From 6364e9fd516b3817deaffc4f91c42d11f261b23c Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Wed, 13 May 2026 11:05:37 +0300 Subject: [PATCH] Clear PIN buffer IB-8944 Signed-off-by: Raul Metsma --- src/crypto/PKCS11Signer.cpp | 4 ++++ src/crypto/WinSigner.cpp | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/src/crypto/PKCS11Signer.cpp b/src/crypto/PKCS11Signer.cpp index 821684169..3f0d72aed 100644 --- a/src/crypto/PKCS11Signer.cpp +++ b/src/crypto/PKCS11Signer.cpp @@ -73,6 +73,8 @@ class PKCS11Signer::Private void *h {}; #endif + ~Private() { OPENSSL_cleanse(pin.data(), pin.size()); } + CK_FUNCTION_LIST *f {}; struct SignSlot { @@ -335,6 +337,7 @@ X509Cert PKCS11Signer::selectSigningCertificate(const vector &certific */ void PKCS11Signer::setPin(const string &pin) { + OPENSSL_cleanse(d->pin.data(), d->pin.size()); d->pin = pin; } @@ -382,6 +385,7 @@ vector PKCS11Signer::sign(const string &method, const vectorsign.certificate); rv = d->f->C_Login(session.handle, CKU_USER, CK_BYTE_PTR(_pin.c_str()), CK_ULONG(_pin.size())); + OPENSSL_cleanse(_pin.data(), _pin.size()); } switch(rv) { diff --git a/src/crypto/WinSigner.cpp b/src/crypto/WinSigner.cpp index 64d365515..e032d876d 100644 --- a/src/crypto/WinSigner.cpp +++ b/src/crypto/WinSigner.cpp @@ -77,6 +77,8 @@ class WinSigner::Private static BOOL WINAPI CertFilter(PCCERT_CONTEXT cert_context, PBOOL is_initial_selected_cert, PVOID callback_data); + ~Private() { SecureZeroMemory(pin.data(), pin.size()); } + X509Cert cert; HCRYPTPROV_OR_NCRYPT_KEY_HANDLE key {}; DWORD spec {}; @@ -219,6 +221,7 @@ string WinSigner::method() const */ void WinSigner::setPin(const string &pin) { + SecureZeroMemory(d->pin.data(), d->pin.size()); d->pin = pin; } @@ -273,6 +276,7 @@ vector WinSigner::sign(const string &method, const vectorpin); err = NCryptSetProperty(d->key, NCRYPT_PIN_PROPERTY, PBYTE(pin.c_str()), DWORD(pin.size()), 0); + SecureZeroMemory(pin.data(), pin.size() * sizeof(wchar_t)); if(err != ERROR_SUCCESS) break; }