diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-10-03 17:18:37 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-10-03 17:18:37 +0000 |
commit | 1af4d3bb709453b0b206106adaba7c94548fa6f2 (patch) | |
tree | 1c49e155e7d893d117d39e430fc6558a1dfd12b1 | |
parent | 6149a6c57fe24a4afc4a11be7f2061d4d079966a (diff) |
- djm@cvs.openbsd.org 2001/09/28 12:07:09
[ssh-keygen.c]
bzero private key after loading to smartcard; ok markus@
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | ssh-keygen.c | 10 |
2 files changed, 13 insertions, 2 deletions
@@ -14,6 +14,9 @@ | |||
14 | [sshd.8] | 14 | [sshd.8] |
15 | don't talk about compile-time options | 15 | don't talk about compile-time options |
16 | ok markus@ | 16 | ok markus@ |
17 | - djm@cvs.openbsd.org 2001/09/28 12:07:09 | ||
18 | [ssh-keygen.c] | ||
19 | bzero private key after loading to smartcard; ok markus@ | ||
17 | 20 | ||
18 | 20011001 | 21 | 20011001 |
19 | - (stevesk) loginrec.c: fix type conversion problems exposed when using | 22 | - (stevesk) loginrec.c: fix type conversion problems exposed when using |
@@ -6606,4 +6609,4 @@ | |||
6606 | - Wrote replacements for strlcpy and mkdtemp | 6609 | - Wrote replacements for strlcpy and mkdtemp |
6607 | - Released 1.0pre1 | 6610 | - Released 1.0pre1 |
6608 | 6611 | ||
6609 | $Id: ChangeLog,v 1.1573 2001/10/03 17:15:32 mouring Exp $ | 6612 | $Id: ChangeLog,v 1.1574 2001/10/03 17:18:37 mouring Exp $ |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 299ba79c8..727b876de 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.81 2001/09/17 20:50:22 markus Exp $"); | 15 | RCSID("$OpenBSD: ssh-keygen.c,v 1.82 2001/09/28 12:07:09 djm Exp $"); |
16 | 16 | ||
17 | #include <openssl/evp.h> | 17 | #include <openssl/evp.h> |
18 | #include <openssl/pem.h> | 18 | #include <openssl/pem.h> |
@@ -495,6 +495,14 @@ do_upload(struct passwd *pw, const char *sc_reader_id) | |||
495 | status = 0; | 495 | status = 0; |
496 | log("loading key done"); | 496 | log("loading key done"); |
497 | done: | 497 | done: |
498 | |||
499 | memset(elements[0], '\0', BN_num_bytes(prv->rsa->q)); | ||
500 | memset(elements[1], '\0', BN_num_bytes(prv->rsa->p)); | ||
501 | memset(elements[2], '\0', BN_num_bytes(prv->rsa->iqmp)); | ||
502 | memset(elements[3], '\0', BN_num_bytes(prv->rsa->dmq1)); | ||
503 | memset(elements[4], '\0', BN_num_bytes(prv->rsa->dmp1)); | ||
504 | memset(elements[5], '\0', BN_num_bytes(prv->rsa->n)); | ||
505 | |||
498 | if (prv) | 506 | if (prv) |
499 | key_free(prv); | 507 | key_free(prv); |
500 | for (i = 0; i < NUM_RSA_KEY_ELEMENTS; i++) | 508 | for (i = 0; i < NUM_RSA_KEY_ELEMENTS; i++) |