Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords

[PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Vitaly Chikunov <hidden> · 2021-09-04
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Stefan Berger <stefanb@linux.ibm.com> · 2021-09-05
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Vitaly Chikunov <hidden> · 2021-09-05
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Stefan Berger <stefanb@linux.ibm.com> · 2021-09-05
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Mimi Zohar <zohar@linux.ibm.com> · 2021-09-10
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Vitaly Chikunov <hidden> · 2021-09-10
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Mimi Zohar <zohar@linux.ibm.com> · 2021-09-13
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Vitaly Chikunov <hidden> · 2021-09-13
Re: [PATCH ima-evm-utils v4] evmctl: Use secure heap for private keys and passwords · Mimi Zohar <zohar@linux.ibm.com> · 2021-09-10

From: Mimi Zohar <zohar@linux.ibm.com>
Date: 2021-09-10 19:04:11

Hi Vitaly, Stefan,

On Fri, 2021-09-10 at 10:55 -0400, Mimi Zohar wrote:

What was the conclusion in terms of reading the password stored in the
environment variable?

If this is an issue, perhaps call the equivalent of optarg_password()
to store the environment variable in secure heap memory.

Something like:
	imaevm_params.keypass =
optarg_password(getenv("EVMCTL_KEY_PASSWORD"));

optarg_password() would then become a wrapper around the new function.

thanks,

Mimi

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help