From d1c98fcf5e04b8f6628ca951131aa1f7d67283de Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 19 Aug 2020 14:03:06 +0200 Subject: [PATCH] Zeroize internal buffers and variables in MD hashes Zeroising of local buffers and variables which are used for calculations in mbedtls_internal_md*_process() and mbedtls_internal_ripemd160_process() functions to erase sensitive data from memory. Checked all function for possible missing zeroisation in MD. Signed-off-by: gabor-mezei-arm --- ...oizations_of_sensitive_data_in_PKCS5_and_SHA.txt | 3 ++- library/md2.c | 3 +++ library/md4.c | 7 +++++++ library/md5.c | 7 +++++++ library/ripemd160.c | 13 +++++++++++++ 5 files changed, 32 insertions(+), 1 deletion(-) diff --git a/ChangeLog.d/zeroizations_of_sensitive_data_in_PKCS5_and_SHA.txt b/ChangeLog.d/zeroizations_of_sensitive_data_in_PKCS5_and_SHA.txt index f8445615c..320bb0e86 100644 --- a/ChangeLog.d/zeroizations_of_sensitive_data_in_PKCS5_and_SHA.txt +++ b/ChangeLog.d/zeroizations_of_sensitive_data_in_PKCS5_and_SHA.txt @@ -1,5 +1,6 @@ Security * Zeroising of local buffers and variables which are used for calculations - in mbedtls_pkcs5_pbkdf2_hmac() and mbedtls_internal_sha*_process() + in mbedtls_pkcs5_pbkdf2_hmac(), mbedtls_internal_sha*_process(), + mbedtls_internal_md*_process() and mbedtls_internal_ripemd160_process() functions to erase sensitive data from memory. Reported by Johan Malmgren and Johan Uppman Bruce from Sectra. diff --git a/library/md2.c b/library/md2.c index afc6539e0..53248ad48 100644 --- a/library/md2.c +++ b/library/md2.c @@ -149,6 +149,9 @@ int mbedtls_internal_md2_process( mbedtls_md2_context *ctx ) t = ctx->cksum[i]; } + /* Zeroise variables to clear sensitive data from memory. */ + mbedtls_platform_zeroize( &t, sizeof( t ) ); + return( 0 ); } diff --git a/library/md4.c b/library/md4.c index beb42c954..0416df3d7 100644 --- a/library/md4.c +++ b/library/md4.c @@ -231,6 +231,13 @@ int mbedtls_internal_md4_process( mbedtls_md4_context *ctx, ctx->state[2] += C; ctx->state[3] += D; + /* Zeroise variables to clear sensitive data from memory. */ + mbedtls_platform_zeroize( &X, sizeof( X ) ); + mbedtls_platform_zeroize( &A, sizeof( A ) ); + mbedtls_platform_zeroize( &B, sizeof( B ) ); + mbedtls_platform_zeroize( &C, sizeof( C ) ); + mbedtls_platform_zeroize( &D, sizeof( D ) ); + return( 0 ); } diff --git a/library/md5.c b/library/md5.c index c7b85d124..acd504e52 100644 --- a/library/md5.c +++ b/library/md5.c @@ -237,6 +237,13 @@ int mbedtls_internal_md5_process( mbedtls_md5_context *ctx, ctx->state[2] += C; ctx->state[3] += D; + /* Zeroise variables to clear sensitive data from memory. */ + mbedtls_platform_zeroize( &X, sizeof( X ) ); + mbedtls_platform_zeroize( &A, sizeof( A ) ); + mbedtls_platform_zeroize( &B, sizeof( B ) ); + mbedtls_platform_zeroize( &C, sizeof( C ) ); + mbedtls_platform_zeroize( &D, sizeof( D ) ); + return( 0 ); } diff --git a/library/ripemd160.c b/library/ripemd160.c index a2ad32c2f..2ff864f93 100644 --- a/library/ripemd160.c +++ b/library/ripemd160.c @@ -300,6 +300,19 @@ int mbedtls_internal_ripemd160_process( mbedtls_ripemd160_context *ctx, ctx->state[4] = ctx->state[0] + B + Cp; ctx->state[0] = C; + /* Zeroise variables to clear sensitive data from memory. */ + mbedtls_platform_zeroize( &A, sizeof( A ) ); + mbedtls_platform_zeroize( &B, sizeof( B ) ); + mbedtls_platform_zeroize( &C, sizeof( C ) ); + mbedtls_platform_zeroize( &D, sizeof( D ) ); + mbedtls_platform_zeroize( &E, sizeof( E ) ); + mbedtls_platform_zeroize( &Ap, sizeof( Ap ) ); + mbedtls_platform_zeroize( &Bp, sizeof( Bp ) ); + mbedtls_platform_zeroize( &Cp, sizeof( Cp ) ); + mbedtls_platform_zeroize( &Dp, sizeof( Dp ) ); + mbedtls_platform_zeroize( &Ep, sizeof( Ep ) ); + mbedtls_platform_zeroize( &X, sizeof( X ) ); + return( 0 ); }