summaryrefslogtreecommitdiff
path: root/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c')
-rw-r--r--usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c40
1 files changed, 11 insertions, 29 deletions
diff --git a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
index a48ade7224..c476752942 100644
--- a/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
+++ b/usr/src/lib/pkcs11/pkcs11_softtoken/common/softKeysUtil.c
@@ -21,6 +21,7 @@
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <pthread.h>
@@ -822,26 +823,11 @@ digest_done:
(void) memcpy(keybuf, A, keysize);
cleanup:
- if (A) {
- bzero(A, Alen);
- free(A);
- }
- if (Ai) {
- bzero(Ai, AiLen);
- free(Ai);
- }
- if (B) {
- bzero(B, Blen);
- free(B);
- }
- if (D) {
- bzero(D, Dlen);
- free(D);
- }
- if (I) {
- bzero(I, Ilen);
- free(I);
- }
+ freezero(A, Alen);
+ freezero(Ai, AiLen);
+ freezero(B, Blen);
+ freezero(D, Dlen);
+ freezero(I, Ilen);
return (rv);
}
@@ -1400,7 +1386,7 @@ soft_generate_pkcs5_pbkdf2_key(soft_session_t *session_p,
keydata += hLen;
}
(void) soft_delete_object(session_p, hmac_key, B_FALSE, B_FALSE);
- free(salt);
+ freezero(salt, params->ulSaltSourceDataLen);
return (rv);
}
@@ -1535,14 +1521,12 @@ soft_wrapkey(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
cleanup_wrap:
if (padded_data != NULL && padded_len != plain_len) {
/* Clear buffer before returning to memory pool. */
- (void) memset(padded_data, 0x0, padded_len);
- free(padded_data);
+ freezero(padded_data, padded_len);
}
if ((hkey_p->class != CKO_SECRET_KEY) && (plain_data != NULL)) {
/* Clear buffer before returning to memory pool. */
- (void) memset(plain_data, 0x0, plain_len);
- free(plain_data);
+ freezero(plain_data, plain_len);
}
return (rv);
@@ -1822,8 +1806,7 @@ soft_unwrapkey(soft_session_t *session_p, CK_MECHANISM_PTR pMechanism,
if (new_objp->class != CKO_SECRET_KEY) {
/* Clear buffer before returning to memory pool. */
- (void) memset(plain_data, 0x0, plain_len);
- free(plain_data);
+ freezero(plain_data, plain_len);
}
*phKey = (CK_OBJECT_HANDLE)new_objp;
@@ -1834,8 +1817,7 @@ cleanup_unwrap:
/* The decrypted private key buffer must be freed explicitly. */
if ((new_objp->class != CKO_SECRET_KEY) && (plain_data != NULL)) {
/* Clear buffer before returning to memory pool. */
- (void) memset(plain_data, 0x0, plain_len);
- free(plain_data);
+ freezero(plain_data, plain_len);
}
/* sck and new_objp are indirectly free()d inside these functions */
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-23 16:04:05 +0000