projects
/
mech_eap.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
940a4db
)
Explicitly clear temporary stack buffers in tls_prf_sha1_md5()
author
Jouni Malinen
<j@w1.fi>
Sun, 29 Mar 2015 13:43:03 +0000
(16:43 +0300)
committer
Jouni Malinen
<j@w1.fi>
Sun, 29 Mar 2015 13:43:03 +0000
(16:43 +0300)
The local buffers may contain information used to generate parts of the
derived key, so clear these explicitly to minimize amount of unnecessary
private key-related material in memory.
Signed-off-by: Jouni Malinen <j@w1.fi>
src/crypto/sha1-tlsprf.c
patch
|
blob
|
history
diff --git
a/src/crypto/sha1-tlsprf.c
b/src/crypto/sha1-tlsprf.c
index
0effd9b
..
f9bc0eb
100644
(file)
--- a/
src/crypto/sha1-tlsprf.c
+++ b/
src/crypto/sha1-tlsprf.c
@@
-95,5
+95,10
@@
int tls_prf_sha1_md5(const u8 *secret, size_t secret_len, const char *label,
SHA1_pos++;
}
+ os_memset(A_MD5, 0, MD5_MAC_LEN);
+ os_memset(P_MD5, 0, MD5_MAC_LEN);
+ os_memset(A_SHA1, 0, SHA1_MAC_LEN);
+ os_memset(P_SHA1, 0, SHA1_MAC_LEN);
+
return 0;
}