Explicitly clear temporary stack buffer in sha1_t_prf()
The local hash[] buffer may contain parts of the derived key, so clear it explicitly to minimize number of unnecessary copies of key material in memory. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
eccca102bf
commit
940a4dbf66
1 changed files with 2 additions and 0 deletions
|
|
@ -66,5 +66,7 @@ int sha1_t_prf(const u8 *key, size_t key_len, const char *label,
|
||||||
len[0] = SHA1_MAC_LEN;
|
len[0] = SHA1_MAC_LEN;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
os_memset(hash, 0, SHA1_MAC_LEN);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue