[Qemu-devel] [PULL v2 3/8] crypto: clear out buffer after timing pbkdf a

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PULL v2 3/8] crypto: clear out buffer after timing pbkdf a

From:	Daniel P. Berrange
Subject:	[Qemu-devel] [PULL v2 3/8] crypto: clear out buffer after timing pbkdf algorithm
Date:	Mon, 19 Sep 2016 16:33:52 +0100

The 'out' buffer will hold a key derived from master
password, so it is best practice to clear this buffer
when no longer required.

At this time, the code isn't worrying about locking
buffers into RAM to prevent swapping sensitive data
to disk.

Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
---
 crypto/pbkdf.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/crypto/pbkdf.c b/crypto/pbkdf.c
index 929458b..e391505 100644
--- a/crypto/pbkdf.c
+++ b/crypto/pbkdf.c
@@ -67,13 +67,14 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm 
hash,
                                     const uint8_t *salt, size_t nsalt,
                                     Error **errp)
 {
+    uint64_t ret = -1;
     uint8_t out[32];
     uint64_t iterations = (1 << 15);
     unsigned long long delta_ms, start_ms, end_ms;
 
     while (1) {
         if (qcrypto_pbkdf2_get_thread_cpu(&start_ms, errp) < 0) {
-            return -1;
+            goto cleanup;
         }
         if (qcrypto_pbkdf2(hash,
                            key, nkey,
@@ -81,10 +82,10 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm 
hash,
                            iterations,
                            out, sizeof(out),
                            errp) < 0) {
-            return -1;
+            goto cleanup;
         }
         if (qcrypto_pbkdf2_get_thread_cpu(&end_ms, errp) < 0) {
-            return -1;
+            goto cleanup;
         }
 
         delta_ms = end_ms - start_ms;
@@ -100,5 +101,9 @@ uint64_t qcrypto_pbkdf2_count_iters(QCryptoHashAlgorithm 
hash,
 
     iterations = iterations * 1000 / delta_ms;
 
-    return iterations;
+    ret = iterations;
+
+ cleanup:
+    memset(out, 0, sizeof(out));
+    return ret;
 }
-- 
2.7.4

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19, Daniel P. Berrange, 2016/09/19
- [Qemu-devel] [PULL v2 3/8] crypto: clear out buffer after timing pbkdf algorithm, Daniel P. Berrange <=
- [Qemu-devel] [PULL v2 6/8] crypto: increase default pbkdf2 time for luks to 2 seconds, Daniel P. Berrange, 2016/09/19
- [Qemu-devel] [PULL v2 2/8] crypto: make PBKDF iterations configurable for LUKS format, Daniel P. Berrange, 2016/09/19
- [Qemu-devel] [PULL v2 4/8] crypto: use correct derived key size when timing pbkdf, Daniel P. Berrange, 2016/09/19
- [Qemu-devel] [PULL v2 1/8] crypto: use uint64_t for pbkdf iteration count parameters, Daniel P. Berrange, 2016/09/19
- [Qemu-devel] [PULL v2 5/8] crypto: remove bogus /= 2 for pbkdf iterations, Daniel P. Berrange, 2016/09/19
- [Qemu-devel] [PULL v2 7/8] crypto: support more hash algorithms for pbkdf, Daniel P. Berrange, 2016/09/19
- [Qemu-devel] [PULL v2 8/8] crypto: add trace points for TLS cert verification, Daniel P. Berrange, 2016/09/19
- Re: [Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19, no-reply, 2016/09/19
- Re: [Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19, Peter Maydell, 2016/09/19
- Re: [Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19, no-reply, 2016/09/19

Prev by Date: [Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19
Next by Date: [Qemu-devel] [PULL v2 6/8] crypto: increase default pbkdf2 time for luks to 2 seconds
Previous by thread: [Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19
Next by thread: [Qemu-devel] [PULL v2 6/8] crypto: increase default pbkdf2 time for luks to 2 seconds
Index(es):
- Date
- Thread