From 0c667cbdebcd34dfa556b6b8d786b0677f09f5a5 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 3 Aug 2001 10:57:34 +0000
Subject: Applied changes from GnuPG stable. Add a first tes program

---
 cipher/des.c | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

(limited to 'cipher/des.c')

diff --git a/cipher/des.c b/cipher/des.c
index f421f395..7d089c58 100644
--- a/cipher/des.c
+++ b/cipher/des.c
@@ -1,5 +1,5 @@
 /* des.c - DES and Triple-DES encryption/decryption Algorithm
- *	Copyright (C) 1998, 1999 Free Software Foundation, Inc.
+ *	Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.
  *
  * Please see below for more legal information!
  *
@@ -136,6 +136,17 @@ working_memcmp( const char *a, const char *b, size_t n )
 }
 #endif
 
+static void
+burn_stack (int bytes)
+{
+    char buf[64];
+    
+    memset (buf, 0, sizeof buf);
+    bytes -= sizeof buf;
+    if (bytes > 0)
+        burn_stack (bytes);
+}
+
 
 
 /* Some defines/checks to support standalone modules */
@@ -561,6 +572,7 @@ des_setkey (struct _des_ctx *ctx, const byte * key)
     return GCRYERR_SELFTEST;
 
   des_key_schedule (key, ctx->encrypt_subkeys);
+  burn_stack (32);
 
   for(i=0; i<32; i+=2)
     {
@@ -619,6 +631,7 @@ tripledes_set2keys (struct _tripledes_ctx *ctx,
 
   des_key_schedule (key1, ctx->encrypt_subkeys);
   des_key_schedule (key2, &(ctx->decrypt_subkeys[32]));
+  burn_stack (32);
 
   for(i=0; i<32; i+=2)
     {
@@ -656,6 +669,7 @@ tripledes_set3keys (struct _tripledes_ctx *ctx,
   des_key_schedule (key1, ctx->encrypt_subkeys);
   des_key_schedule (key2, &(ctx->decrypt_subkeys[32]));
   des_key_schedule (key3, &(ctx->encrypt_subkeys[64]));
+  burn_stack (32);
 
   for(i=0; i<32; i+=2)
     {
@@ -950,8 +964,11 @@ do_tripledes_setkey ( struct _tripledes_ctx *ctx, byte *key, unsigned keylen )
 
     tripledes_set3keys ( ctx, key, key+8, key+16);
 
-    if( is_weak_key( key ) || is_weak_key( key+8 ) || is_weak_key( key+16 ) )
+    if( is_weak_key( key ) || is_weak_key( key+8 ) || is_weak_key( key+16 ) ) {
+        burn_stack (64);
 	return GCRYERR_WEAK_KEY;
+    }
+    burn_stack (64);
 
     return 0;
 }
@@ -961,12 +978,14 @@ static void
 do_tripledes_encrypt( struct _tripledes_ctx *ctx, byte *outbuf, byte *inbuf )
 {
     tripledes_ecb_encrypt ( ctx, inbuf, outbuf );
+    burn_stack (32);
 }
 
 static void
 do_tripledes_decrypt( struct _tripledes_ctx *ctx, byte *outbuf, byte *inbuf )
 {
     tripledes_ecb_decrypt ( ctx, inbuf, outbuf );
+    burn_stack (32);
 }
 
 
-- 
cgit v1.2.1