[PATCH 6/7] Avoid burn_stack in CAST5 setkey
Jussi Kivilinna
jussi.kivilinna at iki.fi
Tue Nov 5 16:58:01 CET 2013
* cipher/cast5.c (do_cast_setkey): Use wipememory instead of memset.
(cast_setkey): Remove stack burning.
--
Burning stack does not work properly when compiler inlines static functions,
therefore use wipememory to clear stack after use instead of relying on
_gcry_burn_stack.
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
cipher/cast5.c | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/cipher/cast5.c b/cipher/cast5.c
index 8d14183..09c9691 100644
--- a/cipher/cast5.c
+++ b/cipher/cast5.c
@@ -962,9 +962,9 @@ do_cast_setkey( CAST5_context *c, const byte *key, unsigned keylen )
}
#endif
- memset(&x,0, sizeof x);
- memset(&z,0, sizeof z);
- memset(&k,0, sizeof k);
+ wipememory(x, sizeof x);
+ wipememory(z, sizeof z);
+ wipememory(k, sizeof k);
#undef xi
#undef zi
@@ -976,7 +976,6 @@ cast_setkey (void *context, const byte *key, unsigned keylen )
{
CAST5_context *c = (CAST5_context *) context;
gcry_err_code_t rc = do_cast_setkey (c, key, keylen);
- _gcry_burn_stack (96+7*sizeof(void*));
return rc;
}
More information about the Gcrypt-devel
mailing list