Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 19,28 ****
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <strings.h>
#include <md5.h>
#include <pthread.h>
*** 300,310 ****
break;
}
/* Paranoia on behalf of C_DigestKey callers: bzero the context */
if (session_p->digest.flags & CRYPTO_KEY_DIGESTED) {
! bzero(session_p->digest.context, len);
session_p->digest.flags &= ~CRYPTO_KEY_DIGESTED;
}
*pulDigestLen = digestLen;
(void) pthread_mutex_lock(&session_p->session_mutex);
free(session_p->digest.context);
--- 301,311 ----
break;
}
/* Paranoia on behalf of C_DigestKey callers: bzero the context */
if (session_p->digest.flags & CRYPTO_KEY_DIGESTED) {
! explicit_bzero(session_p->digest.context, len);
session_p->digest.flags &= ~CRYPTO_KEY_DIGESTED;
}
*pulDigestLen = digestLen;
(void) pthread_mutex_lock(&session_p->session_mutex);
free(session_p->digest.context);