> On 15 Jan 2015, at 13:46, Todd C. Miller <[email protected]> wrote: > > We may want to add an explicit_bzero to SipHash_Final() too but > I'll leave that up to tedu.
the siphash implementation already uses explicit_bzero, but it is in SipHash_End. SipHash_Final is just a wrapper that byteswaps the value from SipHash_End for storage in a buffer. > > - todd > > Index: lib/libc/hash/helper.c > =================================================================== > RCS file: /cvs/src/lib/libc/hash/helper.c,v > retrieving revision 1.11 > diff -u -r1.11 helper.c > --- lib/libc/hash/helper.c 3 Apr 2014 17:55:27 -0000 1.11 > +++ lib/libc/hash/helper.c 15 Jan 2015 03:41:17 -0000 > @@ -50,7 +50,7 @@ > buf[i + i + 1] = hex[digest[i] & 0x0f]; > } > buf[i + i] = '\0'; > - memset(digest, 0, sizeof(digest)); > + explicit_bzero(digest, sizeof(digest)); > return (buf); > } > > Index: lib/libc/hash/md5.c > =================================================================== > RCS file: /cvs/src/lib/libc/hash/md5.c,v > retrieving revision 1.9 > diff -u -r1.9 md5.c > --- lib/libc/hash/md5.c 8 Jan 2014 06:14:57 -0000 1.9 > +++ lib/libc/hash/md5.c 15 Jan 2015 03:41:26 -0000 > @@ -128,7 +128,7 @@ > MD5Pad(ctx); > for (i = 0; i < 4; i++) > PUT_32BIT_LE(digest + i * 4, ctx->state[i]); > - memset(ctx, 0, sizeof(*ctx)); > + explicit_bzero(ctx, sizeof(*ctx)); > } > > > Index: lib/libc/hash/rmd160.c > =================================================================== > RCS file: /cvs/src/lib/libc/hash/rmd160.c,v > retrieving revision 1.20 > diff -u -r1.20 rmd160.c > --- lib/libc/hash/rmd160.c 21 Jul 2014 01:51:10 -0000 1.20 > +++ lib/libc/hash/rmd160.c 15 Jan 2015 03:41:34 -0000 > @@ -153,7 +153,7 @@ > RMD160Pad(ctx); > for (i = 0; i < 5; i++) > PUT_32BIT_LE(digest + i*4, ctx->state[i]); > - memset(ctx, 0, sizeof (*ctx)); > + explicit_bzero(ctx, sizeof (*ctx)); > } > > void > Index: lib/libc/hash/sha1.c > =================================================================== > RCS file: /cvs/src/lib/libc/hash/sha1.c,v > retrieving revision 1.23 > diff -u -r1.23 sha1.c > --- lib/libc/hash/sha1.c 8 Jan 2014 06:14:57 -0000 1.23 > +++ lib/libc/hash/sha1.c 15 Jan 2015 03:41:43 -0000 > @@ -169,5 +169,5 @@ > digest[i] = (u_int8_t) > ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); > } > - memset(context, 0, sizeof(*context)); > + explicit_bzero(context, sizeof(*context)); > } > Index: lib/libc/hash/sha2.c > =================================================================== > RCS file: /cvs/src/lib/libc/hash/sha2.c,v > retrieving revision 1.22 > diff -u -r1.22 sha2.c > --- lib/libc/hash/sha2.c 19 Dec 2014 15:14:04 -0000 1.22 > +++ lib/libc/hash/sha2.c 15 Jan 2015 03:43:34 -0000 > @@ -316,7 +316,7 @@ > #else > memcpy(digest, context->state.st32, SHA224_DIGEST_LENGTH); > #endif > - memset(context, 0, sizeof(*context)); > + explicit_bzero(context, sizeof(*context)); > } > #endif /* !defined(SHA2_SMALL) */ > > @@ -591,7 +591,7 @@ > #else > memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH); > #endif > - memset(context, 0, sizeof(*context)); > + explicit_bzero(context, sizeof(*context)); > } > > > @@ -867,7 +867,7 @@ > #else > memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH); > #endif > - memset(context, 0, sizeof(*context)); > + explicit_bzero(context, sizeof(*context)); > } > > #if !defined(SHA2_SMALL) > @@ -901,6 +901,6 @@ > memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH); > #endif > /* Zero out state data */ > - memset(context, 0, sizeof(*context)); > + explicit_bzero(context, sizeof(*context)); > } > #endif /* !defined(SHA2_SMALL) */ >
