WPS: Clear keys/PINs explicitly

Use an explicit memset call to clear any configuration parameter and
dynamic data that contains private information like keys or identity.
This brings in an additional layer of protection by reducing the length
of time this type of private data is kept in memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2014-07-02 01:46:45 +03:00
parent b7175b4d02
commit 18389abcca
3 changed files with 11 additions and 10 deletions

View file

@ -89,7 +89,7 @@ struct wps_data * wps_init(const struct wps_config *cfg)
if (cfg->pbc) { if (cfg->pbc) {
/* Use special PIN '00000000' for PBC */ /* Use special PIN '00000000' for PBC */
data->dev_pw_id = DEV_PW_PUSHBUTTON; data->dev_pw_id = DEV_PW_PUSHBUTTON;
os_free(data->dev_password); bin_clear_free(data->dev_password, data->dev_password_len);
data->dev_password = (u8 *) os_strdup("00000000"); data->dev_password = (u8 *) os_strdup("00000000");
if (data->dev_password == NULL) { if (data->dev_password == NULL) {
os_free(data); os_free(data);
@ -122,7 +122,8 @@ struct wps_data * wps_init(const struct wps_config *cfg)
data->new_ap_settings = data->new_ap_settings =
os_malloc(sizeof(*data->new_ap_settings)); os_malloc(sizeof(*data->new_ap_settings));
if (data->new_ap_settings == NULL) { if (data->new_ap_settings == NULL) {
os_free(data->dev_password); bin_clear_free(data->dev_password,
data->dev_password_len);
os_free(data); os_free(data);
return NULL; return NULL;
} }
@ -173,11 +174,11 @@ void wps_deinit(struct wps_data *data)
wpabuf_free(data->dh_pubkey_e); wpabuf_free(data->dh_pubkey_e);
wpabuf_free(data->dh_pubkey_r); wpabuf_free(data->dh_pubkey_r);
wpabuf_free(data->last_msg); wpabuf_free(data->last_msg);
os_free(data->dev_password); bin_clear_free(data->dev_password, data->dev_password_len);
os_free(data->alt_dev_password); bin_clear_free(data->alt_dev_password, data->alt_dev_password_len);
os_free(data->new_psk); bin_clear_free(data->new_psk, data->new_psk_len);
wps_device_data_free(&data->peer_dev); wps_device_data_free(&data->peer_dev);
os_free(data->new_ap_settings); bin_clear_free(data->new_ap_settings, sizeof(*data->new_ap_settings));
dh5_free(data->dh_ctx); dh5_free(data->dh_ctx);
os_free(data); os_free(data);
} }

View file

@ -892,7 +892,7 @@ static int wps_process_dev_pw_id(struct wps_data *wps, const u8 *dev_pw_id)
if (wps->alt_dev_password && wps->alt_dev_pw_id == id) { if (wps->alt_dev_password && wps->alt_dev_pw_id == id) {
wpa_printf(MSG_DEBUG, "WPS: Found a matching Device Password"); wpa_printf(MSG_DEBUG, "WPS: Found a matching Device Password");
os_free(wps->dev_password); bin_clear_free(wps->dev_password, wps->dev_password_len);
wps->dev_pw_id = wps->alt_dev_pw_id; wps->dev_pw_id = wps->alt_dev_pw_id;
wps->dev_password = wps->alt_dev_password; wps->dev_password = wps->alt_dev_password;
wps->dev_password_len = wps->alt_dev_password_len; wps->dev_password_len = wps->alt_dev_password_len;

View file

@ -42,7 +42,7 @@ struct wps_nfc_pw_token {
static void wps_remove_nfc_pw_token(struct wps_nfc_pw_token *token) static void wps_remove_nfc_pw_token(struct wps_nfc_pw_token *token)
{ {
dl_list_del(&token->list); dl_list_del(&token->list);
os_free(token); bin_clear_free(token, sizeof(*token));
} }
@ -91,7 +91,7 @@ struct wps_uuid_pin {
static void wps_free_pin(struct wps_uuid_pin *pin) static void wps_free_pin(struct wps_uuid_pin *pin)
{ {
os_free(pin->pin); bin_clear_free(pin->pin, pin->pin_len);
os_free(pin); os_free(pin);
} }
@ -1343,7 +1343,7 @@ static int wps_get_dev_password(struct wps_data *wps)
const u8 *pin; const u8 *pin;
size_t pin_len = 0; size_t pin_len = 0;
os_free(wps->dev_password); bin_clear_free(wps->dev_password, wps->dev_password_len);
wps->dev_password = NULL; wps->dev_password = NULL;
if (wps->pbc) { if (wps->pbc) {