diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-13 12:22:33 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-11-27 11:41:43 +0100 |
commit | 5110187019538d8b131d816a37632616be4e2880 (patch) | |
tree | 5cc900fef46fdf3ef5d96b0b100c218414f6dc39 /lib | |
parent | 08cddacdc42434665c8f085b77391bf73acdc45c (diff) | |
download | gnutls-5110187019538d8b131d816a37632616be4e2880.tar.gz |
better naming for free_datum functions.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/auth/dh_common.c | 4 | ||||
-rw-r--r-- | lib/auth/dhe_psk.c | 8 | ||||
-rw-r--r-- | lib/auth/ecdhe.c | 2 | ||||
-rw-r--r-- | lib/auth/psk.c | 6 | ||||
-rw-r--r-- | lib/auth/rsa_psk.c | 8 | ||||
-rw-r--r-- | lib/auth/srp_passwd.c | 4 | ||||
-rw-r--r-- | lib/gnutls_datum.h | 14 | ||||
-rw-r--r-- | lib/gnutls_kx.c | 2 | ||||
-rw-r--r-- | lib/gnutls_state.c | 2 | ||||
-rw-r--r-- | lib/x509/privkey_pkcs8.c | 26 |
10 files changed, 44 insertions, 32 deletions
diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c index 745787c25a..5cc0d4cec0 100644 --- a/lib/auth/dh_common.c +++ b/lib/auth/dh_common.c @@ -100,7 +100,7 @@ _gnutls_proc_dh_common_client_kx(gnutls_session_t session, ret = _gnutls_set_psk_session_key(session, psk_key, &tmp_dh_key); - _gnutls_zfree_datum(&tmp_dh_key); + _gnutls_free_temp_key_datum(&tmp_dh_key); } @@ -175,7 +175,7 @@ _gnutls_gen_dh_common_client_kx_int(gnutls_session_t session, ret = _gnutls_set_psk_session_key(session, pskkey, &tmp_dh_key); - _gnutls_zfree_datum(&tmp_dh_key); + _gnutls_free_temp_key_datum(&tmp_dh_key); } zrelease_temp_mpi_key(&session->key.KEY); diff --git a/lib/auth/dhe_psk.c b/lib/auth/dhe_psk.c index 7c8b14c5fa..286f944244 100644 --- a/lib/auth/dhe_psk.c +++ b/lib/auth/dhe_psk.c @@ -131,7 +131,7 @@ gen_ecdhe_psk_client_kx(gnutls_session_t session, gnutls_buffer_st * data) cleanup: if (free) { _gnutls_free_datum(&username); - _gnutls_zfree_datum(&key); + _gnutls_free_temp_key_datum(&key); } return ret; @@ -175,7 +175,7 @@ gen_dhe_psk_client_kx(gnutls_session_t session, gnutls_buffer_st * data) cleanup: if (free) { _gnutls_free_datum(&username); - _gnutls_zfree_datum(&key); + _gnutls_free_temp_key_datum(&key); } return ret; @@ -328,7 +328,7 @@ proc_dhe_psk_client_kx(gnutls_session_t session, uint8_t * data, ret = _gnutls_proc_dh_common_client_kx(session, data, data_size, g, p, &psk_key); - _gnutls_zfree_datum(&psk_key); + _gnutls_free_temp_key_datum(&psk_key); return ret; @@ -393,7 +393,7 @@ proc_ecdhe_psk_client_kx(gnutls_session_t session, uint8_t * data, _gnutls_session_ecc_curve_get (session), &psk_key); - _gnutls_zfree_datum(&psk_key); + _gnutls_free_temp_key_datum(&psk_key); return ret; } diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c index cccedc0d43..94988fe814 100644 --- a/lib/auth/ecdhe.c +++ b/lib/auth/ecdhe.c @@ -115,7 +115,7 @@ static int calc_ecdh_key(gnutls_session_t session, ret = _gnutls_set_psk_session_key(session, psk_key, &tmp_dh_key); - _gnutls_zfree_datum(&tmp_dh_key); + _gnutls_free_temp_key_datum(&tmp_dh_key); } if (ret < 0) { diff --git a/lib/auth/psk.c b/lib/auth/psk.c index 710410b27c..de654f69e5 100644 --- a/lib/auth/psk.c +++ b/lib/auth/psk.c @@ -104,7 +104,7 @@ _gnutls_set_psk_session_key(gnutls_session_t session, ret = 0; error: - _gnutls_zfree_datum(&pwd_psk); + _gnutls_free_temp_key_datum(&pwd_psk); return ret; } @@ -190,7 +190,7 @@ _gnutls_gen_psk_client_kx(gnutls_session_t session, cleanup: if (free) { gnutls_free(username.data); - _gnutls_zfree_datum(&key); + _gnutls_free_temp_key_datum(&key); } return ret; @@ -258,7 +258,7 @@ _gnutls_proc_psk_client_kx(gnutls_session_t session, uint8_t * data, ret = 0; error: - _gnutls_zfree_datum(&psk_key); + _gnutls_free_temp_key_datum(&psk_key); return ret; } diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c index c9bf5f4c3f..ff1468f16d 100644 --- a/lib/auth/rsa_psk.c +++ b/lib/auth/rsa_psk.c @@ -240,9 +240,9 @@ _gnutls_gen_rsa_psk_client_kx(gnutls_session_t session, cleanup: _gnutls_free_datum(&sdata); - _gnutls_zfree_datum(&premaster_secret); + _gnutls_free_temp_key_datum(&premaster_secret); if (free) { - _gnutls_zfree_datum(&key); + _gnutls_free_temp_key_datum(&key); gnutls_free(username.data); } @@ -399,8 +399,8 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data, ret = 0; cleanup: - _gnutls_zfree_datum(&pwd_psk); - _gnutls_zfree_datum(&premaster_secret); + _gnutls_free_temp_key_datum(&pwd_psk); + _gnutls_free_temp_key_datum(&premaster_secret); return ret; } diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c index 04aa349390..c5f61c7e7d 100644 --- a/lib/auth/srp_passwd.c +++ b/lib/auth/srp_passwd.c @@ -115,7 +115,7 @@ static int parse_tpasswd_values(SRP_PWD_ENTRY * entry, char *str) entry->username = gnutls_strdup(str); if (entry->username == NULL) { _gnutls_free_datum(&entry->salt); - _gnutls_zfree_datum(&entry->v); + _gnutls_free_temp_key_datum(&entry->v); gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } @@ -426,7 +426,7 @@ static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry) */ void _gnutls_srp_entry_free(SRP_PWD_ENTRY * entry) { - _gnutls_zfree_datum(&entry->v); + _gnutls_free_temp_key_datum(&entry->v); _gnutls_free_datum(&entry->salt); if ((entry->g.data != gnutls_srp_1024_group_generator.data) diff --git a/lib/gnutls_datum.h b/lib/gnutls_datum.h index 78e86f02a2..80ba84af7a 100644 --- a/lib/gnutls_datum.h +++ b/lib/gnutls_datum.h @@ -43,7 +43,19 @@ void _gnutls_free_datum(gnutls_datum_t * dat) } inline static -void _gnutls_zfree_datum(gnutls_datum_t * dat) +void _gnutls_free_temp_key_datum(gnutls_datum_t * dat) +{ + if (dat->data != NULL) { + zeroize_temp_key(dat->data, dat->size); + gnutls_free(dat->data); + } + + dat->data = NULL; + dat->size = 0; +} + +inline static +void _gnutls_free_key_datum(gnutls_datum_t * dat) { if (dat->data != NULL) { zeroize_key(dat->data, dat->size); diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c index 4d68f06581..23542144ef 100644 --- a/lib/gnutls_kx.c +++ b/lib/gnutls_kx.c @@ -150,7 +150,7 @@ generate_normal_master(gnutls_session_t session, } if (!keep_premaster) - _gnutls_zfree_datum(premaster); + _gnutls_free_temp_key_datum(premaster); if (ret < 0) return ret; diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index d1a5646885..3afec2f8e3 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -487,7 +487,7 @@ void gnutls_deinit(gnutls_session_t session) zrelease_temp_mpi_key(&session->key.rsa[1]); zrelease_temp_mpi_key(&session->key.dh_secret); - _gnutls_zfree_datum(&session->key.key); + _gnutls_free_temp_key_datum(&session->key.key); gnutls_free(session); } diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 140da472aa..da0b94e25d 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -264,7 +264,7 @@ encode_to_private_key_info(gnutls_x509_privkey_t pkey, result = asn1_write_value(*pkey_info, "privateKeyAlgorithm.parameters", algo_params.data, algo_params.size); - _gnutls_zfree_datum(&algo_params); + _gnutls_free_key_datum(&algo_params); if (result != ASN1_SUCCESS) { gnutls_assert(); @@ -284,7 +284,7 @@ encode_to_private_key_info(gnutls_x509_privkey_t pkey, result = asn1_write_value(*pkey_info, "privateKey", algo_privkey.data, algo_privkey.size); - _gnutls_zfree_datum(&algo_privkey); + _gnutls_free_key_datum(&algo_privkey); if (result != ASN1_SUCCESS) { gnutls_assert(); @@ -332,7 +332,7 @@ encode_to_private_key_info(gnutls_x509_privkey_t pkey, error: asn1_delete_structure(pkey_info); _gnutls_free_datum(&algo_params); - _gnutls_zfree_datum(&algo_privkey); + _gnutls_free_key_datum(&algo_privkey); return result; } @@ -528,14 +528,14 @@ encode_to_pkcs8_key(schema_id schema, const gnutls_datum_t * der_key, } _gnutls_free_datum(&tmp); - _gnutls_zfree_datum(&key); + _gnutls_free_key_datum(&key); *out = pkcs8_asn; return 0; error: - _gnutls_zfree_datum(&key); + _gnutls_free_key_datum(&key); _gnutls_free_datum(&tmp); asn1_delete_structure(&pkcs8_asn); return result; @@ -689,7 +689,7 @@ gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key, if (((flags & GNUTLS_PKCS_PLAIN) || password == NULL) && !(flags & GNUTLS_PKCS_NULL_PASSWORD)) { - _gnutls_zfree_datum(&tmp); + _gnutls_free_key_datum(&tmp); ret = _gnutls_x509_export_int2(pkey_info, format, @@ -702,7 +702,7 @@ gnutls_x509_privkey_export2_pkcs8(gnutls_x509_privkey_t key, ret = encode_to_pkcs8_key(schema, &tmp, password, &pkcs8_asn); - _gnutls_zfree_datum(&tmp); + _gnutls_free_key_datum(&tmp); if (ret < 0) { gnutls_assert(); @@ -928,7 +928,7 @@ static int decrypt_pkcs8_key(const gnutls_datum_t * raw_key, } result = decode_private_key_info(&tmp, pkey); - _gnutls_zfree_datum(&tmp); + _gnutls_free_key_datum(&tmp); if (result < 0) { /* We've gotten this far. In the real world it's almost certain @@ -1017,7 +1017,7 @@ _decode_pkcs8_rsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey) } pkey->key = _gnutls_privkey_decode_pkcs1_rsa_key(&tmp, pkey); - _gnutls_zfree_datum(&tmp); + _gnutls_free_key_datum(&tmp); if (pkey->key == NULL) { gnutls_assert(); @@ -1045,7 +1045,7 @@ _decode_pkcs8_ecc_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey) } pkey->key = _gnutls_privkey_decode_ecc_key(&tmp, pkey); - _gnutls_zfree_datum(&tmp); + _gnutls_free_key_datum(&tmp); if (pkey->key == NULL) { ret = GNUTLS_E_PARSING_ERROR; @@ -1076,7 +1076,7 @@ _decode_pkcs8_dsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey) ret = _gnutls_x509_read_der_int(tmp.data, tmp.size, &pkey->params.params[4]); - _gnutls_zfree_datum(&tmp); + _gnutls_free_key_datum(&tmp); if (ret < 0) { gnutls_assert(); @@ -2394,7 +2394,7 @@ _gnutls_pkcs7_encrypt_data(schema_id schema, } _gnutls_free_datum(&tmp); - _gnutls_zfree_datum(&key); + _gnutls_free_key_datum(&key); /* Now write the rest of the pkcs-7 stuff. */ @@ -2434,7 +2434,7 @@ _gnutls_pkcs7_encrypt_data(schema_id schema, error: - _gnutls_zfree_datum(&key); + _gnutls_free_key_datum(&key); _gnutls_free_datum(&tmp); asn1_delete_structure(&pkcs7_asn); return result; |