diff options
| -rw-r--r-- | src/ecdh.c | 3 | ||||
| -rw-r--r-- | src/wrapper.c | 20 |
2 files changed, 20 insertions, 3 deletions
@@ -104,7 +104,8 @@ static int ecdh_build_k(ssh_session session) { ECDH_compute_key(buffer,len,pubkey,session->next_crypto->ecdh_privkey,NULL); BN_bin2bn(buffer,len,session->next_crypto->k); free(buffer); - + EC_KEY_free(session->next_crypto->ecdh_privkey); + session->next_crypto->ecdh_privkey=NULL; #ifdef DEBUG_CRYPTO ssh_print_hexa("Session server cookie", session->server_kex.cookie, 16); ssh_print_hexa("Session client cookie", session->client_kex.cookie, 16); diff --git a/src/wrapper.c b/src/wrapper.c index 11482f8..5a6ed08 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -111,7 +111,8 @@ void crypto_free(struct ssh_crypto_struct *crypto){ bignum_free(crypto->x); bignum_free(crypto->y); bignum_free(crypto->k); - /* lot of other things */ + SAFE_FREE(crypto->ecdh_client_pubkey); + SAFE_FREE(crypto->ecdh_server_pubkey); #ifdef WITH_LIBZ if (crypto->compress_out_ctx && @@ -123,8 +124,23 @@ void crypto_free(struct ssh_crypto_struct *crypto){ inflateEnd(crypto->compress_in_ctx); } #endif + if(crypto->encryptIV) + SAFE_FREE(crypto->encryptIV); + if(crypto->decryptIV) + SAFE_FREE(crypto->decryptIV); + if(crypto->encryptMAC) + SAFE_FREE(crypto->encryptMAC); + if(crypto->decryptMAC) + SAFE_FREE(crypto->decryptMAC); + if(crypto->encryptkey){ + memset(crypto->encryptkey, 0, crypto->digest_len); + SAFE_FREE(crypto->encryptkey); + } + if(crypto->decryptkey){ + memset(crypto->decryptkey, 0, crypto->digest_len); + SAFE_FREE(crypto->decryptkey); + } - /* i'm lost in my own code. good work */ memset(crypto,0,sizeof(*crypto)); SAFE_FREE(crypto); |