[strongSwan-dev] Shared secret sensitive move

Tobias Brunner tobias at strongswan.org
Mon Sep 20 16:21:33 CEST 2021

Hi Jean-Francois,

> In src/libcharon/sa/ikev2/keymat_v2.c (line 390) when rekeying, the 
> shared secret is concatenated with the full nonce using a call to 
> chunk_cat(). The secret chunk is moved using the mode "m" which does not 
> clear the chunk afterward.
> I think it would be a good idea to change it to "s" since the shared 
> secret chunk is usually cleared.

Good catch!  Fixed in master.


More information about the Dev mailing list