diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-10-20 11:12:51 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2014-10-20 11:12:51 -0400 |
| commit | e3d166b7a63b4f0c248e20b759dba2ccb8d30092 (patch) | |
| tree | 6cd71bd4e7fc60e9573106c71ebfbc3cff030b9d | |
| parent | d6fab2afd7f37a3a31063654a8f5451d5d290bcf (diff) | |
| parent | 2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37 (diff) | |
| download | tor-e3d166b7a63b4f0c248e20b759dba2ccb8d30092.tar.gz tor-e3d166b7a63b4f0c248e20b759dba2ccb8d30092.zip | |
Merge remote-tracking branch 'teor/memwipe-more-keys'
| -rw-r--r-- | changes/bug13477-memwipe-more-keys | 5 | ||||
| -rw-r--r-- | src/common/crypto.c | 2 | ||||
| -rw-r--r-- | src/or/router.c | 2 |
3 files changed, 7 insertions, 2 deletions
diff --git a/changes/bug13477-memwipe-more-keys b/changes/bug13477-memwipe-more-keys new file mode 100644 index 0000000000..cf8e0a9eb5 --- /dev/null +++ b/changes/bug13477-memwipe-more-keys @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Ensure we securely wipe keys from memory after + crypto_digest_get_digest and init_curve25519_keypair_from_file + have finished using them. + Fixes bug 13477. diff --git a/src/common/crypto.c b/src/common/crypto.c index f128336e50..58f20aeb85 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -1684,7 +1684,7 @@ crypto_digest_get_digest(crypto_digest_t *digest, log_warn(LD_BUG, "Called with unknown algorithm %d", digest->algorithm); /* If fragile_assert is not enabled, then we should at least not * leak anything. */ - memset(r, 0xff, sizeof(r)); + memwipe(r, 0xff, sizeof(r)); tor_fragile_assert(); break; } diff --git a/src/or/router.c b/src/or/router.c index 5d1d2ff337..bbbf9c4b84 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -488,7 +488,7 @@ init_curve25519_keypair_from_file(curve25519_keypair_t *keys_out, if (curve25519_keypair_write_to_file(keys_out, fname, tag)<0) { tor_log(severity, LD_FS, "Couldn't write generated key to \"%s\".", fname); - memset(keys_out, 0, sizeof(*keys_out)); + memwipe(keys_out, 0, sizeof(*keys_out)); goto error; } } else { |