jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Explicitly clear temporary stack buffer in hmac_sha256_kdf()

Browse source 
The local T[] buffer may contain parts of the derived key, so clear it
explicitly to minimize number of unnecessary copies of key material in
memory.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-03-29 16:38:37 +03:00
parent e8e365def6
commit eccca102bf
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/crypto/sha256-kdf.c
View file

@ -61,6 +61,7 @@ int hmac_sha256_kdf(const u8 *secret, size_t secret_len,
if (iter == 255) { if (iter == 255) {
os_memset(out, 0, outlen); os_memset(out, 0, outlen);
os_memset(T, 0, SHA256_MAC_LEN);
return -1; return -1;
} }
iter++; iter++;
@ -68,9 +69,11 @@ int hmac_sha256_kdf(const u8 *secret, size_t secret_len,
if (hmac_sha256_vector(secret, secret_len, 4, addr, len, T) < 0) if (hmac_sha256_vector(secret, secret_len, 4, addr, len, T) < 0)
{ {
os_memset(out, 0, outlen); os_memset(out, 0, outlen);
os_memset(T, 0, SHA256_MAC_LEN);
return -1; return -1;
} }
} }
os_memset(T, 0, SHA256_MAC_LEN);
return 0; return 0;
} }