summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/ikev2_crypto.c
diff options
context:
space:
mode:
authorDave Barach <dave@barachs.net>2018-10-17 10:38:51 -0400
committerDamjan Marion <dmarion@me.com>2018-10-23 13:06:46 +0000
commitb7b929931a07fbb27b43d5cd105f366c3e29807e (patch)
tree438681c89738802dbb5d339715b96ea2c31bafb4 /src/vnet/ipsec/ikev2_crypto.c
parentb9a4c445c1d4e9cdab476a8e1fb8a46ff0fc6080 (diff)
c11 safe string handling support
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab Signed-off-by: Dave Barach <dave@barachs.net>
Diffstat (limited to 'src/vnet/ipsec/ikev2_crypto.c')
-rw-r--r--src/vnet/ipsec/ikev2_crypto.c16
1 files changed, 8 insertions, 8 deletions
diff --git a/src/vnet/ipsec/ikev2_crypto.c b/src/vnet/ipsec/ikev2_crypto.c
index d595570de44..037a3f5777e 100644
--- a/src/vnet/ipsec/ikev2_crypto.c
+++ b/src/vnet/ipsec/ikev2_crypto.c
@@ -539,10 +539,10 @@ ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
{
sa->i_dh_data = vec_new (u8, t->key_len);
x_off = len - BN_num_bytes (x);
- memset (sa->i_dh_data, 0, x_off);
+ clib_memset (sa->i_dh_data, 0, x_off);
BN_bn2bin (x, sa->i_dh_data + x_off);
y_off = t->key_len - BN_num_bytes (y);
- memset (sa->i_dh_data + len, 0, y_off - len);
+ clib_memset (sa->i_dh_data + len, 0, y_off - len);
BN_bn2bin (y, sa->i_dh_data + y_off);
const BIGNUM *prv = EC_KEY_get0_private_key (ec);
@@ -554,10 +554,10 @@ ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
{
sa->r_dh_data = vec_new (u8, t->key_len);
x_off = len - BN_num_bytes (x);
- memset (sa->r_dh_data, 0, x_off);
+ clib_memset (sa->r_dh_data, 0, x_off);
BN_bn2bin (x, sa->r_dh_data + x_off);
y_off = t->key_len - BN_num_bytes (y);
- memset (sa->r_dh_data + len, 0, y_off - len);
+ clib_memset (sa->r_dh_data + len, 0, y_off - len);
BN_bn2bin (y, sa->r_dh_data + y_off);
x = BN_bin2bn (sa->i_dh_data, len, x);
@@ -569,10 +569,10 @@ ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
bn_ctx);
x_off = len - BN_num_bytes (x);
- memset (sa->dh_shared_key, 0, x_off);
+ clib_memset (sa->dh_shared_key, 0, x_off);
BN_bn2bin (x, sa->dh_shared_key + x_off);
y_off = t->key_len - BN_num_bytes (y);
- memset (sa->dh_shared_key + len, 0, y_off - len);
+ clib_memset (sa->dh_shared_key + len, 0, y_off - len);
BN_bn2bin (y, sa->dh_shared_key + y_off);
}
@@ -658,10 +658,10 @@ ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
sa->dh_shared_key = vec_new (u8, t->key_len);
x_off = len - BN_num_bytes (x);
- memset (sa->dh_shared_key, 0, x_off);
+ clib_memset (sa->dh_shared_key, 0, x_off);
BN_bn2bin (x, sa->dh_shared_key + x_off);
y_off = t->key_len - BN_num_bytes (y);
- memset (sa->dh_shared_key + len, 0, y_off - len);
+ clib_memset (sa->dh_shared_key + len, 0, y_off - len);
BN_bn2bin (y, sa->dh_shared_key + y_off);
EC_KEY_free (ec);