diff options
| author | Ezra Peisach <epeisach@mit.edu> | 2004-05-26 18:17:35 +0000 |
|---|---|---|
| committer | Ezra Peisach <epeisach@mit.edu> | 2004-05-26 18:17:35 +0000 |
| commit | 605cee517c573e9e856003feae232e7078b78ed9 (patch) | |
| tree | 5e3784f263306d11cd4a2569c3dd04a04555edeb /src | |
| parent | 6736d856a43b36feea4b3b682cf19fd68b897b7d (diff) | |
| download | krb5-605cee517c573e9e856003feae232e7078b78ed9.tar.gz krb5-605cee517c573e9e856003feae232e7078b78ed9.tar.xz krb5-605cee517c573e9e856003feae232e7078b78ed9.zip | |
* yarrow.c (krb5int_yarrow_final): Call
krb5int_yarrow_cipher_final before zeroing out reference to
memory.
* ycipher.[ch] (krb5int_yarrow_cipher_final): Free CIPHER_CTX memory
allocated by krb5int_yarrpw_cipher_init().
These cleanup handlers are now invoked in the library "fini" handlers.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16368 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/crypto/yarrow/ChangeLog | 9 | ||||
| -rw-r--r-- | src/lib/crypto/yarrow/yarrow.c | 1 | ||||
| -rw-r--r-- | src/lib/crypto/yarrow/ycipher.c | 12 | ||||
| -rw-r--r-- | src/lib/crypto/yarrow/ycipher.h | 1 |
4 files changed, 23 insertions, 0 deletions
diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog index f64c1a2b5..10cf2f93b 100644 --- a/src/lib/crypto/yarrow/ChangeLog +++ b/src/lib/crypto/yarrow/ChangeLog @@ -1,3 +1,12 @@ +2004-05-26 Ezra Peisach <epeisach@mit.edu> + + * yarrow.c (krb5int_yarrow_final): Call + krb5int_yarrow_cipher_final before zeroing out reference to + memory. + + * ycipher.[ch] (krb5int_yarrow_cipher_final): Free CIPHER_CTX memory + allocated by krb5int_yarrpw_cipher_init(). + 2003-07-22 Ken Raeburn <raeburn@mit.edu> * ycipher.c (krb5int_yarrow_cipher_init): Use keybytes and diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c index 4f90387cd..3cb4b7e2e 100644 --- a/src/lib/crypto/yarrow/yarrow.c +++ b/src/lib/crypto/yarrow/yarrow.c @@ -850,6 +850,7 @@ int krb5int_yarrow_final(Yarrow_CTX* y) CATCH: if ( locked ) { TRY( UNLOCK() ); } + krb5int_yarrow_cipher_final(&y->cipher); mem_zero( y, sizeof(Yarrow_CTX) ); EXCEP_RET; } diff --git a/src/lib/crypto/yarrow/ycipher.c b/src/lib/crypto/yarrow/ycipher.c index b763815be..01d105ffe 100644 --- a/src/lib/crypto/yarrow/ycipher.c +++ b/src/lib/crypto/yarrow/ycipher.c @@ -82,3 +82,15 @@ int krb5int_yarrow_cipher_encrypt_block return YARROW_OK; } +void +krb5int_yarrow_cipher_final +(CIPHER_CTX *ctx) + +{ + if (ctx->key.contents) { + memset (ctx->key.contents, 0, ctx->key.length); + free (ctx->key.contents); + } + ctx->key.contents = 0; + ctx->key.length = 0; +} diff --git a/src/lib/crypto/yarrow/ycipher.h b/src/lib/crypto/yarrow/ycipher.h index a78cf1637..c858c6dd8 100644 --- a/src/lib/crypto/yarrow/ycipher.h +++ b/src/lib/crypto/yarrow/ycipher.h @@ -32,6 +32,7 @@ typedef struct int krb5int_yarrow_cipher_init (CIPHER_CTX *ctx, unsigned const char *key); int krb5int_yarrow_cipher_encrypt_block (CIPHER_CTX *ctx, const unsigned char *in, unsigned char *out); +void krb5int_yarrow_cipher_final (CIPHER_CTX *ctx); #if !defined( YARROW_NO_MATHLIB ) #define POW_CIPHER_KEY_SIZE pow(2.0, CIPHER_KEY_SIZE * 8 / 3.0) |