the new function chunk_free_randomized() overwrites the contents of a chunk with...
authorAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 10 Sep 2007 12:16:24 +0000 (12:16 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Mon, 10 Sep 2007 12:16:24 +0000 (12:16 -0000)
src/libstrongswan/chunk.c
src/libstrongswan/chunk.h

index d70e172..9134b5a 100644 (file)
@@ -28,6 +28,7 @@
 
 #include <debug.h>
 #include <printf_hook.h>
+#include <utils/randomizer.h>
 
 /**
  * Empty chunk.
@@ -260,6 +261,27 @@ void chunk_free(chunk_t *chunk)
 /**
  * Described in header.
  */
+void chunk_free_randomized(chunk_t *chunk)
+{
+       if (chunk->ptr)
+       {
+               if (chunk->len > 0)
+               {
+                       randomizer_t *randomizer = randomizer_create();
+
+                       randomizer->get_pseudo_random_bytes(randomizer,
+                                                                                               chunk->len, chunk->ptr);
+                       randomizer->destroy(randomizer);
+               };
+               free(chunk->ptr);
+               chunk->ptr = NULL;
+       }
+       chunk->len = 0;
+}
+
+/**
+ * Described in header.
+ */
 chunk_t chunk_skip(chunk_t chunk, size_t bytes)
 {
        if (chunk.len > bytes)
index a13ccfc..70dc2ce 100644 (file)
@@ -89,6 +89,11 @@ bool chunk_write(chunk_t chunk, const char *path, const char *label, mode_t mask
 void chunk_free(chunk_t *chunk);
 
 /**
+ * Overwrite the contents of a chunk with pseudo-random bytes and free them
+ */
+void chunk_free_randomized(chunk_t *chunk);
+
+/**
  * Initialize a chunk to point to buffer inspectable by sizeof()
  */
 #define chunk_from_buf(str) { str, sizeof(str) }