arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use SetMark to avoid unneeded zeroization in Rijndael

pull/531/head
Jeffrey Walton 2017-10-08 12:05:33 -04:00
parent ebcd91a0ac
commit 6e436427fb
No known key found for this signature in database
GPG Key ID: B36AB348921B1838
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
rijndael.cpp
View File

@ -316,6 +316,9 @@ void Rijndael::Base::UncheckedSetKey(const byte *userKey, unsigned int keyLen, c
#if CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X86 #if CRYPTOPP_BOOL_X64 || CRYPTOPP_BOOL_X32 || CRYPTOPP_BOOL_X86
m_aliasBlock.New(s_sizeToAllocate); m_aliasBlock.New(s_sizeToAllocate);
// The alias block is only used on IA-32 when unaligned data access is in effect.
// Setting the low water mark to 0 avoids zeroization when m_aliasBlock is unused.
m_aliasBlock.SetMark(0);
#endif #endif
m_rounds = keyLen/4 + 6; m_rounds = keyLen/4 + 6;
@ -1146,6 +1149,7 @@ size_t Rijndael::Enc::AdvancedProcessBlocks(const byte *inBlocks, const byte *xo
return length; return length;
static const byte *zeros = (const byte*)(Te+256); static const byte *zeros = (const byte*)(Te+256);
m_aliasBlock.SetMark(m_aliasBlock.size());
byte *space = NULLPTR, *originalSpace = const_cast<byte*>(m_aliasBlock.data()); byte *space = NULLPTR, *originalSpace = const_cast<byte*>(m_aliasBlock.data());
// round up to nearest 256 byte boundary // round up to nearest 256 byte boundary

2
rijndael.h
View File

@ -57,7 +57,7 @@ class CRYPTOPP_DLL Rijndael : public Rijndael_Info, public BlockCipherDocumentat
unsigned int m_rounds; unsigned int m_rounds;
FixedSizeAlignedSecBlock<word32, 4*15> m_key; FixedSizeAlignedSecBlock<word32, 4*15> m_key;
SecByteBlock m_aliasBlock; mutable SecByteBlock m_aliasBlock;
}; };
//! \brief Provides implementation for encryption transformation //! \brief Provides implementation for encryption transformation