summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSamuel Lidén Borell <samuel@kodafritt.se>2015-06-21 19:01:07 +0200
committerSamuel Lidén Borell <samuel@kodafritt.se>2015-06-21 19:01:07 +0200
commitf952f6f21f6b7786e10d06a5ca90749f6e9f1f40 (patch)
tree9f31354b5e9a907f919e48955ff4e5886a57bab2
parent18a06d21042ca7598fa0903a1297d9e57393828d (diff)
downloadfishlim-f952f6f21f6b7786e10d06a5ca90749f6e9f1f40.tar.gz
fishlim-f952f6f21f6b7786e10d06a5ca90749f6e9f1f40.tar.bz2
fishlim-f952f6f21f6b7786e10d06a5ca90749f6e9f1f40.zip
Perform secure erase of expanded keys also
Diffstat
-rw-r--r--fish.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/fish.c b/fish.c
index a7c3cfc..437174d 100644
--- a/fish.c
+++ b/fish.c
@@ -31,6 +31,7 @@
#include "keystore.h"
#include "fish.h"
+#include "misc.h"
#define IB 64
static const char fish_base64[64] = "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
@@ -58,6 +59,10 @@ static const signed char fish_unbase64[256] = {
*((dest)++) = (source) & 0xFF; \
} while (0);
+static void secure_erase_key(BF_KEY *bfkey) {
+ secure_erase(bfkey, sizeof(*bfkey));
+}
+
/**
* Encrypts a message in ECB mode.
*/
@@ -71,7 +76,6 @@ char *fish_encrypt_ecb(const char *key, size_t keylen, const char *message) {
unsigned char bit;
unsigned char word;
unsigned char d;
- BF_set_key(&bfkey, keylen, (const unsigned char*)key);
messagelen = strlen(message);
if (messagelen == 0) return NULL;
@@ -79,6 +83,7 @@ char *fish_encrypt_ecb(const char *key, size_t keylen, const char *message) {
end = encrypted;
if (!encrypted) return NULL;
+ BF_set_key(&bfkey, keylen, (const unsigned char*)key);
while (*message) {
// Read 8 bytes (a Blowfish block)
BF_LONG binary[2] = { 0, 0 };
@@ -109,6 +114,7 @@ char *fish_encrypt_ecb(const char *key, size_t keylen, const char *message) {
// Stop if a null terminator was found
if (c == '\0') break;
}
+ secure_erase_key(&bfkey);
*end = '\0';
return encrypted;
}
@@ -120,7 +126,6 @@ char *fish_encrypt_cbc(const char *key, size_t keylen, const char *message) {
BF_KEY bfkey;
unsigned char *encrypted = NULL;
BIO *b64 = NULL;
- BF_set_key(&bfkey, keylen, (const unsigned char*)key);
size_t messagelen = strlen(message);
if (messagelen == 0) goto err;
@@ -136,7 +141,9 @@ char *fish_encrypt_cbc(const char *key, size_t keylen, const char *message) {
memcpy(encrypted, iv, 8);
// Encrypt in CBC mode. The IV is overwritten
+ BF_set_key(&bfkey, keylen, (const unsigned char*)key);
BF_cbc_encrypt((const unsigned char*)message, encrypted+8, messagelen, &bfkey, iv, BF_ENCRYPT);
+ secure_erase_key(&bfkey);
// Base64 encode
b64 = BIO_new(BIO_f_base64());
@@ -178,7 +185,6 @@ static char *fish_decrypt_cbc(const char *key, size_t keylen, const char *data)
BF_KEY bfkey;
unsigned char *decrypted, *bindata = NULL;
BIO *b64 = NULL;
- BF_set_key(&bfkey, keylen, (const unsigned char*)key);
// Skip leading "*" that indicates that the message is using CBC byte
if (*data != '*') goto err;
@@ -209,7 +215,9 @@ static char *fish_decrypt_cbc(const char *key, size_t keylen, const char *data)
if (outlen) {
unsigned char *iv = &bindata[0];
unsigned char *enc = &bindata[8];
+ BF_set_key(&bfkey, keylen, (const unsigned char*)key);
BF_cbc_encrypt(enc, decrypted, outlen, &bfkey, iv, BF_DECRYPT);
+ secure_erase_key(&bfkey);
}
BIO_free_all(b64);
decrypted[outlen] = '\0';
@@ -232,12 +240,12 @@ static char *fish_decrypt_ecb(const char *key, size_t keylen, const char *data)
unsigned char bit;
unsigned char word;
unsigned char d;
- BF_set_key(&bfkey, keylen, (const unsigned char*)key);
decrypted = malloc(strlen(data)+1);
end = decrypted;
if (!decrypted) return NULL;
+ BF_set_key(&bfkey, keylen, (const unsigned char*)key);
while (*data) {
// Convert from FiSH-BASE64
BF_LONG binary[2] = { 0, 0 };
@@ -263,6 +271,7 @@ static char *fish_decrypt_ecb(const char *key, size_t keylen, const char *data)
}
decrypt_end:
+ secure_erase_key(&bfkey);
*end = '\0';
return decrypted;
}
generated by cgit v1.2.3 (git 2.25.1) at 2022-08-14 02:33:43 +0000