Use proper functions to free secure memory.

Fixes crash reported in bug #586192. Patch by Ryan Beasley.

2 files changed, 3 insertions, 2 deletions

diff --git a/pkcs11/gck/gck-data-der.c b/pkcs11/gck/gck-data-der.c
index de1be12e..1cf19a7d 100644
--- a/pkcs11/gck/gck-data-der.c
+++ b/pkcs11/gck/gck-data-der.c
@@ -1023,7 +1023,7 @@ prepare_and_encode_pkcs8_cipher (ASN1_TYPE asn, const gchar *password,
 	gcry_cipher_setkey (cih, key, n_key);
 	
 	g_free (iv);
-	gcry_free (key);
+	egg_secure_free (key);
 	asn1_delete_structure (&asn1_params);
 	
 	return cih;
diff --git a/pkcs11/ssh-store/gck-ssh-openssh.c b/pkcs11/ssh-store/gck-ssh-openssh.c
index 19ad4d29..9fc621f1 100644
--- a/pkcs11/ssh-store/gck-ssh-openssh.c
+++ b/pkcs11/ssh-store/gck-ssh-openssh.c
@@ -7,6 +7,7 @@
 
 #include "egg/egg-buffer.h"
 #include "egg/egg-openssl.h"
+#include "egg/egg-secure-memory.h"
 
 typedef struct _ParsePrivate {
 	gcry_sexp_t sexp;
@@ -176,7 +177,7 @@ load_encrypted_key (const guchar *data, gsize n_data, const gchar *dekinfo,
 	
 	/* Try to parse */
 	ret = gck_data_der_read_private_key (decrypted, n_decrypted, skey);
-	gcry_free (decrypted);
+	egg_secure_free (decrypted);
 
 	if (ret != GCK_DATA_UNRECOGNIZED)
 		return ret;