* md.c: Moved a couple of functions down below the data structure

definitions.
(struct gcry_md_context): New field ACTUAL_HANDLE_SIZE.
(md_open): Set it here.
(strcut gcry_md_list): New field ACTUAL_STRUCT_SIZE.
(md_enable): Set it here.
(md_close): Wipe the context memory.
secure memory.
* cipher.c (struct gcry_cipher_handle): New field ACTUAL_HANDLE_SIZE.
(gcry_cipher_open): Set it here.
(gcry_cipher_close): Use it to always wipe out the handle data.

* md.c: Minor code and comment cleanups.

5 files changed, 91 insertions, 45 deletions

diff --git a/TODO b/TODO
index 86fe1a82..65b79332 100644
--- a/TODO
+++ b/TODO
@@ -28,3 +28,8 @@ What's left to do                                 -*- outline -*-
 
 * HMAC won't work with sha-512 due to the different block size.  OTOH,
   I can imagine no cryptographic reason to use it.
+
+* cipher/pubkey.c and pubkey implementaions.
+  Don't rely on the secure memory based wiping fucntion but add an
+  extra wiping.
+  
diff --git a/cipher/ChangeLog b/cipher/ChangeLog
index a73c4402..97a81734 100644
--- a/cipher/ChangeLog
+++ b/cipher/ChangeLog
@@ -1,5 +1,17 @@
 2003-12-19  Werner Koch  <wk@gnupg.org>
 
+	* md.c: Moved a couple of functions down below the data structure
+	definitions.
+	(struct gcry_md_context): New field ACTUAL_HANDLE_SIZE.
+	(md_open): Set it here.
+	(strcut gcry_md_list): New field ACTUAL_STRUCT_SIZE.
+	(md_enable): Set it here.
+	(md_close): Wipe the context memory.
+	secure memory.
+	* cipher.c (struct gcry_cipher_handle): New field ACTUAL_HANDLE_SIZE.
+	(gcry_cipher_open): Set it here.
+	(gcry_cipher_close): Use it to always wipe out the handle data.
+
 	* ac.c (gcry_ac_open): Make sure HANDLE gets initialized even when
 	the function is not successful.
 	(gcry_ac_close): Allow a NULL handle.
diff --git a/cipher/Manifest b/cipher/Manifest
index 1cfb5ae3..90907a2f 100644
--- a/cipher/Manifest
+++ b/cipher/Manifest
@@ -28,10 +28,10 @@
 
 
 # Algorithm API
-cipher.c iQCVAwUAP9XQ7jEAnp832S/7AQLBiAQAjNHNCKQLQY3px/meGdYbLJ6U6E0jrbMV31XVPCetAp1FepTiRo4b8JcxZ50SsrMuSaG+nlp5Bf97jiNiOGl+iO1jssIWj3gOnWuBpqEAGyy9pmZLnBI0PS7oOQPHNnmP7W142a/dZrmaFZavGQ3IpUlVOULpZnUWWZm4UQCR+Y0==6m8b
+cipher.c iQCVAwUAP+NFJTEAnp832S/7AQKTlwQAgE+HDjFBAC3ek3pIG6s0jaraTcWksR3N33x0L8qeHqi64LXaFxOfM8pwNW54QPHsdC6O5yZ+DfLAM1okNTY4nCGAZoT+2qD+EiLVis281CQwgot70OC8LSluAHnx58CZZZepmSrnO/3gFp8K8FdXBuWWOBrToM8DirUXCKchydw==vzEQ
 pubkey.c iQCVAwUAP9XQ3jEAnp832S/7AQJ5UgQAyHfEBvPVJ8wTRg8c7ixS2GiVmIgwIo5tvQaiQJTPWASevvYrB+2Z2qa9cATyu50ACjLzbaquGBgPzjJV3dU/qttT1gCqRuN/LCNvXFe5qnIZezejc3RAadFNTw/pOTHq0wxD1Keg66ruei9R36Nba59pEQIWIBXTfubRft2hMYk==E09t
 ac.c iQCVAwUAP+LE4jEAnp832S/7AQIV9gQAyi7u/tO6GxgxsHq9nifh9OTaU/DyFuQTB7TzNHWv9L2F2SqXUU4iG+R+a3X0KOyJtvnVH3/RTXv36yqgBjASrwn9HcAbIhG9rp0xCSwNSQD659eFhmjxenG6I8omBR19l6bkrsvpyGf+4ujyoqSP6fAbU7/GW4/07eMe9YHKapE==W/tU
-md.c iQCVAwUAP+K7ZzEAnp832S/7AQLBXwQAu6oftmvPryWUPX27sGKw5gcjWrtBYeD1p/UQx37szA0OJonpyqEOK1PzFvg6J7Ye1UbwIeEM7Ee5HIVnTJ/ixM4Ph49ZWgANjE4YExbWxIj5IJuttiIho4Bnz7gn+cMoPxfGr3ySk4rt7iTesJpdXOuOlKsg1ERfKNhIu7jouTs==49k0
+md.c iQCVAwUAP+NFGjEAnp832S/7AQJs8wP/Qdk0EAKsyr3O1/pmOSN8AG4rPKbd6KDTzvoBPAN4upFwKYY4hWwvy12Q3YU9DmECrzZkRCXHR7mljVQKs6B7CRZJKjFKmOELpcJDtKvu40vTs1bOH4k9iJYZpGgRA83nkQ+ELAcphAbCA+KIpVr2K4mCJAB0FhpC2uOQ50JHAko==BeF6
 primegen.c iQCVAwUAP+LFATEAnp832S/7AQJUEAP+ONlY0YmN8i+ir3V0+X7+yu/wDyQpDiVqEbN7J8yxOscZJ1pQP4CRV0MjXRynYtG3p0mPJyFKUWahNrKF8jOX7kolX80TtIgVVQTWY1Q0YWHodF+v3W5Pw0vqKHVhlLeALv978VXCjpymroEOskidJblYmOWV9gJvHs6F1cj8nUY==Skcs
 
 # Algorithm implementations
@@ -68,5 +68,5 @@ bithelp.h iQCVAwUAP7ouPTEAnp832S/7AQKXggQAqjcgvihIF3WclOgw1JV2rbARw4ISIDRMFqdaNC
 rmd.h iQCVAwUAP7oumjEAnp832S/7AQJiJQP/V4bJwjZaYndJzV+KRnIDbl1koHuw+ZK5heMYVu8Qk4ylqv//BGyeRa3jZCcfPHI35q6HilCs2VBm8hiBMjHSqY/VPn2ZQ0yg/lt6qEvl7YjsLmyMICvjG+ncszHoq9pRvnF3vTnM18sPIioXLk8fskuM0XOCNBs0ARBAQjY9UGI==olUN
 
 # Configuration
-Makefile.am iQCVAwUAP7otvTEAnp832S/7AQJSRAQA22xFVzkSrsO7aoWxgJaJwDyHD6FC41au6+NGc1EpY/phUGtzmV/lvGuTz/VVe0hKP9UmUmIs8vVUf6UlrR26ePFwsk5ziForI4b8F18nIZQmt2TJNMIEN6N8rRPMmZCFEnWyT2z3+2kNrDUjanqY7mcKkT7ywB7qwwFeQ7egr3k==3zw5
+Makefile.am iQCVAwUAP+M6vTEAnp832S/7AQK6iAP/bupnOKllxgd4Wz/vpHE5cLtTrvZoioRFvtLKvFDtukwQccadeSUGdtJRJT6tm8E+60UTmyZZGJu/XeBM3jrN3YoNVB5kTL0EA4P3iBUiNm40QFIb7l0KaFMauFIWch68sWapflg0Mv7f+T8uFt3tdxWDrXe/xYLQzs2Udplo7Ow==F6NE
 $names$ iQCVAwUAP99DTTEAnp832S/7AQL3ugP/SvLX71fTqDrfpUqw+XXhEUWCYQ80U+CQBsZTsAsXvK/F1476dHkJIDco64ZXv/cWwL4AmUYHhXC3uFXhQmFW8qyCXOYr5s3THgjzld1gqzRoVSwa5d8ZEhHXgIY8cnz3G3kwUksXGZioMER7LCWVudyLMNOLW9yOc2sBZqrvGn0==wlNe
diff --git a/cipher/cipher.c b/cipher/cipher.c
index 0c8db784..2c290814 100644
--- a/cipher/cipher.c
+++ b/cipher/cipher.c
@@ -100,6 +100,7 @@ static int default_ciphers_registered;
 struct gcry_cipher_handle
 {
   int magic;
+  size_t actual_handle_size;     /* Allocated size of this handle. */
   gcry_cipher_spec_t *cipher;
   gcry_module_t module;
   int mode;
@@ -609,9 +610,9 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
 
   if (! err)
     {
-      size_t size = sizeof (*h)
-	+ 2 * cipher->contextsize
-	- sizeof (PROPERLY_ALIGNED_TYPE);
+      size_t size = (sizeof (*h)
+                     + 2 * cipher->contextsize
+                     - sizeof (PROPERLY_ALIGNED_TYPE));
 
       if (secure)
 	h = gcry_calloc_secure (1, size);
@@ -623,6 +624,7 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
       else
 	{
 	  h->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL;
+          h->actual_handle_size = size;
 	  h->cipher = cipher;
 	  h->module = module;
 	  h->mode = mode;
@@ -669,6 +671,14 @@ gcry_cipher_close (gcry_cipher_hd_t h)
   _gcry_module_release (h->module);
   ath_mutex_unlock (&ciphers_registered_lock);
 
+  /* We always want to wipe out the memory even when the context has
+     been allocated in secure memory.  The user might have disabled
+     secure memory or is using his own implementation which does not
+     do the wiping.  To accomplish this we need to keep track of the
+     actual size of this structure because we have now way to known
+     how large the allocated are was when using a standard malloc. */
+  wipememory (h, h->actual_handle_size);
+
   gcry_free (h);
 }
 
diff --git a/cipher/md.c b/cipher/md.c
index db666432..06b46e6e 100644
--- a/cipher/md.c
+++ b/cipher/md.c
@@ -77,6 +77,32 @@ static ath_mutex_t digests_registered_lock = ATH_MUTEX_INITIALIZER;
    registered.  */
 static int default_digests_registered;
 
+typedef struct gcry_md_list
+{
+  gcry_md_spec_t *digest;
+  gcry_module_t module;
+  struct gcry_md_list *next;
+  size_t actual_struct_size;     /* Allocated size of this structure. */
+  PROPERLY_ALIGNED_TYPE context;
+} GcryDigestEntry;
+
+/* this structure is put right after the gcry_md_hd_t buffer, so that
+ * only one memory block is needed. */
+struct gcry_md_context
+{
+  int  magic;
+  size_t actual_handle_size;     /* Allocated size of this handle. */
+  int  secure;
+  FILE  *debug;
+  int finalized;
+  GcryDigestEntry *list;
+  byte *macpads;
+};
+
+
+#define CTX_MAGIC_NORMAL 0x11071961
+#define CTX_MAGIC_SECURE 0x16917011
+
 /* Convenient macro for registering the default digests.  */
 #define REGISTER_DEFAULT_DIGESTS                   \
   do                                               \
@@ -91,6 +117,26 @@ static int default_digests_registered;
     }                                              \
   while (0)
 
+
+static const char * digest_algo_to_string( int algo );
+static gcry_err_code_t check_digest_algo (int algo);
+static gcry_err_code_t md_open (gcry_md_hd_t *h, int algo,
+                                int secure, int hmac);
+static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo);
+static gcry_err_code_t md_copy (gcry_md_hd_t a, gcry_md_hd_t *b);
+static void md_close (gcry_md_hd_t a);
+static void md_write (gcry_md_hd_t a, byte *inbuf, size_t inlen);
+static void md_final(gcry_md_hd_t a);
+static byte *md_read( gcry_md_hd_t a, int algo );
+static int md_get_algo( gcry_md_hd_t a );
+static int md_digest_length( int algo );
+static const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen );
+static void md_start_debug( gcry_md_hd_t a, char *suffix );
+static void md_stop_debug( gcry_md_hd_t a );
+
+
+
+
 /* Internal function.  Register all the ciphers included in
    CIPHER_TABLE.  Returns zero on success or an error code.  */
 static void
@@ -197,43 +243,6 @@ gcry_md_unregister (gcry_module_t module)
   ath_mutex_unlock (&digests_registered_lock);
 }
 
-typedef struct gcry_md_list
-{
-  gcry_md_spec_t *digest;
-  gcry_module_t module;
-  struct gcry_md_list *next;
-  PROPERLY_ALIGNED_TYPE context;
-} GcryDigestEntry;
-
-/* this structure is put right after the gcry_md_hd_t buffer, so that
- * only one memory block is needed. */
-struct gcry_md_context
-{
-  int  magic;
-  int  secure;
-  FILE  *debug;
-  int finalized;
-  GcryDigestEntry *list;
-  byte *macpads;
-};
-
-#define CTX_MAGIC_NORMAL 0x11071961
-#define CTX_MAGIC_SECURE 0x16917011
-
-static const char * digest_algo_to_string( int algo );
-static gcry_err_code_t check_digest_algo (int algo);
-static gcry_err_code_t md_open (gcry_md_hd_t *h, int algo, int secure, int hmac);
-static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo);
-static gcry_err_code_t md_copy (gcry_md_hd_t a, gcry_md_hd_t *b);
-static void md_close (gcry_md_hd_t a);
-static void md_write (gcry_md_hd_t a, byte *inbuf, size_t inlen);
-static void md_final(gcry_md_hd_t a);
-static byte *md_read( gcry_md_hd_t a, int algo );
-static int md_get_algo( gcry_md_hd_t a );
-static int md_digest_length( int algo );
-static const byte *md_asn_oid( int algo, size_t *asnlen, size_t *mdlen );
-static void md_start_debug( gcry_md_hd_t a, char *suffix );
-static void md_stop_debug( gcry_md_hd_t a );
 
 static int 
 search_oid (const char *oid, int *algorithm, gcry_md_oid_spec_t *oid_spec)
@@ -387,7 +396,7 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac)
    *	  !			      ^
    *	  !---------------------------!
    *
-   * We have to make sture that private is well aligned.
+   * We have to make sure that private is well aligned.
    */
   n = sizeof (struct gcry_md_handle) + bufsize;
   n = ((n + sizeof (PROPERLY_ALIGNED_TYPE) - 1)
@@ -412,6 +421,7 @@ md_open (gcry_md_hd_t *h, int algo, int secure, int hmac)
       /* Initialize the private data. */
       memset (hd->ctx, 0, sizeof *hd->ctx);
       ctx->magic = secure ? CTX_MAGIC_SECURE : CTX_MAGIC_NORMAL;
+      ctx->actual_handle_size = n + sizeof (struct gcry_md_context);
       ctx->secure = secure;
 
       if (hmac)
@@ -514,6 +524,7 @@ md_enable (gcry_md_hd_t hd, int algorithm)
 	  entry->digest = digest;
 	  entry->module = module;
 	  entry->next = h->list;
+          entry->actual_struct_size = size;
 	  h->list = entry;
 
 	  /* And init this instance. */
@@ -665,9 +676,17 @@ md_close (gcry_md_hd_t a)
       ath_mutex_lock (&digests_registered_lock);
       _gcry_module_release (r->module);
       ath_mutex_unlock (&digests_registered_lock);
+      wipememory (r, r->actual_struct_size);
       gcry_free (r);
     }
-  gcry_free(a->ctx->macpads);
+
+  if (a->ctx->macpads)
+    {
+      wipememory (a->ctx->macpads, 128);
+      gcry_free(a->ctx->macpads);
+    }
+
+  wipememory (a, a->ctx->actual_handle_size);
   gcry_free(a);
 }