]> git.ipfire.org Git - thirdparty/tor.git/commitdiff
projects / thirdparty / tor.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3ea1af8)
crypto: Wipe secret material in hs_ntor code
authorDavid Goulet <dgoulet@torproject.org>
Mon, 23 Mar 2026 13:48:53 +0000 (09:48 -0400)
committerDavid Goulet <dgoulet@torproject.org>
Mon, 23 Mar 2026 13:53:37 +0000 (09:53 -0400)
Signed-off-by: David Goulet <dgoulet@torproject.org>
src/core/crypto/hs_ntor.c patch | blob | blame | history

diff --git a/src/core/crypto/hs_ntor.c b/src/core/crypto/hs_ntor.c
index f6cee3494b059d27bab5a04ee2e8f3b97daf2f53..579b098ddd9629ade86504a630d141ae56552506 100644 (file)
--- a/src/core/crypto/hs_ntor.c
+++ b/src/core/crypto/hs_ntor.c
@@ -348,6 +348,7 @@ hs_ntor_client_get_introduce1_keys(
 
   /* Cleanup */
   memwipe(secret_input,  0, sizeof(secret_input));
+  memwipe(dh_result,  0, sizeof(dh_result));
   if (bad) {
     memwipe(hs_ntor_intro_cell_keys_out, 0, sizeof(hs_ntor_intro_cell_keys_t));
   }
@@ -419,6 +420,8 @@ hs_ntor_client_get_rendezvous1_keys(
                                       &client_ephemeral_enc_keypair->pubkey,
                                       hs_ntor_rend_cell_keys_out);
 
+  memwipe(dh_result1,  0, sizeof(dh_result1));
+  memwipe(dh_result2,  0, sizeof(dh_result2));
   memwipe(rend_secret_hs_input, 0, sizeof(rend_secret_hs_input));
   if (bad) {
     memwipe(hs_ntor_rend_cell_keys_out, 0, sizeof(hs_ntor_rend_cell_keys_t));
@@ -505,6 +508,7 @@ hs_ntor_service_get_introduce1_keys_multi(
                                 &hs_ntor_intro_cell_keys_out[i]);
   }
 
+  memwipe(dh_result,  0, sizeof(dh_result));
   memwipe(secret_input,  0, sizeof(secret_input));
   if (bad) {
     memwipe(hs_ntor_intro_cell_keys_out, 0,
@@ -579,6 +583,8 @@ hs_ntor_service_get_rendezvous1_keys(
                                       client_ephemeral_enc_pubkey,
                                       hs_ntor_rend_cell_keys_out);
 
+  memwipe(dh_result1,  0, sizeof(dh_result1));
+  memwipe(dh_result2,  0, sizeof(dh_result2));
   memwipe(rend_secret_hs_input, 0, sizeof(rend_secret_hs_input));
   if (bad) {
     memwipe(hs_ntor_rend_cell_keys_out, 0, sizeof(hs_ntor_rend_cell_keys_t));
@@ -636,5 +642,6 @@ hs_ntor_circuit_key_expansion(const uint8_t *ntor_key_seed, size_t seed_len,
   crypto_xof(keys_out, HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN,
              kdf_input, sizeof(kdf_input));
 
+  memwipe(kdf_input,  0, sizeof(kdf_input));
   return 0;
 }
Mirror of https://git.torproject.org/tor.git