Zeroize values in PKCS#12 operations

commit: 91c301abbecae2ad3e92126961edf52facab7eea [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Wed Jun 18 13:59:38 2014 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Tue Jun 24 11:09:39 2014 +0200
tree: bca962fd1d2cc4ebe3cccb202e42aa414c7940e2
parent: 39daf6620cb41fd4b787174ccd49d21830a68d6e [diff] [blame]
diff --git a/library/pkcs12.c b/library/pkcs12.c
index c6372a1..b025450 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c

@@ -49,6 +49,11 @@
 #include "polarssl/des.h"
 #endif
 
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
 static int pkcs12_parse_pbe_params( asn1_buf *params,
                                     asn1_buf *salt, int *iterations )
 {
@@ -205,6 +210,8 @@
         ret = POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH;
 
 exit:
+    polarssl_zeroize( key, sizeof( key ) );
+    polarssl_zeroize( iv,  sizeof( iv  ) );
     cipher_free_ctx( &cipher_ctx );
 
     return( ret );
@@ -330,6 +337,11 @@
     ret = 0;
 
 exit:
+    polarssl_zeroize( salt_block, sizeof( salt_block ) );
+    polarssl_zeroize( pwd_block, sizeof( pwd_block ) );
+    polarssl_zeroize( hash_block, sizeof( hash_block ) );
+    polarssl_zeroize( hash_output, sizeof( hash_output ) );
+
     md_free_ctx( &md_ctx );
 
     return( ret );
commit	91c301abbecae2ad3e92126961edf52facab7eea	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Wed Jun 18 13:59:38 2014 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Tue Jun 24 11:09:39 2014 +0200
tree	bca962fd1d2cc4ebe3cccb202e42aa414c7940e2
parent	39daf6620cb41fd4b787174ccd49d21830a68d6e [diff] [blame]