From aae5cba2b9c03db8c27d06d7372d2c2c65072c90 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Wed, 24 Apr 2024 15:24:44 +0200 Subject: [PATCH] Add memutils.c for backend and move existing mem helpers there. Also remove inline definitions. --- lib/crypto_backend/Makemodule.am | 3 +- lib/crypto_backend/crypto_backend.h | 10 +---- lib/crypto_backend/crypto_backend_internal.h | 13 +----- lib/crypto_backend/memutils.c | 46 ++++++++++++++++++++ lib/crypto_backend/meson.build | 1 + 5 files changed, 51 insertions(+), 22 deletions(-) create mode 100644 lib/crypto_backend/memutils.c diff --git a/lib/crypto_backend/Makemodule.am b/lib/crypto_backend/Makemodule.am index 75077633..43a4419f 100644 --- a/lib/crypto_backend/Makemodule.am +++ b/lib/crypto_backend/Makemodule.am @@ -13,7 +13,8 @@ libcrypto_backend_la_SOURCES = \ lib/crypto_backend/utf8.c \ lib/crypto_backend/argon2_generic.c \ lib/crypto_backend/cipher_generic.c \ - lib/crypto_backend/cipher_check.c + lib/crypto_backend/cipher_check.c \ + lib/crypto_backend/memutils.c if CRYPTO_BACKEND_GCRYPT libcrypto_backend_la_SOURCES += lib/crypto_backend/crypto_gcrypt.c diff --git a/lib/crypto_backend/crypto_backend.h b/lib/crypto_backend/crypto_backend.h index 15ed745a..d04614fa 100644 --- a/lib/crypto_backend/crypto_backend.h +++ b/lib/crypto_backend/crypto_backend.h @@ -144,15 +144,7 @@ int crypt_bitlk_decrypt_key(const void *key, size_t key_length, const char *tag, size_t tag_length); /* Memzero helper (memset on stack can be optimized out) */ -static inline void crypt_backend_memzero(void *s, size_t n) -{ -#ifdef HAVE_EXPLICIT_BZERO - explicit_bzero(s, n); -#else - volatile uint8_t *p = (volatile uint8_t *)s; - while(n--) *p++ = 0; -#endif -} +void crypt_backend_memzero(void *s, size_t n); /* Memcmp helper (memcmp in constant time) */ int crypt_backend_memeq(const void *m1, const void *m2, size_t n); diff --git a/lib/crypto_backend/crypto_backend_internal.h b/lib/crypto_backend/crypto_backend_internal.h index 539f11a7..b068cf81 100644 --- a/lib/crypto_backend/crypto_backend_internal.h +++ b/lib/crypto_backend/crypto_backend_internal.h @@ -59,17 +59,6 @@ int crypt_bitlk_decrypt_key_kernel(const void *key, size_t key_length, const char *tag, size_t tag_length); /* Internal implementation for constant time memory comparison */ -static inline int crypt_internal_memeq(const void *m1, const void *m2, size_t n) -{ - const unsigned char *_m1 = (const unsigned char *) m1; - const unsigned char *_m2 = (const unsigned char *) m2; - unsigned char result = 0; - size_t i; - - for (i = 0; i < n; i++) - result |= _m1[i] ^ _m2[i]; - - return result; -} +int crypt_internal_memeq(const void *m1, const void *m2, size_t n); #endif /* _CRYPTO_BACKEND_INTERNAL_H */ diff --git a/lib/crypto_backend/memutils.c b/lib/crypto_backend/memutils.c new file mode 100644 index 00000000..0f5459eb --- /dev/null +++ b/lib/crypto_backend/memutils.c @@ -0,0 +1,46 @@ +/* + * Safe memory utilities + * + * Copyright (C) 2024 Milan Broz + * + * This file is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This file is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this file; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "crypto_backend_internal.h" + +/* Memzero helper (memset on stack can be optimized out) */ +void crypt_backend_memzero(void *s, size_t n) +{ +#ifdef HAVE_EXPLICIT_BZERO + explicit_bzero(s, n); +#else + volatile uint8_t *p = (volatile uint8_t *)s; + while(n--) *p++ = 0; +#endif +} + +/* Internal implementation for constant time memory comparison */ +int crypt_internal_memeq(const void *m1, const void *m2, size_t n) +{ + const unsigned char *_m1 = (const unsigned char *) m1; + const unsigned char *_m2 = (const unsigned char *) m2; + unsigned char result = 0; + size_t i; + + for (i = 0; i < n; i++) + result |= _m1[i] ^ _m2[i]; + + return result; +} diff --git a/lib/crypto_backend/meson.build b/lib/crypto_backend/meson.build index d6c31fdb..43cf40e4 100644 --- a/lib/crypto_backend/meson.build +++ b/lib/crypto_backend/meson.build @@ -11,6 +11,7 @@ libcrypto_backend_link_with = [] libcrypto_backend_sources = files( 'argon2_generic.c', 'base64.c', + 'memutils.c', 'cipher_check.c', 'cipher_generic.c', 'crc32.c',