diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-03-14 14:28:07 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-03-14 16:48:14 +0100 |
commit | 67819944a69a7faba0d1cf400facaffce6da01d5 (patch) | |
tree | 5621b075255d679c56f43de17d8123ab36e5df68 /openpgp/src/crypto | |
parent | 4989669caddf46613d17ccc08b5471eeaa25ac43 (diff) |
openpgp: Avoid leaking secrets when parsing secret key material.
Diffstat (limited to 'openpgp/src/crypto')
-rw-r--r-- | openpgp/src/crypto/mpi.rs | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/openpgp/src/crypto/mpi.rs b/openpgp/src/crypto/mpi.rs index fe1bebff..961398c5 100644 --- a/openpgp/src/crypto/mpi.rs +++ b/openpgp/src/crypto/mpi.rs @@ -46,6 +46,12 @@ assert_send_and_sync!(MPI); impl From<Vec<u8>> for MPI { fn from(v: Vec<u8>) -> Self { + // XXX: This will leak secrets in v into the heap. But, + // eagerly clearing the memory may have a very high overhead, + // after all, most MPIs that we encounter will not contain + // secrets. I think it is better to avoid creating MPIs that + // contain secrets in the first place. In 2.0, we can remove + // the impl From<MPI> for ProtectedMPI. Self::new(&v) } } @@ -353,6 +359,8 @@ impl From<Protected> for ProtectedMPI { } } +// XXX: In 2.0, get rid of this conversion. If the value has been +// parsed into an MPI, it may have already leaked. impl From<MPI> for ProtectedMPI { fn from(m: MPI) -> Self { ProtectedMPI { |