d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use zfree() to explicitly zero IPsec keys.

Browse Source 
Reviewed by:	delphij
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D25442
This commit is contained in:
John Baldwin 2020-06-25 20:31:06 +00:00
parent f4134e3d87
commit 20869b25cc
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=362632
4 changed files with 4 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
sys/netipsec/key.c
View File

@ -3060,27 +3060,19 @@ key_cleansav(struct secasvar *sav)
if (sav->flags & SADB_X_EXT_F_CLONED) if (sav->flags & SADB_X_EXT_F_CLONED)
return; return;
/* /*
* Cleanup xform state. Note that zeroize'ing causes the * Cleanup xform state.
* keys to be cleared; otherwise we must do it ourself.
*/ */
if (sav->tdb_xform != NULL) { if (sav->tdb_xform != NULL) {
sav->tdb_xform->xf_zeroize(sav); sav->tdb_xform->xf_zeroize(sav);
sav->tdb_xform = NULL; sav->tdb_xform = NULL;
} else {
if (sav->key_auth != NULL)
bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
if (sav->key_enc != NULL)
bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc));
} }
if (sav->key_auth != NULL) { if (sav->key_auth != NULL) {
if (sav->key_auth->key_data != NULL) zfree(sav->key_auth->key_data, M_IPSEC_MISC);
free(sav->key_auth->key_data, M_IPSEC_MISC);
free(sav->key_auth, M_IPSEC_MISC); free(sav->key_auth, M_IPSEC_MISC);
sav->key_auth = NULL; sav->key_auth = NULL;
} }
if (sav->key_enc != NULL) { if (sav->key_enc != NULL) {
if (sav->key_enc->key_data != NULL) zfree(sav->key_enc->key_data, M_IPSEC_MISC);
free(sav->key_enc->key_data, M_IPSEC_MISC);
free(sav->key_enc, M_IPSEC_MISC); free(sav->key_enc, M_IPSEC_MISC);
sav->key_enc = NULL; sav->key_enc = NULL;
} }

3
sys/netipsec/xform_ah.c
View File

@ -250,9 +250,6 @@ int
ah_zeroize(struct secasvar *sav) ah_zeroize(struct secasvar *sav)
{ {
if (sav->key_auth)
bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
crypto_freesession(sav->tdb_cryptoid); crypto_freesession(sav->tdb_cryptoid);
sav->tdb_cryptoid = NULL; sav->tdb_cryptoid = NULL;
sav->tdb_authalgxform = NULL; sav->tdb_authalgxform = NULL;

4
sys/netipsec/xform_esp.c
View File

@ -243,11 +243,9 @@ esp_init(struct secasvar *sav, struct xformsw *xsp)
static int static int
esp_zeroize(struct secasvar *sav) esp_zeroize(struct secasvar *sav)
{ {
/* NB: ah_zerorize free's the crypto session state */ /* NB: ah_zeroize free's the crypto session state */
int error = ah_zeroize(sav); int error = ah_zeroize(sav);
if (sav->key_enc)
bzero(sav->key_enc->key_data, _KEYLEN(sav->key_enc));
sav->tdb_encalgxform = NULL; sav->tdb_encalgxform = NULL;
sav->tdb_xform = NULL; sav->tdb_xform = NULL;
return error; return error;

2
sys/netipsec/xform_tcp.c
View File

@ -365,8 +365,6 @@ static int
tcpsignature_zeroize(struct secasvar *sav) tcpsignature_zeroize(struct secasvar *sav)
{ {
if (sav->key_auth != NULL)
bzero(sav->key_auth->key_data, _KEYLEN(sav->key_auth));
sav->tdb_xform = NULL; sav->tdb_xform = NULL;
return (0); return (0);
} }