attempt to always zero key in ram before exiting

This commit is contained in:
xfnw 2022-03-15 22:50:12 -04:00
parent dcc126300c
commit 1ee0b7e2a3

View file

@ -27,6 +27,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <signal.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/rsa.h> #include <openssl/rsa.h>
#include <openssl/pem.h> #include <openssl/pem.h>
@ -35,6 +36,8 @@
#include <sys/time.h> #include <sys/time.h>
#include <sys/resource.h> #include <sys/resource.h>
RSA *rsa = NULL;
void nodumps() void nodumps()
{ {
struct rlimit r; struct rlimit r;
@ -42,6 +45,12 @@ void nodumps()
setrlimit(RLIMIT_CORE, &r); setrlimit(RLIMIT_CORE, &r);
} }
void byebye(int sig)
{
memset(rsa, 0, sizeof rsa);
exit(0);
}
static int called_passcb = 0; static int called_passcb = 0;
static int pass_cb(char *buf, int size, int rwflag, void *u) static int pass_cb(char *buf, int size, int rwflag, void *u)
{ {
@ -224,10 +233,17 @@ read_challenge(FILE *f)
int int
main(int argc, char **argv) main(int argc, char **argv)
{ {
struct sigaction act;
act.sa_handler = byebye;
sigaction(SIGHUP, &act, 0);
sigaction(SIGINT, &act, 0);
sigaction(SIGTERM, &act, 0);
nodumps(); nodumps();
FILE *kfile; FILE *kfile;
RSA *rsa = NULL;
SHA_CTX ctx; SHA_CTX ctx;
unsigned char *ptr; unsigned char *ptr;
unsigned char *ndata, ddata[512]; unsigned char *ndata, ddata[512];
@ -283,5 +299,5 @@ main(int argc, char **argv)
puts((char *)ndata); puts((char *)ndata);
fflush(NULL); fflush(NULL);
} }
return 0; byebye(0);
} }