[PATCH 07/15] libmd: Always erase context in _Final method,
Sebastian Huber
sebastian.huber at embedded-brains.de
Thu Sep 8 13:27:24 UTC 2022
From: Xin LI <delphij at FreeBSD.org>
and when doing it, consistently use explicit_bzero().
Update manual pages to match the behavior.
Reviewed by: pfg, allanjude, jmg
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D16316
---
cpukit/libmd/sha256c.c | 2 +-
cpukit/libmd/sha512c.c | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/cpukit/libmd/sha256c.c b/cpukit/libmd/sha256c.c
index 7fd568a2ab..563f9e2099 100644
--- a/cpukit/libmd/sha256c.c
+++ b/cpukit/libmd/sha256c.c
@@ -295,7 +295,7 @@ SHA256_Final(unsigned char digest[static SHA256_DIGEST_LENGTH], SHA256_CTX *ctx)
be32enc_vect(digest, ctx->state, SHA256_DIGEST_LENGTH);
/* Clear the context state */
- memset(ctx, 0, sizeof(*ctx));
+ explicit_bzero(ctx, sizeof(*ctx));
}
/*** SHA-224: *********************************************************/
diff --git a/cpukit/libmd/sha512c.c b/cpukit/libmd/sha512c.c
index daeef9d671..0b03d09fa9 100644
--- a/cpukit/libmd/sha512c.c
+++ b/cpukit/libmd/sha512c.c
@@ -327,7 +327,7 @@ SHA512_Final(unsigned char digest[static SHA512_DIGEST_LENGTH], SHA512_CTX *ctx)
be64enc_vect(digest, ctx->state, SHA512_DIGEST_LENGTH);
/* Clear the context state */
- memset(ctx, 0, sizeof(*ctx));
+ explicit_bzero(ctx, sizeof(*ctx));
}
/*** SHA-512t: *********************************************************/
@@ -370,7 +370,7 @@ SHA512_224_Final(unsigned char digest[static SHA512_224_DIGEST_LENGTH], SHA512_C
be64enc_vect(digest, ctx->state, SHA512_224_DIGEST_LENGTH);
/* Clear the context state */
- memset(ctx, 0, sizeof(*ctx));
+ explicit_bzero(ctx, sizeof(*ctx));
}
void
@@ -409,7 +409,7 @@ SHA512_256_Final(unsigned char digest[static SHA512_256_DIGEST_LENGTH], SHA512_C
be64enc_vect(digest, ctx->state, SHA512_256_DIGEST_LENGTH);
/* Clear the context state */
- memset(ctx, 0, sizeof(*ctx));
+ explicit_bzero(ctx, sizeof(*ctx));
}
/*** SHA-384: *********************************************************/
@@ -459,5 +459,5 @@ SHA384_Final(unsigned char digest[static SHA384_DIGEST_LENGTH], SHA384_CTX *ctx)
be64enc_vect(digest, ctx->state, SHA384_DIGEST_LENGTH);
/* Clear the context state */
- memset(ctx, 0, sizeof(*ctx));
+ explicit_bzero(ctx, sizeof(*ctx));
}
--
2.35.3
More information about the devel
mailing list