[tor-commits] [tor/master] Memwipe more keys after tor has finished with them
nickm at torproject.org
nickm at torproject.org
Mon Oct 20 15:12:52 UTC 2014
commit 2e1f5c1fc0f6239a8bb9f409f1f170fb21ce1a37
Author: teor <teor2345 at gmail.com>
Date: Mon Oct 20 03:06:28 2014 +1100
Memwipe more keys after tor has finished with them
Ensure we securely wipe keys from memory after
crypto_digest_get_digest and init_curve25519_keypair_from_file
have finished using them.
Fixes bug 13477.
---
changes/bug13477-memwipe-more-keys | 5 +++++
src/common/crypto.c | 2 +-
src/or/router.c | 2 +-
3 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/changes/bug13477-memwipe-more-keys b/changes/bug13477-memwipe-more-keys
new file mode 100644
index 0000000..cf8e0a9
--- /dev/null
+++ b/changes/bug13477-memwipe-more-keys
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+ - Ensure we securely wipe keys from memory after
+ crypto_digest_get_digest and init_curve25519_keypair_from_file
+ have finished using them.
+ Fixes bug 13477.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index f128336..58f20ae 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1684,7 +1684,7 @@ crypto_digest_get_digest(crypto_digest_t *digest,
log_warn(LD_BUG, "Called with unknown algorithm %d", digest->algorithm);
/* If fragile_assert is not enabled, then we should at least not
* leak anything. */
- memset(r, 0xff, sizeof(r));
+ memwipe(r, 0xff, sizeof(r));
tor_fragile_assert();
break;
}
diff --git a/src/or/router.c b/src/or/router.c
index 5d1d2ff..bbbf9c4 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -488,7 +488,7 @@ init_curve25519_keypair_from_file(curve25519_keypair_t *keys_out,
if (curve25519_keypair_write_to_file(keys_out, fname, tag)<0) {
tor_log(severity, LD_FS,
"Couldn't write generated key to \"%s\".", fname);
- memset(keys_out, 0, sizeof(*keys_out));
+ memwipe(keys_out, 0, sizeof(*keys_out));
goto error;
}
} else {
More information about the tor-commits
mailing list