diff mbox series

crypto: Clear secrets from stack in hmac_sha256_vector()

Message ID 20221205133608.27397-1-andrei.otcheretianski@intel.com
State Accepted
Headers show
Series crypto: Clear secrets from stack in hmac_sha256_vector() | expand

Commit Message

Andrei Otcheretianski Dec. 5, 2022, 1:36 p.m. UTC 
k_pad and tk were not cleared. Fix it.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
---
 src/crypto/sha256.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

Comments

Jouni Malinen Dec. 16, 2022, 9:26 p.m. UTC | #1 
On Mon, Dec 05, 2022 at 03:36:08PM +0200, Andrei Otcheretianski wrote:
> k_pad and tk were not cleared. Fix it.

Thanks, applied with an earlier error path covered as well.
diff mbox series

Patch

diff --git a/src/crypto/sha256.c b/src/crypto/sha256.c
index 17af964ad0..166ca9b2f8 100644
--- a/src/crypto/sha256.c
+++ b/src/crypto/sha256.c
@@ -30,6 +30,7 @@  int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem,
 	unsigned char tk[32];
 	const u8 *_addr[11];
 	size_t _len[11], i;
+	int ret;
 
 	if (num_elem > 10) {
 		/*
@@ -84,7 +85,13 @@  int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem,
 	_len[0] = 64;
 	_addr[1] = mac;
 	_len[1] = SHA256_MAC_LEN;
-	return sha256_vector(2, _addr, _len, mac);
+
+	ret = sha256_vector(2, _addr, _len, mac);
+
+	forced_memzero(k_pad, sizeof(k_pad));
+	forced_memzero(tk, sizeof(tk));
+
+	return ret;
 }