diff options
| author | Konstantin Shegunov <[email protected]> | 2019-04-03 13:00:01 +0300 |
|---|---|---|
| committer | Konstantin Shegunov <[email protected]> | 2019-04-18 08:38:29 +0000 |
| commit | 642ef0c7311e18b9b4414af6ec3a2d8210bb6880 (patch) | |
| tree | 47626db671f50d3441fdbf9e2a629b6bab30b473 | |
| parent | 65314b6ce88cdbb28a22be0cab9856ec9bc9604b (diff) | |
Clear SSL key data as soon as possible when move-assigning
Move-assign uses qSwap to exchange the private pointer and thus can
extend the lifetime of sensitive data. The move assignment operator
is changed so it releases the private data as soon as possible.
[ChangeLog][QtNetwork][QSslKey] Key data is cleared as soon as
possible when move-assigning.
Change-Id: Iebd029bf657acfe000417ce648e3b3829948c0e5
Reviewed-by: Samuel Gaist <[email protected]>
| -rw-r--r-- | src/network/ssl/qsslkey.h | 5 | ||||
| -rw-r--r-- | src/network/ssl/qsslkey_p.cpp | 18 | ||||
| -rw-r--r-- | src/network/ssl/qsslkey_qt.cpp | 5 |
3 files changed, 24 insertions, 4 deletions
diff --git a/src/network/ssl/qsslkey.h b/src/network/ssl/qsslkey.h index a865f20a510..74be4065392 100644 --- a/src/network/ssl/qsslkey.h +++ b/src/network/ssl/qsslkey.h @@ -71,9 +71,8 @@ public: const QByteArray &passPhrase = QByteArray()); explicit QSslKey(Qt::HANDLE handle, QSsl::KeyType type = QSsl::PrivateKey); QSslKey(const QSslKey &other); -#ifdef Q_COMPILER_RVALUE_REFS - QSslKey &operator=(QSslKey &&other) noexcept { swap(other); return *this; } -#endif + QSslKey(QSslKey &&other) noexcept; + QSslKey &operator=(QSslKey &&other) noexcept; QSslKey &operator=(const QSslKey &other); ~QSslKey(); diff --git a/src/network/ssl/qsslkey_p.cpp b/src/network/ssl/qsslkey_p.cpp index b29b38beab1..7d14aacebf9 100644 --- a/src/network/ssl/qsslkey_p.cpp +++ b/src/network/ssl/qsslkey_p.cpp @@ -385,6 +385,24 @@ QSslKey::QSslKey(const QSslKey &other) : d(other.d) { } +QSslKey::QSslKey(QSslKey &&other) noexcept + : d(nullptr) +{ + qSwap(d, other.d); +} + +QSslKey &QSslKey::operator=(QSslKey &&other) noexcept +{ + if (this == &other) + return *this; + + // If no one else is referencing the key data we want to make sure + // before we swap the d-ptr that it is not left in memory. + d.reset(); + qSwap(d, other.d); + return *this; +} + /*! Destroys the QSslKey object. */ diff --git a/src/network/ssl/qsslkey_qt.cpp b/src/network/ssl/qsslkey_qt.cpp index 2662418a054..43969c3d28a 100644 --- a/src/network/ssl/qsslkey_qt.cpp +++ b/src/network/ssl/qsslkey_qt.cpp @@ -48,6 +48,8 @@ #include <QtNetwork/qpassworddigestor.h> +#include <cstring> + QT_USE_NAMESPACE static const quint8 bits_table[256] = { @@ -186,8 +188,9 @@ static QByteArray deriveKey(QSslKeyPrivate::Cipher cipher, const QByteArray &pas void QSslKeyPrivate::clear(bool deep) { - Q_UNUSED(deep); isNull = true; + if (deep) + std::memset(derData.data(), 0, derData.size()); derData.clear(); keyLength = -1; } |