Archives/openpgp-card-app
2
0
Fork 0
mirror of https://github.com/LedgerHQ/openpgp-card-app synced 2024-11-09 07:10:30 +00:00
Code Issues Projects Releases Wiki Activity

Replace memset by explicit_bzero

Browse Source
This commit is contained in:
Charles-Edouard de la Vergne 2024-03-13 12:08:46 +01:00
parent f3070bb886
commit 710de03cad
No known key found for this signature in database
GPG Key ID: F12296941B7BB9C6
8 changed files with 29 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/gpg_challenge.c
View File

@ -43,7 +43,7 @@ int gpg_apdu_get_challenge() {
unsigned int path[2];
unsigned char chain[32] = {0};
memset(chain, 0, 32);
explicit_bzero(chain, 32);
path[0] = 0x80475047;
path[1] = 0x0F0F0F0F;
CX_CHECK(os_derive_bip32_no_throw(CX_CURVE_SECP256K1, path, 2, Sr, chain));

4
src/gpg_data.c
View File

@ -460,9 +460,9 @@ int gpg_apdu_put_data(unsigned int ref) {
p = G_gpg_vstate.work.io_buffer + G_gpg_vstate.io_offset;
q = p + len_p;
memmove(pq + ksz - len_p, p, len_p);
memset(pq, 0, ksz - len_p);
explicit_bzero(pq, ksz - len_p);
memmove(pq + 2 * ksz - len_q, q, len_q);
memset(pq + ksz, 0, ksz - len_q);
explicit_bzero(pq + ksz, ksz - len_q);
// regenerate RSA private key
unsigned char _e[4];

2
src/gpg_gen.c
View File

@ -27,7 +27,7 @@ int gpg_pso_derive_slot_seed(int slot, unsigned char *seed) {
unsigned char chain[32];
cx_err_t error = CX_INTERNAL_ERROR;
memset(chain, 0, 32);
explicit_bzero(chain, 32);
path[0] = 0x80475047;
path[1] = slot + 1;
CX_CHECK(os_derive_bip32_no_throw(CX_CURVE_SECP256K1, path, 2, seed, chain));

4
src/gpg_init.c
View File

@ -345,12 +345,12 @@ const unsigned char C_sha256_PW2[] = {
/* ----------------------------------------------------------------------- */
void gpg_init() {
memset(&G_gpg_vstate, 0, sizeof(gpg_v_state_t));
explicit_bzero(&G_gpg_vstate, sizeof(gpg_v_state_t));
// first init ?
if (memcmp((void *) (N_gpg_pstate->magic), (void *) C_MAGIC, sizeof(C_MAGIC)) != 0) {
gpg_install(STATE_ACTIVATE);
nvm_write((void *) (N_gpg_pstate->magic), (void *) C_MAGIC, sizeof(C_MAGIC));
memset(&G_gpg_vstate, 0, sizeof(gpg_v_state_t));
explicit_bzero(&G_gpg_vstate, sizeof(gpg_v_state_t));
}
// key conf

2
src/gpg_io.c
View File

@ -64,7 +64,7 @@ void gpg_io_discard(int clear) {
}
void gpg_io_clear() {
memset(G_gpg_vstate.work.io_buffer, 0, GPG_IO_BUFFER_LENGTH);
explicit_bzero(G_gpg_vstate.work.io_buffer, GPG_IO_BUFFER_LENGTH);
}
/* ----------------------------------------------------------------------- */

14
src/gpg_ux_nanos.c
View File

@ -40,13 +40,13 @@ unsigned int ui_pinentry_action_button(unsigned int button_mask, unsigned int bu
/* ------------------------------- Helpers UX ------------------------------- */
void ui_info(const char *msg1, const char *msg2, const void *menu_display, unsigned int value) {
memset(&G_gpg_vstate.ui_dogsays[0], 0, sizeof(ux_menu_entry_t));
explicit_bzero(&G_gpg_vstate.ui_dogsays[0], sizeof(ux_menu_entry_t));
G_gpg_vstate.ui_dogsays[0].callback = menu_display;
G_gpg_vstate.ui_dogsays[0].userid = value;
G_gpg_vstate.ui_dogsays[0].line1 = msg1;
G_gpg_vstate.ui_dogsays[0].line2 = msg2;
memset(&G_gpg_vstate.ui_dogsays[1], 0, sizeof(ux_menu_entry_t));
explicit_bzero(&G_gpg_vstate.ui_dogsays[1], sizeof(ux_menu_entry_t));
UX_MENU_DISPLAY(0, G_gpg_vstate.ui_dogsays, NULL);
};
@ -101,7 +101,7 @@ void ui_menu_uifconfirm_display(unsigned int value) {
}
unsigned int ui_uifconfirm_predisplay(const bagl_element_t *element) {
memset(G_gpg_vstate.menu, 0, sizeof(G_gpg_vstate.menu));
explicit_bzero(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu));
switch (element->component.userid) {
case 1:
@ -370,7 +370,7 @@ unsigned int ui_pinentry_predisplay(const bagl_element_t *element) {
void ui_menu_pinentry_display(unsigned int value) {
if (value == 0) {
memset(G_gpg_vstate.ux_pinentry, 0, sizeof(G_gpg_vstate.ux_pinentry));
explicit_bzero(G_gpg_vstate.ux_pinentry, sizeof(G_gpg_vstate.ux_pinentry));
G_gpg_vstate.ux_pinLen = 0;
G_gpg_vstate.ux_pinentry[0] = 5;
}
@ -600,7 +600,7 @@ void ui_menu_tmpl_set_action(unsigned int value) {
const unsigned char *oid;
unsigned int oid_len;
memset(&attributes, 0, sizeof(attributes));
explicit_bzero(&attributes, sizeof(attributes));
switch (G_gpg_vstate.ux_type) {
case 2048:
case 3072:
@ -999,7 +999,7 @@ const ux_menu_entry_t ui_menu_main[] = {
const bagl_element_t *ui_menu_main_predisplay(const ux_menu_entry_t *entry,
bagl_element_t *element) {
if (entry == &ui_menu_main[0]) {
memset(G_gpg_vstate.menu, 0, sizeof(G_gpg_vstate.menu));
explicit_bzero(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu));
if (element->component.userid == 0x21) {
memmove(G_gpg_vstate.menu, (void *) (N_gpg_pstate->name.value), 12);
if (G_gpg_vstate.menu[0] == 0) {
@ -1014,7 +1014,7 @@ const bagl_element_t *ui_menu_main_predisplay(const ux_menu_entry_t *entry,
}
if (element->component.userid == 0x22) {
unsigned int serial = U4BE(G_gpg_vstate.kslot->serial, 0);
memset(G_gpg_vstate.menu, 0, sizeof(G_gpg_vstate.menu));
explicit_bzero(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu));
snprintf(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu), "ID: %x", serial);
}
if (G_gpg_vstate.menu[0] != 0) {

8
src/gpg_ux_nanox.c
View File

@ -303,7 +303,7 @@ unsigned int ui_pinentry_predisplay(const bagl_element_t *element) {
void ui_menu_pinentry_display(unsigned int value) {
if (value == 0) {
memset(G_gpg_vstate.ux_pinentry, 0, sizeof(G_gpg_vstate.ux_pinentry));
explicit_bzero(G_gpg_vstate.ux_pinentry, sizeof(G_gpg_vstate.ux_pinentry));
G_gpg_vstate.ux_pinLen = 0;
G_gpg_vstate.ux_pinentry[0] = 5;
}
@ -595,7 +595,7 @@ void ui_menu_tmpl_set_action(unsigned int value) {
const unsigned char *oid = NULL;
unsigned int oid_len;
memset(&attributes, 0, sizeof(attributes));
explicit_bzero(&attributes, sizeof(attributes));
switch (G_gpg_vstate.ux_type) {
case 2048:
case 3072:
@ -1205,7 +1205,7 @@ UX_FLOW(ux_flow_main,
&ux_menu_main_5_step);
void ui_menu_main_predisplay() {
memset(G_gpg_vstate.ux_buff1, 0, sizeof(G_gpg_vstate.ux_buff1));
explicit_bzero(G_gpg_vstate.ux_buff1, sizeof(G_gpg_vstate.ux_buff1));
memmove(G_gpg_vstate.ux_buff1, (void *) (N_gpg_pstate->name.value), 20);
if (G_gpg_vstate.ux_buff1[0] == 0) {
memmove(G_gpg_vstate.ux_buff1, "<No Name>", 9);
@ -1218,7 +1218,7 @@ void ui_menu_main_predisplay() {
}
unsigned int serial = U4BE(G_gpg_vstate.kslot->serial, 0);
memset(G_gpg_vstate.ux_buff2, 0, sizeof(G_gpg_vstate.ux_buff2));
explicit_bzero(G_gpg_vstate.ux_buff2, sizeof(G_gpg_vstate.ux_buff2));
snprintf(G_gpg_vstate.ux_buff2,
sizeof(G_gpg_vstate.ux_buff2),
"ID: %x / %d",

22
src/gpg_ux_nbgl.c
View File

@ -67,7 +67,7 @@ static void ui_setting_header(const char* title,
layoutDescription.modal = false;
layoutCtx = nbgl_layoutGet(&layoutDescription);
memset(&bar, 0, sizeof(nbgl_layoutBar_t));
explicit_bzero(&bar, sizeof(nbgl_layoutBar_t));
bar.text = PIC(title);
bar.iconLeft = &C_leftArrow32px;
bar.token = back_token;
@ -92,7 +92,7 @@ void ui_init(void) {
char name[32];
unsigned int serial = U4BE(G_gpg_vstate.kslot->serial, 0);
memset(name, 0, sizeof(name));
explicit_bzero(name, sizeof(name));
memmove(name, (void*) (N_gpg_pstate->name.value), 20);
if (name[0] != 0) {
for (int i = 0; i < 12; i++) {
@ -101,7 +101,7 @@ void ui_init(void) {
}
}
}
memset(G_gpg_vstate.menu, 0, sizeof(G_gpg_vstate.menu));
explicit_bzero(G_gpg_vstate.menu, sizeof(G_gpg_vstate.menu));
snprintf(G_gpg_vstate.menu,
sizeof(G_gpg_vstate.menu),
"%s\nID: %x / %d",
@ -286,7 +286,7 @@ static void template_key_cb(int token, uint8_t index) {
uint8_t key_type = index + FIRST_USER_TOKEN;
if (token != TOKEN_TYPE_BACK) {
memset(&attributes, 0, sizeof(attributes));
explicit_bzero(&attributes, sizeof(attributes));
switch (key_type) {
case TOKEN_TYPE_RSA2048:
case TOKEN_TYPE_RSA3072:
@ -396,7 +396,7 @@ static void ui_settings_template(void) {
ui_setting_header("Keys templates", TOKEN_TEMPLATE_BACK, template_cb);
for (i = 0; i < KEY_NB; i++) {
memset(&bar, 0, sizeof(nbgl_layoutBar_t));
explicit_bzero(&bar, sizeof(nbgl_layoutBar_t));
switch (_getKeyType(TOKEN_TEMPLATE_SIG + i)) {
case TOKEN_TYPE_RSA2048:
bar.subText = PIC(LABEL_RSA2048);
@ -637,7 +637,7 @@ static void ui_settings_uif(void) {
ui_setting_header("User Interaction Flags", TOKEN_UIF_BACK, uif_cb);
if (G_gpg_vstate.kslot->sig.UIF[0] != 2) {
memset(&option, 0, sizeof(nbgl_layoutSwitch_t));
explicit_bzero(&option, sizeof(nbgl_layoutSwitch_t));
option.initState = G_gpg_vstate.kslot->sig.UIF[0];
option.text = "UIF for Signature";
option.token = TOKEN_UIF_SIG;
@ -647,7 +647,7 @@ static void ui_settings_uif(void) {
}
if (G_gpg_vstate.kslot->dec.UIF[0] != 2) {
memset(&option, 0, sizeof(nbgl_layoutSwitch_t));
explicit_bzero(&option, sizeof(nbgl_layoutSwitch_t));
option.initState = G_gpg_vstate.kslot->dec.UIF[0];
option.text = "UIF for Decryption";
option.token = TOKEN_UIF_DEC;
@ -657,7 +657,7 @@ static void ui_settings_uif(void) {
}
if (G_gpg_vstate.kslot->aut.UIF[0] != 2) {
memset(&option, 0, sizeof(nbgl_layoutSwitch_t));
explicit_bzero(&option, sizeof(nbgl_layoutSwitch_t));
option.initState = G_gpg_vstate.kslot->aut.UIF[0];
option.text = "UIF for Authentication";
option.token = TOKEN_UIF_AUT;
@ -690,7 +690,7 @@ enum {
static bool reset_nav_cb(uint8_t page, nbgl_pageContent_t* content) {
UNUSED(page);
memset(content, 0, sizeof(nbgl_pageContent_t));
explicit_bzero(content, sizeof(nbgl_pageContent_t));
content->type = INFO_LONG_PRESS;
content->infoLongPress.text =
"Reset the app to factory default?\nThis will delete ALL the keys!!!";
@ -745,7 +745,7 @@ static bool settings_nav_cb(uint8_t page, nbgl_pageContent_t* content) {
TOKEN_SETTINGS_PIN,
TOKEN_SETTINGS_UIF,
TOKEN_SETTINGS_RESET};
memset(content, 0, sizeof(nbgl_pageContent_t));
explicit_bzero(content, sizeof(nbgl_pageContent_t));
switch (page) {
case SETTINGS_PAGE_INFO:
content->type = INFOS_LIST;
@ -940,7 +940,7 @@ void ui_menu_pinentry_display(unsigned int value) {
char line[10];
// Init the page title
memset(G_gpg_vstate.line, 0, sizeof(G_gpg_vstate.line));
explicit_bzero(G_gpg_vstate.line, sizeof(G_gpg_vstate.line));
if (G_gpg_vstate.io_ins == INS_CHANGE_REFERENCE_DATA) {
switch (value) {
case 0: