aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
diff options
context:
space:
mode:
Diffstat (limited to 'src/libstrongswan')
-rw-r--r--src/libstrongswan/plugins/aes/aes_crypter.c1
-rw-r--r--src/libstrongswan/plugins/blowfish/blowfish_crypter.c1
-rw-r--r--src/libstrongswan/plugins/des/des_crypter.c1
-rw-r--r--src/libstrongswan/plugins/hmac/hmac.c4
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_crypter.c2
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c2
-rw-r--r--src/libstrongswan/plugins/padlock/padlock_aes_crypter.c4
-rw-r--r--src/libstrongswan/plugins/xcbc/xcbc.c4
8 files changed, 14 insertions, 5 deletions
diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c
index f13e33492..2a1fed944 100644
--- a/src/libstrongswan/plugins/aes/aes_crypter.c
+++ b/src/libstrongswan/plugins/aes/aes_crypter.c
@@ -1518,6 +1518,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_aes_crypter_t *this)
{
+ memwipe(this, sizeof(*this));
free(this);
}
diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
index 784c07eaf..fc3649b36 100644
--- a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
+++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c
@@ -160,6 +160,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_blowfish_crypter_t *this)
{
+ memwipe(this, sizeof(*this));
free(this);
}
diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c
index 7d9fbe852..695e7e4c4 100644
--- a/src/libstrongswan/plugins/des/des_crypter.c
+++ b/src/libstrongswan/plugins/des/des_crypter.c
@@ -1552,6 +1552,7 @@ METHOD(crypter_t, set_key3, void,
METHOD(crypter_t, destroy, void,
private_des_crypter_t *this)
{
+ memwipe(this, sizeof(*this));
free(this);
}
diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c
index c7b2739df..397a1ea11 100644
--- a/src/libstrongswan/plugins/hmac/hmac.c
+++ b/src/libstrongswan/plugins/hmac/hmac.c
@@ -147,8 +147,8 @@ METHOD(hmac_t, destroy, void,
private_hmac_t *this)
{
this->h->destroy(this->h);
- free(this->opaded_key.ptr);
- free(this->ipaded_key.ptr);
+ chunk_clear(&this->opaded_key);
+ chunk_clear(&this->ipaded_key);
free(this);
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c
index 2ed07ff0c..1d322d43d 100644
--- a/src/libstrongswan/plugins/openssl/openssl_crypter.c
+++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c
@@ -152,7 +152,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_openssl_crypter_t *this)
{
- free(this->key.ptr);
+ clear_chunk(&this->key);
free(this);
}
diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
index 32fc2bccd..78ed2811a 100644
--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@@ -257,7 +257,7 @@ METHOD(diffie_hellman_t, destroy, void,
{
EC_POINT_clear_free(this->pub_key);
EC_KEY_free(this->key);
- chunk_free(&this->shared_secret);
+ chunk_clear(&this->shared_secret);
free(this);
}
diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c
index 06c20292f..119de86aa 100644
--- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c
+++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c
@@ -105,6 +105,8 @@ static void crypt(private_padlock_aes_crypter_t *this, char *iv,
*dst = chunk_alloc(src.len);
padlock_crypt(key_aligned, &cword, src.ptr, dst->ptr,
src.len / AES_BLOCK_SIZE, iv_aligned);
+
+ memwipe(key_aligned, sizeof(key_aligned));
}
METHOD(crypter_t, decrypt, void,
@@ -146,7 +148,7 @@ METHOD(crypter_t, set_key, void,
METHOD(crypter_t, destroy, void,
private_padlock_aes_crypter_t *this)
{
- free(this->key.ptr);
+ chunk_clear(&this->key);
free(this);
}
diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c
index be18d92b8..8ddde962c 100644
--- a/src/libstrongswan/plugins/xcbc/xcbc.c
+++ b/src/libstrongswan/plugins/xcbc/xcbc.c
@@ -236,13 +236,17 @@ METHOD(xcbc_t, set_key, void,
memset(k1.ptr, 0x01, this->b);
this->k1->encrypt(this->k1, k1, iv, NULL);
this->k1->set_key(this->k1, k1);
+
+ memwipe(k1.ptr, k1.len);
}
METHOD(xcbc_t, destroy, void,
private_xcbc_t *this)
{
this->k1->destroy(this->k1);
+ memwipe(this->k2, this->b);
free(this->k2);
+ memwipe(this->k3, this->b);
free(this->k3);
free(this->e);
free(this->remaining);
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 11:10:55 +0000