commit eb430028f4df30b11f60c9200e8e769d6722cbb8
parent a8d0411a61ac3a8045de370ed346edf923bc85fb
Author: Nihal Jere <nihal@nihaljere.xyz>
Date: Tue, 7 Sep 2021 21:42:43 -0500
explicitly clear secret data
Diffstat:
| M | npm.c | | | 15 | +++++++++++++++ |
1 file changed, 15 insertions(+), 0 deletions(-)
diff --git a/npm.c b/npm.c
@@ -1,3 +1,5 @@
+#define _BSD_SOURCE
+
#include <errno.h>
#include <string.h>
#include <stdint.h>
@@ -20,6 +22,17 @@ char key[KEY_LEN];
char nonce[NONCE_LEN];
char salt[SALT_LEN];
+void
+clear()
+{
+ explicit_bzero(data, sizeof(data));
+ explicit_bzero(encryptee, sizeof(encryptee));
+ explicit_bzero(encryptor, sizeof(encryptor));
+ explicit_bzero(key, sizeof(key));
+ explicit_bzero(nonce, sizeof(nonce));
+ explicit_bzero(salt, sizeof(salt));
+}
+
ssize_t
get_password(char *buf)
{
@@ -179,10 +192,12 @@ int main(int argc, char *argv[]) {
fclose(file);
}
+ clear();
return 0;
fail:
if (file)
fclose(file);
+ clear();
return 1;
}
