Commit 47c929a8 authored by Kevin Kane's avatar Kevin Kane Committed by Randeep

[IOT-1519] Don't clear ownerPSK secret too early

Owner PSK secret was cleared too early; only clear after
all uses are finished.

Change-Id: Ie39990a5aabfcd71b8370103b7182cb76cb09f40
Signed-off-by: default avatarKevin Kane <kkane@microsoft.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/14491Tested-by: default avatarjenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: default avatarUze Choi <uzchoi@samsung.com>
Reviewed-by: default avatarJongsung Lee <js126.lee@samsung.com>
Reviewed-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
(cherry picked from commit d07d715c)
Reviewed-on: https://gerrit.iotivity.org/gerrit/14497
parent 47821837
...@@ -1683,7 +1683,6 @@ static bool FillPrivateDataOfOwnerPSK(OicSecCred_t* receviedCred, const CAEndpoi ...@@ -1683,7 +1683,6 @@ static bool FillPrivateDataOfOwnerPSK(OicSecCred_t* receviedCred, const CAEndpoi
doxm->owner.id, sizeof(doxm->owner.id), doxm->owner.id, sizeof(doxm->owner.id),
doxm->deviceID.id, sizeof(doxm->deviceID.id), doxm->deviceID.id, sizeof(doxm->deviceID.id),
ownerPSK, OWNER_PSK_LENGTH_128); ownerPSK, OWNER_PSK_LENGTH_128);
OICClearMemory(ownerPSK, sizeof(ownerPSK));
VERIFY_SUCCESS(TAG, pskRet == CA_STATUS_OK, ERROR); VERIFY_SUCCESS(TAG, pskRet == CA_STATUS_OK, ERROR);
OIC_LOG(DEBUG, TAG, "OwnerPSK dump :"); OIC_LOG(DEBUG, TAG, "OwnerPSK dump :");
...@@ -1726,11 +1725,14 @@ static bool FillPrivateDataOfOwnerPSK(OicSecCred_t* receviedCred, const CAEndpoi ...@@ -1726,11 +1725,14 @@ static bool FillPrivateDataOfOwnerPSK(OicSecCred_t* receviedCred, const CAEndpoi
OIC_LOG(INFO, TAG, "PrivateData of OwnerPSK was calculated successfully"); OIC_LOG(INFO, TAG, "PrivateData of OwnerPSK was calculated successfully");
OICClearMemory(ownerPSK, sizeof(ownerPSK));
//Verify OwnerPSK information //Verify OwnerPSK information
return (memcmp(&(receviedCred->subject), &(doxm->owner), sizeof(OicUuid_t)) == 0 && return (memcmp(&(receviedCred->subject), &(doxm->owner), sizeof(OicUuid_t)) == 0 &&
receviedCred->credType == SYMMETRIC_PAIR_WISE_KEY); receviedCred->credType == SYMMETRIC_PAIR_WISE_KEY);
exit: exit:
//receviedCred->privateData.data will be deallocated when deleting credential. //receviedCred->privateData.data will be deallocated when deleting credential.
OICClearMemory(ownerPSK, sizeof(ownerPSK));
OICClearMemory(b64Buf, b64BufSize); OICClearMemory(b64Buf, b64BufSize);
OICFree(b64Buf); OICFree(b64Buf);
return false; return false;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment