Wipe (some) secrets from memory after use

[tinc] / src / sptps_keypair.c

diff --git a/src/sptps_keypair.c b/src/sptps_keypair.c
index 4dbd2ba..7fcfee6 100644 (file)
--- a/src/sptps_keypair.c
+++ b/src/sptps_keypair.c
@@ -1,6 +1,6 @@
 /*
     sptps_test.c -- Simple Peer-to-Peer Security test program
-    Copyright (C) 2011-2013 Guus Sliepen <guus@tinc-vpn.org>,
+    Copyright (C) 2011-2022 Guus Sliepen <guus@tinc-vpn.org>,
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -19,14 +19,13 @@
 
 #include "system.h"
 
-#include <getopt.h>
-
 #include "crypto.h"
+#include "random.h"
 #include "ecdsagen.h"
+#include "logger.h"
+#include "names.h"
 
-static char *program_name;
-
-void logger(int level, int priority, const char *format, ...) {
+void logger(debug_t level, int priority, const char *format, ...) {
        (void)level;
        (void)priority;
        va_list ap;
@@ -38,7 +37,7 @@ void logger(int level, int priority, const char *format, ...) {
        fputc('\n', stderr);
 }
 
-static void usage() {
+static void usage(void) {
        fprintf(stderr, "Usage: %s [options] private_key_file public_key_file\n\n", program_name);
        fprintf(stderr, "Valid options are:\n"
                "  --help  Display this help and exit.\n"
@@ -51,6 +50,46 @@ static struct option const long_options[] = {
        {NULL, 0, NULL, 0}
 };
 
+static int generate_keypair(char *argv[]) {
+       ecdsa_t *key = ecdsa_generate();
+
+       if(!key) {
+               return 1;
+       }
+
+       FILE *fp = fopen(argv[1], "w");
+
+       if(fp) {
+               if(!ecdsa_write_pem_private_key(key, fp)) {
+                       fprintf(stderr, "Could not write ECDSA private key\n");
+                       ecdsa_free(key);
+                       return 1;
+               }
+
+               fclose(fp);
+       } else {
+               fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[1], strerror(errno));
+               ecdsa_free(key);
+               return 1;
+       }
+
+       fp = fopen(argv[2], "w");
+
+       if(fp) {
+               if(!ecdsa_write_pem_public_key(key, fp)) {
+                       fprintf(stderr, "Could not write ECDSA public key\n");
+               }
+
+               ecdsa_free(key);
+               fclose(fp);
+               return 0;
+       } else {
+               fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[2], strerror(errno));
+               ecdsa_free(key);
+               return 1;
+       }
+}
+
 int main(int argc, char *argv[]) {
        program_name = argv[0];
        int r;
@@ -83,43 +122,12 @@ int main(int argc, char *argv[]) {
                return 1;
        }
 
+       random_init();
        crypto_init();
 
-       ecdsa_t *key = ecdsa_generate();
-
-       if(!key) {
-               return 1;
-       }
-
-       FILE *fp = fopen(argv[1], "w");
-
-       if(fp) {
-               if(!ecdsa_write_pem_private_key(key, fp)) {
-                       fprintf(stderr, "Could not write ECDSA private key\n");
-                       free(key);
-                       return 1;
-               }
-
-               fclose(fp);
-       } else {
-               fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[1], strerror(errno));
-               free(key);
-               return 1;
-       }
+       int result = generate_keypair(argv);
 
-       fp = fopen(argv[2], "w");
+       random_exit();
 
-       if(fp) {
-               if(!ecdsa_write_pem_public_key(key, fp)) {
-                       fprintf(stderr, "Could not write ECDSA public key\n");
-               }
-
-               free(key);
-               fclose(fp);
-               return 0;
-       } else {
-               fprintf(stderr, "Could not open '%s' for writing: %s\n", argv[2], strerror(errno));
-               free(key);
-               return 1;
-       }
+       return result;
 }