavic <ylavic@apache.org> | 2022-06-28 16:09:12 +0000 |
commit | 4000041d0ea6f7fccea67d2ac3d8205270b1cf1a (patch) | |
tree | 60520ce5d99c7db9fb3a19ad0d03ae4a28fe0296 /crypto/apr_crypto_prng.c | |
parent | 17ab72e940b86ec420057e27dbe543f54c9b21ff (diff) | |
download | apr-4000041d0ea6f7fccea67d2ac3d8205270b1cf1a.tar.gz |
apr_strings: Provide apr_memzero_explicit() in APR.
This function is handy outside apu_crypto usage, don't require users to link
to APU for the feature.
This commit moves the apr_crypto_memzero() implementation to apr_strings under
the apr_memzero_explicit() name, and replaces the calls to the former with the
latter, and apr_crypto_memzero() now calls apr_memzero_explicit() directly.
* include/apr_strings.h():
Declare apr_memzero_explicit().
* strings/apr_strings.c():
Implement apr_memzero_explicit() by moving/renaming the code from apu_crypto.
* crypto/apr_crypto.c(apr_crypto_memzero):
Fall back to apr_memzero_explicit().
* crypto/apr_crypto.c(crypto_clear):
Use apr_memzero_explicit() instead of apr_crypto_memzero().
* crypto/apr_crypto_prng.c(cprng_cleanup, cprng_stream_bytes,
apr_crypto_prng_reseed, cprng_bytes,
apr_crypto_prng_rekey, apr_crypto_prng_after_fork):
Use apr_memzero_explicit() instead of apr_crypto_memzero().
* crypto/apr_md4.c(MD4Transform):
Use apr_memzero_explicit() instead of apr_crypto_memzero().
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1902323 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'crypto/apr_crypto_prng.c')
-rw-r--r-- | crypto/apr_crypto_prng.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/crypto/apr_crypto_prng.c b/crypto/apr_crypto_prng.c index 842987f95..cd4a2044d 100644 --- a/crypto/apr_crypto_prng.c +++ b/crypto/apr_crypto_prng.c @@ -43,12 +43,13 @@ #include "apr_crypto.h" #include "apr_crypto_internal.h" +#include "apr_strings.h" + #if APU_HAVE_CRYPTO #if APU_HAVE_CRYPTO_PRNG #include "apr_ring.h" #include "apr_pools.h" -#include "apr_strings.h" #include "apr_thread_mutex.h" #include "apr_thread_proc.h" @@ -263,7 +264,7 @@ static apr_status_t cprng_cleanup(void *arg) } if (cprng->key) { - apr_crypto_memzero(cprng->key, CPRNG_KEY_SIZE + cprng->len); + apr_memzero_explicit(cprng->key, CPRNG_KEY_SIZE + cprng->len); } if (!cprng->pool) { @@ -435,7 +436,7 @@ static apr_status_t cprng_stream_bytes(apr_crypto_prng_t *cprng, rv = cprng->crypto->provider->cprng_stream_ctx_bytes(&cprng->ctx, cprng->key, to, len, cprng->buf); if (rv != APR_SUCCESS && len) { - apr_crypto_memzero(to, len); + apr_memzero_explicit(to, len); } return rv; } @@ -456,7 +457,7 @@ APR_DECLARE(apr_status_t) apr_crypto_prng_reseed(apr_crypto_prng_t *cprng, cprng_lock(cprng); cprng->pos = cprng->len; - apr_crypto_memzero(cprng->buf, cprng->len); + apr_memzero_explicit(cprng->buf, cprng->len); if (seed) { apr_size_t n = 0; do { @@ -528,7 +529,7 @@ static apr_status_t cprng_bytes(apr_crypto_prng_t *cprng, * both forward secrecy and cleared next mixed data. */ memcpy(ptr, cprng->buf + cprng->pos, n); - apr_crypto_memzero(cprng->buf + cprng->pos, n); + apr_memzero_explicit(cprng->buf + cprng->pos, n); cprng->pos += n; ptr += n; @@ -576,7 +577,7 @@ APR_DECLARE(apr_status_t) apr_crypto_prng_rekey(apr_crypto_prng_t *cprng) /* Clear state and renew the key. */ cprng->pos = cprng->len; - apr_crypto_memzero(cprng->buf, cprng->len); + apr_memzero_explicit(cprng->buf, cprng->len); rv = cprng_stream_bytes(cprng, NULL, 0); cprng_unlock(cprng); @@ -627,7 +628,7 @@ APR_DECLARE(apr_status_t) apr_crypto_prng_after_fork(apr_crypto_prng_t *cprng, * and that nothing is left over from the initial state in both processes. */ cprng->pos = cprng->len; - apr_crypto_memzero(cprng->buf, cprng->len); + apr_memzero_explicit(cprng->buf, cprng->len); if (!is_child) { rv = cprng_stream_bytes(cprng, cprng->key, CPRNG_KEY_SIZE); } |