From ae8f68b24660be2f55730d886df7467e31b7828a Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Sat, 15 Mar 2014 14:34:47 +0100 Subject: clear response from memory --- udev/ykfde.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/udev/ykfde.c b/udev/ykfde.c index 8e92ba9..35000d6 100644 --- a/udev/ykfde.c +++ b/udev/ykfde.c @@ -102,7 +102,7 @@ int main(int argc, char **argv) { /* Yubikey */ YK_KEY * yk; uint8_t slot = SLOT_CHAL_HMAC2; - unsigned char response[64]; + unsigned char response[SHA1_MAX_BLOCK_SIZE]; unsigned char response_hex[(SHA1_MAX_BLOCK_SIZE * 2) + 1]; char response_askpass[(SHA1_MAX_BLOCK_SIZE * 2) + 2]; /* iniparser */ @@ -230,6 +230,10 @@ out60: closedir(dir); out50: + memset(response, 0, sizeof(response)); + memset(response_hex, 0, sizeof(response_hex)); + memset(response_askpass, 0, sizeof(response_askpass)); + if (!yk_close_key(yk)) perror("yk_close_key() failed"); -- cgit v1.2.3-70-g09d2