From 51f3427019401625dae50fecff0f116b27087b49 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Mon, 5 Jan 2015 18:05:58 +0200
Subject: [PATCH] crypto: Clear temporary stack buffers after use

This reduces possibility of exposure of private keys should something
get access to stack memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/crypto/md5.c        | 6 +++++-
 src/crypto/sha1-prf.c   | 1 +
 src/crypto/sha1.c       | 5 ++++-
 src/crypto/sha256-prf.c | 2 ++
 4 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/crypto/md5.c b/src/crypto/md5.c
index db2b8cc31..f64dfd3d4 100644
--- a/src/crypto/md5.c
+++ b/src/crypto/md5.c
@@ -30,6 +30,7 @@ int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem,
 	u8 tk[16];
 	const u8 *_addr[6];
 	size_t i, _len[6];
+	int res;
 
 	if (num_elem > 5) {
 		/*
@@ -85,7 +86,10 @@ int hmac_md5_vector(const u8 *key, size_t key_len, size_t num_elem,
 	_len[0] = 64;
 	_addr[1] = mac;
 	_len[1] = MD5_MAC_LEN;
-	return md5_vector(2, _addr, _len, mac);
+	res = md5_vector(2, _addr, _len, mac);
+	os_memset(k_pad, 0, sizeof(k_pad));
+	os_memset(tk, 0, sizeof(tk));
+	return res;
 }
 
 
diff --git a/src/crypto/sha1-prf.c b/src/crypto/sha1-prf.c
index 90b9e74b7..4b2d13730 100644
--- a/src/crypto/sha1-prf.c
+++ b/src/crypto/sha1-prf.c
@@ -61,6 +61,7 @@ int sha1_prf(const u8 *key, size_t key_len, const char *label,
 		}
 		counter++;
 	}
+	os_memset(hash, 0, sizeof(hash));
 
 	return 0;
 }
diff --git a/src/crypto/sha1.c b/src/crypto/sha1.c
index d48c77d75..8fce13940 100644
--- a/src/crypto/sha1.c
+++ b/src/crypto/sha1.c
@@ -30,6 +30,7 @@ int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem,
 	unsigned char tk[20];
 	const u8 *_addr[6];
 	size_t _len[6], i;
+	int ret;
 
 	if (num_elem > 5) {
 		/*
@@ -84,7 +85,9 @@ int hmac_sha1_vector(const u8 *key, size_t key_len, size_t num_elem,
 	_len[0] = 64;
 	_addr[1] = mac;
 	_len[1] = SHA1_MAC_LEN;
-	return sha1_vector(2, _addr, _len, mac);
+	ret = sha1_vector(2, _addr, _len, mac);
+	os_memset(k_pad, 0, sizeof(k_pad));
+	return ret;
 }
 
 
diff --git a/src/crypto/sha256-prf.c b/src/crypto/sha256-prf.c
index 9a11208f5..79791c06c 100644
--- a/src/crypto/sha256-prf.c
+++ b/src/crypto/sha256-prf.c
@@ -95,4 +95,6 @@ void sha256_prf_bits(const u8 *key, size_t key_len, const char *label,
 		u8 mask = 0xff << (8 - buf_len_bits % 8);
 		buf[pos - 1] &= mask;
 	}
+
+	os_memset(hash, 0, sizeof(hash));
 }