diff options
| author | minfrin <minfrin@13f79535-47bb-0310-9956-ffa450edef68> | 2011-12-05 17:02:27 +0000 |
|---|---|---|
| committer | minfrin <minfrin@13f79535-47bb-0310-9956-ffa450edef68> | 2011-12-05 17:02:27 +0000 |
| commit | 9f64ef63dd5e5f8545376392e39660648f3e20a6 (patch) | |
| tree | 633137226b6d0c3a4674a9456590370c7d919019 | |
| parent | 2c739cd222bb0acb2de6c62441d70050cfcc8697 (diff) | |
| download | libapr-util-9f64ef63dd5e5f8545376392e39660648f3e20a6.tar.gz | |
Backport:
apr_crypto: Clear out buffers that are allocated by us when the pool from
which the memory was allocated from is cleaned up.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr-util/branches/1.5.x@1210530 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | crypto/apr_crypto.c | 30 | ||||
| -rw-r--r-- | crypto/apr_crypto_nss.c | 3 | ||||
| -rw-r--r-- | crypto/apr_crypto_openssl.c | 4 | ||||
| -rw-r--r-- | include/apr_crypto.h | 11 |
4 files changed, 48 insertions, 0 deletions
diff --git a/crypto/apr_crypto.c b/crypto/apr_crypto.c index 2352c703..2ca391a0 100644 --- a/crypto/apr_crypto.c +++ b/crypto/apr_crypto.c @@ -62,6 +62,11 @@ APR_TYPEDEF_STRUCT(apr_crypto_block_t, const apr_crypto_t *f; ) +typedef struct apr_crypto_clear_t { + void *buffer; + apr_size_t size; +} apr_crypto_clear_t; + #if !APU_DSO_BUILD #define DRIVER_LOAD(name,driver,pool,params) \ { \ @@ -124,6 +129,31 @@ APU_DECLARE(apr_status_t) apr_crypto_init(apr_pool_t *pool) return ret; } +static apr_status_t crypto_clear(void *ptr) +{ + apr_crypto_clear_t *clear = (apr_crypto_clear_t *)ptr; + + memset(clear->buffer, 0, clear->size); + clear->buffer = NULL; + clear->size = 0; + + return APR_SUCCESS; +} + +APR_DECLARE(apr_status_t) apr_crypto_clear(apr_pool_t *pool, + void *buffer, apr_size_t size) +{ + apr_crypto_clear_t *clear = apr_palloc(pool, sizeof(apr_crypto_clear_t)); + + clear->buffer = buffer; + clear->size = size; + + apr_pool_cleanup_register(pool, clear, crypto_clear, + apr_pool_cleanup_null); + + return APR_SUCCESS; +} + APU_DECLARE(apr_status_t) apr_crypto_get_driver( const apr_crypto_driver_t **driver, const char *name, const char *params, const apu_err_t **result, apr_pool_t *pool) diff --git a/crypto/apr_crypto_nss.c b/crypto/apr_crypto_nss.c index edc47cf1..d594542c 100644 --- a/crypto/apr_crypto_nss.c +++ b/crypto/apr_crypto_nss.c @@ -551,6 +551,7 @@ static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx, if (!usedIv) { return APR_ENOMEM; } + apr_crypto_clear(p, usedIv, key->ivSize); s = PK11_GenerateRandom(usedIv, key->ivSize); if (s != SECSuccess) { return APR_ENOIV; @@ -622,6 +623,7 @@ static apr_status_t crypto_block_encrypt(unsigned char **out, if (!buffer) { return APR_ENOMEM; } + apr_crypto_clear(block->pool, buffer, inlen + block->blockSize); *out = buffer; } @@ -785,6 +787,7 @@ static apr_status_t crypto_block_decrypt(unsigned char **out, if (!buffer) { return APR_ENOMEM; } + apr_crypto_clear(block->pool, buffer, inlen + block->blockSize); *out = buffer; } diff --git a/crypto/apr_crypto_openssl.c b/crypto/apr_crypto_openssl.c index cbdb7685..97e6008e 100644 --- a/crypto/apr_crypto_openssl.c +++ b/crypto/apr_crypto_openssl.c @@ -430,6 +430,7 @@ static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize, if (!key->key) { return APR_ENOMEM; } + apr_crypto_clear(p, key->key, key->keyLen); /* generate the key */ if (PKCS5_PBKDF2_HMAC_SHA1(pass, passLen, (unsigned char *) salt, saltLen, @@ -503,6 +504,7 @@ static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx, if (!usedIv) { return APR_ENOMEM; } + apr_crypto_clear(p, usedIv, key->ivSize); if (!((RAND_status() == 1) && (RAND_bytes(usedIv, key->ivSize) == 1))) { return APR_ENOIV; @@ -574,6 +576,7 @@ static apr_status_t crypto_block_encrypt(unsigned char **out, if (!buffer) { return APR_ENOMEM; } + apr_crypto_clear(ctx->pool, buffer, inlen + EVP_MAX_BLOCK_LENGTH); *out = buffer; } @@ -728,6 +731,7 @@ static apr_status_t crypto_block_decrypt(unsigned char **out, if (!buffer) { return APR_ENOMEM; } + apr_crypto_clear(ctx->pool, buffer, inlen + EVP_MAX_BLOCK_LENGTH); *out = buffer; } diff --git a/include/apr_crypto.h b/include/apr_crypto.h index 2b772d1f..9c5778be 100644 --- a/include/apr_crypto.h +++ b/include/apr_crypto.h @@ -132,6 +132,17 @@ typedef struct apr_crypto_block_t apr_crypto_block_t; APU_DECLARE(apr_status_t) apr_crypto_init(apr_pool_t *pool); /** + * @brief Register a cleanup to zero out the buffer provided + * when the pool is cleaned up. + * + * @param pool - pool to register the cleanup + * @param buffer - buffer to zero out + * @param size - size of the buffer to zero out + */ +APR_DECLARE(apr_status_t) apr_crypto_clear(apr_pool_t *pool, void *buffer, + apr_size_t size); + +/** * @brief Get the driver struct for a name * * @param driver - pointer to driver struct. |