[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 2/6] crypto: clear out buffer after timing pbkdf
From: |
Daniel P. Berrange |
Subject: |
Re: [Qemu-devel] [PATCH 2/6] crypto: clear out buffer after timing pbkdf algorithm |
Date: |
Fri, 9 Sep 2016 10:35:55 +0100 |
User-agent: |
Mutt/1.7.0 (2016-08-17) |
On Thu, Sep 08, 2016 at 12:47:43PM -0500, Eric Blake wrote:
> On 09/08/2016 11:27 AM, Daniel P. Berrange wrote:
> > The 'out' buffer will hold a key derived from master
> > password, so it is best practice to clear this buffer
> > when no longer required.
> >
> > Signed-off-by: Daniel P. Berrange <address@hidden>
> > ---
> > crypto/pbkdf.c | 15 ++++++++++-----
> > 1 file changed, 10 insertions(+), 5 deletions(-)
>
> Reviewed-by: Eric Blake <address@hidden>
>
> It still doesn't prevent the memory from being copied elsewhere (such as
> the stack being paged out), unless we go to extraordinary lengths to
> explicitly request volatile memory that can't be paged out. I don't
> know if we need to worry about that, though. Do any of our crypto
> libraries provide APIs for allocating local-use-only memory for
> sensitive data?
AFAICT, while gcrypt uses such APIs internally, it doesn't expose them
to users. Nettle avoids malloc entirely in its API. So if we wanted
that we'd basically need to roll our own. I don't think this is a big
deal, but I just wanted to add the memset() as a sanity check really.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
- [Qemu-devel] [PATCH 0/6] crypto: misc tweaks & improvements to pbkdf code, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 2/6] crypto: clear out buffer after timing pbkdf algorithm, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 1/6] crypto: make PBKDF iterations configurable for LUKS format, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 3/6] crypto: use correct derived key size when timing pbkdf, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 6/6] crypto: support more hash algorithms for pbkdf, Daniel P. Berrange, 2016/09/08
- [Qemu-devel] [PATCH 4/6] crypto: remove bogus /= 2 for pbkdf iterations, Daniel P. Berrange, 2016/09/08