diff options
author | Samuel Lidén Borell <samuel@kodafritt.se> | 2015-06-21 19:01:07 +0200 |
---|---|---|
committer | Samuel Lidén Borell <samuel@kodafritt.se> | 2015-06-21 19:01:07 +0200 |
commit | f952f6f21f6b7786e10d06a5ca90749f6e9f1f40 (patch) | |
tree | 9f31354b5e9a907f919e48955ff4e5886a57bab2 | |
parent | 18a06d21042ca7598fa0903a1297d9e57393828d (diff) | |
download | fishlim-f952f6f21f6b7786e10d06a5ca90749f6e9f1f40.tar.gz fishlim-f952f6f21f6b7786e10d06a5ca90749f6e9f1f40.tar.bz2 fishlim-f952f6f21f6b7786e10d06a5ca90749f6e9f1f40.zip |
Perform secure erase of expanded keys also
-rw-r--r-- | fish.c | 17 |
1 files changed, 13 insertions, 4 deletions
@@ -31,6 +31,7 @@ #include "keystore.h" #include "fish.h" +#include "misc.h" #define IB 64 static const char fish_base64[64] = "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; @@ -58,6 +59,10 @@ static const signed char fish_unbase64[256] = { *((dest)++) = (source) & 0xFF; \ } while (0); +static void secure_erase_key(BF_KEY *bfkey) { + secure_erase(bfkey, sizeof(*bfkey)); +} + /** * Encrypts a message in ECB mode. */ @@ -71,7 +76,6 @@ char *fish_encrypt_ecb(const char *key, size_t keylen, const char *message) { unsigned char bit; unsigned char word; unsigned char d; - BF_set_key(&bfkey, keylen, (const unsigned char*)key); messagelen = strlen(message); if (messagelen == 0) return NULL; @@ -79,6 +83,7 @@ char *fish_encrypt_ecb(const char *key, size_t keylen, const char *message) { end = encrypted; if (!encrypted) return NULL; + BF_set_key(&bfkey, keylen, (const unsigned char*)key); while (*message) { // Read 8 bytes (a Blowfish block) BF_LONG binary[2] = { 0, 0 }; @@ -109,6 +114,7 @@ char *fish_encrypt_ecb(const char *key, size_t keylen, const char *message) { // Stop if a null terminator was found if (c == '\0') break; } + secure_erase_key(&bfkey); *end = '\0'; return encrypted; } @@ -120,7 +126,6 @@ char *fish_encrypt_cbc(const char *key, size_t keylen, const char *message) { BF_KEY bfkey; unsigned char *encrypted = NULL; BIO *b64 = NULL; - BF_set_key(&bfkey, keylen, (const unsigned char*)key); size_t messagelen = strlen(message); if (messagelen == 0) goto err; @@ -136,7 +141,9 @@ char *fish_encrypt_cbc(const char *key, size_t keylen, const char *message) { memcpy(encrypted, iv, 8); // Encrypt in CBC mode. The IV is overwritten + BF_set_key(&bfkey, keylen, (const unsigned char*)key); BF_cbc_encrypt((const unsigned char*)message, encrypted+8, messagelen, &bfkey, iv, BF_ENCRYPT); + secure_erase_key(&bfkey); // Base64 encode b64 = BIO_new(BIO_f_base64()); @@ -178,7 +185,6 @@ static char *fish_decrypt_cbc(const char *key, size_t keylen, const char *data) BF_KEY bfkey; unsigned char *decrypted, *bindata = NULL; BIO *b64 = NULL; - BF_set_key(&bfkey, keylen, (const unsigned char*)key); // Skip leading "*" that indicates that the message is using CBC byte if (*data != '*') goto err; @@ -209,7 +215,9 @@ static char *fish_decrypt_cbc(const char *key, size_t keylen, const char *data) if (outlen) { unsigned char *iv = &bindata[0]; unsigned char *enc = &bindata[8]; + BF_set_key(&bfkey, keylen, (const unsigned char*)key); BF_cbc_encrypt(enc, decrypted, outlen, &bfkey, iv, BF_DECRYPT); + secure_erase_key(&bfkey); } BIO_free_all(b64); decrypted[outlen] = '\0'; @@ -232,12 +240,12 @@ static char *fish_decrypt_ecb(const char *key, size_t keylen, const char *data) unsigned char bit; unsigned char word; unsigned char d; - BF_set_key(&bfkey, keylen, (const unsigned char*)key); decrypted = malloc(strlen(data)+1); end = decrypted; if (!decrypted) return NULL; + BF_set_key(&bfkey, keylen, (const unsigned char*)key); while (*data) { // Convert from FiSH-BASE64 BF_LONG binary[2] = { 0, 0 }; @@ -263,6 +271,7 @@ static char *fish_decrypt_ecb(const char *key, size_t keylen, const char *data) } decrypt_end: + secure_erase_key(&bfkey); *end = '\0'; return decrypted; } |