nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-01 03:22:48 -05:00
Code Issues Projects Releases Wiki Activity

Introduce a new utility function smemclr(), which memsets things to

Browse Source 
zero but does it in such a way that over-clever compilers hopefully
won't helpfully optimise the call away if you do it just before
freeing something or letting it go out of scope. Use this for
(hopefully) every memset whose job is to destroy sensitive data that
might otherwise be left lying around in the process's memory.

[originally from svn r9586]
This commit is contained in:
Simon Tatham
2012-07-22 19:51:50 +00:00
parent acf8a5385d
commit aa5bae8916
21 changed files with 140 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sshaes.c
View File

@ -1157,7 +1157,7 @@ void aes256_encrypt_pubkey(unsigned char *key, unsigned char *blk, int len)
aes_setup(&ctx, 16, key, 32);
memset(ctx.iv, 0, sizeof(ctx.iv));
aes_encrypt_cbc(blk, len, &ctx);
memset(&ctx, 0, sizeof(ctx));
smemclr(&ctx, sizeof(ctx));
}
void aes256_decrypt_pubkey(unsigned char *key, unsigned char *blk, int len)
@ -1166,7 +1166,7 @@ void aes256_decrypt_pubkey(unsigned char *key, unsigned char *blk, int len)
aes_setup(&ctx, 16, key, 32);
memset(ctx.iv, 0, sizeof(ctx.iv));
aes_decrypt_cbc(blk, len, &ctx);
memset(&ctx, 0, sizeof(ctx));
smemclr(&ctx, sizeof(ctx));
}
static const struct ssh2_cipher ssh_aes128_ctr = {