diff --git a/hostapd/Makefile b/hostapd/Makefile index e64c24976..ef1aa6f9c 100644 --- a/hostapd/Makefile +++ b/hostapd/Makefile @@ -962,6 +962,7 @@ hostapd_cli: $(OBJS_c) @$(E) " LD " $@ NOBJS = nt_password_hash.o ../src/crypto/ms_funcs.o $(SHA1OBJS) ../src/crypto/md5.o +NOBJS += ../src/utils/common.o ifdef NEED_RC4 ifdef CONFIG_INTERNAL_RC4 NOBJS += ../src/crypto/rc4.o diff --git a/src/crypto/aes-eax.c b/src/crypto/aes-eax.c index 21941c66d..15a09f8b4 100644 --- a/src/crypto/aes-eax.c +++ b/src/crypto/aes-eax.c @@ -71,7 +71,7 @@ int aes_128_eax_encrypt(const u8 *key, const u8 *nonce, size_t nonce_len, ret = 0; fail: - os_free(buf); + bin_clear_free(buf, buf_len); return ret; } diff --git a/src/crypto/aes-siv.c b/src/crypto/aes-siv.c index 0a82ddcfc..5ac82c2e4 100644 --- a/src/crypto/aes-siv.c +++ b/src/crypto/aes-siv.c @@ -95,7 +95,7 @@ static int aes_s2v(const u8 *key, size_t num_elem, const u8 *addr[], os_memcpy(buf, addr[i], len[i]); xorend(buf, len[i], tmp, AES_BLOCK_SIZE); ret = omac1_aes_128(key, buf, len[i], mac); - os_free(buf); + bin_clear_free(buf, len[i]); return ret; } diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index 69fcf9bed..adb42a45f 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -258,7 +258,7 @@ void aes_encrypt_deinit(void *ctx) "in AES encrypt", len); } EVP_CIPHER_CTX_cleanup(c); - os_free(c); + bin_clear_free(c, sizeof(*c)); } @@ -309,7 +309,7 @@ void aes_decrypt_deinit(void *ctx) "in AES decrypt", len); } EVP_CIPHER_CTX_cleanup(c); - os_free(ctx); + bin_clear_free(c, sizeof(*c)); } @@ -507,8 +507,8 @@ void * dh5_init(struct wpabuf **priv, struct wpabuf **publ) return dh; err: - wpabuf_free(pubkey); - wpabuf_free(privkey); + wpabuf_clear_free(pubkey); + wpabuf_clear_free(privkey); DH_free(dh); return NULL; } @@ -581,7 +581,7 @@ struct wpabuf * dh5_derive_shared(void *ctx, const struct wpabuf *peer_public, err: BN_clear_free(pub_key); - wpabuf_free(res); + wpabuf_clear_free(res); return NULL; } @@ -638,7 +638,7 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL); #else /* openssl < 0.9.9 */ if (HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL) != 1) { - os_free(ctx); + bin_clear_free(ctx, sizeof(*ctx)); return NULL; } #endif /* openssl < 0.9.9 */ @@ -664,7 +664,7 @@ int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len) return -2; if (mac == NULL || len == NULL) { - os_free(ctx); + bin_clear_free(ctx, sizeof(*ctx)); return 0; } @@ -676,7 +676,7 @@ int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len) res = HMAC_Final(&ctx->ctx, mac, &mdlen); #endif /* openssl < 0.9.9 */ HMAC_CTX_cleanup(&ctx->ctx); - os_free(ctx); + bin_clear_free(ctx, sizeof(*ctx)); if (res == 1) { *len = mdlen;