=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/signify/signify.c,v retrieving revision 1.40 retrieving revision 1.41 diff -c -r1.40 -r1.41 *** src/usr.bin/signify/signify.c 2014/01/19 23:20:30 1.40 --- src/usr.bin/signify/signify.c 2014/01/22 21:11:03 1.41 *************** *** 1,4 **** ! /* $OpenBSD: signify.c,v 1.40 2014/01/19 23:20:30 deraadt Exp $ */ /* * Copyright (c) 2013 Ted Unangst * --- 1,4 ---- ! /* $OpenBSD: signify.c,v 1.41 2014/01/22 21:11:03 tedu Exp $ */ /* * Copyright (c) 2013 Ted Unangst * *************** *** 174,180 **** if (rv == -1) err(1, "read from %s", filename); parseb64file(filename, b64, buf, len, comment); ! memset(b64, 0, sizeof(b64)); close(fd); } --- 174,180 ---- if (rv == -1) err(1, "read from %s", filename); parseb64file(filename, b64, buf, len, comment); ! explicit_bzero(b64, sizeof(b64)); close(fd); } *************** *** 246,252 **** errx(1, "b64 encode failed"); b64[rv++] = '\n'; writeall(fd, b64, rv, filename); ! memset(b64, 0, sizeof(b64)); close(fd); } --- 246,252 ---- errx(1, "b64 encode failed"); b64[rv++] = '\n'; writeall(fd, b64, rv, filename); ! explicit_bzero(b64, sizeof(b64)); close(fd); } *************** *** 267,273 **** if (bcrypt_pbkdf(pass, strlen(pass), salt, saltlen, key, keylen, rounds) == -1) errx(1, "bcrypt pbkdf"); ! memset(pass, 0, sizeof(pass)); } static void --- 267,273 ---- if (bcrypt_pbkdf(pass, strlen(pass), salt, saltlen, key, keylen, rounds) == -1) errx(1, "bcrypt pbkdf"); ! explicit_bzero(pass, sizeof(pass)); } static void *************** *** 312,326 **** memcpy(enckey.checksum, digest, sizeof(enckey.checksum)); for (i = 0; i < sizeof(enckey.seckey); i++) enckey.seckey[i] ^= xorkey[i]; ! memset(digest, 0, sizeof(digest)); ! memset(xorkey, 0, sizeof(xorkey)); if (snprintf(commentbuf, sizeof(commentbuf), "%s secret key", comment) >= sizeof(commentbuf)) err(1, "comment too long"); writeb64file(seckeyfile, commentbuf, &enckey, sizeof(enckey), O_EXCL, 0600); ! memset(&enckey, 0, sizeof(enckey)); memcpy(pubkey.pkalg, PKALG, 2); memcpy(pubkey.fingerprint, fingerprint, FPLEN); --- 312,326 ---- memcpy(enckey.checksum, digest, sizeof(enckey.checksum)); for (i = 0; i < sizeof(enckey.seckey); i++) enckey.seckey[i] ^= xorkey[i]; ! explicit_bzero(digest, sizeof(digest)); ! explicit_bzero(xorkey, sizeof(xorkey)); if (snprintf(commentbuf, sizeof(commentbuf), "%s secret key", comment) >= sizeof(commentbuf)) err(1, "comment too long"); writeb64file(seckeyfile, commentbuf, &enckey, sizeof(enckey), O_EXCL, 0600); ! explicit_bzero(&enckey, sizeof(enckey)); memcpy(pubkey.pkalg, PKALG, 2); memcpy(pubkey.fingerprint, fingerprint, FPLEN); *************** *** 353,371 **** kdf(enckey.salt, sizeof(enckey.salt), rounds, xorkey, sizeof(xorkey)); for (i = 0; i < sizeof(enckey.seckey); i++) enckey.seckey[i] ^= xorkey[i]; ! memset(xorkey, 0, sizeof(xorkey)); SHA512Init(&ctx); SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey)); SHA512Final(digest, &ctx); if (memcmp(enckey.checksum, digest, sizeof(enckey.checksum))) errx(1, "incorrect passphrase"); ! memset(digest, 0, sizeof(digest)); msg = readmsg(msgfile, &msglen); signmsg(enckey.seckey, msg, msglen, sig.sig); memcpy(sig.fingerprint, enckey.fingerprint, FPLEN); ! memset(&enckey, 0, sizeof(enckey)); memcpy(sig.pkalg, PKALG, 2); if (snprintf(sigcomment, sizeof(sigcomment), "signature from %s", --- 353,371 ---- kdf(enckey.salt, sizeof(enckey.salt), rounds, xorkey, sizeof(xorkey)); for (i = 0; i < sizeof(enckey.seckey); i++) enckey.seckey[i] ^= xorkey[i]; ! explicit_bzero(xorkey, sizeof(xorkey)); SHA512Init(&ctx); SHA512Update(&ctx, enckey.seckey, sizeof(enckey.seckey)); SHA512Final(digest, &ctx); if (memcmp(enckey.checksum, digest, sizeof(enckey.checksum))) errx(1, "incorrect passphrase"); ! explicit_bzero(digest, sizeof(digest)); msg = readmsg(msgfile, &msglen); signmsg(enckey.seckey, msg, msglen, sig.sig); memcpy(sig.fingerprint, enckey.fingerprint, FPLEN); ! explicit_bzero(&enckey, sizeof(enckey)); memcpy(sig.pkalg, PKALG, 2); if (snprintf(sigcomment, sizeof(sigcomment), "signature from %s",