Wipe memory after using key material (incomplete, to be continued)
authorMartin Willi <martin@revosec.ch>
Mon, 9 May 2011 12:33:22 +0000 (14:33 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 9 May 2011 12:36:15 +0000 (14:36 +0200)
src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
src/libstrongswan/plugins/aes/aes_crypter.c
src/libstrongswan/plugins/blowfish/blowfish_crypter.c
src/libstrongswan/plugins/des/des_crypter.c
src/libstrongswan/plugins/hmac/hmac.c
src/libstrongswan/plugins/openssl/openssl_crypter.c
src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
src/libstrongswan/plugins/padlock/padlock_aes_crypter.c
src/libstrongswan/plugins/xcbc/xcbc.c

index 4bf30fa..ace8002 100644 (file)
@@ -889,6 +889,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
        struct nlmsghdr *hdr;
        struct xfrm_usersa_info *sa;
        u_int16_t icv_size = 64;
+       status_t status = FAILED;
 
        /* if IPComp is used, we install an additional IPComp SA. if the cpi is 0
         * we are in the recursive call below */
@@ -983,7 +984,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                        {
                                DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
                                         encryption_algorithm_names, enc_alg);
-                               return FAILED;
+                               goto failed;
                        }
                        DBG2(DBG_KNL, "  using encryption algorithm %N with key size %d",
                                 encryption_algorithm_names, enc_alg, enc_key.len * 8);
@@ -993,7 +994,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                        hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                        if (hdr->nlmsg_len > sizeof(request))
                        {
-                               return FAILED;
+                               goto failed;
                        }
 
                        algo = (struct xfrm_algo_aead*)RTA_DATA(rthdr);
@@ -1014,7 +1015,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                        {
                                DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
                                         encryption_algorithm_names, enc_alg);
-                               return FAILED;
+                               goto failed;
                        }
                        DBG2(DBG_KNL, "  using encryption algorithm %N with key size %d",
                                 encryption_algorithm_names, enc_alg, enc_key.len * 8);
@@ -1024,7 +1025,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                        hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                        if (hdr->nlmsg_len > sizeof(request))
                        {
-                               return FAILED;
+                               goto failed;
                        }
 
                        algo = (struct xfrm_algo*)RTA_DATA(rthdr);
@@ -1043,7 +1044,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                {
                        DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
                                 integrity_algorithm_names, int_alg);
-                       return FAILED;
+                       goto failed;
                }
                DBG2(DBG_KNL, "  using integrity algorithm %N with key size %d",
                         integrity_algorithm_names, int_alg, int_key.len * 8);
@@ -1060,7 +1061,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                        hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                        if (hdr->nlmsg_len > sizeof(request))
                        {
-                               return FAILED;
+                               goto failed;
                        }
 
                        algo = (struct xfrm_algo_auth*)RTA_DATA(rthdr);
@@ -1079,7 +1080,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                        hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                        if (hdr->nlmsg_len > sizeof(request))
                        {
-                               return FAILED;
+                               goto failed;
                        }
 
                        algo = (struct xfrm_algo*)RTA_DATA(rthdr);
@@ -1098,7 +1099,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                {
                        DBG1(DBG_KNL, "algorithm %N not supported by kernel!",
                                 ipcomp_transform_names, ipcomp);
-                       return FAILED;
+                       goto failed;
                }
                DBG2(DBG_KNL, "  using compression algorithm %N",
                         ipcomp_transform_names, ipcomp);
@@ -1107,7 +1108,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                if (hdr->nlmsg_len > sizeof(request))
                {
-                       return FAILED;
+                       goto failed;
                }
 
                struct xfrm_algo* algo = (struct xfrm_algo*)RTA_DATA(rthdr);
@@ -1127,7 +1128,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                if (hdr->nlmsg_len > sizeof(request))
                {
-                       return FAILED;
+                       goto failed;
                }
 
                tmpl = (struct xfrm_encap_tmpl*)RTA_DATA(rthdr);
@@ -1157,7 +1158,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                if (hdr->nlmsg_len > sizeof(request))
                {
-                       return FAILED;
+                       goto failed;
                }
 
                mrk = (struct xfrm_mark*)RTA_DATA(rthdr);
@@ -1176,7 +1177,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                if (hdr->nlmsg_len > sizeof(request))
                {
-                       return FAILED;
+                       goto failed;
                }
 
                tfcpad = (u_int32_t*)RTA_DATA(rthdr);
@@ -1199,7 +1200,7 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                        hdr->nlmsg_len += RTA_ALIGN(rthdr->rta_len);
                        if (hdr->nlmsg_len > sizeof(request))
                        {
-                               return FAILED;
+                               goto failed;
                        }
 
                        replay = (struct xfrm_replay_state_esn*)RTA_DATA(rthdr);
@@ -1230,9 +1231,14 @@ METHOD(kernel_ipsec_t, add_sa, status_t,
                {
                        DBG1(DBG_KNL, "unable to add SAD entry with SPI %.8x", ntohl(spi));
                }
-               return FAILED;
+               goto failed;
        }
-       return SUCCESS;
+
+       status = SUCCESS;
+
+failed:
+       memwipe(request, sizeof(request));
+       return status;
 }
 
 /**
@@ -1333,6 +1339,7 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
        struct nlmsghdr *out = NULL, *hdr;
        struct xfrm_usersa_id *sa_id;
        struct xfrm_usersa_info *sa = NULL;
+       status_t status = FAILED;
        size_t len;
 
        memset(&request, 0, sizeof(request));
@@ -1419,11 +1426,13 @@ METHOD(kernel_ipsec_t, query_sa, status_t,
        if (sa == NULL)
        {
                DBG2(DBG_KNL, "unable to query SAD entry with SPI %.8x", ntohl(spi));
-               free(out);
-               return FAILED;
        }
-       *bytes = sa->curlft.bytes;
-
+       else
+       {
+               *bytes = sa->curlft.bytes;
+               status = SUCCESS;
+       }
+       memwipe(out, len);
        free(out);
        return SUCCESS;
 }
@@ -1699,6 +1708,7 @@ METHOD(kernel_ipsec_t, update_sa, status_t,
 failed:
        free(replay);
        free(replay_esn);
+       memwipe(out, len);
        free(out);
 
        return status;
index f13e334..2a1fed9 100644 (file)
@@ -1518,6 +1518,7 @@ METHOD(crypter_t, set_key, void,
 METHOD(crypter_t, destroy, void,
        private_aes_crypter_t *this)
 {
+       memwipe(this, sizeof(*this));
        free(this);
 }
 
index 784c07e..fc3649b 100644 (file)
@@ -160,6 +160,7 @@ METHOD(crypter_t, set_key, void,
 METHOD(crypter_t, destroy, void,
        private_blowfish_crypter_t *this)
 {
+       memwipe(this, sizeof(*this));
        free(this);
 }
 
index 7d9fbe8..695e7e4 100644 (file)
@@ -1552,6 +1552,7 @@ METHOD(crypter_t, set_key3, void,
 METHOD(crypter_t, destroy, void,
        private_des_crypter_t *this)
 {
+       memwipe(this, sizeof(*this));
        free(this);
 }
 
index c7b2739..397a1ea 100644 (file)
@@ -147,8 +147,8 @@ METHOD(hmac_t, destroy, void,
        private_hmac_t *this)
 {
        this->h->destroy(this->h);
-       free(this->opaded_key.ptr);
-       free(this->ipaded_key.ptr);
+       chunk_clear(&this->opaded_key);
+       chunk_clear(&this->ipaded_key);
        free(this);
 }
 
index 2ed07ff..1d322d4 100644 (file)
@@ -152,7 +152,7 @@ METHOD(crypter_t, set_key, void,
 METHOD(crypter_t, destroy, void,
        private_openssl_crypter_t *this)
 {
-       free(this->key.ptr);
+       clear_chunk(&this->key);
        free(this);
 }
 
index 32fc2bc..78ed281 100644 (file)
@@ -257,7 +257,7 @@ METHOD(diffie_hellman_t, destroy, void,
 {
        EC_POINT_clear_free(this->pub_key);
        EC_KEY_free(this->key);
-       chunk_free(&this->shared_secret);
+       chunk_clear(&this->shared_secret);
        free(this);
 }
 
index 06c2029..119de86 100644 (file)
@@ -105,6 +105,8 @@ static void crypt(private_padlock_aes_crypter_t *this, char *iv,
        *dst = chunk_alloc(src.len);
        padlock_crypt(key_aligned, &cword, src.ptr, dst->ptr,
                                  src.len / AES_BLOCK_SIZE, iv_aligned);
+
+       memwipe(key_aligned, sizeof(key_aligned));
 }
 
 METHOD(crypter_t, decrypt, void,
@@ -146,7 +148,7 @@ METHOD(crypter_t, set_key, void,
 METHOD(crypter_t, destroy, void,
        private_padlock_aes_crypter_t *this)
 {
-       free(this->key.ptr);
+       chunk_clear(&this->key);
        free(this);
 }
 
index be18d92..8ddde96 100644 (file)
@@ -236,13 +236,17 @@ METHOD(xcbc_t, set_key, void,
        memset(k1.ptr, 0x01, this->b);
        this->k1->encrypt(this->k1, k1, iv, NULL);
        this->k1->set_key(this->k1, k1);
+
+       memwipe(k1.ptr, k1.len);
 }
 
 METHOD(xcbc_t, destroy, void,
        private_xcbc_t *this)
 {
        this->k1->destroy(this->k1);
+       memwipe(this->k2, this->b);
        free(this->k2);
+       memwipe(this->k3, this->b);
        free(this->k3);
        free(this->e);
        free(this->remaining);