From 28d36d52074e180afb850158e110dd28ababcea1 Mon Sep 17 00:00:00 2001 From: Frank Denis Date: Thu, 8 May 2014 15:11:54 -0700 Subject: [PATCH] Add memory locking to crypto_box_easy --- src/libsodium/crypto_box/crypto_box_easy.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/libsodium/crypto_box/crypto_box_easy.c b/src/libsodium/crypto_box/crypto_box_easy.c index d39bbbba..c03c8ebf 100644 --- a/src/libsodium/crypto_box/crypto_box_easy.c +++ b/src/libsodium/crypto_box/crypto_box_easy.c @@ -34,9 +34,10 @@ crypto_box_easy(unsigned char *c, const unsigned char *m, return -1; } memset(m_boxed, 0, crypto_box_ZEROBYTES); + sodium_mlock(m_boxed, m_boxed_len); memcpy(m_boxed + crypto_box_ZEROBYTES, m, mlen); rc = crypto_box(c_boxed, m_boxed, m_boxed_len, n, pk, sk); - sodium_memzero(m_boxed, m_boxed_len); + sodium_munlock(m_boxed, m_boxed_len); free(m_boxed); if (rc != 0) { free(c_boxed); @@ -76,14 +77,17 @@ crypto_box_open_easy(unsigned char *m, const unsigned char *c, free(c_boxed); return -1; } + sodium_mlock(m_boxed, m_boxed_len); rc = crypto_box_open(m_boxed, c_boxed, (unsigned long long) c_boxed_len, n, pk, sk); free(c_boxed); if (rc != 0) { + sodium_munlock(m_boxed, m_boxed_len); free(m_boxed); return -1; } memcpy(m, m_boxed + crypto_box_ZEROBYTES, clen - crypto_box_MACBYTES); + sodium_munlock(m_boxed, m_boxed_len); free(m_boxed); return 0;