diff options
-rw-r--r-- | THANKS | 1 | ||||
-rw-r--r-- | TODO | 10 | ||||
-rw-r--r-- | cipher/ChangeLog | 5 | ||||
-rw-r--r-- | cipher/ac.c | 13 |
4 files changed, 26 insertions, 3 deletions
@@ -126,6 +126,7 @@ Steffen Ullrich ccrlphr@xensei.com Steffen Zahn zahn@berlin.snafu.de Steven Bakker steven@icoe.att.com Susanne Schultz schultz@hsp.de +Szakats Istvan szaki.ms@gmail.com Thiago Jung Bauermann jungmann@cwb.matrix.com.br Thomas Roessler roessler@guug.de Tom Holroyd tomh@po.crl.go.jp @@ -66,6 +66,16 @@ What's left to do -*- outline -*- collectros need to run that bunch of Unix utilities we don't waste their precious results. +* Add transient flag to RSA key generation + For short living keys it makes sense to allow generation using a PRNG. + We could implement it this way: + + (genkey + (rsa + (nbits 4:1024) + (transient-key))) + + * Out of memory handler for secure memory should do proper logging There is no shortage of standard memory, so logging is most likely diff --git a/cipher/ChangeLog b/cipher/ChangeLog index 7aefcfa6..425e1985 100644 --- a/cipher/ChangeLog +++ b/cipher/ChangeLog @@ -1,3 +1,8 @@ +2008-06-24 Szakats Istvan <szaki.ms@gmail.com> (wk) + + * ac.c (_gcry_ac_key_destroy, _gcry_ac_key_pair_generate): Relase + some more memory. + 2008-04-22 Werner Koch <wk@g10code.com> * rijndael.c (_gcry_aes_cfb_enc, _gcry_aes_cbc_enc) diff --git a/cipher/ac.c b/cipher/ac.c index acf708ad..f65de09b 100644 --- a/cipher/ac.c +++ b/cipher/ac.c @@ -1,6 +1,6 @@ /* ac.c - Alternative interface for asymmetric cryptography. Copyright (C) 2003, 2004, 2005, 2006 - 2007 Free Software Foundation, Inc. + 2007, 2008 Free Software Foundation, Inc. This file is part of Libgcrypt. @@ -1496,6 +1496,7 @@ _gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits, arg_list = NULL; genkey_sexp_request = NULL; genkey_sexp_reply = NULL; + key_sexp = NULL; /* Allocate key pair. */ key_pair_new = gcry_malloc (sizeof (struct gcry_ac_key_pair)); @@ -1631,6 +1632,7 @@ _gcry_ac_key_pair_generate (gcry_ac_handle_t handle, unsigned int nbits, gcry_free (arg_list); gcry_sexp_release (genkey_sexp_request); gcry_sexp_release (genkey_sexp_reply); + gcry_sexp_release (key_sexp); if (err) { _gcry_ac_data_destroy (key_data_secret); @@ -1679,8 +1681,13 @@ _gcry_ac_key_destroy (gcry_ac_key_t key) if (key->data) { for (i = 0; i < key->data->data_n; i++) - if (key->data->data[i].mpi != NULL) - gcry_mpi_release (key->data->data[i].mpi); + { + if (key->data->data[i].mpi) + gcry_mpi_release (key->data->data[i].mpi); + if (key->data->data[i].name) + gcry_free (key->data->data[i].name); + } + gcry_free (key->data->data); gcry_free (key->data); } gcry_free (key); |