Skip to content

Commit 3f7ddfa

Browse files
vixentaelvixentael
committed
Merge branch 'vixentael/zeroing-buffer'
2 parents dc96d1d + 98fd31d commit 3f7ddfa

File tree

5 files changed

+47
-31
lines changed

5 files changed

+47
-31
lines changed

include/hermes/mid_hermes_ll/mid_hermes_ll_buffer.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,4 +47,7 @@ hermes_status_t mid_hermes_ll_buffer_reset(mid_hermes_ll_buffer_t *buffer, const
4747

4848
hermes_status_t mid_hermes_ll_buffer_destroy(mid_hermes_ll_buffer_t **buffer);
4949

50+
// same as `mid_hermes_ll_buffer_destroy`, but also set 0 into buffer-> data and length
51+
hermes_status_t mid_hermes_ll_buffer_destroy_secure(mid_hermes_ll_buffer_t** buffer);
52+
5053
#endif //MID_HERMES_LL_BUFFER_H

src/mid_hermes_ll/mid_hermes_ll_block.c

Lines changed: 28 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -57,10 +57,10 @@ mid_hermes_ll_block_t *mid_hermes_ll_block_create_new(
5757
if (!(block->block) || HM_SUCCESS != hm_encrypt(
5858
rt->data, rt->length, block_data->data, block_data->length, meta->data, meta->length,
5959
&(block->block->data), &(block->block->length))) {
60-
mid_hermes_ll_buffer_destroy(&rt);
60+
mid_hermes_ll_buffer_destroy_secure(&rt);
6161
return NULL;
6262
}
63-
mid_hermes_ll_buffer_destroy(&rt);
63+
mid_hermes_ll_buffer_destroy_secure(&rt);
6464
mid_hermes_ll_buffer_t *wt = mid_hermes_ll_token_get_data(write_token);
6565
if (!wt) {
6666
return NULL;
@@ -69,10 +69,10 @@ mid_hermes_ll_block_t *mid_hermes_ll_block_create_new(
6969
if (!(block->mac) || HM_SUCCESS != hm_mac_create(
7070
wt->data, wt->length, block_data->data, block_data->length, meta->data, meta->length,
7171
&(block->mac->data), &(block->mac->length))) {
72-
mid_hermes_ll_buffer_destroy(&wt);
72+
mid_hermes_ll_buffer_destroy_secure(&wt);
7373
return NULL;
7474
}
75-
mid_hermes_ll_buffer_destroy(&wt);
75+
mid_hermes_ll_buffer_destroy_secure(&wt);
7676
block->id = id;
7777
block->meta = meta;
7878
block->data = block_data;
@@ -104,19 +104,19 @@ mid_hermes_ll_block_t *mid_hermes_ll_block_init(
104104
if (!(block->data) || 0 != hm_decrypt(
105105
rt->data, rt->length, block_data->data, block_data->length, meta->data, meta->length,
106106
&(block->data->data), &(block->data->length))) {
107-
mid_hermes_ll_buffer_destroy(&rt);
107+
mid_hermes_ll_buffer_destroy_secure(&rt);
108108
return NULL;
109109
}
110110
} else {
111111
block->block = mid_hermes_ll_buffer_create(NULL, 0);
112112
if (!(block->block) || HM_SUCCESS != hm_encrypt(
113113
rt->data, rt->length, block_data->data, block_data->length, meta->data, meta->length,
114114
&(block->block->data), &(block->block->length))) {
115-
mid_hermes_ll_buffer_destroy(&rt);
115+
mid_hermes_ll_buffer_destroy_secure(&rt);
116116
return NULL;
117117
}
118118
}
119-
mid_hermes_ll_buffer_destroy(&rt);
119+
mid_hermes_ll_buffer_destroy_secure(&rt);
120120
if (write_token || block->wtoken) {
121121
mid_hermes_ll_buffer_t *wt = mid_hermes_ll_token_get_data(write_token ? write_token : (block->wtoken));
122122
if (!wt) {
@@ -128,10 +128,10 @@ mid_hermes_ll_block_t *mid_hermes_ll_block_init(
128128
read_token ? (block->data->data) : block_data->data,
129129
read_token ? (block->data->length) : block_data->length,
130130
meta->data, meta->length, &(block->mac->data), &(block->mac->length))) {
131-
mid_hermes_ll_buffer_destroy(&wt);
131+
mid_hermes_ll_buffer_destroy_secure(&wt);
132132
return NULL;
133133
}
134-
mid_hermes_ll_buffer_destroy(&wt);
134+
mid_hermes_ll_buffer_destroy_secure(&wt);
135135
}
136136
block->id = id;
137137
block->meta = meta;
@@ -164,22 +164,22 @@ mid_hermes_ll_block_t *mid_hermes_ll_block_update(
164164
|| (HM_SUCCESS != hm_mac_create(
165165
wt->data, wt->length, data->data, data->length, meta->data, meta->length,
166166
&(new_mac->data), &(new_mac->length)))) {
167-
mid_hermes_ll_buffer_destroy(&rt);
168-
mid_hermes_ll_buffer_destroy(&new_block);
169-
mid_hermes_ll_buffer_destroy(&wt);
170-
mid_hermes_ll_buffer_destroy(&new_mac);
167+
mid_hermes_ll_buffer_destroy_secure(&rt);
168+
mid_hermes_ll_buffer_destroy_secure(&new_block);
169+
mid_hermes_ll_buffer_destroy_secure(&wt);
170+
mid_hermes_ll_buffer_destroy_secure(&new_mac);
171171
return NULL;
172172
}
173-
mid_hermes_ll_buffer_destroy(&rt);
174-
mid_hermes_ll_buffer_destroy(&wt);
173+
mid_hermes_ll_buffer_destroy_secure(&rt);
174+
mid_hermes_ll_buffer_destroy_secure(&wt);
175175
mid_hermes_ll_buffer_destroy(&(bl->data));
176176
mid_hermes_ll_buffer_destroy(&(bl->meta));
177-
mid_hermes_ll_buffer_destroy(&(bl->block));
177+
mid_hermes_ll_buffer_destroy_secure(&(bl->block));
178178
bl->meta = meta;
179179
bl->data = data;
180180
bl->block = new_block;
181181
if (bl->old_mac) {
182-
mid_hermes_ll_buffer_destroy(&(bl->mac));
182+
mid_hermes_ll_buffer_destroy_secure(&(bl->mac));
183183
} else {
184184
bl->old_mac = bl->mac;
185185
}
@@ -211,22 +211,22 @@ mid_hermes_ll_block_t *mid_hermes_ll_block_rotate(mid_hermes_ll_block_t *bl, mid
211211
&(new_mac->data), &(new_mac->length)))) {
212212
mid_hermes_ll_token_destroy(&new_rtoken);
213213
mid_hermes_ll_token_destroy(&new_wtoken);
214-
mid_hermes_ll_buffer_destroy(&new_block);
215-
mid_hermes_ll_buffer_destroy(&new_mac);
216-
mid_hermes_ll_buffer_destroy(&rt);
217-
mid_hermes_ll_buffer_destroy(&wt);
214+
mid_hermes_ll_buffer_destroy_secure(&new_block);
215+
mid_hermes_ll_buffer_destroy_secure(&new_mac);
216+
mid_hermes_ll_buffer_destroy_secure(&rt);
217+
mid_hermes_ll_buffer_destroy_secure(&wt);
218218
return NULL;
219219
}
220-
mid_hermes_ll_buffer_destroy(&rt);
221-
mid_hermes_ll_buffer_destroy(&wt);
222220
mid_hermes_ll_token_destroy(&(bl->rtoken));
223221
mid_hermes_ll_token_destroy(&(bl->wtoken));
224-
mid_hermes_ll_buffer_destroy(&(bl->block));
222+
mid_hermes_ll_buffer_destroy_secure(&rt);
223+
mid_hermes_ll_buffer_destroy_secure(&wt);
224+
mid_hermes_ll_buffer_destroy_secure(&(bl->block));
225225
bl->rtoken = new_rtoken;
226226
bl->wtoken = new_wtoken;
227227
bl->block = new_block;
228228
if (bl->old_mac) {
229-
mid_hermes_ll_buffer_destroy(&(bl->mac));
229+
mid_hermes_ll_buffer_destroy_secure(&(bl->mac));
230230
} else {
231231
bl->old_mac = bl->mac;
232232
}
@@ -557,11 +557,11 @@ hermes_status_t mid_hermes_ll_block_destroy(mid_hermes_ll_block_t **b) {
557557
}
558558
mid_hermes_ll_buffer_destroy(&((*b)->id));
559559
mid_hermes_ll_buffer_destroy(&((*b)->data));
560-
mid_hermes_ll_buffer_destroy(&((*b)->block));
560+
mid_hermes_ll_buffer_destroy_secure(&((*b)->block));
561561
mid_hermes_ll_buffer_destroy(&((*b)->meta));
562-
mid_hermes_ll_buffer_destroy(&((*b)->mac));
562+
mid_hermes_ll_buffer_destroy_secure(&((*b)->mac));
563563
mid_hermes_ll_user_destroy(&((*b)->user));
564-
mid_hermes_ll_buffer_destroy(&((*b)->old_mac));
564+
mid_hermes_ll_buffer_destroy_secure(&((*b)->old_mac));
565565
mid_hermes_ll_token_destroy(&((*b)->rtoken));
566566
mid_hermes_ll_token_destroy(&((*b)->wtoken));
567567
free(*b);

src/mid_hermes_ll/mid_hermes_ll_buffer.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,8 +103,20 @@ hermes_status_t mid_hermes_ll_buffer_destroy(mid_hermes_ll_buffer_t** buffer){
103103
free((*buffer)->data);
104104
free(*buffer);
105105
(*buffer)->data=NULL;
106+
*buffer=NULL;
107+
return HM_SUCCESS;
108+
}
109+
110+
hermes_status_t mid_hermes_ll_buffer_destroy_secure(mid_hermes_ll_buffer_t** buffer){
111+
HERMES_CHECK_IN_PARAM(buffer);
112+
HERMES_CHECK_IN_PARAM(*buffer);
113+
memset(((*buffer)->data), 0, (*buffer)->length);
106114
(*buffer)->length=0;
115+
free((*buffer)->data);
116+
free(*buffer);
117+
(*buffer)->data=NULL;
107118
*buffer=NULL;
108119
return HM_SUCCESS;
109120
}
110121

122+

src/mid_hermes_ll/mid_hermes_ll_token.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ mid_hermes_ll_buffer_t *mid_hermes_ll_token_get_data(mid_hermes_ll_token_t *toke
6363
if (HM_SUCCESS != hm_asym_decrypt(
6464
token->user->sk->data, token->user->sk->length, token->owner->pk->data, token->owner->pk->length,
6565
token->token->data, token->token->length, &(buffer->data), &(buffer->length))) {
66-
mid_hermes_ll_buffer_destroy(&buffer);
66+
mid_hermes_ll_buffer_destroy_secure(&buffer);
6767
return NULL;
6868
}
6969
return buffer;
@@ -82,11 +82,11 @@ mid_hermes_ll_token_t *mid_hermes_ll_token_get_token_for_user(
8282
token->user->sk->data, token->user->sk->length, for_user->pk->data, for_user->pk->length,
8383
buffer->data, buffer->length, &(encryption_buffer->data), &(encryption_buffer->length));
8484
if (HM_SUCCESS != res) {
85-
mid_hermes_ll_buffer_destroy(&buffer);
85+
mid_hermes_ll_buffer_destroy_secure(&buffer);
8686
mid_hermes_ll_buffer_destroy(&encryption_buffer);
8787
return NULL;
8888
}
89-
mid_hermes_ll_buffer_destroy(&buffer);
89+
mid_hermes_ll_buffer_destroy_secure(&buffer);
9090
return mid_hermes_ll_token_create(for_user, mid_hermes_ll_user_copy(token->user), encryption_buffer);
9191
}
9292

src/mid_hermes_ll/utils.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,7 @@ uint32_t hm_asym_decrypt(
162162
if (THEMIS_SUCCESS != themis_secure_message_unwrap(
163163
private_key, private_key_len, public_key, public_key_len, encrypted_data, encrypted_data_length,
164164
*data, &result_buffer_length)) {
165+
memset(data, 0, result_buffer_length);
165166
free(*data);
166167
*data = NULL;
167168
return HM_FAIL;

0 commit comments

Comments
 (0)