DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

More forceful clearing of stack memory with keys

Browse source 
gcc 8.3.0 was apparently clever enough to optimize away the previously
used os_memset() to explicitly clear a stack buffer that contains keys
when that clearing happened just before returning from the function.
Since memset_s() is not exactly portable (or commonly available yet..),
use a less robust mechanism that is still pretty likely to prevent
current compilers from optimizing the explicit clearing of the memory
away.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2019-05-26 00:47:17 +03:00
parent e1923f5b6a
commit 31bc66e4d1
25 changed files with 98 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/eap_server/eap_server_peap.c
View file

@ -362,7 +362,7 @@ static int eap_peap_derive_cmk(struct eap_sm *sm, struct eap_peap_data *data)
res = peap_prfplus(data->peap_version, tk, 40,
"Inner Methods Compound Keys",
isk, sizeof(isk), imck, sizeof(imck));
os_memset(isk, 0, sizeof(isk));
forced_memzero(isk, sizeof(isk));
if (res < 0) {
os_free(tk);
return -1;
@ -376,7 +376,7 @@ static int eap_peap_derive_cmk(struct eap_sm *sm, struct eap_peap_data *data)
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: IPMK (S-IPMKj)", data->ipmk, 40);
os_memcpy(data->cmk, imck + 40, 20);
wpa_hexdump_key(MSG_DEBUG, "EAP-PEAP: CMK (CMKj)", data->cmk, 20);
os_memset(imck, 0, sizeof(imck));
forced_memzero(imck, sizeof(imck));
return 0;
}
@ -1326,7 +1326,7 @@ static u8 * eap_peap_getKey(struct eap_sm *sm, void *priv, size_t *len)
"key");
}
os_memset(csk, 0, sizeof(csk));
forced_memzero(csk, sizeof(csk));
return eapKeyData;
}

2
src/eap_server/eap_server_pwd.c
View file

@ -632,7 +632,7 @@ static void eap_pwd_process_id_resp(struct eap_sm *sm,
data->id_server, data->id_server_len,
data->id_peer, data->id_peer_len,
(u8 *) &data->token);
os_memset(pwhashhash, 0, sizeof(pwhashhash));
forced_memzero(pwhashhash, sizeof(pwhashhash));
if (res) {
wpa_printf(MSG_INFO, "EAP-PWD (server): unable to compute "
"PWE");