Memory sanitizing on BLOB free removed, since BLOBS are encrypted from d15b7066cd9cd9f1fe4accab095ac347c8590274 on

2016-07-20 08:48:28 +02:00 · 2016-07-20 08:48:28 +02:00 · 40c992e1a5
commit 40c992e1a5
parent 4630b32f77
3 changed files with 8 additions and 2 deletions
--- a/lib/EAPBase/include/EAP.h
+++ b/lib/EAPBase/include/EAP.h
@ -21,6 +21,10 @@
 #define IDR_EAP_KEY_PUBLIC  1
 #define IDR_EAP_KEY_PRIVATE 2

+#ifndef EAP_ENCRYPT_BLOBS
+#define EAP_ENCRYPT_BLOBS 1
+#endif
+
 #if !defined(RC_INVOKED) && !defined(MIDL_PASS)

 #include <sal.h>
--- a/lib/EAPBase/include/Module.h
+++ b/lib/EAPBase/include/Module.h
@ -543,7 +543,7 @@ namespace eap
            _In_                           DWORD dwDataInSize,
            _Out_                          EAP_ERROR **ppEapError)
        {
-#if 1
+#if EAP_ENCRYPT_BLOBS
            // Prepare cryptographics provider.
            winstd::crypt_prov cp;
            if (!cp.create(NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
@ -590,7 +590,7 @@ namespace eap
            _Out_       DWORD     *pdwDataOutSize,
            _Out_       EAP_ERROR **ppEapError)
        {
-#if 1
+#if EAP_ENCRYPT_BLOBS
            // Allocate BLOB.
            std::vector<unsigned char, winstd::sanitizing_allocator<unsigned char> > data;
            data.resize(eapserial::get_pk_size(record));
--- a/lib/EAPBase/src/Module.cpp
+++ b/lib/EAPBase/src/Module.cpp
@ -93,8 +93,10 @@ BYTE* eap::module::alloc_memory(_In_ size_t size)

 void eap::module::free_memory(_In_ BYTE *ptr)
 {
+#if !EAP_ENCRYPT_BLOBS
    // Since we do security here and some of the BLOBs contain credentials, sanitize every memory block before freeing.
    SecureZeroMemory(ptr, HeapSize(m_heap, 0, ptr));
+#endif
    HeapFree(m_heap, 0, ptr);
 }