projects / platform / upstream / iotivity.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 39f4a88) | patch
[IOT-1519] Securely zero buffers containing secret data
authorKevin Kane <kkane@microsoft.com>
Fri, 4 Nov 2016 20:53:34 +0000 (13:53 -0700)
committerRandeep Singh <randeep.s@samsung.com>
Thu, 17 Nov 2016 06:54:03 +0000 (06:54 +0000)
commit916ced6413b93c3c4448fb4124be429c0f13bb82
treee0d7824e7ce01dd878296a95c586b37b680df9d2tree | snapshot
parent39f4a884082aa687f86fc24296b37401780dc9cbcommit | diff
[IOT-1519] Securely zero buffers containing secret data

Add an OICClearMemory helper function, and use it to securely
clear buffers that contain keys and other secret data that
shouldn't be left in the stack or on the heap.

Rename privateKey to g_privateKey in csr.c.

Fix a couple of leaked payloads on error return paths in
secureresourceprovider.c (which will also now zero their
contents).

Change-Id: If79c840ad758be2a7ca1bf7e6ccccb6dbdc39cf2
Signed-off-by: Kevin Kane <kkane@microsoft.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/14091
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Uze Choi <uzchoi@samsung.com>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>
resource/c_common/oic_malloc/include/oic_malloc.h diff | blob | history
resource/c_common/oic_malloc/src/oic_malloc.c diff | blob | history
resource/csdk/security/provisioning/src/cloud/csr.c diff | blob | history
resource/csdk/security/provisioning/src/credentialgenerator.c diff | blob | history
resource/csdk/security/provisioning/src/ownershiptransfermanager.c diff | blob | history
resource/csdk/security/provisioning/src/secureresourceprovider.c diff | blob | history
resource/csdk/security/src/credresource.c diff | blob | history
resource/csdk/security/src/dpairingresource.c diff | blob | history
resource/csdk/stack/src/ocpayload.c diff | blob | history
Domain: Network & Connectivity / IoT Connectivity;