From 605cee517c573e9e856003feae232e7078b78ed9 Mon Sep 17 00:00:00 2001 From: Ezra Peisach Date: Wed, 26 May 2004 18:17:35 +0000 Subject: [PATCH] * yarrow.c (krb5int_yarrow_final): Call krb5int_yarrow_cipher_final before zeroing out reference to memory. * ycipher.[ch] (krb5int_yarrow_cipher_final): Free CIPHER_CTX memory allocated by krb5int_yarrpw_cipher_init(). These cleanup handlers are now invoked in the library "fini" handlers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16368 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/crypto/yarrow/ChangeLog | 9 +++++++++ src/lib/crypto/yarrow/yarrow.c | 1 + src/lib/crypto/yarrow/ycipher.c | 12 ++++++++++++ src/lib/crypto/yarrow/ycipher.h | 1 + 4 files changed, 23 insertions(+) diff --git a/src/lib/crypto/yarrow/ChangeLog b/src/lib/crypto/yarrow/ChangeLog index f64c1a2b5..10cf2f93b 100644 --- a/src/lib/crypto/yarrow/ChangeLog +++ b/src/lib/crypto/yarrow/ChangeLog @@ -1,3 +1,12 @@ +2004-05-26 Ezra Peisach + + * yarrow.c (krb5int_yarrow_final): Call + krb5int_yarrow_cipher_final before zeroing out reference to + memory. + + * ycipher.[ch] (krb5int_yarrow_cipher_final): Free CIPHER_CTX memory + allocated by krb5int_yarrpw_cipher_init(). + 2003-07-22 Ken Raeburn * ycipher.c (krb5int_yarrow_cipher_init): Use keybytes and diff --git a/src/lib/crypto/yarrow/yarrow.c b/src/lib/crypto/yarrow/yarrow.c index 4f90387cd..3cb4b7e2e 100644 --- a/src/lib/crypto/yarrow/yarrow.c +++ b/src/lib/crypto/yarrow/yarrow.c @@ -850,6 +850,7 @@ int krb5int_yarrow_final(Yarrow_CTX* y) CATCH: if ( locked ) { TRY( UNLOCK() ); } + krb5int_yarrow_cipher_final(&y->cipher); mem_zero( y, sizeof(Yarrow_CTX) ); EXCEP_RET; } diff --git a/src/lib/crypto/yarrow/ycipher.c b/src/lib/crypto/yarrow/ycipher.c index b763815be..01d105ffe 100644 --- a/src/lib/crypto/yarrow/ycipher.c +++ b/src/lib/crypto/yarrow/ycipher.c @@ -82,3 +82,15 @@ int krb5int_yarrow_cipher_encrypt_block return YARROW_OK; } +void +krb5int_yarrow_cipher_final +(CIPHER_CTX *ctx) + +{ + if (ctx->key.contents) { + memset (ctx->key.contents, 0, ctx->key.length); + free (ctx->key.contents); + } + ctx->key.contents = 0; + ctx->key.length = 0; +} diff --git a/src/lib/crypto/yarrow/ycipher.h b/src/lib/crypto/yarrow/ycipher.h index a78cf1637..c858c6dd8 100644 --- a/src/lib/crypto/yarrow/ycipher.h +++ b/src/lib/crypto/yarrow/ycipher.h @@ -32,6 +32,7 @@ typedef struct int krb5int_yarrow_cipher_init (CIPHER_CTX *ctx, unsigned const char *key); int krb5int_yarrow_cipher_encrypt_block (CIPHER_CTX *ctx, const unsigned char *in, unsigned char *out); +void krb5int_yarrow_cipher_final (CIPHER_CTX *ctx); #if !defined( YARROW_NO_MATHLIB ) #define POW_CIPHER_KEY_SIZE pow(2.0, CIPHER_KEY_SIZE * 8 / 3.0) -- 2.26.2