diff --git a/base58.c b/base58.c index 92612a933..cd74617b8 100644 --- a/base58.c +++ b/base58.c @@ -63,7 +63,7 @@ bool b58tobin(void *bin, size_t *binszp, const char *b58) b58sz = strlen(b58); - memset(outi, 0, outisz * sizeof(*outi)); + memzero(outi, sizeof(outi)); // Leading zeros, just count for (i = 0; i < b58sz && b58u[i] == '1'; ++i) @@ -166,7 +166,7 @@ bool b58enc(char *b58, size_t *b58sz, const void *data, size_t binsz) size = (binsz - zcount) * 138 / 100 + 1; uint8_t buf[size]; - memset(buf, 0, size); + memzero(buf, size); for (i = zcount, high = size - 1; i < (ssize_t)binsz; ++i, high = j) { diff --git a/bip32.c b/bip32.c index 54e26b42e..8d6291f51 100644 --- a/bip32.c +++ b/bip32.c @@ -152,7 +152,7 @@ int hdnode_from_xprv(uint32_t depth, uint32_t child_num, const uint8_t *chain_co int hdnode_from_seed(const uint8_t *seed, int seed_len, const char* curve, HDNode *out) { static CONFIDENTIAL uint8_t I[32 + 32]; - memset(out, 0, sizeof(HDNode)); + memzero(out, sizeof(HDNode)); out->depth = 0; out->child_num = 0; out->curve = get_curve_by_name(curve); @@ -319,7 +319,7 @@ int hdnode_private_ckd_cardano(HDNode *inout, uint32_t index) hmac_sha512_Final(&ctx, z); static CONFIDENTIAL uint8_t zl8[32]; - memset(zl8, 0, 32); + memzero(zl8, 32); /* get 8 * Zl */ scalar_multiply8(z, 28, zl8); @@ -362,7 +362,7 @@ int hdnode_from_seed_cardano(const uint8_t *pass, int pass_len, const uint8_t *s secret[31] &= 31; secret[31] |= 64; - memset(out, 0, sizeof(HDNode)); + memzero(out, sizeof(HDNode)); out->depth = 0; out->child_num = 0; out->curve = get_curve_by_name(ED25519_CARDANO_NAME); @@ -516,7 +516,7 @@ int hdnode_private_ckd_cached(HDNode *inout, const uint32_t *i, size_t i_count, if (hdnode_private_ckd(inout, i[k]) == 0) return 0; } // and save it - memset(&(private_ckd_cache[private_ckd_cache_index]), 0, sizeof(private_ckd_cache[private_ckd_cache_index])); + memzero(&(private_ckd_cache[private_ckd_cache_index]), sizeof(private_ckd_cache[private_ckd_cache_index])); private_ckd_cache[private_ckd_cache_index].set = true; private_ckd_cache[private_ckd_cache_index].depth = i_count - 1; memcpy(private_ckd_cache[private_ckd_cache_index].i, i, (i_count - 1) * sizeof(uint32_t)); @@ -782,7 +782,7 @@ int hdnode_serialize_private(const HDNode *node, uint32_t fingerprint, uint32_t int hdnode_deserialize(const char *str, uint32_t version_public, uint32_t version_private, const char *curve, HDNode *node, uint32_t *fingerprint) { uint8_t node_data[78]; - memset(node, 0, sizeof(HDNode)); + memzero(node, sizeof(HDNode)); node->curve = get_curve_by_name(curve); if (base58_decode_check(str, node->curve->hasher_base58, node_data, sizeof(node_data)) != sizeof(node_data)) { return -1; diff --git a/blake2b.c b/blake2b.c index 67d97e7e6..0074bc18d 100644 --- a/blake2b.c +++ b/blake2b.c @@ -87,7 +87,7 @@ static void blake2b_increment_counter( blake2b_state *S, const uint64_t inc ) static void blake2b_init0( blake2b_state *S ) { size_t i; - memset( S, 0, sizeof( blake2b_state ) ); + memzero( S, sizeof( blake2b_state ) ); for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i]; } @@ -125,9 +125,9 @@ int blake2b_Init( blake2b_state *S, size_t outlen ) store32( &P->xof_length, 0 ); P->node_depth = 0; P->inner_length = 0; - memset( P->reserved, 0, sizeof( P->reserved ) ); - memset( P->salt, 0, sizeof( P->salt ) ); - memset( P->personal, 0, sizeof( P->personal ) ); + memzero( P->reserved, sizeof( P->reserved ) ); + memzero( P->salt, sizeof( P->salt ) ); + memzero( P->personal, sizeof( P->personal ) ); return blake2b_init_param( S, P ); } @@ -147,8 +147,8 @@ int blake2b_InitPersonal( blake2b_state *S, size_t outlen, const void *personal, store32( &P->xof_length, 0 ); P->node_depth = 0; P->inner_length = 0; - memset( P->reserved, 0, sizeof( P->reserved ) ); - memset( P->salt, 0, sizeof( P->salt ) ); + memzero( P->reserved, sizeof( P->reserved ) ); + memzero( P->salt, sizeof( P->salt ) ); memcpy( P->personal, personal, BLAKE2B_PERSONALBYTES ); return blake2b_init_param( S, P ); } @@ -170,15 +170,15 @@ int blake2b_InitKey( blake2b_state *S, size_t outlen, const void *key, size_t ke store32( &P->xof_length, 0 ); P->node_depth = 0; P->inner_length = 0; - memset( P->reserved, 0, sizeof( P->reserved ) ); - memset( P->salt, 0, sizeof( P->salt ) ); - memset( P->personal, 0, sizeof( P->personal ) ); + memzero( P->reserved, sizeof( P->reserved ) ); + memzero( P->salt, sizeof( P->salt ) ); + memzero( P->personal, sizeof( P->personal ) ); if( blake2b_init_param( S, P ) < 0 ) return -1; { uint8_t block[BLAKE2B_BLOCKBYTES]; - memset( block, 0, BLAKE2B_BLOCKBYTES ); + memzero( block, BLAKE2B_BLOCKBYTES ); memcpy( block, key, keylen ); blake2b_Update( S, block, BLAKE2B_BLOCKBYTES ); memzero( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */ @@ -294,7 +294,7 @@ int blake2b_Final( blake2b_state *S, void *out, size_t outlen ) blake2b_increment_counter( S, S->buflen ); blake2b_set_lastblock( S ); - memset( S->buf + S->buflen, 0, BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */ + memzero( S->buf + S->buflen, BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */ blake2b_compress( S, S->buf ); for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ diff --git a/blake2s.c b/blake2s.c index 57435e7a1..8dc6516b6 100644 --- a/blake2s.c +++ b/blake2s.c @@ -82,7 +82,7 @@ static void blake2s_increment_counter( blake2s_state *S, const uint32_t inc ) static void blake2s_init0( blake2s_state *S ) { size_t i; - memset( S, 0, sizeof( blake2s_state ) ); + memzero( S, sizeof( blake2s_state ) ); for( i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i]; } @@ -120,9 +120,9 @@ int blake2s_Init( blake2s_state *S, size_t outlen ) store16( &P->xof_length, 0 ); P->node_depth = 0; P->inner_length = 0; - /* memset(P->reserved, 0, sizeof(P->reserved) ); */ - memset( P->salt, 0, sizeof( P->salt ) ); - memset( P->personal, 0, sizeof( P->personal ) ); + /* memzero(P->reserved, sizeof(P->reserved) ); */ + memzero( P->salt, sizeof( P->salt ) ); + memzero( P->personal, sizeof( P->personal ) ); return blake2s_init_param( S, P ); } @@ -142,8 +142,8 @@ int blake2s_InitPersonal( blake2s_state *S, size_t outlen, const void *personal, store16( &P->xof_length, 0 ); P->node_depth = 0; P->inner_length = 0; - /* memset(P->reserved, 0, sizeof(P->reserved) ); */ - memset( P->salt, 0, sizeof( P->salt ) ); + /* memzero(P->reserved, sizeof(P->reserved) ); */ + memzero( P->salt, sizeof( P->salt ) ); memcpy( P->personal, personal, BLAKE2S_PERSONALBYTES ); return blake2s_init_param( S, P ); } @@ -166,15 +166,15 @@ int blake2s_InitKey( blake2s_state *S, size_t outlen, const void *key, size_t ke store16( &P->xof_length, 0 ); P->node_depth = 0; P->inner_length = 0; - /* memset(P->reserved, 0, sizeof(P->reserved) ); */ - memset( P->salt, 0, sizeof( P->salt ) ); - memset( P->personal, 0, sizeof( P->personal ) ); + /* memzero(P->reserved, sizeof(P->reserved) ); */ + memzero( P->salt, sizeof( P->salt ) ); + memzero( P->personal, sizeof( P->personal ) ); if( blake2s_init_param( S, P ) < 0 ) return -1; { uint8_t block[BLAKE2S_BLOCKBYTES]; - memset( block, 0, BLAKE2S_BLOCKBYTES ); + memzero( block, BLAKE2S_BLOCKBYTES ); memcpy( block, key, keylen ); blake2s_Update( S, block, BLAKE2S_BLOCKBYTES ); memzero( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from stack */ @@ -288,7 +288,7 @@ int blake2s_Final( blake2s_state *S, void *out, size_t outlen ) blake2s_increment_counter( S, ( uint32_t )S->buflen ); blake2s_set_lastblock( S ); - memset( S->buf + S->buflen, 0, BLAKE2S_BLOCKBYTES - S->buflen ); /* Padding */ + memzero( S->buf + S->buflen, BLAKE2S_BLOCKBYTES - S->buflen ); /* Padding */ blake2s_compress( S, S->buf ); for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ diff --git a/ed25519-donna/ed25519-donna-impl-base.c b/ed25519-donna/ed25519-donna-impl-base.c index 2fa1fa424..fcd1c0053 100644 --- a/ed25519-donna/ed25519-donna-impl-base.c +++ b/ed25519-donna/ed25519-donna-impl-base.c @@ -1,5 +1,6 @@ #include #include "ed25519-donna.h" +#include "memzero.h" /* sqrt(x) is such an integer y that 0 <= y <= p - 1, y % 2 = 0, and y^2 = x (mod p). */ /* d = -121665 / 121666 */ @@ -245,7 +246,7 @@ int ge25519_unpack_negative_vartime(ge25519 *r, const unsigned char p[32]) { void ge25519_set_neutral(ge25519 *r) { - memset(r, 0, sizeof(ge25519)); + memzero(r, sizeof(ge25519)); r->y[0] = 1; r->z[0] = 1; } @@ -270,7 +271,7 @@ void ge25519_double_scalarmult_vartime(ge25519 *r, const ge25519 *p1, const bign ge25519_p1p1 t; int32_t i; - memset(&t, 0, sizeof(ge25519_p1p1)); + memzero(&t, sizeof(ge25519_p1p1)); contract256_slidingwindow_modm(slide1, s1, S1_SWINDOWSIZE); contract256_slidingwindow_modm(slide2, s2, S2_SWINDOWSIZE); @@ -324,7 +325,7 @@ void ge25519_double_scalarmult_vartime2(ge25519 *r, const ge25519 *p1, const big ge25519_p1p1 t; int32_t i; - memset(&t, 0, sizeof(ge25519_p1p1)); + memzero(&t, sizeof(ge25519_p1p1)); contract256_slidingwindow_modm(slide1, s1, S1_SWINDOWSIZE); contract256_slidingwindow_modm(slide2, s2, S1_SWINDOWSIZE); @@ -512,7 +513,7 @@ void ge25519_scalarmult_base_niels(ge25519 *r, const uint8_t basepoint_table[256 ge25519_scalarmult_base_choose_niels(&t, basepoint_table, 0, b[1]); curve25519_sub_reduce(r->x, t.xaddy, t.ysubx); curve25519_add_reduce(r->y, t.xaddy, t.ysubx); - memset(r->z, 0, sizeof(bignum25519)); + memzero(r->z, sizeof(bignum25519)); curve25519_copy(r->t, t.t2d); r->z[0] = 2; for (i = 3; i < 64; i += 2) { diff --git a/groestl.c b/groestl.c index f72fe0fc0..8efe82a86 100644 --- a/groestl.c +++ b/groestl.c @@ -36,6 +36,8 @@ #include "groestl_internal.h" #include "groestl.h" +#include "memzero.h" + #define C32e(x) ((SPH_C32(x) >> 24) \ | ((SPH_C32(x) >> 8) & SPH_C32(0x0000FF00)) \ @@ -740,7 +742,7 @@ groestl_big_close(sph_groestl_big_context *sc, pad_len = 256 - ptr; count = SPH_T64(sc->count + 2); } - memset(pad + 1, 0, pad_len - 9); + memzero(pad + 1, pad_len - 9); sph_enc64be(pad + pad_len - 8, count); groestl_big_core(sc, pad, pad_len); READ_STATE_BIG(sc); diff --git a/hmac.c b/hmac.c index 04448c8f2..0a0946012 100644 --- a/hmac.c +++ b/hmac.c @@ -30,7 +30,7 @@ void hmac_sha256_Init(HMAC_SHA256_CTX *hctx, const uint8_t *key, const uint32_t keylen) { static CONFIDENTIAL uint8_t i_key_pad[SHA256_BLOCK_LENGTH]; - memset(i_key_pad, 0, SHA256_BLOCK_LENGTH); + memzero(i_key_pad, SHA256_BLOCK_LENGTH); if (keylen > SHA256_BLOCK_LENGTH) { sha256_Raw(key, keylen, i_key_pad); } else { @@ -105,7 +105,7 @@ void hmac_sha256_prepare(const uint8_t *key, const uint32_t keylen, uint32_t *op void hmac_sha512_Init(HMAC_SHA512_CTX *hctx, const uint8_t *key, const uint32_t keylen) { static CONFIDENTIAL uint8_t i_key_pad[SHA512_BLOCK_LENGTH]; - memset(i_key_pad, 0, SHA512_BLOCK_LENGTH); + memzero(i_key_pad, SHA512_BLOCK_LENGTH); if (keylen > SHA512_BLOCK_LENGTH) { sha512_Raw(key, keylen, i_key_pad); } else { diff --git a/pbkdf2.c b/pbkdf2.c index 23644ea73..719fc89e2 100644 --- a/pbkdf2.c +++ b/pbkdf2.c @@ -35,7 +35,7 @@ void pbkdf2_hmac_sha256_Init(PBKDF2_HMAC_SHA256_CTX *pctx, const uint8_t *pass, #endif hmac_sha256_prepare(pass, passlen, pctx->odig, pctx->idig); - memset(pctx->g, 0, sizeof(pctx->g)); + memzero(pctx->g, sizeof(pctx->g)); pctx->g[8] = 0x80000000; pctx->g[15] = (SHA256_BLOCK_LENGTH + SHA256_DIGEST_LENGTH) * 8; @@ -109,7 +109,7 @@ void pbkdf2_hmac_sha512_Init(PBKDF2_HMAC_SHA512_CTX *pctx, const uint8_t *pass, #endif hmac_sha512_prepare(pass, passlen, pctx->odig, pctx->idig); - memset(pctx->g, 0, sizeof(pctx->g)); + memzero(pctx->g, sizeof(pctx->g)); pctx->g[8] = 0x8000000000000000; pctx->g[15] = (SHA512_BLOCK_LENGTH + SHA512_DIGEST_LENGTH) * 8; diff --git a/ripemd160.c b/ripemd160.c index 66b13ca3d..60d007acf 100644 --- a/ripemd160.c +++ b/ripemd160.c @@ -58,7 +58,7 @@ */ void ripemd160_Init(RIPEMD160_CTX *ctx) { - memset(ctx, 0, sizeof(RIPEMD160_CTX)); + memzero(ctx, sizeof(RIPEMD160_CTX)); ctx->total[0] = 0; ctx->total[1] = 0; ctx->state[0] = 0x67452301; diff --git a/sha3.c b/sha3.c index 3ef9db8ae..7cc2b7d40 100644 --- a/sha3.c +++ b/sha3.c @@ -48,7 +48,7 @@ static void keccak_Init(SHA3_CTX *ctx, unsigned bits) /* NB: The Keccak capacity parameter = bits * 2 */ unsigned rate = 1600 - bits * 2; - memset(ctx, 0, sizeof(SHA3_CTX)); + memzero(ctx, sizeof(SHA3_CTX)); ctx->block_size = rate / 8; assert(rate <= 1600 && (rate % 64) == 0); } @@ -320,7 +320,7 @@ void sha3_Final(SHA3_CTX *ctx, unsigned char* result) if (!(ctx->rest & SHA3_FINALIZED)) { /* clear the rest of the data queue */ - memset((char*)ctx->message + ctx->rest, 0, block_size - ctx->rest); + memzero((char*)ctx->message + ctx->rest, block_size - ctx->rest); ((char*)ctx->message)[ctx->rest] |= 0x06; ((char*)ctx->message)[block_size - 1] |= 0x80; @@ -349,7 +349,7 @@ void keccak_Final(SHA3_CTX *ctx, unsigned char* result) if (!(ctx->rest & SHA3_FINALIZED)) { /* clear the rest of the data queue */ - memset((char*)ctx->message + ctx->rest, 0, block_size - ctx->rest); + memzero((char*)ctx->message + ctx->rest, block_size - ctx->rest); ((char*)ctx->message)[ctx->rest] |= 0x01; ((char*)ctx->message)[block_size - 1] |= 0x80; diff --git a/shell.nix b/shell.nix index 52601dd7b..0cfc3dd05 100644 --- a/shell.nix +++ b/shell.nix @@ -2,5 +2,5 @@ with import {}; stdenv.mkDerivation { name = "trezor-crypto-dev"; - buildInputs = [ gnumake gcc pkgconfig openssl check ]; + buildInputs = [ gnumake gcc pkgconfig openssl check valgrind ]; } diff --git a/tests/test_check.c b/tests/test_check.c index 25baeccca..e72c16a2a 100644 --- a/tests/test_check.c +++ b/tests/test_check.c @@ -64,6 +64,8 @@ #include "rc4.h" #include "nem.h" #include "monero/monero.h" +#include "memzero.h" + #if VALGRIND /* @@ -862,7 +864,7 @@ START_TEST(test_bip32_vector_1) ck_assert_str_eq(str, "xpub661MyMwAqRbcFtXgS5sYJABqqG9YLmC4Q1Rdap9gSE8NqtwybGhePY2gZ29ESFjqJoCu1Rupje8YtGqsefD265TMg7usUDFdp6W1EGMcet8"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'] @@ -882,7 +884,7 @@ START_TEST(test_bip32_vector_1) ck_assert_str_eq(str, "xpub68Gmy5EdvgibQVfPdqkBBCHxA5htiqg55crXYuXoQRKfDBFA1WEjWgP6LHhwBZeNK1VTsfTFUHCdrfp1bgwQ9xv5ski8PX9rL2dZXvgGDnw"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1] @@ -902,7 +904,7 @@ START_TEST(test_bip32_vector_1) ck_assert_str_eq(str, "xpub6ASuArnXKPbfEwhqN6e3mwBcDTgzisQN1wXN9BJcM47sSikHjJf3UFHKkNAWbWMiGj7Wf5uMash7SyYq527Hqck2AxYysAA7xmALppuCkwQ"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1/2'] @@ -922,7 +924,7 @@ START_TEST(test_bip32_vector_1) ck_assert_str_eq(str, "xpub6D4BDPcP2GT577Vvch3R8wDkScZWzQzMMUm3PWbmWvVJrZwQY4VUNgqFJPMM3No2dFDFGTsxxpG5uJh7n7epu4trkrX7x7DogT5Uv6fcLW5"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1/2'/2] @@ -942,7 +944,7 @@ START_TEST(test_bip32_vector_1) ck_assert_str_eq(str, "xpub6FHa3pjLCk84BayeJxFW2SP4XRrFd1JYnxeLeU8EqN3vDfZmbqBqaGJAyiLjTAwm6ZLRQUMv1ZACTj37sR62cfN7fe5JnJ7dh8zL4fiyLHV"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1/2'/2/1000000000] @@ -962,7 +964,7 @@ START_TEST(test_bip32_vector_1) ck_assert_str_eq(str, "xpub6H1LXWLaKsWFhvm6RVpEL9P4KfRZSW7abD2ttkWP3SSQvnyA8FSVqNTEcYFgJS2UaFcxupHiYkro49S8yGasTvXEYBVPamhGW6cFJodrTHy"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); } END_TEST @@ -994,7 +996,7 @@ START_TEST(test_bip32_vector_2) ck_assert_str_eq(str, "xpub661MyMwAqRbcFW31YEwpkMuc5THy2PSt5bDMsktWQcFF8syAmRUapSCGu8ED9W6oDMSgv6Zz8idoc4a6mr8BDzTJY47LJhkJ8UB7WEGuduB"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0] @@ -1015,7 +1017,7 @@ START_TEST(test_bip32_vector_2) ck_assert_str_eq(str, "xpub69H7F5d8KSRgmmdJg2KhpAK8SR3DjMwAdkxj3ZuxV27CprR9LgpeyGmXUbC6wb7ERfvrnKZjXoUmmDznezpbZb7ap6r1D3tgFxHmwMkQTPH"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'] @@ -1036,7 +1038,7 @@ START_TEST(test_bip32_vector_2) ck_assert_str_eq(str, "xpub6ASAVgeehLbnwdqV6UKMHVzgqAG8Gr6riv3Fxxpj8ksbH9ebxaEyBLZ85ySDhKiLDBrQSARLq1uNRts8RuJiHjaDMBU4Zn9h8LZNnBC5y4a"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'/1] @@ -1057,7 +1059,7 @@ START_TEST(test_bip32_vector_2) ck_assert_str_eq(str, "xpub6DF8uhdarytz3FWdA8TvFSvvAh8dP3283MY7p2V4SeE2wyWmG5mg5EwVvmdMVCQcoNJxGoWaU9DCWh89LojfZ537wTfunKau47EL2dhHKon"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'/1/2147483646'] @@ -1078,7 +1080,7 @@ START_TEST(test_bip32_vector_2) ck_assert_str_eq(str, "xpub6ERApfZwUNrhLCkDtcHTcxd75RbzS1ed54G1LkBUHQVHQKqhMkhgbmJbZRkrgZw4koxb5JaHWkY4ALHY2grBGRjaDMzQLcgJvLJuZZvRcEL"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'/1/2147483646'/2] @@ -1099,7 +1101,7 @@ START_TEST(test_bip32_vector_2) ck_assert_str_eq(str, "xpub6FnCn6nSzZAw5Tw7cgR9bi15UV96gLZhjDstkXXxvCLsUXBGXPdSnLFbdpq8p9HmGsApME5hQTZ3emM2rnY5agb9rXpVGyy3bdW6EEgAtqt"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // init m @@ -1142,7 +1144,7 @@ START_TEST(test_bip32_vector_3) ck_assert_str_eq(str, "xpub661MyMwAqRbcEZVB4dScxMAdx6d4nFc9nvyvH3v4gJL378CSRZiYmhRoP7mBy6gSPSCYk6SzXPTf3ND1cZAceL7SfJ1Z3GC8vBgp2epUt13"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'] @@ -1159,7 +1161,7 @@ START_TEST(test_bip32_vector_3) ck_assert_str_eq(str, "xpub68NZiKmJWnxxS6aaHmn81bvJeTESw724CRDs6HbuccFQN9Ku14VQrADWgqbhhTHBaohPX4CjNLf9fq9MYo6oDaPPLPxSb7gwQN3ih19Zm4Y"); r = hdnode_deserialize(str, VERSION_PUBLIC, VERSION_PRIVATE, SECP256K1_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); } END_TEST @@ -1517,7 +1519,7 @@ START_TEST(test_bip32_nist_repeat) ck_assert_mem_eq(node2.public_key, fromhex("0235bfee614c0d5b2cae260000bb1d0d84b270099ad790022c1ae0b2e782efe120"), 33); memcpy(&node2, &node, sizeof(HDNode)); - memset(&node2.private_key, 0, 32); + memzero(&node2.private_key, 32); r = hdnode_public_ckd(&node2, 33941); ck_assert_int_eq(r, 1); ck_assert_int_eq(fingerprint, 0x3e2b7bc6); @@ -1665,7 +1667,7 @@ START_TEST(test_bip32_decred_vector_1) ck_assert_str_eq(str, "dpubZ9169KDAEUnyoBhjjmT2VaEodr6pUTDoqCEAeqgbfr2JfkB88BbK77jbTYbcYXb2FVz7DKBdW4P618yd51MwF8DjKVopSbS7Lkgi6bowX5w"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'] @@ -1685,7 +1687,7 @@ START_TEST(test_bip32_decred_vector_1) ck_assert_str_eq(str, "dpubZCGVaKZBiMo7pMgLaZm1qmchjWenTeVcUdFQkTNsFGFEA6xs4EW8PKiqYqP7HBAitt9Hw16VQkQ1tjsZQSHNWFc6bEK6bLqrbco24FzBTY4"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1] @@ -1705,7 +1707,7 @@ START_TEST(test_bip32_decred_vector_1) ck_assert_str_eq(str, "dpubZEDyZgdnFBMHxqNhfCUwBfAg1UmXHiTmB5jKtzbAZhF8PTzy2PwAicNdkg1CmW6TARxQeUbgC7nAQenJts4YoG3KMiqcjsjgeMvwLc43w6C"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1/2'] @@ -1725,7 +1727,7 @@ START_TEST(test_bip32_decred_vector_1) ck_assert_str_eq(str, "dpubZGLz7gsJAWzUksvtw3opxx5eeLq5fRaUMDABA3bdUVfnGUk5fiS5Cc3kZGTjWtYr3jrEavQQnAF6jv2WCpZtFX4uFgifXqev6ED1TM9rTCB"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1/2'/2] @@ -1745,7 +1747,7 @@ START_TEST(test_bip32_decred_vector_1) ck_assert_str_eq(str, "dpubZHv6Cfp2XRSWHQXZBo1dLmVM421Zdkc4MePkyBXCLFttVkCmwZkxth4ZV9PzkFP3DtD5xcVq2CPSYpJMWMaoxu1ixz4GNZFVcE2xnHP6chJ"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0'/1/2'/2/1000000000] @@ -1765,7 +1767,7 @@ START_TEST(test_bip32_decred_vector_1) ck_assert_str_eq(str, "dpubZL6d9amjfRy1zeoZM2zHDU7uoMvwPqtxHRQAiJjeEtQQWjP3retQV1qKJyzUd6ZJNgbJGXjtc5pdoBcTTYTLoxQzvV9JJCzCjB2eCWpRf8T"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); } END_TEST @@ -1800,7 +1802,7 @@ START_TEST(test_bip32_decred_vector_2) ck_assert_str_eq(str, "dpubZ9169KDAEUnynoD4qvXJwmxZt3FFA5UdWn1twnRReE9AxjCKJLNFY1uBoegbFmwzA4Du7yqnu8tLivhrCCH6P3DgBS1HH5vmf8MpNXvvYT9"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0] @@ -1821,7 +1823,7 @@ START_TEST(test_bip32_decred_vector_2) ck_assert_str_eq(str, "dpubZBA4RCkCybJFaNbqPuBiyfXY1rvmG1XTdCy1AY1U96dxkFqWc2i5KREMh7NYPpy7ZPMhdpFMAesex3JdFDfX4J5FEW3HjSacqEYPfwb9Cj7"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'] @@ -1842,7 +1844,7 @@ START_TEST(test_bip32_decred_vector_2) ck_assert_str_eq(str, "dpubZDUNkZEcCRCZEizDGL9sAQbZRKSnaxQLeqN9zpueeqCyq2VY7NUGMXASacsK96S8XzNjq3YgFgwLtj8MJBToW6To9U5zxuazEyh89bjR1xA"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'/1] @@ -1863,7 +1865,7 @@ START_TEST(test_bip32_decred_vector_2) ck_assert_str_eq(str, "dpubZF3wJh7SfggGg74QZW3EE9ei8uQSJEFgd62uyuK5iMgQzUNjpSnprgTpYz3d6Q3fXXtEEXQqpzWcP4LUVuXFsgA8JKt1Hot5kyUk4pPRhDz"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'/1/2147483646'] @@ -1884,7 +1886,7 @@ START_TEST(test_bip32_decred_vector_2) ck_assert_str_eq(str, "dpubZH38NEg1CW19dGZs8NdaT4hDkz7wXPstio1mGpHSAXHpSGW3UnTrn25ERT1Mp8ae5GMoQHMbgQiPrChMXQMdx3UqS8YqFkT1pqait8fY92u"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // [Chain m/0/2147483647'/1/2147483646'/2] @@ -1905,7 +1907,7 @@ START_TEST(test_bip32_decred_vector_2) ck_assert_str_eq(str, "dpubZJoBFoQJ35zvEBgsfhJBssnAp8TY5gvruzQFLmyxcqRb7enVtGfSkLo2CkAZJMpa6T2fx6fUtvTgXtUvSVgAZ56bEwGxQsToeZfFV8VadE1"); r = hdnode_deserialize(str, DECRED_VERSION_PUBLIC, DECRED_VERSION_PRIVATE, SECP256K1_DECRED_NAME, &node2, NULL); ck_assert_int_eq(r, 0); memcpy(&node3, &node, sizeof(HDNode)); - memset(&node3.private_key, 0, 32); + memzero(&node3.private_key, 32); ck_assert_mem_eq(&node2, &node3, sizeof(HDNode)); // init m @@ -4788,7 +4790,7 @@ START_TEST(test_rc4_rfc6229) for (size_t i = 0; i < (sizeof(tests) / sizeof(*tests)); i++) { size_t length = strlen(tests[i].key) / 2; memcpy(key, fromhex(tests[i].key), length); - memset(buffer, 0, sizeof(buffer)); + memzero(buffer, sizeof(buffer)); rc4_init(&ctx, key, length); rc4_encrypt(&ctx, buffer, sizeof(buffer)); diff --git a/tests/test_openssl.c b/tests/test_openssl.c index b067bf383..d0a80f074 100644 --- a/tests/test_openssl.c +++ b/tests/test_openssl.c @@ -43,6 +43,8 @@ #include "nist256p1.h" #include "secp256k1.h" +#include "memzero.h" + void openssl_check(unsigned int iterations, int nid, const ecdsa_curve *curve) { uint8_t sig[64], pub_key33[33], pub_key65[65], priv_key[32], msg[256], hash[32]; @@ -67,7 +69,7 @@ void openssl_check(unsigned int iterations, int nid, const ecdsa_curve *curve) // copy key to buffer const BIGNUM *K = EC_KEY_get0_private_key(eckey); int bn_off = sizeof(priv_key) - BN_num_bytes(K); - memset(priv_key, 0, bn_off); + memzero(priv_key, bn_off); BN_bn2bin(K, priv_key + bn_off); // use our ECDSA signer to sign the message with the key