From 052f58422dca1044aba7acb4cf57416e7a8cb01f Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 25 May 2022 14:53:06 +0900
Subject: agent,scd: Make sure to set CONFIDENTIAL flag in Assuan.

* agent/call-scd.c (inq_needpin): Call assuan_begin_confidential
and assuan_end_confidential, and wipe the memory after use.
* agent/command.c (cmd_preset_passphrase): Likewise.
(cmd_put_secret): Likewise.
* scd/command.c (pin_cb): Likewise.

--

GnuPG-bug-id: 5977
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 scd/command.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'scd/command.c')

diff --git a/scd/command.c b/scd/command.c
index e73228f3d..28fdfcb62 100644
--- a/scd/command.c
+++ b/scd/command.c
@@ -978,7 +978,9 @@ pin_cb (void *opaque, const char *info, char **retstr)
 
   /* Fixme: Write an inquire function which returns the result in
      secure memory and check all further handling of the PIN. */
+  assuan_begin_confidential (ctx);
   rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN);
+  assuan_end_confidential (ctx);
   xfree (command);
   if (rc)
     return rc;
-- 
cgit v1.2.3