diff options
| author | Florent Daigniere <nextgens@freenetproject.org> | 2014-06-27 09:58:10 (GMT) |
|---|---|---|
| committer | Jouni Malinen <j@w1.fi> | 2014-07-24 16:28:39 (GMT) |
| commit | 3248071dc3165719a087b401f12fef732b0c4e64 (patch) | |
| tree | 91551b58654cff3af642ac821e01e362bcd52db6 /src/eap_peer/eap_pwd.c | |
| parent | a5257a7a27102babec81b31b07941ec60b41af72 (diff) | |
| download | hostap-3248071dc3165719a087b401f12fef732b0c4e64.zip hostap-3248071dc3165719a087b401f12fef732b0c4e64.tar.gz hostap-3248071dc3165719a087b401f12fef732b0c4e64.tar.bz2 | |
OpenSSL: Use BN_clear_free instead of BN_free
This changes OpenSSL calls to explicitly clear the bignum memory
allocations when freeing them. This adds an extra layer of security by
avoiding leaving potentially private keys into local memory after they
are not needed anymore. While some of these variables are not really
private (e.g., they are sent in clear anyway), the extra cost of
clearing them is not significant and it is simpler to just clear these
explicitly rather than review each possible code path to confirm where
this does not help.
Signed-off-by: Florent Daigniere <nextgens@freenetproject.org>
Diffstat (limited to 'src/eap_peer/eap_pwd.c')
| -rw-r--r-- | src/eap_peer/eap_pwd.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c index bdcca0b..b9eae37 100644 --- a/src/eap_peer/eap_pwd.c +++ b/src/eap_peer/eap_pwd.c @@ -148,10 +148,10 @@ static void eap_pwd_deinit(struct eap_sm *sm, void *priv) { struct eap_pwd_data *data = priv; - BN_free(data->private_value); - BN_free(data->server_scalar); - BN_free(data->my_scalar); - BN_free(data->k); + BN_clear_free(data->private_value); + BN_clear_free(data->server_scalar); + BN_clear_free(data->my_scalar); + BN_clear_free(data->k); BN_CTX_free(data->bnctx); EC_POINT_free(data->my_element); EC_POINT_free(data->server_element); @@ -161,8 +161,8 @@ static void eap_pwd_deinit(struct eap_sm *sm, void *priv) if (data->grp) { EC_GROUP_free(data->grp->group); EC_POINT_free(data->grp->pwe); - BN_free(data->grp->order); - BN_free(data->grp->prime); + BN_clear_free(data->grp->order); + BN_clear_free(data->grp->prime); os_free(data->grp); } wpabuf_free(data->inbuf); @@ -336,7 +336,7 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, wpa_printf(MSG_INFO, "EAP-PWD (peer): element inversion fail"); goto fin; } - BN_free(mask); + BN_clear_free(mask); if (((x = BN_new()) == NULL) || ((y = BN_new()) == NULL)) { @@ -471,9 +471,9 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, fin: os_free(scalar); os_free(element); - BN_free(x); - BN_free(y); - BN_free(cofactor); + BN_clear_free(x); + BN_clear_free(y); + BN_clear_free(cofactor); EC_POINT_free(K); EC_POINT_free(point); if (data->outbuf == NULL) @@ -681,8 +681,8 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, fin: os_free(cruft); - BN_free(x); - BN_free(y); + BN_clear_free(x); + BN_clear_free(y); if (data->outbuf == NULL) { ret->methodState = METHOD_DONE; ret->decision = DECISION_FAIL; |