diff options
Diffstat (limited to 'src/libstrongswan/plugins/padlock')
-rw-r--r-- | src/libstrongswan/plugins/padlock/Makefile.in | 3 | ||||
-rw-r--r-- | src/libstrongswan/plugins/padlock/padlock_aes_crypter.c | 4 | ||||
-rw-r--r-- | src/libstrongswan/plugins/padlock/padlock_plugin.c | 20 |
3 files changed, 19 insertions, 8 deletions
diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in index 7c89d0abd..7bc342995 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.in +++ b/src/libstrongswan/plugins/padlock/Makefile.in @@ -243,6 +243,8 @@ nm_ca_dir = @nm_ca_dir@ oldincludedir = @oldincludedir@ openac_plugins = @openac_plugins@ p_plugins = @p_plugins@ +pcsclite_CFLAGS = @pcsclite_CFLAGS@ +pcsclite_LIBS = @pcsclite_LIBS@ pdfdir = @pdfdir@ piddir = @piddir@ pki_plugins = @pki_plugins@ @@ -266,6 +268,7 @@ soup_LIBS = @soup_LIBS@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ +systemdsystemunitdir = @systemdsystemunitdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c index 06c20292f..119de86aa 100644 --- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c +++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c @@ -105,6 +105,8 @@ static void crypt(private_padlock_aes_crypter_t *this, char *iv, *dst = chunk_alloc(src.len); padlock_crypt(key_aligned, &cword, src.ptr, dst->ptr, src.len / AES_BLOCK_SIZE, iv_aligned); + + memwipe(key_aligned, sizeof(key_aligned)); } METHOD(crypter_t, decrypt, void, @@ -146,7 +148,7 @@ METHOD(crypter_t, set_key, void, METHOD(crypter_t, destroy, void, private_padlock_aes_crypter_t *this) { - free(this->key.ptr); + chunk_clear(&this->key); free(this); } diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index 695823acf..9d4afd8e8 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -23,8 +23,6 @@ #include <library.h> #include <debug.h> -static const char *plugin_name = "padlock"; - typedef struct private_padlock_plugin_t private_padlock_plugin_t; typedef enum padlock_feature_t padlock_feature_t; @@ -103,6 +101,12 @@ static padlock_feature_t get_padlock_features() return 0; } +METHOD(plugin_t, get_name, char*, + private_padlock_plugin_t *this) +{ + return "padlock"; +} + METHOD(plugin_t, destroy, void, private_padlock_plugin_t *this) { @@ -138,6 +142,8 @@ plugin_t *padlock_plugin_create() INIT(this, .public = { .plugin = { + .get_name = _get_name, + .reload = (void*)return_false, .destroy = _destroy, }, }, @@ -163,21 +169,21 @@ plugin_t *padlock_plugin_create() if (this->features & PADLOCK_RNG_ENABLED) { - lib->crypto->add_rng(lib->crypto, RNG_TRUE, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, get_name(this), (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_STRONG, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_STRONG, get_name(this), (rng_constructor_t)padlock_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_WEAK, plugin_name, + lib->crypto->add_rng(lib->crypto, RNG_WEAK, get_name(this), (rng_constructor_t)padlock_rng_create); } if (this->features & PADLOCK_ACE2_ENABLED) { - lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, plugin_name, + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, get_name(this), (crypter_constructor_t)padlock_aes_crypter_create); } if (this->features & PADLOCK_PHE_ENABLED) { - lib->crypto->add_hasher(lib->crypto, HASH_SHA1, plugin_name, + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, get_name(this), (hasher_constructor_t)padlock_sha1_hasher_create); } return &this->public.plugin; |