agent,scd: Make sure to set CONFIDENTIAL flag in Assuan.

* agent/call-scd.c (inq_needpin): Call assuan_begin_confidential and assuan_end_confidential, and wipe the memory after use. * agent/command.c (cmd_preset_passphrase): Likewise. (cmd_put_secret): Likewise. * scd/command.c (pin_cb): Likewise. -- GnuPG-bug-id: 5977 Signed-off-by: NIIBE Yutaka <[email protected]>
author: NIIBE Yutaka <[email protected]> 2022-05-25 05:53:06 +0000
committer: NIIBE Yutaka <[email protected]> 2022-05-25 05:53:06 +0000
commit: 052f58422dca1044aba7acb4cf57416e7a8cb01f (patch)
tree: ee9f82b478926e8d14297947d0cd3b9cff11214e /agent/call-scd.c
parent: agent: Add missing assuan_end_confidential call. (diff)
download: gnupg-052f58422dca1044aba7acb4cf57416e7a8cb01f.tar.gz
gnupg-052f58422dca1044aba7acb4cf57416e7a8cb01f.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/agent/call-scd.c b/agent/call-scd.c
index 154ea34d9..aa8c3eece 100644
--- a/agent/call-scd.c
+++ b/agent/call-scd.c
@@ -384,7 +384,12 @@ inq_needpin (void *opaque, const char *line)
       rc = parm->getpin_cb (parm->getpin_cb_arg, parm->getpin_cb_desc,
                             line, pin, pinlen);
       if (!rc)
-        rc = assuan_send_data (parm->ctx, pin, pinlen);
+        {
+          assuan_begin_confidential (parm->ctx);
+          rc = assuan_send_data (parm->ctx, pin, pinlen);
+          assuan_end_confidential (parm->ctx);
+        }
+      wipememory (pin, pinlen);
       xfree (pin);
     }
   else if ((s = has_leading_keyword (line, "POPUPPINPADPROMPT")))
author	NIIBE Yutaka <[email protected]>	2022-05-25 05:53:06 +0000
committer	NIIBE Yutaka <[email protected]>	2022-05-25 05:53:06 +0000
commit	052f58422dca1044aba7acb4cf57416e7a8cb01f (patch)
tree	ee9f82b478926e8d14297947d0cd3b9cff11214e /agent/call-scd.c
parent	agent: Add missing assuan_end_confidential call. (diff)
download	gnupg-052f58422dca1044aba7acb4cf57416e7a8cb01f.tar.gz gnupg-052f58422dca1044aba7acb4cf57416e7a8cb01f.zip