Zeroize tmp bufs in entropy.c functions

2025-11-04 04:32:24 -05:00 · 2017-06-26 09:58:59 +01:00 · 2017-06-26 09:58:59 +01:00 · 1adcd95a25
commit 1adcd95a25
parent eb132b655c
1 changed files with 20 additions and 10 deletions
--- a/library/entropy.c
+++ b/library/entropy.c
@ -242,7 +242,7 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
        if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
                        buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 )
        {
-            return( ret );
+            goto cleanup;
        }

        /*
@ -256,9 +256,12 @@ static int entropy_gather_internal( mbedtls_entropy_context *ctx )
    }

    if( have_one_strong == 0 )
-        return( MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE );
+        ret = MBEDTLS_ERR_ENTROPY_NO_STRONG_SOURCE;

-    return( 0 );
+cleanup:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    return( ret );
 }

 /*
@ -370,6 +373,8 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
    ret = 0;

 exit:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
 #if defined(MBEDTLS_THREADING_C)
    if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
        return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
@ -393,9 +398,9 @@ int mbedtls_entropy_update_nv_seed( mbedtls_entropy_context *ctx )

    /* Manually update the remaining stream with a separator value to diverge */
    memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
-    mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
+    ret = mbedtls_entropy_update_manual( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );

-    return( 0 );
+    return( ret );
 }
 #endif /* MBEDTLS_ENTROPY_NV_SEED */

@ -421,12 +426,15 @@ int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *p
    ret = 0;

 exit:
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
    fclose( f );
    return( ret );
 }

 int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path )
 {
+    int ret = 0;
    FILE *f;
    size_t n;
    unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
@ -442,14 +450,16 @@ int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *
        n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;

    if( fread( buf, 1, n, f ) != n )
-    {
-        fclose( f );
-        return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
-    }
+        ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
+    else
+        ret = mbedtls_entropy_update_manual( ctx, buf, n );

    fclose( f );

-    mbedtls_entropy_update_manual( ctx, buf, n );
+    mbedtls_zeroize( buf, sizeof( buf ) );
+
+    if( ret != 0 )
+        return( ret );

    return( mbedtls_entropy_write_seed_file( ctx, path ) );
 }