From 31de2267ec849cd8f269cd8bf25b8590f2d93e1d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 3 Feb 2004 16:24:37 +0000 Subject: * findkey.c (agent_key_from_file): Extra paranoid wipe. * protect.c (agent_unprotect): Ditto. (merge_lists): Ditto. Add arg RESULTLEN. * pkdecrypt.c (agent_pkdecrypt): Don't show the secret key even in debug mode. * protect.c: Add DSA and Elgamal description. --- agent/findkey.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'agent/findkey.c') diff --git a/agent/findkey.c b/agent/findkey.c index a9566a2c7..f145daef1 100644 --- a/agent/findkey.c +++ b/agent/findkey.c @@ -154,7 +154,7 @@ unprotect (CTRL ctrl, sprintf (hexgrip+2*i, "%02X", grip[i]); hexgrip[40] = 0; - /* first try to get it from the cache - if there is none or we can't + /* First try to get it from the cache - if there is none or we can't unprotect it, we fall back to ask the user */ if (!ignore_cache) { @@ -329,9 +329,9 @@ agent_key_from_file (CTRL ctrl, return rc; } - /* Arggg FIXME: does scan support secure memory? */ - rc = gcry_sexp_sscan (&s_skey, &erroff, - buf, gcry_sexp_canon_len (buf, 0, NULL, NULL)); + buflen = gcry_sexp_canon_len (buf, 0, NULL, NULL); + rc = gcry_sexp_sscan (&s_skey, &erroff, buf, buflen); + wipememory (buf, buflen); xfree (buf); if (rc) { -- cgit v1.2.3