mirror of
https://github.com/php/php-src.git
synced 2024-09-22 02:17:32 +00:00
sodium ext: clear the hash state after we're done hashing
This commit is contained in:
parent
d8a14e2aad
commit
557029e8e6
@ -852,6 +852,7 @@ PHP_FUNCTION(sodium_crypto_generichash_update)
|
||||
memcpy(&state_tmp, state, sizeof state_tmp);
|
||||
if (crypto_generichash_update((void *) &state_tmp, msg,
|
||||
(unsigned long long) msg_len) != 0) {
|
||||
sodium_memzero(&state_tmp, sizeof state_tmp);
|
||||
zend_throw_exception(sodium_exception_ce, "internal error", 0);
|
||||
return;
|
||||
}
|
||||
@ -896,10 +897,12 @@ PHP_FUNCTION(sodium_crypto_generichash_final)
|
||||
if (crypto_generichash_final((void *) &state_tmp,
|
||||
(unsigned char *) ZSTR_VAL(hash),
|
||||
(size_t) hash_len) != 0) {
|
||||
sodium_memzero(&state_tmp, sizeof state_tmp);
|
||||
zend_string_free(hash);
|
||||
zend_throw_exception(sodium_exception_ce, "internal error", 0);
|
||||
return;
|
||||
}
|
||||
sodium_memzero(&state_tmp, sizeof state_tmp);
|
||||
sodium_memzero(state, state_len);
|
||||
convert_to_null(state_zv);
|
||||
ZSTR_VAL(hash)[hash_len] = 0;
|
||||
@ -2640,6 +2643,7 @@ PHP_FUNCTION(sodium_crypto_kx_client_session_keys)
|
||||
crypto_generichash_update(&h, client_pk, crypto_kx_PUBLICKEYBYTES);
|
||||
crypto_generichash_update(&h, server_pk, crypto_kx_PUBLICKEYBYTES);
|
||||
crypto_generichash_final(&h, session_keys, 2 * crypto_kx_SESSIONKEYBYTES);
|
||||
sodium_memzero(&h, sizeof h);
|
||||
array_init(return_value);
|
||||
add_next_index_stringl(return_value,
|
||||
(const char *) session_keys,
|
||||
@ -2688,6 +2692,7 @@ PHP_FUNCTION(sodium_crypto_kx_server_session_keys)
|
||||
crypto_generichash_update(&h, client_pk, crypto_kx_PUBLICKEYBYTES);
|
||||
crypto_generichash_update(&h, server_pk, crypto_kx_PUBLICKEYBYTES);
|
||||
crypto_generichash_final(&h, session_keys, 2 * crypto_kx_SESSIONKEYBYTES);
|
||||
sodium_memzero(&h, sizeof h);
|
||||
array_init(return_value);
|
||||
add_next_index_stringl(return_value,
|
||||
(const char *) session_keys + crypto_kx_SESSIONKEYBYTES,
|
||||
|
Loading…
Reference in New Issue
Block a user