Add _init() and _free() for cipher modules
diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h
index 58b348e..2e9092f 100644
--- a/include/polarssl/aes.h
+++ b/include/polarssl/aes.h
@@ -74,6 +74,20 @@
aes_context;
/**
+ * \brief Initialize AES context
+ *
+ * \param ctx AES context to be initialized
+ */
+void aes_init( aes_context *ctx );
+
+/**
+ * \brief Clear AES context
+ *
+ * \param ctx AES context to be cleared
+ */
+void aes_free( aes_context *ctx );
+
+/**
* \brief AES key schedule (encryption)
*
* \param ctx AES context to be initialized
diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h
index c6c676b..555f54f 100644
--- a/include/polarssl/arc4.h
+++ b/include/polarssl/arc4.h
@@ -55,9 +55,23 @@
arc4_context;
/**
- * \brief ARC4 key schedule
+ * \brief Initialize ARC4 context
*
* \param ctx ARC4 context to be initialized
+ */
+void arc4_init( arc4_context *ctx );
+
+/**
+ * \brief Clear ARC4 context
+ *
+ * \param ctx ARC4 context to be cleared
+ */
+void arc4_free( arc4_context *ctx );
+
+/**
+ * \brief ARC4 key schedule
+ *
+ * \param ctx ARC4 context to be setup
* \param key the secret key
* \param keylen length of the key, in bytes
*/
diff --git a/include/polarssl/blowfish.h b/include/polarssl/blowfish.h
index c9c8672..c652b46 100644
--- a/include/polarssl/blowfish.h
+++ b/include/polarssl/blowfish.h
@@ -71,6 +71,20 @@
blowfish_context;
/**
+ * \brief Initialize Blowfish context
+ *
+ * \param ctx Blowfish context to be initialized
+ */
+void blowfish_init( blowfish_context *ctx );
+
+/**
+ * \brief Clear Blowfish context
+ *
+ * \param ctx Blowfish context to be cleared
+ */
+void blowfish_free( blowfish_context *ctx );
+
+/**
* \brief Blowfish key schedule
*
* \param ctx Blowfish context to be initialized
diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h
index 34c1990..8488d1d 100644
--- a/include/polarssl/camellia.h
+++ b/include/polarssl/camellia.h
@@ -67,6 +67,20 @@
camellia_context;
/**
+ * \brief Initialize CAMELLIA context
+ *
+ * \param ctx CAMELLIA context to be initialized
+ */
+void camellia_init( camellia_context *ctx );
+
+/**
+ * \brief Clear CAMELLIA context
+ *
+ * \param ctx CAMELLIA context to be cleared
+ */
+void camellia_free( camellia_context *ctx );
+
+/**
* \brief CAMELLIA key schedule (encryption)
*
* \param ctx CAMELLIA context to be initialized
diff --git a/include/polarssl/des.h b/include/polarssl/des.h
index 7872975..89bb394 100644
--- a/include/polarssl/des.h
+++ b/include/polarssl/des.h
@@ -78,6 +78,34 @@
des3_context;
/**
+ * \brief Initialize DES context
+ *
+ * \param ctx DES context to be initialized
+ */
+void des_init( des_context *ctx );
+
+/**
+ * \brief Clear DES context
+ *
+ * \param ctx DES context to be cleared
+ */
+void des_free( des_context *ctx );
+
+/**
+ * \brief Initialize Triple-DES context
+ *
+ * \param ctx DES3 context to be initialized
+ */
+void des3_init( des3_context *ctx );
+
+/**
+ * \brief Clear Triple-DES context
+ *
+ * \param ctx DES3 context to be cleared
+ */
+void des3_free( des3_context *ctx );
+
+/**
* \brief Set key parity on the given key to odd.
*
* DES keys are 56 bits long, but each byte is padded with
diff --git a/include/polarssl/xtea.h b/include/polarssl/xtea.h
index 07118d9..794c5ef 100644
--- a/include/polarssl/xtea.h
+++ b/include/polarssl/xtea.h
@@ -65,6 +65,20 @@
xtea_context;
/**
+ * \brief Initialize XTEA context
+ *
+ * \param ctx XTEA context to be initialized
+ */
+void xtea_init( xtea_context *ctx );
+
+/**
+ * \brief Clear XTEA context
+ *
+ * \param ctx XTEA context to be cleared
+ */
+void xtea_free( xtea_context *ctx );
+
+/**
* \brief XTEA key schedule
*
* \param ctx XTEA context to be initialized
diff --git a/library/aes.c b/library/aes.c
index a90ceff..f295747 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -463,6 +463,19 @@
#endif /* POLARSSL_AES_ROM_TABLES */
+void aes_init( aes_context *ctx )
+{
+ memset( ctx, 0, sizeof( aes_context ) );
+}
+
+void aes_free( aes_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( aes_context ) );
+}
+
/*
* AES key schedule (encryption)
*/
@@ -581,11 +594,12 @@
int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
unsigned int keysize )
{
- int i, j;
+ int i, j, ret;
aes_context cty;
uint32_t *RK;
uint32_t *SK;
- int ret;
+
+ aes_init( &cty );
#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16)
if( aes_padlock_ace == -1 )
@@ -599,7 +613,7 @@
/* Also checks keysize */
if( ( ret = aes_setkey_enc( &cty, key, keysize ) ) != 0 )
- return( ret );
+ goto exit;
ctx->nr = cty.nr;
@@ -608,7 +622,7 @@
{
aesni_inverse_key( (unsigned char *) ctx->rk,
(const unsigned char *) cty.rk, ctx->nr );
- goto done;
+ goto exit;
}
#endif
@@ -635,12 +649,10 @@
*RK++ = *SK++;
*RK++ = *SK++;
-#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
-done:
-#endif
- polarssl_zeroize( &cty, sizeof( aes_context ) );
+exit:
+ aes_free( &cty );
- return( 0 );
+ return( ret );
}
#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \
@@ -1171,7 +1183,7 @@
*/
int aes_self_test( int verbose )
{
- int i, j, u, v;
+ int ret = 0, i, j, u, v;
unsigned char key[32];
unsigned char buf[64];
unsigned char iv[16];
@@ -1189,6 +1201,7 @@
aes_context ctx;
memset( key, 0, 32 );
+ aes_init( &ctx );
/*
* ECB mode
@@ -1216,7 +1229,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
else
@@ -1231,7 +1245,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
@@ -1271,7 +1286,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
else
@@ -1294,7 +1310,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
@@ -1335,7 +1352,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
else
@@ -1348,7 +1366,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
@@ -1392,7 +1411,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
else
@@ -1408,7 +1428,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
}
@@ -1420,7 +1441,12 @@
polarssl_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CTR */
- return( 0 );
+ ret = 0;
+
+exit:
+ aes_free( &ctx );
+
+ return( ret );
}
#endif /* POLARSSL_SELF_TEST */
diff --git a/library/arc4.c b/library/arc4.c
index d722c56..54e89ea 100644
--- a/library/arc4.c
+++ b/library/arc4.c
@@ -46,6 +46,24 @@
#if !defined(POLARSSL_ARC4_ALT)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
+void arc4_init( arc4_context *ctx )
+{
+ memset( ctx, 0, sizeof( arc4_context ) );
+}
+
+void arc4_free( arc4_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( arc4_context ) );
+}
+
/*
* ARC4 key schedule
*/
@@ -146,11 +164,13 @@
*/
int arc4_self_test( int verbose )
{
- int i;
+ int i, ret = 0;
unsigned char ibuf[8];
unsigned char obuf[8];
arc4_context ctx;
+ arc4_init( &ctx );
+
for( i = 0; i < 3; i++ )
{
if( verbose != 0 )
@@ -166,7 +186,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
if( verbose != 0 )
@@ -176,7 +197,10 @@
if( verbose != 0 )
polarssl_printf( "\n" );
- return( 0 );
+exit:
+ arc4_free( &ctx );
+
+ return( ret );
}
#endif /* POLARSSL_SELF_TEST */
diff --git a/library/blowfish.c b/library/blowfish.c
index d8b0c36..87396dc 100644
--- a/library/blowfish.c
+++ b/library/blowfish.c
@@ -41,6 +41,11 @@
#if !defined(POLARSSL_BLOWFISH_ALT)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -152,6 +157,19 @@
*xr = Xr;
}
+void blowfish_init( blowfish_context *ctx )
+{
+ memset( ctx, 0, sizeof( blowfish_context ) );
+}
+
+void blowfish_free( blowfish_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( blowfish_context ) );
+}
+
/*
* Blowfish key schedule
*/
diff --git a/library/camellia.c b/library/camellia.c
index f1d4d6b..a4968f4 100644
--- a/library/camellia.c
+++ b/library/camellia.c
@@ -322,6 +322,19 @@
z[1] ^= I0;
}
+void camellia_init( camellia_context *ctx )
+{
+ memset( ctx, 0, sizeof( camellia_context ) );
+}
+
+void camellia_free( camellia_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( camellia_context ) );
+}
+
/*
* Camellia key schedule (encryption)
*/
@@ -433,16 +446,17 @@
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
unsigned int keysize )
{
- int idx;
+ int idx, ret;
size_t i;
camellia_context cty;
uint32_t *RK;
uint32_t *SK;
- int ret;
+
+ camellia_init( &cty );
/* Also checks keysize */
if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) )
- return( ret );
+ goto exit;
ctx->nr = cty.nr;
idx = ( ctx->nr == 4 );
@@ -468,9 +482,10 @@
*RK++ = *SK++;
*RK++ = *SK++;
- polarssl_zeroize( &cty, sizeof( camellia_context ) );
+exit:
+ camellia_free( &cty );
- return( 0 );
+ return( ret );
}
/*
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 070963a..47a69a9 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -74,11 +74,6 @@
#include <stdlib.h>
-/* Implementation that should never be optimized out by the compiler */
-static void polarssl_zeroize( void *v, size_t n ) {
- volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
-
#if defined(POLARSSL_GCM_C)
/* shared by all GCM ciphers */
static void *gcm_ctx_alloc( void )
@@ -187,12 +182,19 @@
static void * aes_ctx_alloc( void )
{
- return polarssl_malloc( sizeof( aes_context ) );
+ aes_context *aes = (aes_context *) polarssl_malloc( sizeof( aes_context ) );
+
+ if( aes == NULL )
+ return( NULL );
+
+ aes_init( aes );
+
+ return( aes );
}
static void aes_ctx_free( void *ctx )
{
- polarssl_zeroize( ctx, sizeof( aes_context ) );
+ aes_free( (aes_context *) ctx );
polarssl_free( ctx );
}
@@ -541,12 +543,20 @@
static void * camellia_ctx_alloc( void )
{
- return polarssl_malloc( sizeof( camellia_context ) );
+ camellia_context *ctx;
+ ctx = (camellia_context *) polarssl_malloc( sizeof( camellia_context ) );
+
+ if( ctx == NULL )
+ return( NULL );
+
+ camellia_init( ctx );
+
+ return( ctx );
}
static void camellia_ctx_free( void *ctx )
{
- polarssl_zeroize( ctx, sizeof( camellia_context ) );
+ camellia_free( (camellia_context *) ctx );
polarssl_free( ctx );
}
@@ -915,23 +925,38 @@
static void * des_ctx_alloc( void )
{
- return polarssl_malloc( sizeof( des_context ) );
-}
+ des_context *des = (des_context *) polarssl_malloc( sizeof( des_context ) );
-static void * des3_ctx_alloc( void )
-{
- return polarssl_malloc( sizeof( des3_context ) );
+ if( des == NULL )
+ return( NULL );
+
+ des_init( des );
+
+ return( des );
}
static void des_ctx_free( void *ctx )
{
- polarssl_zeroize( ctx, sizeof( des_context ) );
+ des_free( (des_context *) ctx );
polarssl_free( ctx );
}
+static void * des3_ctx_alloc( void )
+{
+ des3_context *des3;
+ des3 = (des3_context *) polarssl_malloc( sizeof( des3_context ) );
+
+ if( des3 == NULL )
+ return( NULL );
+
+ des3_init( des3 );
+
+ return( des3 );
+}
+
static void des3_ctx_free( void *ctx )
{
- polarssl_zeroize( ctx, sizeof( des3_context ) );
+ des3_free( (des3_context *) ctx );
polarssl_free( ctx );
}
@@ -1122,12 +1147,20 @@
static void * blowfish_ctx_alloc( void )
{
- return polarssl_malloc( sizeof( blowfish_context ) );
+ blowfish_context *ctx;
+ ctx = (blowfish_context *) polarssl_malloc( sizeof( blowfish_context ) );
+
+ if( ctx == NULL )
+ return( NULL );
+
+ blowfish_init( ctx );
+
+ return( ctx );
}
static void blowfish_ctx_free( void *ctx )
{
- polarssl_zeroize( ctx, sizeof( blowfish_context ) );
+ blowfish_free( (blowfish_context *) ctx );
polarssl_free( ctx );
}
@@ -1216,12 +1249,20 @@
static void * arc4_ctx_alloc( void )
{
- return polarssl_malloc( sizeof( arc4_context ) );
+ arc4_context *ctx;
+ ctx = (arc4_context *) polarssl_malloc( sizeof( arc4_context ) );
+
+ if( ctx == NULL )
+ return( NULL );
+
+ arc4_init( ctx );
+
+ return( ctx );
}
static void arc4_ctx_free( void *ctx )
{
- polarssl_zeroize( ctx, sizeof( arc4_context ) );
+ arc4_free( (arc4_context *) ctx );
polarssl_free( ctx );
}
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 3db517d..249b840 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -66,6 +66,8 @@
memset( ctx, 0, sizeof(ctr_drbg_context) );
memset( key, 0, CTR_DRBG_KEYSIZE );
+ aes_init( &ctx->aes_ctx );
+
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
@@ -122,6 +124,7 @@
size_t buf_len, use_len;
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 );
+ aes_init( &aes_ctx );
/*
* Construct IV (16 bytes) and S in buffer
@@ -189,6 +192,8 @@
p += CTR_DRBG_BLOCKSIZE;
}
+ aes_free( &aes_ctx );
+
return( 0 );
}
diff --git a/library/des.c b/library/des.c
index 8c156ae..12fe4f4 100644
--- a/library/des.c
+++ b/library/des.c
@@ -305,6 +305,32 @@
#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; }
+void des_init( des_context *ctx )
+{
+ memset( ctx, 0, sizeof( des_context ) );
+}
+
+void des_free( des_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( des_context ) );
+}
+
+void des3_init( des3_context *ctx )
+{
+ memset( ctx, 0, sizeof( des3_context ) );
+}
+
+void des3_free( des3_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( des3_context ) );
+}
+
static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8,
11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44,
47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81,
@@ -839,7 +865,7 @@
*/
int des_self_test( int verbose )
{
- int i, j, u, v;
+ int i, j, u, v, ret = 0;
des_context ctx;
des3_context ctx3;
unsigned char buf[8];
@@ -848,6 +874,8 @@
unsigned char iv[8];
#endif
+ des_init( &ctx );
+ des3_init( &ctx3 );
/*
* ECB mode
*/
@@ -909,7 +937,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
if( verbose != 0 )
@@ -1004,7 +1033,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
if( verbose != 0 )
@@ -1015,7 +1045,11 @@
if( verbose != 0 )
polarssl_printf( "\n" );
- return( 0 );
+exit:
+ des_free( &ctx );
+ des3_free( &ctx3 );
+
+ return( ret );
}
#endif /* POLARSSL_SELF_TEST */
diff --git a/library/pem.c b/library/pem.c
index 4e00b63..a0ad46e 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -141,13 +141,15 @@
des_context des_ctx;
unsigned char des_key[8];
+ des_init( &des_ctx );
+
pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
des_setkey_dec( &des_ctx, des_key );
des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
des_iv, buf, buf );
- polarssl_zeroize( &des_ctx, sizeof( des_ctx ) );
+ des_free( &des_ctx );
polarssl_zeroize( des_key, 8 );
}
@@ -161,13 +163,15 @@
des3_context des3_ctx;
unsigned char des3_key[24];
+ des3_init( &des3_ctx );
+
pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
des3_set3key_dec( &des3_ctx, des3_key );
des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
des3_iv, buf, buf );
- polarssl_zeroize( &des3_ctx, sizeof( des3_ctx ) );
+ des3_free( &des3_ctx );
polarssl_zeroize( des3_key, 24 );
}
#endif /* POLARSSL_DES_C */
@@ -183,13 +187,15 @@
aes_context aes_ctx;
unsigned char aes_key[32];
+ aes_init( &aes_ctx );
+
pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
aes_iv, buf, buf );
- polarssl_zeroize( &aes_ctx, sizeof( aes_ctx ) );
+ aes_free( &aes_ctx );
polarssl_zeroize( aes_key, keylen );
}
#endif /* POLARSSL_AES_C */
diff --git a/library/pkcs12.c b/library/pkcs12.c
index b025450..027f84a 100644
--- a/library/pkcs12.c
+++ b/library/pkcs12.c
@@ -147,6 +147,8 @@
arc4_context ctx;
((void) mode);
+ arc4_init( &ctx );
+
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, POLARSSL_MD_SHA1,
pwd, pwdlen,
key, 16, NULL, 0 ) ) != 0 )
@@ -156,9 +158,13 @@
arc4_setup( &ctx, key, 16 );
if( ( ret = arc4_crypt( &ctx, len, data, output ) ) != 0 )
- return( ret );
+ goto exit;
- return( 0 );
+exit:
+ polarssl_zeroize( key, sizeof( key ) );
+ arc4_free( &ctx );
+
+ return( ret );
#endif /* POLARSSL_ARC4_C */
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 8040f90..28ca14aa 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3482,6 +3482,14 @@
}
#if defined(POLARSSL_SSL_SESSION_TICKETS)
+static void ssl_ticket_keys_free( ssl_ticket_keys *tkeys )
+{
+ aes_free( &tkeys->enc );
+ aes_free( &tkeys->dec );
+
+ polarssl_zeroize( tkeys, sizeof(ssl_ticket_keys) );
+}
+
/*
* Allocate and initialize ticket keys
*/
@@ -3498,8 +3506,12 @@
if( tkeys == NULL )
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
+ aes_init( &tkeys->enc );
+ aes_init( &tkeys->dec );
+
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->key_name, 16 ) ) != 0 )
{
+ ssl_ticket_keys_free( tkeys );
polarssl_free( tkeys );
return( ret );
}
@@ -3508,12 +3520,14 @@
( ret = aes_setkey_enc( &tkeys->enc, buf, 128 ) ) != 0 ||
( ret = aes_setkey_dec( &tkeys->dec, buf, 128 ) ) != 0 )
{
+ ssl_ticket_keys_free( tkeys );
polarssl_free( tkeys );
return( ret );
}
if( ( ret = ssl->f_rng( ssl->p_rng, tkeys->mac_key, 16 ) ) != 0 )
{
+ ssl_ticket_keys_free( tkeys );
polarssl_free( tkeys );
return( ret );
}
@@ -4580,7 +4594,11 @@
}
#if defined(POLARSSL_SSL_SESSION_TICKETS)
- polarssl_free( ssl->ticket_keys );
+ if( ssl->ticket_keys )
+ {
+ ssl_ticket_keys_free( ssl->ticket_keys );
+ polarssl_free( ssl->ticket_keys );
+ }
#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
diff --git a/library/xtea.c b/library/xtea.c
index 5ff8a04..75215c5 100644
--- a/library/xtea.c
+++ b/library/xtea.c
@@ -41,6 +41,11 @@
#if !defined(POLARSSL_XTEA_ALT)
+/* Implementation that should never be optimized out by the compiler */
+static void polarssl_zeroize( void *v, size_t n ) {
+ volatile unsigned char *p = v; while( n-- ) *p++ = 0;
+}
+
/*
* 32-bit integer manipulation macros (big endian)
*/
@@ -64,6 +69,19 @@
}
#endif
+void xtea_init( xtea_context *ctx )
+{
+ memset( ctx, 0, sizeof( xtea_context ) );
+}
+
+void xtea_free( xtea_context *ctx )
+{
+ if( ctx == NULL )
+ return;
+
+ polarssl_zeroize( ctx, sizeof( xtea_context ) );
+}
+
/*
* XTEA key schedule
*/
@@ -223,10 +241,11 @@
*/
int xtea_self_test( int verbose )
{
- int i;
+ int i, ret = 0;
unsigned char buf[8];
xtea_context ctx;
+ xtea_init( &ctx );
for( i = 0; i < 6; i++ )
{
if( verbose != 0 )
@@ -242,7 +261,8 @@
if( verbose != 0 )
polarssl_printf( "failed\n" );
- return( 1 );
+ ret = 1;
+ goto exit;
}
if( verbose != 0 )
@@ -252,7 +272,10 @@
if( verbose != 0 )
polarssl_printf( "\n" );
- return( 0 );
+exit:
+ xtea_free( &ctx );
+
+ return( ret );
}
#endif /* POLARSSL_SELF_TEST */
