nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 20:33:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

memwipe interesting unused memory

Browse Source
This commit is contained in:
George Kadianakis 2017-08-03 15:42:30 +03:00 committed by Nick Mathewson
parent 29b3dd1c05
commit 74981d1f13
2 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/or/hs_cell.c
View File

@ -193,18 +193,16 @@ build_legacy_establish_intro(const char *circ_nonce, crypto_pk_t *enc_key,
uint8_t *cell_out) uint8_t *cell_out)
{ {
ssize_t cell_len; ssize_t cell_len;
char buf[RELAY_PAYLOAD_SIZE] = {0};
tor_assert(circ_nonce); tor_assert(circ_nonce);
tor_assert(enc_key); tor_assert(enc_key);
tor_assert(cell_out); tor_assert(cell_out);
cell_len = rend_service_encode_establish_intro_cell(buf, sizeof(buf), memwipe(cell_out, 0, RELAY_PAYLOAD_SIZE);
cell_len = rend_service_encode_establish_intro_cell((char*)cell_out,
RELAY_PAYLOAD_SIZE,
enc_key, circ_nonce); enc_key, circ_nonce);
tor_assert(cell_len <= RELAY_PAYLOAD_SIZE);
if (cell_len >= 0) {
memcpy(cell_out, buf, cell_len);
}
return cell_len; return cell_len;
} }
@ -326,6 +324,9 @@ hs_cell_build_establish_intro(const char *circ_nonce,
tmp_cell_enc, tmp_cell_enc_len - tmp_cell_mac_offset); tmp_cell_enc, tmp_cell_enc_len - tmp_cell_mac_offset);
handshake_ptr = trn_cell_establish_intro_getarray_handshake_mac(cell); handshake_ptr = trn_cell_establish_intro_getarray_handshake_mac(cell);
memcpy(handshake_ptr, mac, sizeof(mac)); memcpy(handshake_ptr, mac, sizeof(mac));
memwipe(mac, 0, sizeof(mac));
memwipe(tmp_cell_enc, 0, sizeof(tmp_cell_enc));
} }
/* Calculate the cell signature SIG. */ /* Calculate the cell signature SIG. */
@ -353,6 +354,8 @@ hs_cell_build_establish_intro(const char *circ_nonce,
/* Copy the signature into the cell. */ /* Copy the signature into the cell. */
sig_ptr = trn_cell_establish_intro_getarray_sig(cell); sig_ptr = trn_cell_establish_intro_getarray_sig(cell);
memcpy(sig_ptr, sig.sig, sig_len); memcpy(sig_ptr, sig.sig, sig_len);
memwipe(tmp_cell_enc, 0, sizeof(tmp_cell_enc));
} }
/* Encode the cell. Can't be bigger than a standard cell. */ /* Encode the cell. Can't be bigger than a standard cell. */

8
src/or/hs_common.c
View File

@ -582,6 +582,8 @@ build_blinded_key_param(const ed25519_public_key_t *pubkey,
/* Extract digest and put it in the param. */ /* Extract digest and put it in the param. */
crypto_digest_get_digest(digest, (char *) param_out, DIGEST256_LEN); crypto_digest_get_digest(digest, (char *) param_out, DIGEST256_LEN);
crypto_digest_free(digest); crypto_digest_free(digest);
memwipe(nonce, 0, sizeof(nonce));
} }
/* Using an ed25519 public key and version to build the checksum of an /* Using an ed25519 public key and version to build the checksum of an
@ -701,6 +703,8 @@ hs_get_subcredential(const ed25519_public_key_t *identity_pk,
ED25519_PUBKEY_LEN); ED25519_PUBKEY_LEN);
crypto_digest_get_digest(digest, (char *) subcred_out, DIGEST256_LEN); crypto_digest_get_digest(digest, (char *) subcred_out, DIGEST256_LEN);
crypto_digest_free(digest); crypto_digest_free(digest);
memwipe(credential, 0, sizeof(credential));
} }
/* From the given list of hidden service ports, find the matching one from the /* From the given list of hidden service ports, find the matching one from the
@ -892,6 +896,8 @@ hs_build_blinded_pubkey(const ed25519_public_key_t *pk,
build_blinded_key_param(pk, secret, secret_len, build_blinded_key_param(pk, secret, secret_len,
time_period_num, get_time_period_length(), param); time_period_num, get_time_period_length(), param);
ed25519_public_blind(blinded_pk_out, pk, param); ed25519_public_blind(blinded_pk_out, pk, param);
memwipe(param, 0, sizeof(param));
} }
/* From a given ed25519 keypair kp and an optional secret, compute a blinded /* From a given ed25519 keypair kp and an optional secret, compute a blinded
@ -916,6 +922,8 @@ hs_build_blinded_keypair(const ed25519_keypair_t *kp,
build_blinded_key_param(&kp->pubkey, secret, secret_len, build_blinded_key_param(&kp->pubkey, secret, secret_len,
time_period_num, get_time_period_length(), param); time_period_num, get_time_period_length(), param);
ed25519_keypair_blind(blinded_kp_out, kp, param); ed25519_keypair_blind(blinded_kp_out, kp, param);
memwipe(param, 0, sizeof(param));
} }
/* Return true if overlap mode is active given the date in consensus. If /* Return true if overlap mode is active given the date in consensus. If