More thorough cleaning of encryption/decryption state and buffers.

2021-03-21 16:46:22 +01:00 · 2021-03-21 16:46:22 +01:00 · 0b7777fc3e
commit 0b7777fc3e
parent 7a40d62b06
1 changed files with 15 additions and 3 deletions
--- a/frontend/src/main.c
+++ b/frontend/src/main.c
@ -396,6 +396,11 @@ clean_up:
 		fclose(file_in);
 	}

+	slunkcrypt_bzero(buffer, BUFFER_SIZE);
+	slunkcrypt_bzero(checksum_buffer, sizeof(uint64_t));
+	slunkcrypt_bzero(&blake2s_state, sizeof(blake2s_t));
+	slunkcrypt_bzero(&nonce, sizeof(uint64_t));
+
 	return result;
 }

@ -545,10 +550,10 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
 	FPRINTF(stderr, T("\b\b\b\b\b\b\b%5.1f%%\n\n"), 100.0);
 	fflush(stderr);

-	const uint64_t checksum_expected = load_ui64(checksum_buffer);
-	if (checksum_actual != checksum_expected)
+	const uint64_t checksum_stored = load_ui64(checksum_buffer);
+	if (checksum_actual != checksum_stored)
 	{
-		FPRINTF(stderr, T("Error: Checksum mismatch detected! [expected: 0x%016") T(PRIX64) T(", actual: 0x%016") T(PRIX64) T("]\n\n"), checksum_expected, checksum_actual);
+		FPRINTF(stderr, T("Error: Checksum mismatch detected! [expected: 0x%016") T(PRIX64) T(", actual: 0x%016") T(PRIX64) T("]\n\n"), checksum_stored, checksum_actual);
 		FPUTS(T("Wrong passphrase or corrupted file?\n\n"), stderr);
 		goto clean_up;
 	}
@ -575,6 +580,13 @@ clean_up:
 		fclose(file_in);
 	}

+	slunkcrypt_bzero(buffer, BUFFER_SIZE);
+	slunkcrypt_bzero(checksum_buffer, sizeof(uint64_t));
+	slunkcrypt_bzero(&blake2s_state, sizeof(blake2s_t));
+	slunkcrypt_bzero(&nonce, sizeof(uint64_t));
+	slunkcrypt_bzero((void*)&checksum_stored, sizeof(uint64_t));
+	slunkcrypt_bzero((void*)&checksum_actual, sizeof(uint64_t));
+
 	return result;
 }