From 7b061bce13e26d82280b107d1670a5b06d077da3 Mon Sep 17 00:00:00 2001 From: Radoslaw Zarzynski Date: Sat, 16 Nov 2019 00:42:29 +0100 Subject: [PATCH] rgw: switch to ceph::crypto::zeroize_for_security(). CONFLICT: it seems rgw_kms.cc has been dissected from rgw_crypto.cc in commit 1e5b58ad50eae9b6df7f28baf511f4902cfbae4c. Because of that the `memset` occurances have been audited manually during the backport process. Signed-off-by: Radoslaw Zarzynski (cherry picked from commit 764010b2c3e779fe9910ff4a8b00ad1a2cafe49d) --- src/rgw/rgw_crypt.cc | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/rgw/rgw_crypt.cc b/src/rgw/rgw_crypt.cc index 00125a07539e..198c4a146df3 100644 --- a/src/rgw/rgw_crypt.cc +++ b/src/rgw/rgw_crypt.cc @@ -42,7 +42,7 @@ public: explicit AES_256_CTR(CephContext* cct): cct(cct) { } ~AES_256_CTR() { - memset(key, 0, AES_256_KEYSIZE); + ::ceph::crypto::zeroize_for_security(key, AES_256_KEYSIZE); } bool set_key(const uint8_t* _key, size_t key_size) { if (key_size != AES_256_KEYSIZE) { @@ -205,7 +205,7 @@ public: explicit AES_256_CBC(CephContext* cct): cct(cct) { } ~AES_256_CBC() { - memset(key, 0, AES_256_KEYSIZE); + ::ceph::crypto::zeroize_for_security(key, AES_256_KEYSIZE); } bool set_key(const uint8_t* _key, size_t key_size) { if (key_size != AES_256_KEYSIZE) { @@ -776,7 +776,7 @@ static int request_key_from_barbican(CephContext *cct, secret_req.get_http_status() < 300 && secret_bl.length() == AES_256_KEYSIZE) { actual_key.assign(secret_bl.c_str(), secret_bl.length()); - memset(secret_bl.c_str(), 0, secret_bl.length()); + ::ceph::crypto::zeroize_for_security(secret_bl.c_str(), secret_bl.length()); } else { res = -EACCES; } @@ -821,7 +821,7 @@ static int get_actual_key_from_kms(CephContext *cct, } else { res = -EIO; } - memset(_actual_key, 0, sizeof(_actual_key)); + ::ceph::crypto::zeroize_for_security(_actual_key, sizeof(_actual_key)); } else { ldout(cct, 20) << "Wrong size for key=" << key_id << dendl; res = -EIO; @@ -1123,7 +1123,7 @@ int rgw_s3_prepare_encrypt(struct req_state* s, reinterpret_cast(master_encryption_key.c_str()), AES_256_KEYSIZE, reinterpret_cast(key_selector.c_str()), actual_key, AES_256_KEYSIZE) != true) { - memset(actual_key, 0, sizeof(actual_key)); + ::ceph::crypto::zeroize_for_security(actual_key, sizeof(actual_key)); return -EIO; } if (block_crypt) { @@ -1131,7 +1131,7 @@ int rgw_s3_prepare_encrypt(struct req_state* s, aes->set_key(reinterpret_cast(actual_key), AES_256_KEYSIZE); *block_crypt = std::move(aes); } - memset(actual_key, 0, sizeof(actual_key)); + ::ceph::crypto::zeroize_for_security(actual_key, sizeof(actual_key)); return 0; } } @@ -1296,12 +1296,12 @@ int rgw_s3_prepare_decrypt(struct req_state* s, AES_256_KEYSIZE, reinterpret_cast(attr_key_selector.c_str()), actual_key, AES_256_KEYSIZE) != true) { - memset(actual_key, 0, sizeof(actual_key)); + ::ceph::crypto::zeroize_for_security(actual_key, sizeof(actual_key)); return -EIO; } auto aes = std::unique_ptr(new AES_256_CBC(s->cct)); aes->set_key(actual_key, AES_256_KEYSIZE); - memset(actual_key, 0, sizeof(actual_key)); + ::ceph::crypto::zeroize_for_security(actual_key, sizeof(actual_key)); if (block_crypt) *block_crypt = std::move(aes); return 0; } -- 2.47.3