Sure, looks fine in this micro context so maybe someone copying code from
here as an example will do better. Though note that wider-scoped key/iv
still contain the key material after EVP_CipherInit_ex and so on.
Doesn't appear we've sprinkled many explicit_bzero's into openssl(1) in
general given its short lifetime for most operations. I'm not sure how
paranoid we need to be in this context, but I'll apply this.
On Tue, Jul 23, 2019 at 3:54 PM Steven Roberts <srobe...@fenderq.com> wrote:
> Hi,
>
> This patch for openssl enc will zero out tmpkeyiv which contains key
> information.
>
> Thanks.
>
> Index: enc.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/openssl/enc.c,v
> retrieving revision 1.21
> diff -u -p -u -r1.21 enc.c
> --- enc.c 14 Jul 2019 03:30:45 -0000 1.21
> +++ enc.c 22 Jul 2019 16:53:20 -0000
> @@ -633,6 +633,8 @@ enc_main(int argc, char **argv)
> /* split and move data back to global
> buffer */
> memcpy(key, tmpkeyiv, iklen);
> memcpy(iv, tmpkeyiv+iklen, ivlen);
> + /* zero the tmpkeyiv buffer */
> + explicit_bzero(tmpkeyiv, sizeof(tmpkeyiv));
> } else {
> EVP_BytesToKey(enc_config.cipher, dgst,
> sptr,
> (unsigned char *)enc_config.keystr,
>
>
