diff options
| author | Denys Vlasenko | 2018-11-25 16:17:26 +0100 |
|---|---|---|
| committer | Denys Vlasenko | 2018-11-25 16:17:26 +0100 |
| commit | a6192f347fb87289c9cfdc4d57b126d704eba0de (patch) | |
| tree | a444d7679f2d7d239fa7776fba8b5b578582adee /networking | |
| parent | eb53d01be54caf0208e4006c089d7841fe4a0f57 (diff) | |
| download | busybox-a6192f347fb87289c9cfdc4d57b126d704eba0de.zip busybox-a6192f347fb87289c9cfdc4d57b126d704eba0de.tar.gz | |
tls: do not leak RSA key
function old new delta
tls_handshake 1957 2059 +102
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking')
| -rw-r--r-- | networking/tls.c | 1 | ||||
| -rw-r--r-- | networking/tls_rsa.h | 12 |
2 files changed, 13 insertions, 0 deletions
diff --git a/networking/tls.c b/networking/tls.c index 9b4298d..9833a0a 100644 --- a/networking/tls.c +++ b/networking/tls.c @@ -2168,6 +2168,7 @@ void FAST_FUNC tls_handshake(tls_state_t *tls, const char *sni) /* application data can be sent/received */ /* free handshake data */ + psRsaKey_clear(&tls->hsd->server_rsa_pub_key); // if (PARANOIA) // memset(tls->hsd, 0, tls->hsd->hsd_size); free(tls->hsd); diff --git a/networking/tls_rsa.h b/networking/tls_rsa.h index f42923f..82bea2a 100644 --- a/networking/tls_rsa.h +++ b/networking/tls_rsa.h @@ -13,6 +13,18 @@ typedef struct { //bbox psPool_t *pool; } psRsaKey_t; +static ALWAYS_INLINE void psRsaKey_clear(psRsaKey_t *key) +{ + pstm_clear(&key->N); + pstm_clear(&key->e); + pstm_clear(&key->d); + pstm_clear(&key->p); + pstm_clear(&key->q); + pstm_clear(&key->dP); + pstm_clear(&key->dQ); + pstm_clear(&key->qP); +} + #define psRsaEncryptPub(pool, key, in, inlen, out, outlen, data) \ psRsaEncryptPub( key, in, inlen, out, outlen) int32 psRsaEncryptPub(psPool_t *pool, psRsaKey_t *key, |