- djm@cvs.openbsd.org 2001/09/28 12:07:09

[ssh-keygen.c] bzero private key after loading to smartcard; ok markus@
author: Ben Lindstrom <mouring@eviladmin.org> 2001-10-03 19:18:37 +0200
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-10-03 19:18:37 +0200
commit: 1af4d3bb709453b0b206106adaba7c94548fa6f2 (patch)
tree: 1c49e155e7d893d117d39e430fc6558a1dfd12b1 /ssh-keygen.c
parent: - camield@cvs.openbsd.org 2001/09/27 17:53:24 (diff)
download: openssh-1af4d3bb709453b0b206106adaba7c94548fa6f2.tar.xz
openssh-1af4d3bb709453b0b206106adaba7c94548fa6f2.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 299ba79c8..727b876de 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.81 2001/09/17 20:50:22 markus Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.82 2001/09/28 12:07:09 djm Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -495,6 +495,14 @@ do_upload(struct passwd *pw, const char *sc_reader_id)
 	status = 0;
 	log("loading key done");
 done:
+
+	memset(elements[0], '\0', BN_num_bytes(prv->rsa->q));
+	memset(elements[1], '\0', BN_num_bytes(prv->rsa->p));
+	memset(elements[2], '\0', BN_num_bytes(prv->rsa->iqmp));
+	memset(elements[3], '\0', BN_num_bytes(prv->rsa->dmq1));
+	memset(elements[4], '\0', BN_num_bytes(prv->rsa->dmp1));
+	memset(elements[5], '\0', BN_num_bytes(prv->rsa->n));
+
 	if (prv)
 		key_free(prv);
 	for (i = 0; i < NUM_RSA_KEY_ELEMENTS; i++)
author	Ben Lindstrom <mouring@eviladmin.org>	2001-10-03 19:18:37 +0200
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-10-03 19:18:37 +0200
commit	1af4d3bb709453b0b206106adaba7c94548fa6f2 (patch)
tree	1c49e155e7d893d117d39e430fc6558a1dfd12b1 /ssh-keygen.c
parent	- camield@cvs.openbsd.org 2001/09/27 17:53:24 (diff)
download	openssh-1af4d3bb709453b0b206106adaba7c94548fa6f2.tar.xz openssh-1af4d3bb709453b0b206106adaba7c94548fa6f2.zip