1
0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-07-20 18:02:58 +03:00

pki: Set ECDSA signature buffers secure

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Eshan Kelkar <eshankelkar@galorithm.com>
(cherry picked from commit b8e587e498)
This commit is contained in:
Jakub Jelen
2025-06-03 10:18:26 +02:00
parent 991b4422bd
commit e4ede51d87
2 changed files with 5 additions and 0 deletions

View File

@ -2078,6 +2078,9 @@ static int pki_signature_from_ecdsa_blob(UNUSED_PARAM(const ssh_key pubkey),
return SSH_ERROR;
}
/* The buffer will contain sensitive information. Make sure it is erased */
ssh_buffer_set_secure(buf);
rc = ssh_buffer_add_data(buf,
ssh_string_data(sig_blob),
ssh_string_len(sig_blob));

View File

@ -1846,6 +1846,8 @@ ssh_signature pki_signature_from_blob(const ssh_key pubkey,
ssh_signature_free(sig);
return NULL;
}
/* The buffer will contain sensitive information. */
ssh_buffer_set_secure(b);
rc = ssh_buffer_add_data(b,
ssh_string_data(sig_blob),