[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Emacs-diffs] scratch/tzz/nettle 0b2bf12: WIP: GnuTLS tests: use make_un
From: |
Teodor Zlatanov |
Subject: |
[Emacs-diffs] scratch/tzz/nettle 0b2bf12: WIP: GnuTLS tests: use make_uninit_string(); wipe temp storage when possible |
Date: |
Tue, 11 Apr 2017 22:58:21 -0400 (EDT) |
branch: scratch/tzz/nettle
commit 0b2bf12df3d652156709acb5d6ee67e508bc9ca9
Author: Ted Zlatanov <address@hidden>
Commit: Ted Zlatanov <address@hidden>
WIP: GnuTLS tests: use make_uninit_string(); wipe temp storage when possible
---
src/gnutls.c | 37 +++++++++++++++----------------------
1 file changed, 15 insertions(+), 22 deletions(-)
diff --git a/src/gnutls.c b/src/gnutls.c
index 7380ce2..80a0c1f 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -1824,6 +1824,7 @@ gnutls_symmetric_aead (bool encrypting,
gnutls_cipher_algorithm_t gca,
}
output = make_unibyte_string (storage, storage_length);
+ memset(storage, 0, storage_length);
xfree (storage);
gnutls_aead_cipher_deinit (acipher);
@@ -1934,24 +1935,24 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
// GnuTLS docs: "For the supported ciphers the encrypted data length
// will equal the plaintext size."
size_t storage_length = SCHARS (input);
- void *storage = xzalloc (storage_length);
+ Lisp_Object storage = make_uninit_string (storage_length);
if (encrypting)
{
ret = gnutls_cipher_encrypt2 (hcipher,
SSDATA (input), SCHARS (input),
- storage, storage_length);
+ SDATA (storage), storage_length);
}
else
{
ret = gnutls_cipher_decrypt2 (hcipher,
SSDATA (input), SCHARS (input),
- storage, storage_length);
+ SDATA (storage), storage_length);
}
if (ret < GNUTLS_E_SUCCESS)
{
- xfree (storage);
+ memset(SDATA (storage), 0, storage_length);
gnutls_cipher_deinit (hcipher);
const char* str = gnutls_strerror (ret);
if (!str)
@@ -1961,11 +1962,9 @@ gnutls_symmetric (bool encrypting, Lisp_Object cipher,
return Qnil;
}
- output = make_unibyte_string (storage, storage_length);
- xfree (storage);
gnutls_cipher_deinit (hcipher);
- return output;
+ return storage;
}
DEFUN ("gnutls-symmetric-encrypt", Fgnutls_symmetric_encrypt,
Sgnutls_symmetric_encrypt, 4, 5, 0,
@@ -2137,15 +2136,14 @@ with the `:mac-algorithm-id' numeric property, or the
number itself. */)
}
size_t digest_length = gnutls_hmac_get_len (gma);
- void *digest = xzalloc (digest_length);
+ Lisp_Object digest = make_uninit_string (digest_length);
ret = gnutls_hmac (hmac, SSDATA (input), SCHARS (input));
if (ret < GNUTLS_E_SUCCESS)
{
- gnutls_hmac_deinit (hmac, digest);
+ gnutls_hmac_deinit (hmac, NULL);
- xfree (digest);
const char* str = gnutls_strerror (ret);
if (!str)
str = "unknown";
@@ -2154,11 +2152,9 @@ with the `:mac-algorithm-id' numeric property, or the
number itself. */)
return Qnil;
}
- gnutls_hmac_output (hmac, digest);
- output = make_unibyte_string (digest, digest_length);
- gnutls_hmac_deinit (hmac, digest);
+ gnutls_hmac_output (hmac, SDATA (digest));
+ gnutls_hmac_deinit (hmac, NULL);
- xfree (digest);
return output;
}
@@ -2222,15 +2218,14 @@ itself. */)
}
size_t digest_length = gnutls_hash_get_len (gda);
- void *digest = xzalloc (digest_length);
+ Lisp_Object digest = make_uninit_string (digest_length);
ret = gnutls_hash (hash, SSDATA (input), SCHARS (input));
if (ret < GNUTLS_E_SUCCESS)
{
- gnutls_hash_deinit (hash, digest);
+ gnutls_hash_deinit (hash, NULL);
- xfree (digest);
const char* str = gnutls_strerror (ret);
if (!str)
str = "unknown";
@@ -2238,12 +2233,10 @@ itself. */)
return Qnil;
}
- gnutls_hash_output (hash, digest);
- output = make_unibyte_string (digest, digest_length);
- gnutls_hash_deinit (hash, digest);
+ gnutls_hash_output (hash, SDATA (digest));
+ gnutls_hash_deinit (hash, NULL);
- xfree (digest);
- return output;
+ return digest;
}
#endif
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Emacs-diffs] scratch/tzz/nettle 0b2bf12: WIP: GnuTLS tests: use make_uninit_string(); wipe temp storage when possible,
Teodor Zlatanov <=