[IOT-1519] Securely zero buffers containing secret data
Add an OICClearMemory helper function, and use it to securely clear buffers that contain keys and other secret data that shouldn't be left in the stack or on the heap. Rename privateKey to g_privateKey in csr.c. Fix a couple of leaked payloads on error return paths in secureresourceprovider.c (which will also now zero their contents). Change-Id: If79c840ad758be2a7ca1bf7e6ccccb6dbdc39cf2 Signed-off-by:Kevin Kane <kkane@microsoft.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/14091Tested-by:
jenkins-iotivity <jenkins-iotivity@opendaylight.org> Reviewed-by:
Uze Choi <uzchoi@samsung.com> Reviewed-by:
Randeep Singh <randeep.s@samsung.com> (cherry picked from commit 916ced64) Reviewed-on: https://gerrit.iotivity.org/gerrit/14443
Showing
Please register or sign in to comment