Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
*** 19,28 ****
--- 19,29 ----
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright 2018, Joyent, Inc.
*/
#include <fcntl.h>
#include <strings.h>
#include <sys/stat.h>
*** 923,934 ****
}
if (new_tmpl_allocated)
free(new_tmpl);
! if (export_keys != NULL)
! free(export_keys);
return (rv);
out_err:
if (kmo->hClientMacSecret != CK_INVALID_HANDLE) {
--- 924,934 ----
}
if (new_tmpl_allocated)
free(new_tmpl);
! freezero(export_keys, 2 * MD5_HASH_SIZE);
return (rv);
out_err:
if (kmo->hClientMacSecret != CK_INVALID_HANDLE) {
*** 953,964 ****
}
if (new_tmpl_allocated)
free(new_tmpl);
! if (export_keys != NULL)
! free(export_keys);
return (rv);
}
/*
--- 953,963 ----
}
if (new_tmpl_allocated)
free(new_tmpl);
! freezero(export_keys, 2 * MD5_HASH_SIZE);
return (rv);
}
/*