Print this page 
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
@@ -19,10 +19,11 @@
  * CDDL HEADER END
  */
 /*
  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
+ * Copyright (c) 2018, Joyent, Inc.
  */
 
 #include <pthread.h>
 #include <stdlib.h>
 #include <string.h>

@@ -820,30 +821,15 @@
          * The final output of this process is the A buffer
          */
         (void) memcpy(keybuf, A, keysize);
 
 cleanup:
-        if (A) {
-                bzero(A, Alen);
-                free(A);
-        }
-        if (Ai) {
-                bzero(Ai, AiLen);
-                free(Ai);
-        }
-        if (B) {
-                bzero(B, Blen);
-                free(B);
-        }
-        if (D) {
-                bzero(D, Dlen);
-                free(D);
-        }
-        if (I) {
-                bzero(I, Ilen);
-                free(I);
-        }
+        freezero(A, Alen);
+        freezero(Ai, AiLen);
+        freezero(B, Blen);
+        freezero(D, Dlen);
+        freezero(I, Ilen);
         return (rv);
 }
 
 CK_RV
 soft_derivekey(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,

@@ -1398,11 +1384,11 @@
                     ((i + 1) == blocks ? remainder : hLen));
 
                 keydata += hLen;
         }
         (void) soft_delete_object(session_p, hmac_key, B_FALSE, B_FALSE);
-        free(salt);
+        freezero(salt, params->ulSaltSourceDataLen);
 
         return (rv);
 }
 
 CK_RV

@@ -1533,18 +1519,16 @@
             pWrappedKey, pulWrappedKeyLen);
 
 cleanup_wrap:
         if (padded_data != NULL && padded_len != plain_len) {
                 /* Clear buffer before returning to memory pool. */
-                (void) memset(padded_data, 0x0, padded_len);
-                free(padded_data);
+                freezero(padded_data, padded_len);
         }
 
         if ((hkey_p->class != CKO_SECRET_KEY) && (plain_data != NULL)) {
                 /* Clear buffer before returning to memory pool. */
-                (void) memset(plain_data, 0x0, plain_len);
-                free(plain_data);
+                freezero(plain_data, plain_len);
         }
 
         return (rv);
 }
 

@@ -1820,12 +1804,11 @@
                         goto cleanup_unwrap;
         }
 
         if (new_objp->class != CKO_SECRET_KEY) {
                 /* Clear buffer before returning to memory pool. */
-                (void) memset(plain_data, 0x0, plain_len);
-                free(plain_data);
+                freezero(plain_data, plain_len);
         }
 
         *phKey = (CK_OBJECT_HANDLE)new_objp;
 
         return (CKR_OK);

@@ -1832,12 +1815,11 @@
 
 cleanup_unwrap:
         /* The decrypted private key buffer must be freed explicitly. */
         if ((new_objp->class != CKO_SECRET_KEY) && (plain_data != NULL)) {
                 /* Clear buffer before returning to memory pool. */
-                (void) memset(plain_data, 0x0, plain_len);
-                free(plain_data);
+                freezero(plain_data, plain_len);
         }
 
         /* sck and new_objp are indirectly free()d inside these functions */
         if (IS_TOKEN_OBJECT(new_objp))
                 soft_delete_token_object(new_objp, persistent, B_FALSE);