changeset 1283:3017bc7d6238

move m_burn and function attributes to dbhelpers use m_burn for libtomcrypt zeromem() too
author Matt Johnston <matt@ucc.asn.au>
date Thu, 17 Mar 2016 23:21:33 +0800
parents a3bb15115816
children 5d560c68c70c
files Makefile.in bignum.h dbhelpers.c dbhelpers.h dbutil.c dbutil.h libtomcrypt/src/headers/tomcrypt_custom.h libtomcrypt/src/misc/zeromem.c libtommath/bn_mp_clear.c
diffstat 9 files changed, 53 insertions(+), 43 deletions(-) [+]
line wrap: on
line diff
--- a/Makefile.in	Thu Mar 17 06:40:31 2016 +0800
+++ b/Makefile.in	Thu Mar 17 23:21:33 2016 +0800
@@ -24,7 +24,7 @@
 LIBTOM_LIBS=$(STATIC_LTC) $(STATIC_LTM) 
 endif
 
-COMMONOBJS=dbutil.o buffer.o \
+COMMONOBJS=dbutil.o buffer.o dbhelpers.o \
 		dss.o bignum.o \
 		signkey.o rsa.o dbrandom.o \
 		queue.o \
--- a/bignum.h	Thu Mar 17 06:40:31 2016 +0800
+++ b/bignum.h	Thu Mar 17 23:21:33 2016 +0800
@@ -25,8 +25,7 @@
 #ifndef DROPBEAR_BIGNUM_H_
 #define DROPBEAR_BIGNUM_H_
 
-#include "includes.h"
-#include "dbutil.h"
+#include "dbhelpers.h"
 
 void m_mp_init(mp_int *mp);
 void m_mp_init_multi(mp_int *mp, ...) ATTRIB_SENTINEL;
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dbhelpers.c	Thu Mar 17 23:21:33 2016 +0800
@@ -0,0 +1,25 @@
+#include "dbhelpers.h"
+#include "includes.h"
+
+/* Erase data */
+void m_burn(void *data, unsigned int len) {
+
+#if defined(HAVE_MEMSET_S)
+	memset_s(data, len, 0x0, len);
+#elif defined(HAVE_EXPLICIT_BZERO)
+	explicit_bzero(data, len);
+#else
+/* Based on the method in David Wheeler's
+ * "Secure Programming for Linux and Unix HOWTO". May not be safe
+ * against link-time optimisation. */
+	volatile char *p = data;
+
+	if (data == NULL)
+		return;
+	while (len--) {
+		*p++ = 0x0;
+	}
+#endif
+}
+
+
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/dbhelpers.h	Thu Mar 17 23:21:33 2016 +0800
@@ -0,0 +1,21 @@
+#ifndef DROPBEAR_DBHELPERS_H_
+#define DROPBEAR_DBHELPERS_H_
+
+/* This header defines some things that are also used by libtomcrypt/math. 
+   We avoid including normal include.h since that can result in conflicting 
+   definitinos - only include config.h */
+#include "config.h"
+
+#ifdef __GNUC__
+#define ATTRIB_PRINTF(fmt,args) __attribute__((format(printf, fmt, args))) 
+#define ATTRIB_NORETURN __attribute__((noreturn))
+#define ATTRIB_SENTINEL __attribute__((sentinel))
+#else
+#define ATTRIB_PRINTF(fmt,args)
+#define ATTRIB_NORETURN
+#define ATTRIB_SENTINEL
+#endif
+
+void m_burn(void* data, unsigned int len);
+
+#endif /* DROPBEAR_DBHELPERS_H_ */
--- a/dbutil.c	Thu Mar 17 06:40:31 2016 +0800
+++ b/dbutil.c	Thu Mar 17 23:21:33 2016 +0800
@@ -559,28 +559,6 @@
 	return ret;
 }
 
-/* Clear the data, based on the method in David Wheeler's
- * "Secure Programming for Linux and Unix HOWTO" */
-/* Beware of calling this from within dbutil.c - things might get
- * optimised away */
-void m_burn(void *data, unsigned int len) {
-
-#if defined(HAVE_MEMSET_S)
-	memset_s(data, len, 0x0, len);
-#elif defined(HAVE_EXPLICIT_BZERO)
-	explicit_bzero(data, len);
-#else
-	volatile char *p = data;
-
-	if (data == NULL)
-		return;
-	while (len--) {
-		*p++ = 0x0;
-	}
-#endif
-}
-
-
 void setnonblocking(int fd) {
 
 	TRACE(("setnonblocking: %d", fd))
--- a/dbutil.h	Thu Mar 17 06:40:31 2016 +0800
+++ b/dbutil.h	Thu Mar 17 23:21:33 2016 +0800
@@ -29,21 +29,12 @@
 #include "includes.h"
 #include "buffer.h"
 #include "queue.h"
+#include "dbhelpers.h"
 
 #ifndef DISABLE_SYSLOG
 void startsyslog(const char *ident);
 #endif
 
-#ifdef __GNUC__
-#define ATTRIB_PRINTF(fmt,args) __attribute__((format(printf, fmt, args))) 
-#define ATTRIB_NORETURN __attribute__((noreturn))
-#define ATTRIB_SENTINEL __attribute__((sentinel))
-#else
-#define ATTRIB_PRINTF(fmt,args)
-#define ATTRIB_NORETURN
-#define ATTRIB_SENTINEL
-#endif
-
 extern void (*_dropbear_exit)(int exitcode, const char* format, va_list param) ATTRIB_NORETURN;
 extern void (*_dropbear_log)(int priority, const char* format, va_list param);
 
@@ -79,7 +70,6 @@
 void * m_strdup(const char * str);
 void * m_realloc(void* ptr, size_t size);
 #define m_free(X) do {free(X); (X) = NULL;} while (0)
-void m_burn(void* data, unsigned int len);
 void setnonblocking(int fd);
 void disallow_core(void);
 int m_str_to_uint(const char* str, unsigned int *val);
--- a/libtomcrypt/src/headers/tomcrypt_custom.h	Thu Mar 17 06:40:31 2016 +0800
+++ b/libtomcrypt/src/headers/tomcrypt_custom.h	Thu Mar 17 23:21:33 2016 +0800
@@ -1,7 +1,7 @@
 #ifndef TOMCRYPT_CUSTOM_H_
 #define TOMCRYPT_CUSTOM_H_
 
-/* this will sort out which stuff based on the user-config in options.h */
+/* compile options depend on Dropbear options.h */
 #include "options.h"
 
 /* macros for various libc functions you can change for embedded targets */
--- a/libtomcrypt/src/misc/zeromem.c	Thu Mar 17 06:40:31 2016 +0800
+++ b/libtomcrypt/src/misc/zeromem.c	Thu Mar 17 23:21:33 2016 +0800
@@ -9,6 +9,7 @@
  * Tom St Denis, [email protected], http://libtomcrypt.com
  */
 #include "tomcrypt.h"
+#include "dbhelpers.h"
 
 /**
    @file zeromem.c
@@ -22,11 +23,7 @@
 */
 void zeromem(void *out, size_t outlen)
 {
-   unsigned char *mem = out;
-   LTC_ARGCHKVD(out != NULL);
-   while (outlen-- > 0) {
-      *mem++ = 0;
-   }
+   m_burn(out, outlen);
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/zeromem.c,v $ */
--- a/libtommath/bn_mp_clear.c	Thu Mar 17 06:40:31 2016 +0800
+++ b/libtommath/bn_mp_clear.c	Thu Mar 17 23:21:33 2016 +0800
@@ -1,5 +1,5 @@
 #include <tommath.h>
-#include "dbutil.h"
+#include "dbhelpers.h"
 #ifdef BN_MP_CLEAR_C
 /* LibTomMath, multiple-precision integer library -- Tom St Denis
  *