diff options
| author | Dimitri Staessens <dimitri@ouroboros.rocks> | 2026-06-21 14:50:25 +0200 |
|---|---|---|
| committer | Sander Vrijders <sander@ouroboros.rocks> | 2026-06-29 08:33:00 +0200 |
| commit | 451afac626648a4aa534f1dec0f318231dfd8874 (patch) | |
| tree | 661f319a97dea525c3c9a5b1c335de3738527d73 /src/lib | |
| parent | 4b16f7b9ba95f7e24ff443e5b215c2823c1387f7 (diff) | |
| download | ouroboros-451afac626648a4aa534f1dec0f318231dfd8874.tar.gz ouroboros-451afac626648a4aa534f1dec0f318231dfd8874.zip | |
lib: Wipe unpacked session key after copy
Zeroize the symmetric key in the unpacked IRM message once it has been
copied into the crypt context, in both flow__irm_result_des and
flow_rekey__irm_result_des, so key material does not linger in the
protobuf buffer until it is freed.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/serdes-irm.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/lib/serdes-irm.c b/src/lib/serdes-irm.c index 74ca694c..1d9b4dec 100644 --- a/src/lib/serdes-irm.c +++ b/src/lib/serdes-irm.c @@ -176,6 +176,9 @@ int flow__irm_result_des(buffer_t * buf, sk->epoch = msg->has_generation ? (uint8_t) msg->generation : 0; + if (msg->sym_key.len == SYMMKEYSZ) + crypt_secure_clear(msg->sym_key.data, msg->sym_key.len); + irm_msg__free_unpacked(msg, NULL); return 0; @@ -216,6 +219,7 @@ int flow_rekey__irm_result_des(buffer_t * buf, sk->epoch = msg->has_generation ? (uint8_t) msg->generation : 0; *initiator = msg->has_rk_initiator && msg->rk_initiator; + crypt_secure_clear(msg->sym_key.data, msg->sym_key.len); } irm_msg__free_unpacked(msg, NULL); |
