From eccca102bfb9635e4694914a491a31a9df4b4763 Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Sun, 29 Mar 2015 16:38:37 +0300 Subject: [PATCH] Explicitly clear temporary stack buffer in hmac_sha256_kdf() The local T[] buffer may contain parts of the derived key, so clear it explicitly to minimize number of unnecessary copies of key material in memory. Signed-off-by: Jouni Malinen --- src/crypto/sha256-kdf.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/crypto/sha256-kdf.c b/src/crypto/sha256-kdf.c index d8a1beb32..e7509ce41 100644 --- a/src/crypto/sha256-kdf.c +++ b/src/crypto/sha256-kdf.c @@ -61,6 +61,7 @@ int hmac_sha256_kdf(const u8 *secret, size_t secret_len, if (iter == 255) { os_memset(out, 0, outlen); + os_memset(T, 0, SHA256_MAC_LEN); return -1; } iter++; @@ -68,9 +69,11 @@ int hmac_sha256_kdf(const u8 *secret, size_t secret_len, if (hmac_sha256_vector(secret, secret_len, 4, addr, len, T) < 0) { os_memset(out, 0, outlen); + os_memset(T, 0, SHA256_MAC_LEN); return -1; } } + os_memset(T, 0, SHA256_MAC_LEN); return 0; }