Explicitly clear temporary stack buffer in sha1_t_prf()
The local hash[] buffer may contain parts of the derived key, so clear it explicitly to minimize number of unnecessary copies of key material in memory. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
eccca102bf
commit
940a4dbf66
1 changed files with 2 additions and 0 deletions
|
@ -66,5 +66,7 @@ int sha1_t_prf(const u8 *key, size_t key_len, const char *label,
|
|||
len[0] = SHA1_MAC_LEN;
|
||||
}
|
||||
|
||||
os_memset(hash, 0, SHA1_MAC_LEN);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue