diff --git a/agent/call-scd.c b/agent/call-scd.c index 6438693af..c5b95f433 100644 --- a/agent/call-scd.c +++ b/agent/call-scd.c @@ -737,7 +737,12 @@ inq_needpin (void *opaque, const char *line) rc = parm->getpin_cb (parm->getpin_cb_arg, parm->getpin_cb_desc, line, pin, pinlen); if (!rc) - rc = assuan_send_data (parm->ctx, pin, pinlen); + { + assuan_begin_confidential (parm->ctx); + rc = assuan_send_data (parm->ctx, pin, pinlen); + assuan_end_confidential (parm->ctx); + } + wipememory (pin, pinlen); xfree (pin); } else if ((s = has_leading_keyword (line, "POPUPPINPADPROMPT"))) diff --git a/agent/command.c b/agent/command.c index e22e2fa0b..5da5dbcc0 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2120,7 +2120,11 @@ cmd_preset_passphrase (assuan_context_t ctx, char *line) rc = print_assuan_status (ctx, "INQUIRE_MAXLEN", "%zu", maxlen); if (!rc) - rc = assuan_inquire (ctx, "PASSPHRASE", &passphrase, &len, maxlen); + { + assuan_begin_confidential (ctx); + rc = assuan_inquire (ctx, "PASSPHRASE", &passphrase, &len, maxlen); + assuan_end_confidential (ctx); + } } else rc = set_error (GPG_ERR_NOT_IMPLEMENTED, "passphrase is required"); @@ -2129,7 +2133,10 @@ cmd_preset_passphrase (assuan_context_t ctx, char *line) { rc = agent_put_cache (ctrl, grip_clear, CACHE_MODE_ANY, passphrase, ttl); if (opt_inquire) - xfree (passphrase); + { + wipememory (passphrase, len); + xfree (passphrase); + } } leave: diff --git a/scd/command.c b/scd/command.c index fab65860b..925fd7597 100644 --- a/scd/command.c +++ b/scd/command.c @@ -698,7 +698,9 @@ pin_cb (void *opaque, const char *info, char **retstr) /* Fixme: Write an inquire function which returns the result in secure memory and check all further handling of the PIN. */ + assuan_begin_confidential (ctx); rc = assuan_inquire (ctx, command, &value, &valuelen, MAXLEN_PIN); + assuan_end_confidential (ctx); xfree (command); if (rc) return rc;