diff options
| -rw-r--r-- | src/gnutls.c | 45 |
1 files changed, 10 insertions, 35 deletions
diff --git a/src/gnutls.c b/src/gnutls.c index 7c988408528..59694074e16 100644 --- a/src/gnutls.c +++ b/src/gnutls.c @@ -1891,26 +1891,6 @@ The alist key is the cipher name. */) return ciphers; } -#ifdef HAVE_GNUTLS3_AEAD - -/* Zero out STORAGE (even if it will become inaccessible. It has - STORAGE_LENGTH bytes. The goal is to improve security a bit, in - case an Emacs module or some buggy part of Emacs attempts to - inspect STORAGE later to retrieve a secret. - - Calls to this function document when storage containing a secret is - known to go out of scope. This function is not guaranteed to erase - the secret, as copies of STORAGE may well be accessible elsewhere - on the machine. */ - -static void -clear_storage (void *storage, ptrdiff_t storage_length) -{ - explicit_bzero (storage, storage_length); -} - -#endif /* HAVE_GNUTLS3_AEAD */ - static Lisp_Object gnutls_symmetric_aead (bool encrypting, gnutls_cipher_algorithm_t gca, Lisp_Object cipher, @@ -1975,23 +1955,18 @@ gnutls_symmetric_aead (bool encrypting, gnutls_cipher_algorithm_t gca, (acipher, vdata, vsize, aead_auth_data, aead_auth_size, cipher_tag_size, idata, isize, storage, &storage_length)); - if (ret < GNUTLS_E_SUCCESS) - { - clear_storage (storage, storage_length); - SAFE_FREE (); - gnutls_aead_cipher_deinit (acipher); - if (encrypting) - error ("GnuTLS AEAD cipher %s encryption failed: %s", - gnutls_cipher_get_name (gca), emacs_gnutls_strerror (ret)); - else - error ("GnuTLS AEAD cipher %s decryption failed: %s", - gnutls_cipher_get_name (gca), emacs_gnutls_strerror (ret)); - } - + Lisp_Object output; + if (GNUTLS_E_SUCCESS <= ret) + output = make_unibyte_string (storage, storage_length); + explicit_bzero (storage, storage_length); gnutls_aead_cipher_deinit (acipher); - Lisp_Object output = make_unibyte_string (storage, storage_length); - clear_storage (storage, storage_length); + if (ret < GNUTLS_E_SUCCESS) + error ((encrypting + ? "GnuTLS AEAD cipher %s encryption failed: %s" + : "GnuTLS AEAD cipher %s decryption failed: %s"), + gnutls_cipher_get_name (gca), emacs_gnutls_strerror (ret)); + SAFE_FREE (); return list2 (output, actual_iv); #else |