More thorough cleaning of encryption/decryption state and buffers.
This commit is contained in:
parent
7a40d62b06
commit
0b7777fc3e
@ -396,6 +396,11 @@ clean_up:
|
||||
fclose(file_in);
|
||||
}
|
||||
|
||||
slunkcrypt_bzero(buffer, BUFFER_SIZE);
|
||||
slunkcrypt_bzero(checksum_buffer, sizeof(uint64_t));
|
||||
slunkcrypt_bzero(&blake2s_state, sizeof(blake2s_t));
|
||||
slunkcrypt_bzero(&nonce, sizeof(uint64_t));
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -545,10 +550,10 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
FPRINTF(stderr, T("\b\b\b\b\b\b\b%5.1f%%\n\n"), 100.0);
|
||||
fflush(stderr);
|
||||
|
||||
const uint64_t checksum_expected = load_ui64(checksum_buffer);
|
||||
if (checksum_actual != checksum_expected)
|
||||
const uint64_t checksum_stored = load_ui64(checksum_buffer);
|
||||
if (checksum_actual != checksum_stored)
|
||||
{
|
||||
FPRINTF(stderr, T("Error: Checksum mismatch detected! [expected: 0x%016") T(PRIX64) T(", actual: 0x%016") T(PRIX64) T("]\n\n"), checksum_expected, checksum_actual);
|
||||
FPRINTF(stderr, T("Error: Checksum mismatch detected! [expected: 0x%016") T(PRIX64) T(", actual: 0x%016") T(PRIX64) T("]\n\n"), checksum_stored, checksum_actual);
|
||||
FPUTS(T("Wrong passphrase or corrupted file?\n\n"), stderr);
|
||||
goto clean_up;
|
||||
}
|
||||
@ -575,6 +580,13 @@ clean_up:
|
||||
fclose(file_in);
|
||||
}
|
||||
|
||||
slunkcrypt_bzero(buffer, BUFFER_SIZE);
|
||||
slunkcrypt_bzero(checksum_buffer, sizeof(uint64_t));
|
||||
slunkcrypt_bzero(&blake2s_state, sizeof(blake2s_t));
|
||||
slunkcrypt_bzero(&nonce, sizeof(uint64_t));
|
||||
slunkcrypt_bzero((void*)&checksum_stored, sizeof(uint64_t));
|
||||
slunkcrypt_bzero((void*)&checksum_actual, sizeof(uint64_t));
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user