diff options
| author | Mattias Andrée <maandree@kth.se> | 2022-02-14 21:25:06 +0100 |
|---|---|---|
| committer | Mattias Andrée <maandree@kth.se> | 2022-02-14 21:25:06 +0100 |
| commit | ea7d8f4a919bf6c9e68ea4a55ef763c310ecfc9b (patch) | |
| tree | 416ad9e2f06aef594714b06a91f7f379d1766749 /libar2_hash.c | |
| parent | Fix previous commit (diff) | |
| download | libar2-ea7d8f4a919bf6c9e68ea4a55ef763c310ecfc9b.tar.gz libar2-ea7d8f4a919bf6c9e68ea4a55ef763c310ecfc9b.tar.bz2 libar2-ea7d8f4a919bf6c9e68ea4a55ef763c310ecfc9b.tar.xz | |
Refine libar2_hash_buf_size + add test + securely erase parts of the hash output buffer that is written to but is not part of the hash
Signed-off-by: Mattias Andrée <maandree@kth.se>
Diffstat (limited to 'libar2_hash.c')
| -rw-r--r-- | libar2_hash.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/libar2_hash.c b/libar2_hash.c index 6ce898c..757dbdf 100644 --- a/libar2_hash.c +++ b/libar2_hash.c @@ -487,7 +487,7 @@ libar2_hash(void *hash, void *msg, size_t msglen, struct libar2_argon2_parameter unsigned char block[1024 + 128], hash0[256]; uint_least32_t blocks, seglen, lanelen; struct block *memory; - size_t i, p, s, nthreads, ts[16], ti, tn; + size_t i, p, s, nthreads, ts[16], ti, tn, bufsize; struct threaded_fill_segments_params *tparams = NULL; uint_least64_t *sbox = NULL; /* This is 8K large (assuming support for uint64_t), so we allocate it dynamically */ @@ -596,6 +596,9 @@ libar2_hash(void *hash, void *msg, size_t msglen, struct libar2_argon2_parameter memxor(&memory[lanelen - 1], &memory[i * lanelen + lanelen - 1], sizeof(*memory)); store_block(block, &memory[lanelen - 1]); argon2_blake2b_exthash(hash, params->hashlen, block, 1024); + bufsize = libar2_hash_buf_size(params); + if (bufsize) /* should never be 0 as that would indicate the user provided a too small buffer */ + libar2_erase(&((char *)hash)[params->hashlen], bufsize - params->hashlen); ERASE_ARRAY(block); if (sbox) |