Wipe (some) secrets from memory after use

[tinc] / src / sptps_keypair.c

diff --git a/src/sptps_keypair.c b/src/sptps_keypair.c
index 17d26f9..7fcfee6 100644 (file)
--- a/src/sptps_keypair.c
+++ b/src/sptps_keypair.c
@@ -62,14 +62,14 @@ static int generate_keypair(char *argv[]) {
        if(fp) {
                if(!ecdsa_write_pem_private_key(key, fp)) {
                        fprintf(stderr, "Could not write ECDSA private key\n");
-                       free(key);
+                       ecdsa_free(key);
                        return 1;
                }
 
                fclose(fp);
        } else {
                fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[1], strerror(errno));
-               free(key);
+               ecdsa_free(key);
                return 1;
        }
 
@@ -80,12 +80,12 @@ static int generate_keypair(char *argv[]) {
                        fprintf(stderr, "Could not write ECDSA public key\n");
                }
 
-               free(key);
+               ecdsa_free(key);
                fclose(fp);
                return 0;
        } else {
                fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[2], strerror(errno));
-               free(key);
+               ecdsa_free(key);
                return 1;
        }
 }