Mailing List Archive

On Wed, May 28, 2008 at 11:21 AM, Michael Gorven <michael@gorven.za.net> wrote:
> I am using parts of libgcrypt in my implementation of LUKS support in GRUB2.
> Most of the ciphers have a number of calls to _gcry_burn_stack, but I can't
> figure out what exactly this does. It doesn't affect the operation of the
> ciphers (I currently have it commented out). What is the purpose of this
> function, and can I leave it out?

The source to this function can be seen at the end of [1].

What it's going is clearing some number of bytes from the stack.
Consider the following code:

void inner() {
char buffer[32];

fill_buffer_with_secret_key(buffer);
}

void outer() {
inner()
/* (1) */
}

Now, at point (1) the secret key is still in memory - on the stack.
_gcry_burn_stack will zero that out.

[1] http://www.google.com/codesearch?hl=en&q=+_gcry_burn_stack+show:Fy9qBXkJCU8:yt2DAu8VuEs:bl3DScJ85K4&sa=N&cd=1&ct=rc&cs_p=ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/libgcrypt-1.1.44.tar.gz&cs_f=libgcrypt-1.1.44/src/misc.c


AGL

--
Adam Langley agl@imperialviolet.org http://www.imperialviolet.org

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

On Wednesday 28 May 2008 21:52:54 you wrote:
> Now, at point (1) the secret key is still in memory - on the stack.
> _gcry_burn_stack will zero that out.

That's what my guess was :-) I suppose I should get it working, but since the
master key for the partition is going to be sitting in memory anyway, it
probably isn't a serious vulnerability. Thanks for your reply.

Michael

--
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID D33AEB31