diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-12 13:59:35 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-27 11:41:43 +0100 |
| commit | 566898f627c295373f98d4b805248c8bb6d62d58 (patch) | |
| tree | 562018c391924f8380c3057b9959e2fd2e481825 | |
| parent | adc50de0b04a4d1f75af1b0a184f3a4155c9066d (diff) | |
| download | gnutls-566898f627c295373f98d4b805248c8bb6d62d58.tar.gz | |
Added key zeroization primitives.
| -rw-r--r-- | lib/gnutls_datum.c | 8 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 11 |
2 files changed, 11 insertions, 8 deletions
diff --git a/lib/gnutls_datum.c b/lib/gnutls_datum.c index 670279a246..2ce139350c 100644 --- a/lib/gnutls_datum.c +++ b/lib/gnutls_datum.c @@ -64,11 +64,3 @@ _gnutls_datum_append(gnutls_datum_t * dst, const void *data, return 0; } -void _gnutls_free_datum(gnutls_datum_t * dat) -{ - if (dat->data != NULL) - gnutls_free(dat->data); - - dat->data = NULL; - dat->size = 0; -} diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 21d2fc938b..71f1ba74f9 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -1053,4 +1053,15 @@ inline static size_t max_user_send_size(gnutls_session_t session, return max; } +#ifdef ENABLE_FIPS140 +# define zeroize_temp_key(x, size) memset(x, 0, size) +# define zrelease_temp_mpi_key(mpi) if (*mpi!=NULL) { \ + _gnutls_mpi_clear(*mpi); \ + _gnutls_mpi_release(mpi); \ + } +#else +# define zeroize_temp_key(x, size) +# define zrelease_temp_mpi_key(mpi) _gnutls_mpi_release(mpi) +#endif + #endif /* GNUTLS_INT_H */ |