Memory sanitizing on BLOB free removed, since BLOBS are encrypted from d15b7066cd9cd9f1fe4accab095ac347c8590274 on

lib/EAPBase/include/EAP.h

@@ -21,6 +21,10 @@
 #define IDR_EAP_KEY_PUBLIC  1
 #define IDR_EAP_KEY_PRIVATE 2
 
+#ifndef EAP_ENCRYPT_BLOBS
+#define EAP_ENCRYPT_BLOBS 1
+#endif
+
 #if !defined(RC_INVOKED) && !defined(MIDL_PASS)
 
 #include <sal.h>

lib/EAPBase/include/Module.h

@@ -543,7 +543,7 @@ namespace eap
             _In_                           DWORD dwDataInSize,
             _Out_                          EAP_ERROR **ppEapError)
         {
-#if 1
+#if EAP_ENCRYPT_BLOBS
             // Prepare cryptographics provider.
             winstd::crypt_prov cp;
             if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
@@ -590,7 +590,7 @@ namespace eap
             _Out_       DWORD     *pdwDataOutSize,
             _Out_       EAP_ERROR **ppEapError)
         {
-#if 1
+#if EAP_ENCRYPT_BLOBS
             // Allocate BLOB.
             std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > data;
             data.resize(eapserial::get_pk_size(record));

lib/EAPBase/src/Module.cpp

@@ -93,8 +93,10 @@ BYTE* eap::module::alloc_memory(_In_ size_t size)
 
 void eap::module::free_memory(_In_ BYTE *ptr)
 {
+#if !EAP_ENCRYPT_BLOBS
     // Since we do security here and some of the BLOBs contain credentials, sanitize every memory block before freeing.
     SecureZeroMemory(ptr, HeapSize(m_heap, 0, ptr));
+#endif
     HeapFree(m_heap, 0, ptr);
 }