diff options
author | Benoît Ganne <bganne@cisco.com> | 2020-10-20 14:12:20 +0200 |
---|---|---|
committer | Andrew Yourtchenko <ayourtch@gmail.com> | 2020-11-12 12:33:25 +0000 |
commit | 73a347660205b96693d50cbd754be8d838dd5ae6 (patch) | |
tree | cd22589afe823be9cb263284e6a558ecb2203aaf /src | |
parent | 07aeedd242da8d46ca74c1ad47d4876daa150c22 (diff) |
wireguard: reset secret data before freeing it
Type: fix
Change-Id: I880bdd55ae5da0b9775a3fb548d44512348a7bc6
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 2531d50101991011fb1c7755d48f11b41f092628)
Diffstat (limited to 'src')
-rwxr-xr-x | src/plugins/wireguard/wireguard_noise.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/plugins/wireguard/wireguard_noise.c b/src/plugins/wireguard/wireguard_noise.c index 00b67109de4..850be2c86c8 100755 --- a/src/plugins/wireguard/wireguard_noise.c +++ b/src/plugins/wireguard/wireguard_noise.c @@ -161,8 +161,8 @@ noise_create_initiation (vlib_main_t * vm, noise_remote_t * r, *s_idx = hs->hs_local_index; ret = true; error: - vnet_crypto_key_del (vm, key_idx); secure_zero_memory (key, NOISE_SYMMETRIC_KEY_LEN); + vnet_crypto_key_del (vm, key_idx); return ret; } @@ -244,8 +244,8 @@ noise_consume_initiation (vlib_main_t * vm, noise_local_t * l, ret = true; error: - vnet_crypto_key_del (vm, key_idx); secure_zero_memory (key, NOISE_SYMMETRIC_KEY_LEN); + vnet_crypto_key_del (vm, key_idx); secure_zero_memory (&hs, sizeof (hs)); return ret; } @@ -297,8 +297,8 @@ noise_create_response (vlib_main_t * vm, noise_remote_t * r, uint32_t * s_idx, *s_idx = hs->hs_local_index; ret = true; error: - vnet_crypto_key_del (vm, key_idx); secure_zero_memory (key, NOISE_SYMMETRIC_KEY_LEN); + vnet_crypto_key_del (vm, key_idx); secure_zero_memory (e, NOISE_PUBLIC_KEY_LEN); return ret; } @@ -358,9 +358,9 @@ noise_consume_response (vlib_main_t * vm, noise_remote_t * r, uint32_t s_idx, ret = true; } error: - vnet_crypto_key_del (vm, key_idx); secure_zero_memory (&hs, sizeof (hs)); secure_zero_memory (key, NOISE_SYMMETRIC_KEY_LEN); + vnet_crypto_key_del (vm, key_idx); return ret; } |