libkcapi/SOURCES/003-zeroize-hasher.patch

59 lines
2.1 KiB
Diff
Raw Normal View History

2024-03-28 10:47:18 +00:00
From e6e9288ecce61101ab765bc966ba8f780915802f Mon Sep 17 00:00:00 2001
From: Zoltan Fridrich <zfridric@redhat.com>
Date: Wed, 1 Nov 2023 10:54:03 +0100
Subject: [PATCH] kcapi-hasher: zeroise temporary values for FIPS 140-3
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Requirement introduced by AS05.10:
"The temporary value(s) generated during the integrity test of the
modules software or firmware shall [05.10] be zeroised from the module
upon completion of the integrity test;"
As some modules use fipscheck or sha*hmac for integrity tests, these
temporary values need to be zeroised from the hasher.
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
apps/kcapi-hasher.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/apps/kcapi-hasher.c b/apps/kcapi-hasher.c
index 098b655..f5caf77 100644
--- a/apps/kcapi-hasher.c
+++ b/apps/kcapi-hasher.c
@@ -360,6 +360,7 @@ static int hasher(struct kcapi_handle *handle, const struct hash_params *params,
if (hashlen > (uint32_t)ret) {
fprintf(stderr, "Invalid truncated hash size: %lu > %zd\n",
(unsigned long)hashlen, ret);
+ kcapi_memset_secure(md, 0, sizeof(md));
return (int)ret;
}
@@ -376,6 +377,7 @@ static int hasher(struct kcapi_handle *handle, const struct hash_params *params,
ret = 1;
else
ret = 0;
+ kcapi_memset_secure(compmd, 0, sizeof(compmd));
} else {
if (outfile == NULL) { /* only print hash (hmaccalc -S) */
bin2print(md, hashlen, NULL, stdout,
@@ -396,6 +398,7 @@ static int hasher(struct kcapi_handle *handle, const struct hash_params *params,
fprintf(stderr, "Generation of hash for file %s failed (%zd)\n",
filename ? filename : "stdin", ret);
}
+ kcapi_memset_secure(md, 0, sizeof(md));
return (int)ret;
}
@@ -696,6 +699,7 @@ static int process_checkfile(const struct hash_params *params,
if (file)
fclose(file);
kcapi_md_destroy(handle);
+ kcapi_memset_secure(buf, 0, sizeof(buf));
/*
* If we found no lines to check, return an error.