Explicitly clear temporary stack buffers in tls_prf_sha1_md5()
The local buffers may contain information used to generate parts of the derived key, so clear these explicitly to minimize amount of unnecessary private key-related material in memory. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
940a4dbf66
commit
22ba05c09e
1 changed files with 5 additions and 0 deletions
|
@ -95,5 +95,10 @@ int tls_prf_sha1_md5(const u8 *secret, size_t secret_len, const char *label,
|
||||||
SHA1_pos++;
|
SHA1_pos++;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
os_memset(A_MD5, 0, MD5_MAC_LEN);
|
||||||
|
os_memset(P_MD5, 0, MD5_MAC_LEN);
|
||||||
|
os_memset(A_SHA1, 0, SHA1_MAC_LEN);
|
||||||
|
os_memset(P_SHA1, 0, SHA1_MAC_LEN);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue