summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKonstantin Shegunov <kshegunov@gmail.com>2019-04-03 13:00:01 +0300
committerKonstantin Shegunov <kshegunov@gmail.com>2019-04-18 08:38:29 +0000
commit642ef0c7311e18b9b4414af6ec3a2d8210bb6880 (patch)
tree47626db671f50d3441fdbf9e2a629b6bab30b473
parent65314b6ce88cdbb28a22be0cab9856ec9bc9604b (diff)
Clear SSL key data as soon as possible when move-assigningdev
Move-assign uses qSwap to exchange the private pointer and thus can extend the lifetime of sensitive data. The move assignment operator is changed so it releases the private data as soon as possible. [ChangeLog][QtNetwork][QSslKey] Key data is cleared as soon as possible when move-assigning. Change-Id: Iebd029bf657acfe000417ce648e3b3829948c0e5 Reviewed-by: Samuel Gaist <samuel.gaist@idiap.ch>
-rw-r--r--src/network/ssl/qsslkey.h5
-rw-r--r--src/network/ssl/qsslkey_p.cpp18
-rw-r--r--src/network/ssl/qsslkey_qt.cpp5
3 files changed, 24 insertions, 4 deletions
diff --git a/src/network/ssl/qsslkey.h b/src/network/ssl/qsslkey.h
index a865f20a51..74be406539 100644
--- a/src/network/ssl/qsslkey.h
+++ b/src/network/ssl/qsslkey.h
@@ -71,9 +71,8 @@ public:
const QByteArray &passPhrase = QByteArray());
explicit QSslKey(Qt::HANDLE handle, QSsl::KeyType type = QSsl::PrivateKey);
QSslKey(const QSslKey &other);
-#ifdef Q_COMPILER_RVALUE_REFS
- QSslKey &operator=(QSslKey &&other) noexcept { swap(other); return *this; }
-#endif
+ QSslKey(QSslKey &&other) noexcept;
+ QSslKey &operator=(QSslKey &&other) noexcept;
QSslKey &operator=(const QSslKey &other);
~QSslKey();
diff --git a/src/network/ssl/qsslkey_p.cpp b/src/network/ssl/qsslkey_p.cpp
index b29b38beab..7d14aacebf 100644
--- a/src/network/ssl/qsslkey_p.cpp
+++ b/src/network/ssl/qsslkey_p.cpp
@@ -385,6 +385,24 @@ QSslKey::QSslKey(const QSslKey &other) : d(other.d)
{
}
+QSslKey::QSslKey(QSslKey &&other) noexcept
+ : d(nullptr)
+{
+ qSwap(d, other.d);
+}
+
+QSslKey &QSslKey::operator=(QSslKey &&other) noexcept
+{
+ if (this == &other)
+ return *this;
+
+ // If no one else is referencing the key data we want to make sure
+ // before we swap the d-ptr that it is not left in memory.
+ d.reset();
+ qSwap(d, other.d);
+ return *this;
+}
+
/*!
Destroys the QSslKey object.
*/
diff --git a/src/network/ssl/qsslkey_qt.cpp b/src/network/ssl/qsslkey_qt.cpp
index 2662418a05..43969c3d28 100644
--- a/src/network/ssl/qsslkey_qt.cpp
+++ b/src/network/ssl/qsslkey_qt.cpp
@@ -48,6 +48,8 @@
#include <QtNetwork/qpassworddigestor.h>
+#include <cstring>
+
QT_USE_NAMESPACE
static const quint8 bits_table[256] = {
@@ -186,8 +188,9 @@ static QByteArray deriveKey(QSslKeyPrivate::Cipher cipher, const QByteArray &pas
void QSslKeyPrivate::clear(bool deep)
{
- Q_UNUSED(deep);
isNull = true;
+ if (deep)
+ std::memset(derData.data(), 0, derData.size());
derData.clear();
keyLength = -1;
}