2 files changed, 26 insertions, 0 deletions

diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index ea9fe98..c51c594 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -33,6 +33,7 @@
 #include <openssl/rand.h>
 #include <crypto/aes.h>
 #include <stdio.h>
+#include <string.h>
 
 /*
  * Encrypt 'data' with AES-256-GCM.
@@ -232,3 +233,25 @@ aes256_decrypt(struct aes_message *amp, const unsigned char *key,
     *res = plaintext;
     return 0;
 }
+
+/*
+ * Free data from AES message structure.
+ */
+int
+aes256_free_msg(struct aes_message *amp)
+{
+    free(amp->ciphertext);
+    return 0;
+}
+
+/*
+ * Free memory used for plaintext.
+ */
+int
+aes256_free_plain(unsigned char *plain, size_t len)
+{
+    memset(plain, 0, len);
+    munlock(plain, len);
+    free(plain);
+    return 0;
+}
diff --git a/lib/include/crypto/aes.h b/lib/include/crypto/aes.h
index 5973323..ac4604b 100644
--- a/lib/include/crypto/aes.h
+++ b/lib/include/crypto/aes.h
@@ -47,4 +47,7 @@ int aes256_encrypt(const unsigned char *data, size_t len,
 int aes256_decrypt(struct aes_message *amp, const unsigned char *key,
     unsigned char **res);
 
+int aes256_free_msg(struct aes_message *amp);
+int aes256_free_plain(unsigned char *plain, size_t len);
+
 #endif  /* CRYPTO_AES_H_ */