diff options
| author | Daiki Ueno <ueno@gnu.org> | 2020-05-25 11:21:38 +0200 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2020-05-30 11:10:12 +0200 |
| commit | a807044bd00658d36a2d507dbe3744280a0a9cf9 (patch) | |
| tree | 49084bc09f44f92ecad084ebf29a2e6e7d273e4d | |
| parent | 96f2687b8073cdcf667e9fd8d237f44a1434348b (diff) | |
| download | gnutls-a807044bd00658d36a2d507dbe3744280a0a9cf9.tar.gz | |
cert-cred: clear private key data loaded from file
This makes use of the RF_SENSITIVE flag newly added to read_file
function when reading potentially senstive information from a file.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
| -rw-r--r-- | lib/cert-cred-rawpk.c | 13 | ||||
| -rw-r--r-- | lib/cert-cred-x509.c | 8 |
2 files changed, 15 insertions, 6 deletions
diff --git a/lib/cert-cred-rawpk.c b/lib/cert-cred-rawpk.c index 1d086156ab..56bc5f6584 100644 --- a/lib/cert-cred-rawpk.c +++ b/lib/cert-cred-rawpk.c @@ -239,8 +239,6 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred, gnutls_privkey_t privkey; gnutls_pubkey_t pubkey; gnutls_pcert_st* pcert; - gnutls_datum_t rawpubkey = { NULL, 0 }; // to hold rawpk data from file - size_t key_size; gnutls_str_array_t str_names; unsigned int i; @@ -291,8 +289,13 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred, } } else { + gnutls_datum_t rawpubkey; // to hold rawpk data from file + size_t key_size; + /* Read our raw public-key into memory from file */ - rawpubkey.data = (void*) read_file(rawpkfile, RF_BINARY, &key_size); + rawpubkey.data = (void*) read_file(rawpkfile, + RF_BINARY | RF_SENSITIVE, + &key_size); if (rawpubkey.data == NULL) { gnutls_privkey_deinit(privkey); @@ -307,7 +310,9 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred, ret = gnutls_pcert_import_rawpk_raw(pcert, &rawpubkey, format, key_usage, 0); - _gnutls_free_datum(&rawpubkey); + zeroize_key(rawpubkey.data, rawpubkey.size); + free(rawpubkey.data); + rawpubkey.size = 0; if (ret < 0) { gnutls_privkey_deinit(privkey); diff --git a/lib/cert-cred-x509.c b/lib/cert-cred-x509.c index 453b832ac2..04aa3169b6 100644 --- a/lib/cert-cred-x509.c +++ b/lib/cert-cred-x509.c @@ -588,7 +588,7 @@ _gnutls_read_key_file(gnutls_certificate_credentials_t res, (GNUTLS_E_UNIMPLEMENTED_FEATURE); } - data = read_file(keyfile, RF_BINARY, &size); + data = read_file(keyfile, RF_BINARY | RF_SENSITIVE, &size); if (data == NULL) { gnutls_assert(); @@ -596,6 +596,7 @@ _gnutls_read_key_file(gnutls_certificate_credentials_t res, } ret = _gnutls_read_key_mem(res, data, size, type, pass, flags, rkey); + zeroize_key(data, size); free(data); return ret; @@ -1447,7 +1448,8 @@ int size_t size; int ret; - p12blob.data = (void *) read_file(pkcs12file, RF_BINARY, &size); + p12blob.data = (void *) read_file(pkcs12file, RF_BINARY | RF_SENSITIVE, + &size); p12blob.size = (unsigned int) size; if (p12blob.data == NULL) { gnutls_assert(); @@ -1457,7 +1459,9 @@ int ret = gnutls_certificate_set_x509_simple_pkcs12_mem(res, &p12blob, type, password); + zeroize_key(p12blob.data, p12blob.size); free(p12blob.data); + p12blob.size = 0; return ret; } |