shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2025-03-25 18:50:44 +03:00
Code Issues Projects Releases Wiki Activity

sign: Use explicit_bzero to clear secret key material

Browse Source 
Suggested in:
https://github.com/ostreedev/ostree/pull/3278#discussion_r1675696052

Signed-off-by: Daiki Ueno <dueno@redhat.com>
This commit is contained in:
Daiki Ueno 2024-07-13 10:05:00 +09:00
parent dc1f9fb49b
commit 867dc0b74d
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/libostree/ostree-sign-ed25519.c
View File

@ -27,6 +27,7 @@
#include "otcore.h"
#include <libglnx.h>
#include <ot-checksum-utils.h>
#include <string.h>
#undef G_LOG_DOMAIN
#define G_LOG_DOMAIN "OSTreeSign"
@ -320,7 +321,7 @@ ostree_sign_ed25519_clear_keys (OstreeSign *self, GError **error)
/* Clear secret key */
if (sign->secret_key != NULL)
{
memset (sign->secret_key, 0, OSTREE_SIGN_ED25519_SECKEY_SIZE);
explicit_bzero (sign->secret_key, OSTREE_SIGN_ED25519_SECKEY_SIZE);
g_free (sign->secret_key);
sign->secret_key = NULL;
}