DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity

Removed the wipe_pw routine as it could result in segfaults when a static key is used.

Browse Source 
git-svn-id: file:///home/mbr/svn/fwknop/trunk@147 510a4753-2344-4c79-9c09-4d669213fbeb
This commit is contained in:
Damien Stuart 2009-09-14 00:37:13 +00:00
parent 2bf25e62a7
commit 8a06e36338
2 changed files with 9 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/Makefile.am
View File

@ -1,4 +1,4 @@
lib_LTLIBRARIES = libfko.la lib_LTLIBRARIES = libfko.la
libfko_source_files = \ libfko_source_files = \
base64.c base64.h cipher_funcs.c cipher_funcs.h digest.c digest.h \ base64.c base64.h cipher_funcs.c cipher_funcs.h digest.c digest.h \
@ -9,10 +9,10 @@ libfko_source_files = \
rijndael.c rijndael.h sha1.c sha1.h sha2.c sha2.h strlcat.c \ rijndael.c rijndael.h sha1.c sha1.h sha2.c sha2.h strlcat.c \
strlcpy.c fko_state.h fko_context.h gpgme_funcs.c gpgme_funcs.h strlcpy.c fko_state.h fko_context.h gpgme_funcs.c gpgme_funcs.h
libfko_la_SOURCES = $(libfko_source_files) libfko_la_SOURCES = $(libfko_source_files)
libfko_la_LDFLAGS = -version-info 0:1:0 $(GPGME_LIBS)
AM_CPPFLAGS = $(GPGME_CFLAGS) libfko_la_LDFLAGS = -version-info 0:1:0 $(GPGME_LIBS)
include_HEADERS = fko.h AM_CPPFLAGS = $(GPGME_CFLAGS)
include_HEADERS = fko.h

26
lib/fko_encryption.c
View File

@ -37,15 +37,6 @@
#define B64_RIJNDAEL_SALT "U2FsdGVkX1" #define B64_RIJNDAEL_SALT "U2FsdGVkX1"
/* Wipe out the password buffer.
*/
void
wipe_pw(char *pw)
{
if(pw != NULL)
bzero(pw, strlen(pw));
}
/* Prep and encrypt using Rijndael /* Prep and encrypt using Rijndael
*/ */
int int
@ -337,8 +328,7 @@ fko_encrypt_spa_data(fko_ctx_t ctx, char *enc_key)
*/ */
if(!CTX_INITIALIZED(ctx)) if(!CTX_INITIALIZED(ctx))
{ {
res = FKO_ERROR_CTX_NOT_INITIALIZED; return(FKO_ERROR_CTX_NOT_INITIALIZED);
goto EWIPEOUT;
} }
/* If there is no encoded data or the SPA data has been modified, /* If there is no encoded data or the SPA data has been modified,
@ -348,7 +338,7 @@ fko_encrypt_spa_data(fko_ctx_t ctx, char *enc_key)
res = fko_encode_spa_data(ctx); res = fko_encode_spa_data(ctx);
if(res) if(res)
goto EWIPEOUT; return(res);
/* Croak on invalid encoded message as well. At present this is a /* Croak on invalid encoded message as well. At present this is a
* check for a somewhat arbitrary minimum length for the encoded * check for a somewhat arbitrary minimum length for the encoded
@ -356,8 +346,7 @@ fko_encrypt_spa_data(fko_ctx_t ctx, char *enc_key)
*/ */
if(strlen(ctx->encoded_msg) < MIN_SPA_ENCODED_MSG_SIZE) if(strlen(ctx->encoded_msg) < MIN_SPA_ENCODED_MSG_SIZE)
{ {
res = FKO_ERROR_MISSING_ENCODED_DATA; return(FKO_ERROR_MISSING_ENCODED_DATA);
goto EWIPEOUT;
} }
/* Encrypt according to type and return... /* Encrypt according to type and return...
@ -373,9 +362,6 @@ fko_encrypt_spa_data(fko_ctx_t ctx, char *enc_key)
else else
res = FKO_ERROR_INVALID_ENCRYPTION_TYPE; res = FKO_ERROR_INVALID_ENCRYPTION_TYPE;
EWIPEOUT:
wipe_pw(enc_key);
return(res); return(res);
} }
@ -392,8 +378,7 @@ fko_decrypt_spa_data(fko_ctx_t ctx, char *dec_key)
if(ctx->encrypted_msg == NULL if(ctx->encrypted_msg == NULL
|| strlen(ctx->encrypted_msg) < MIN_SPA_ENCODED_MSG_SIZE) || strlen(ctx->encrypted_msg) < MIN_SPA_ENCODED_MSG_SIZE)
{ {
res = FKO_ERROR_INVALID_DATA; return(FKO_ERROR_INVALID_DATA);
goto DWIPEOUT;
} }
/* Determine type of encryption used. For know, we are using the /* Determine type of encryption used. For know, we are using the
@ -419,9 +404,6 @@ fko_decrypt_spa_data(fko_ctx_t ctx, char *dec_key)
res = _rijndael_decrypt(ctx, dec_key, b64_len); res = _rijndael_decrypt(ctx, dec_key, b64_len);
} }
DWIPEOUT:
wipe_pw(dec_key);
return(res); return(res);
} }