generalized the case with secure memory zeroing

This commit is contained in:
Anatol Belski 2014-09-19 01:46:14 +02:00
parent adf753159b
commit c45f4f5461
7 changed files with 30 additions and 57 deletions

View File

@ -382,6 +382,12 @@ char *alloca();
/* excpt.h on Digital Unix 4.0 defines function_table */ /* excpt.h on Digital Unix 4.0 defines function_table */
#undef function_table #undef function_table
#ifdef ZEND_WIN32
#define ZEND_SECURE_ZERO(var, size) RtlSecureZeroMemory((var), (size))
#else
#define ZEND_SECURE_ZERO(var, size) memset((var), 0, (size))
#endif
#endif /* ZEND_PORTABILITY_H */ #endif /* ZEND_PORTABILITY_H */
/* /*

View File

@ -244,7 +244,7 @@ static void RIPEMD128Transform(php_hash_uint32 state[4], const unsigned char blo
state[0] = tmp; state[0] = tmp;
tmp = 0; tmp = 0;
memset(x, 0, sizeof(x)); ZEND_SECURE_ZERO(x, sizeof(x));
} }
/* }}} */ /* }}} */
@ -342,7 +342,7 @@ static void RIPEMD256Transform(php_hash_uint32 state[8], const unsigned char blo
state[7] += dd; state[7] += dd;
tmp = 0; tmp = 0;
memset(x, 0, sizeof(x)); ZEND_SECURE_ZERO(x, sizeof(x));
} }
/* }}} */ /* }}} */
@ -441,7 +441,7 @@ static void RIPEMD160Transform(php_hash_uint32 state[5], const unsigned char blo
state[0] = tmp; state[0] = tmp;
tmp = 0; tmp = 0;
memset(x, 0, sizeof(x)); ZEND_SECURE_ZERO(x, sizeof(x));
} }
/* }}} */ /* }}} */
@ -549,7 +549,7 @@ static void RIPEMD320Transform(php_hash_uint32 state[10], const unsigned char bl
state[9] += ee; state[9] += ee;
tmp = 0; tmp = 0;
memset(x, 0, sizeof(x)); ZEND_SECURE_ZERO(x, sizeof(x));
} }
/* }}} */ /* }}} */

View File

@ -264,7 +264,7 @@ static void WhirlpoolTransform(PHP_WHIRLPOOL_CTX *context)
context->state[6] ^= state[6] ^ block[6]; context->state[6] ^= state[6] ^ block[6];
context->state[7] ^= state[7] ^ block[7]; context->state[7] ^= state[7] ^ block[7];
memset(state, 0, sizeof(state)); ZEND_SECURE_ZERO(state, sizeof(state));
} }
PHP_HASH_API void PHP_WHIRLPOOLInit(PHP_WHIRLPOOL_CTX *context) PHP_HASH_API void PHP_WHIRLPOOLInit(PHP_WHIRLPOOL_CTX *context)

View File

@ -207,15 +207,11 @@ PHPAPI zend_string *php_crypt(const char *password, const int pass_len, const ch
crypt_res = php_crypt_blowfish_rn(password, salt, output, sizeof(output)); crypt_res = php_crypt_blowfish_rn(password, salt, output, sizeof(output));
if (!crypt_res) { if (!crypt_res) {
memset(output, 0, PHP_MAX_SALT_LEN + 1); ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN + 1);
return NULL; return NULL;
} else { } else {
result = zend_string_init(output, strlen(output), 0); result = zend_string_init(output, strlen(output), 0);
#ifdef PHP_WIN32 ZEND_SECURE_ZERO(output, PHP_MAX_SALT_LEN + 1);
RtlSecureZeroMemory(output, PHP_MAX_SALT_LEN + 1);
#else
memset(output, 0, PHP_MAX_SALT_LEN + 1);
#endif
return result; return result;
} }
} else { } else {

View File

@ -571,33 +571,18 @@ char * php_sha256_crypt_r(const char *key, const char *salt, char *buffer, int b
inside the SHA256 implementation as well. */ inside the SHA256 implementation as well. */
sha256_init_ctx(&ctx); sha256_init_ctx(&ctx);
sha256_finish_ctx(&ctx, alt_result); sha256_finish_ctx(&ctx, alt_result);
#ifdef PHP_WIN32 ZEND_SECURE_ZERO(temp_result, sizeof(temp_result));
RtlSecureZeroMemory(temp_result, sizeof(temp_result)); ZEND_SECURE_ZERO(p_bytes, key_len);
RtlSecureZeroMemory(p_bytes, key_len); ZEND_SECURE_ZERO(s_bytes, salt_len);
RtlSecureZeroMemory(s_bytes, salt_len); ZEND_SECURE_ZERO(&ctx, sizeof(ctx));
RtlSecureZeroMemory(&ctx, sizeof(ctx)); ZEND_SECURE_ZERO(&alt_ctx, sizeof(alt_ctx));
RtlSecureZeroMemory(&alt_ctx, sizeof(alt_ctx));
if (copied_key != NULL) { if (copied_key != NULL) {
RtlSecureZeroMemory(copied_key, key_len); ZEND_SECURE_ZERO(copied_key, key_len);
} }
if (copied_salt != NULL) { if (copied_salt != NULL) {
RtlSecureZeroMemory(copied_salt, salt_len); ZEND_SECURE_ZERO(copied_salt, salt_len);
} }
#else
memset(temp_result, '\0', sizeof(temp_result));
memset(p_bytes, '\0', key_len);
memset(s_bytes, '\0', salt_len);
memset(&ctx, '\0', sizeof(ctx));
memset(&alt_ctx, '\0', sizeof(alt_ctx));
if (copied_key != NULL) {
memset(copied_key, '\0', key_len);
}
if (copied_salt != NULL) {
memset(copied_salt, '\0', salt_len);
}
#endif
return buffer; return buffer;
} }

View File

@ -619,31 +619,17 @@ php_sha512_crypt_r(const char *key, const char *salt, char *buffer, int buflen)
inside the SHA512 implementation as well. */ inside the SHA512 implementation as well. */
sha512_init_ctx(&ctx); sha512_init_ctx(&ctx);
sha512_finish_ctx(&ctx, alt_result); sha512_finish_ctx(&ctx, alt_result);
#ifdef PHP_WIN32 ZEND_SECURE_ZERO(temp_result, sizeof(temp_result));
RtlSecureZeroMemory(temp_result, sizeof(temp_result)); ZEND_SECURE_ZERO(p_bytes, key_len);
RtlSecureZeroMemory(p_bytes, key_len); ZEND_SECURE_ZERO(s_bytes, salt_len);
RtlSecureZeroMemory(s_bytes, salt_len); ZEND_SECURE_ZERO(&ctx, sizeof(ctx));
RtlSecureZeroMemory(&ctx, sizeof(ctx)); ZEND_SECURE_ZERO(&alt_ctx, sizeof(alt_ctx));
RtlSecureZeroMemory(&alt_ctx, sizeof(alt_ctx));
if (copied_key != NULL) { if (copied_key != NULL) {
RtlSecureZeroMemory(copied_key, key_len); ZEND_SECURE_ZERO(copied_key, key_len);
} }
if (copied_salt != NULL) { if (copied_salt != NULL) {
RtlSecureZeroMemory(copied_salt, salt_len); ZEND_SECURE_ZERO(copied_salt, salt_len);
} }
#else
memset(temp_result, '\0', sizeof(temp_result));
memset(p_bytes, '\0', key_len);
memset(s_bytes, '\0', salt_len);
memset(&ctx, '\0', sizeof(ctx));
memset(&alt_ctx, '\0', sizeof(alt_ctx));
if (copied_key != NULL) {
memset(copied_key, '\0', key_len);
}
if (copied_salt != NULL) {
memset(copied_salt, '\0', salt_len);
}
#endif
return buffer; return buffer;
} }

View File

@ -206,7 +206,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
} }
/* Don't leave anything around in vm they could use. */ /* Don't leave anything around in vm they could use. */
RtlSecureZeroMemory(final, sizeof(final)); ZEND_SECURE_ZERO(final, sizeof(final));
/* Then something really weird... */ /* Then something really weird... */
for (i = pwl; i != 0; i >>= 1) { for (i = pwl; i != 0; i >>= 1) {
@ -288,7 +288,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
*p = '\0'; *p = '\0';
RtlSecureZeroMemory(final, sizeof(final)); ZEND_SECURE_ZERO(final, sizeof(final));
_destroyCtx1: _destroyCtx1: