Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>

*** 19,28 **** --- 19,29 ---- * CDDL HEADER END */ /* * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * Copyright (c) 2018, Joyent, Inc. */ #include <stdio.h> #include <stdlib.h> #include <strings.h>
*** 75,86 **** /* * Free the storage allocated to a secret key object. */ if (objp->class == CKO_SECRET_KEY) { if (OBJ_SEC(objp) != NULL && OBJ_SEC_VALUE(objp) != NULL) { ! bzero(OBJ_SEC_VALUE(objp), OBJ_SEC_VALUE_LEN(objp)); ! free(OBJ_SEC_VALUE(objp)); OBJ_SEC_VALUE(objp) = NULL; OBJ_SEC_VALUE_LEN(objp) = 0; } free(OBJ_SEC(objp)); OBJ_SEC(objp) = NULL; --- 76,86 ---- /* * Free the storage allocated to a secret key object. */ if (objp->class == CKO_SECRET_KEY) { if (OBJ_SEC(objp) != NULL && OBJ_SEC_VALUE(objp) != NULL) { ! freezero(OBJ_SEC_VALUE(objp), OBJ_SEC_VALUE_LEN(objp)); OBJ_SEC_VALUE(objp) = NULL; OBJ_SEC_VALUE_LEN(objp) = 0; } free(OBJ_SEC(objp)); OBJ_SEC(objp) = NULL;