diff options
| -rw-r--r-- | agent/call-scd.c | 7 | ||||
| -rw-r--r-- | agent/command.c | 19 | ||||
| -rw-r--r-- | scd/command.c | 2 |
3 files changed, 23 insertions, 5 deletions
diff --git a/agent/call-scd.c b/agent/call-scd.c index 154ea34d9..aa8c3eece 100644 --- a/agent/call-scd.c +++ b/agent/call-scd.c @@ -384,7 +384,12 @@ inq_needpin (void *opaque, const char *line) rc = parm->getpin_cb (parm->getpin_cb_arg, parm->getpin_cb_desc, line, pin, pinlen); if (!rc) - rc = assuan_send_data (parm->ctx, pin, pinlen); + { + assuan_begin_confidential (parm->ctx); + rc = assuan_send_data (parm->ctx, pin, pinlen); + assuan_end_confidential (parm->ctx); + } + wipememory (pin, pinlen); xfree (pin); } else if ((s = has_leading_keyword (line, "POPUPPINPADPROMPT"))) diff --git a/agent/command.c b/agent/command.c index 052f9db48..2058c2a59 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2387,7 +2387,11 @@ cmd_preset_passphrase (assuan_context_t ctx, char *line) rc = print_assuan_status (ctx, "INQUIRE_MAXLEN", "%zu", maxlen); if (!rc) - rc = assuan_inquire (ctx, "PASSPHRASE", &passphrase, &len, maxlen); + { + assuan_begin_confidential (ctx); + rc = assuan_inquire (ctx, "PASSPHRASE", &passphrase, &len, maxlen); + assuan_end_confidential (ctx); + } } else rc = set_error (GPG_ERR_NOT_IMPLEMENTED, "passphrase is required"); @@ -2396,7 +2400,10 @@ cmd_preset_passphrase (assuan_context_t ctx, char *line) { rc = agent_put_cache (ctrl, grip_clear, CACHE_MODE_ANY, passphrase, ttl); if (opt_inquire) - xfree (passphrase); + { + wipememory (passphrase, len); + xfree (passphrase); + } } leave: @@ -3219,8 +3226,12 @@ cmd_put_secret (assuan_context_t ctx, char *line) { err = print_assuan_status (ctx, "INQUIRE_MAXLEN", "%u",MAXLEN_PUT_SECRET); if (!err) - err = assuan_inquire (ctx, "SECRET", - &value, &valuelen, MAXLEN_PUT_SECRET); + { + assuan_begin_confidential (ctx); + err = assuan_inquire (ctx, "SECRET", + &value, &valuelen, MAXLEN_PUT_SECRET); + assuan_end_confidential (ctx); + } if (err) goto leave; } diff --git a/scd/command.c b/scd/command.c index e73228f3d..28fdfcb62 100644 --- a/scd/command.c +++ b/scd/command.c @@ -978,7 +978,9 @@ pin_cb (void *opaque, const char *info, char **retstr) /* Fixme: Write an inquire function which returns the result in secure memory and check all further handling of the PIN. */ + assuan_begin_confidential (ctx); rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN); + assuan_end_confidential (ctx); xfree (command); if (rc) return rc; |