sign: Use explicit_bzero to clear secret key material

Suggested in:
https://github.com/ostreedev/ostree/pull/3278#discussion_r1675696052

Signed-off-by: Daiki Ueno <dueno@redhat.com>

diff --git a/src/libostree/ostree-sign-ed25519.c b/src/libostree/ostree-sign-ed25519.c
index e0e3ac4613d4399381fa7e0f0708bd769f53bb5e..e3b5b7a35c72cde482b397c33962c40a78ad300e 100644 (file)
--- a/src/libostree/ostree-sign-ed25519.c
+++ b/src/libostree/ostree-sign-ed25519.c
@@ -27,6 +27,7 @@
 #include "otcore.h"
 #include <libglnx.h>
 #include <ot-checksum-utils.h>
+#include <string.h>
 
 #undef G_LOG_DOMAIN
 #define G_LOG_DOMAIN "OSTreeSign"
@@ -320,7 +321,7 @@ ostree_sign_ed25519_clear_keys (OstreeSign *self, GError **error)
   /* Clear secret key */
   if (sign->secret_key != NULL)
     {
-      memset (sign->secret_key, 0, OSTREE_SIGN_ED25519_SECKEY_SIZE);
+      explicit_bzero (sign->secret_key, OSTREE_SIGN_ED25519_SECKEY_SIZE);
       g_free (sign->secret_key);
       sign->secret_key = NULL;
     }