cryptosoft(4): Zero plain hash contexts, too

An OCF-naive user program could use these primitives to implement HMAC, for example. This would make the freed context sensitive data. Probably other bzeros in this file should be explicit_bzeros as well. Future work. Reviewed by: jhb, markj Differential Revision: https://reviews.freebsd.org/D14662 (minor part of a larger work)
2018-03-21 16:12:07 +00:00 · 2018-03-21 16:12:07 +00:00 · 5fbc5b5a3c
commit 5fbc5b5a3c
parent 7021bf0569
1 changed files with 3 additions and 1 deletions
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@ -1053,8 +1053,10 @@ swcr_freesession_locked(device_t dev, u_int64_t tid)
 		case CRYPTO_SHA1:
 			axf = swd->sw_axf;

-			if (swd->sw_ictx)
+			if (swd->sw_ictx) {
+				explicit_bzero(swd->sw_ictx, axf->ctxsize);
 				free(swd->sw_ictx, M_CRYPTO_DATA);
+			}
 			break;

 		case CRYPTO_DEFLATE_COMP: