* yarrow.c (krb5int_yarrow_final): Call

author Ezra Peisach <epeisach@mit.edu>

Wed, 26 May 2004 18:17:35 +0000 (18:17 +0000)

committer Ezra Peisach <epeisach@mit.edu>

Wed, 26 May 2004 18:17:35 +0000 (18:17 +0000)
author Ezra Peisach <epeisach@mit.edu>
Wed, 26 May 2004 18:17:35 +0000 (18:17 +0000)
committer Ezra Peisach <epeisach@mit.edu>
Wed, 26 May 2004 18:17:35 +0000 (18:17 +0000)
diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog

index f64c1a2b5c1b454dbbaa884971e31d6f55ed94bf..10cf2f93bdb25554b31a4e2f228cd016cba74109 100644 (file)
--- a/src/lib/crypto/yarrow/ChangeLog
+++ b/src/lib/crypto/yarrow/ChangeLog
@@ -1,3 +1,12 @@
+2004-05-26  Ezra Peisach  <epeisach@mit.edu>
+
+       * yarrow.c (krb5int_yarrow_final): Call
+       krb5int_yarrow_cipher_final before zeroing out reference to
+       memory.
+
+       * ycipher.[ch] (krb5int_yarrow_cipher_final): Free CIPHER_CTX memory
+       allocated by krb5int_yarrpw_cipher_init().
+
  2003-07-22  Ken Raeburn  <raeburn@mit.edu>
  
         * ycipher.c (krb5int_yarrow_cipher_init): Use keybytes and
diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c

index 4f90387cdd79d305885544a2f81f0b704a3841ad..3cb4b7e2ef9e74039254643fcd4de98d19d1788f 100644 (file)
--- a/src/lib/crypto/yarrow/yarrow.c
+++ b/src/lib/crypto/yarrow/yarrow.c
@@ -850,6 +850,7 @@ int krb5int_yarrow_final(Yarrow_CTX* y)
  
   CATCH:
      if ( locked ) { TRY( UNLOCK() ); }
+    krb5int_yarrow_cipher_final(&y->cipher);
      mem_zero( y, sizeof(Yarrow_CTX) );
      EXCEP_RET;
  }
diff --git a/src/lib/crypto/yarrow/ycipher.c b/src/lib/crypto/yarrow/ycipher.c

index b763815be96da29e417f0abacde8e9aab490abd4..01d105ffec375a01301421865b92ef10aa0da7ad 100644 (file)
--- a/src/lib/crypto/yarrow/ycipher.c
+++ b/src/lib/crypto/yarrow/ycipher.c
@@ -82,3 +82,15 @@ int krb5int_yarrow_cipher_encrypt_block
    return YARROW_OK;
  }
  
+void
+krb5int_yarrow_cipher_final
+(CIPHER_CTX *ctx)
+
+{
+ if (ctx->key.contents) {
+    memset (ctx->key.contents, 0, ctx->key.length);
+    free (ctx->key.contents);
+  }
+  ctx->key.contents = 0;
+  ctx->key.length = 0;
+}
diff --git a/src/lib/crypto/yarrow/ycipher.h b/src/lib/crypto/yarrow/ycipher.h

index a78cf1637f2b8ed8f9bd09e15271048f8cda3950..c858c6dd8a852d8e6a91fb9a4b186771f2947a77 100644 (file)
--- a/src/lib/crypto/yarrow/ycipher.h
+++ b/src/lib/crypto/yarrow/ycipher.h
@@ -32,6 +32,7 @@ typedef struct
  int krb5int_yarrow_cipher_init (CIPHER_CTX *ctx, unsigned const char *key);
  int krb5int_yarrow_cipher_encrypt_block
  (CIPHER_CTX *ctx,  const unsigned char *in, unsigned char *out);
+void krb5int_yarrow_cipher_final (CIPHER_CTX *ctx);
  
  #if !defined( YARROW_NO_MATHLIB )
  #define POW_CIPHER_KEY_SIZE pow(2.0, CIPHER_KEY_SIZE * 8 / 3.0)
author	Ezra Peisach <epeisach@mit.edu>
	Wed, 26 May 2004 18:17:35 +0000 (18:17 +0000)
committer	Ezra Peisach <epeisach@mit.edu>
	Wed, 26 May 2004 18:17:35 +0000 (18:17 +0000)
src/lib/crypto/yarrow/ChangeLog		patch \| blob \| history
src/lib/crypto/yarrow/yarrow.c		patch \| blob \| history
src/lib/crypto/yarrow/ycipher.c		patch \| blob \| history
src/lib/crypto/yarrow/ycipher.h		patch \| blob \| history