Opened 3 years ago

Closed 3 years ago

Last modified 18 months ago

#13477 closed defect (fixed)

Memwipe more keys after tor is finished using them

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: 0.2.6.x-final
Component: Core Tor/Tor Version: Tor: unspecified
Severity: Keywords: tor-router, easy, 2016-bug-retrospective
Cc: nickm Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


I think crypto_digest_get_digest and init_curve25519_keypair_from_file aren't memwiping all their key memory.

I'll list the details of a branch when the changes file is done.

Child Tickets

Change History (5)

comment:1 Changed 3 years ago by teor

Keywords: easy added
Status: newneeds_review

I've created a git branch for this bug:
Branch: memwipe-more-keys
Repository: ​​​​​

It's a single commit which switches out memset for memwipe in two lines, one in each of crypto_digest_get_digest and init_curve25519_keypair_from_file.

comment:2 Changed 3 years ago by nickm

Milestone: Tor: 0.2.6.x-final

comment:3 Changed 3 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merged it, though I think that the router.c one is probably safe as a memset: keys_out is not used if we return an error from init_curve25519_keypair_from_file, is it?

comment:4 Changed 3 years ago by teor

Yes, you're right - I didn't quite work through all the cases.

If I had, I might have also wiped whatever we read in (if anything) from corrupted files in the FN_FILE (file present) error cases. But I think that worrying about data that *might* be parts of a key, mixed with at least some garbage, is being a little paranoid.

comment:5 Changed 18 months ago by nickm

Keywords: 2016-bug-retrospective added

Mark more tickets for bug retrospective based on hand-review of changelogs from 0.2.5 onwards.

Note: See TracTickets for help on using tickets.