Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 19,28 ****
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <stdio.h>
#include <stdlib.h>
#include <strings.h>
*** 75,86 ****
/*
* Free the storage allocated to a secret key object.
*/
if (objp->class == CKO_SECRET_KEY) {
if (OBJ_SEC(objp) != NULL && OBJ_SEC_VALUE(objp) != NULL) {
! bzero(OBJ_SEC_VALUE(objp), OBJ_SEC_VALUE_LEN(objp));
! free(OBJ_SEC_VALUE(objp));
OBJ_SEC_VALUE(objp) = NULL;
OBJ_SEC_VALUE_LEN(objp) = 0;
}
free(OBJ_SEC(objp));
OBJ_SEC(objp) = NULL;
--- 76,86 ----
/*
* Free the storage allocated to a secret key object.
*/
if (objp->class == CKO_SECRET_KEY) {
if (OBJ_SEC(objp) != NULL && OBJ_SEC_VALUE(objp) != NULL) {
! freezero(OBJ_SEC_VALUE(objp), OBJ_SEC_VALUE_LEN(objp));
OBJ_SEC_VALUE(objp) = NULL;
OBJ_SEC_VALUE_LEN(objp) = 0;
}
free(OBJ_SEC(objp));
OBJ_SEC(objp) = NULL;