diff options
author | Diadlo <polsha3@gmail.com> | 2017-03-04 00:13:09 +0300 |
---|---|---|
committer | iphydf <iphydf@users.noreply.github.com> | 2017-03-26 13:12:34 +0000 |
commit | 3adc2b8f5b173c1ea569d526eb554f701888257e (patch) | |
tree | d2924570ebfff50863569944f4e32cae8371c6ad /toxcore | |
parent | c07c61c5efa63ff414ce92c6174675e05da64e25 (diff) |
Add crypto_memzero for temp buffer
Diffstat (limited to 'toxcore')
-rw-r--r-- | toxcore/DHT.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/toxcore/DHT.c b/toxcore/DHT.c index 9cfe1ae1..dd7080ff 100644 --- a/toxcore/DHT.c +++ b/toxcore/DHT.c | |||
@@ -194,13 +194,14 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke | |||
194 | 194 | ||
195 | uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2; | 195 | uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2; |
196 | random_nonce(nonce); | 196 | random_nonce(nonce); |
197 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): crypto_memzero before exit function | 197 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; |
198 | memcpy(temp + 1, data, length); | 198 | memcpy(temp + 1, data, length); |
199 | temp[0] = request_id; | 199 | temp[0] = request_id; |
200 | int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, | 200 | int len = encrypt_data(recv_public_key, send_secret_key, nonce, temp, length + 1, |
201 | 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + packet); | 201 | 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + packet); |
202 | 202 | ||
203 | if (len == -1) { | 203 | if (len == -1) { |
204 | crypto_memzero(temp, MAX_CRYPTO_REQUEST_SIZE); | ||
204 | return -1; | 205 | return -1; |
205 | } | 206 | } |
206 | 207 | ||
@@ -208,6 +209,7 @@ int create_request(const uint8_t *send_public_key, const uint8_t *send_secret_ke | |||
208 | memcpy(packet + 1, recv_public_key, CRYPTO_PUBLIC_KEY_SIZE); | 209 | memcpy(packet + 1, recv_public_key, CRYPTO_PUBLIC_KEY_SIZE); |
209 | memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, send_public_key, CRYPTO_PUBLIC_KEY_SIZE); | 210 | memcpy(packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, send_public_key, CRYPTO_PUBLIC_KEY_SIZE); |
210 | 211 | ||
212 | crypto_memzero(temp, MAX_CRYPTO_REQUEST_SIZE); | ||
211 | return len + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE; | 213 | return len + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE; |
212 | } | 214 | } |
213 | 215 | ||
@@ -235,18 +237,20 @@ int handle_request(const uint8_t *self_public_key, const uint8_t *self_secret_ke | |||
235 | 237 | ||
236 | memcpy(public_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE); | 238 | memcpy(public_key, packet + 1 + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_PUBLIC_KEY_SIZE); |
237 | const uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2; | 239 | const uint8_t *nonce = packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2; |
238 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; // TODO(irungentoo): crypto_memzero before exit function | 240 | uint8_t temp[MAX_CRYPTO_REQUEST_SIZE]; |
239 | int len1 = decrypt_data(public_key, self_secret_key, nonce, | 241 | int len1 = decrypt_data(public_key, self_secret_key, nonce, |
240 | packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE, | 242 | packet + 1 + CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE, |
241 | length - (CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1), temp); | 243 | length - (CRYPTO_PUBLIC_KEY_SIZE * 2 + CRYPTO_NONCE_SIZE + 1), temp); |
242 | 244 | ||
243 | if (len1 == -1 || len1 == 0) { | 245 | if (len1 == -1 || len1 == 0) { |
246 | crypto_memzero(temp, MAX_CRYPTO_REQUEST_SIZE); | ||
244 | return -1; | 247 | return -1; |
245 | } | 248 | } |
246 | 249 | ||
247 | request_id[0] = temp[0]; | 250 | request_id[0] = temp[0]; |
248 | --len1; | 251 | --len1; |
249 | memcpy(data, temp + 1, len1); | 252 | memcpy(data, temp + 1, len1); |
253 | crypto_memzero(temp, MAX_CRYPTO_REQUEST_SIZE); | ||
250 | return len1; | 254 | return len1; |
251 | } | 255 | } |
252 | 256 | ||