aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2016-09-07 12:38:07 +0100
committerDaniel P. Berrange <berrange@redhat.com>2016-09-19 16:30:45 +0100
commit8813800b7d995d8b54ef0a1e16d41fc13d8b5f3a (patch)
treed04d3dae6771a415193fbf92d955075a88932d4f
parent3bd18890cab82735ae2565fa50aa122e1b4a0ef0 (diff)
downloadqemu-8813800b7d995d8b54ef0a1e16d41fc13d8b5f3a.zip
qemu-8813800b7d995d8b54ef0a1e16d41fc13d8b5f3a.tar.gz
qemu-8813800b7d995d8b54ef0a1e16d41fc13d8b5f3a.tar.bz2
crypto: clear out buffer after timing pbkdf algorithm
The 'out' buffer will hold a key derived from master password, so it is best practice to clear this buffer when no longer required. At this time, the code isn't worrying about locking buffers into RAM to prevent swapping sensitive data to disk. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
-rw-r--r--crypto/pbkdf.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/crypto/pbkdf.c b/crypto/pbkdf.c
index 929458b..e391505 100644
--- a/crypto/pbkdf.c
+++ b/crypto/pbkdf.c
@@ -67,13 +67,14 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm hash,
const uint8_t *salt, size_t nsalt,
Error **errp)
{
+ uint64_t ret = -1;
uint8_t out[32];
uint64_t iterations = (1 << 15);
unsigned long long delta_ms, start_ms, end_ms;
while (1) {
if (qcrypto_pbkdf2_get_thread_cpu(&start_ms, errp) < 0) {
- return -1;
+ goto cleanup;
}
if (qcrypto_pbkdf2(hash,
key, nkey,
@@ -81,10 +82,10 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm hash,
iterations,
out, sizeof(out),
errp) < 0) {
- return -1;
+ goto cleanup;
}
if (qcrypto_pbkdf2_get_thread_cpu(&end_ms, errp) < 0) {
- return -1;
+ goto cleanup;
}
delta_ms = end_ms - start_ms;
@@ -100,5 +101,9 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm hash,
iterations = iterations * 1000 / delta_ms;
- return iterations;
+ ret = iterations;
+
+ cleanup:
+ memset(out, 0, sizeof(out));
+ return ret;
}