cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-30 08:56:50 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add cleanup for intermediate buffer

Browse Source 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
This commit is contained in:
Kusumit Ghoderao 2023-06-15 22:15:43 +05:30
parent d07761c19c
commit 246e51fd0b
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
library/psa_crypto.c
View File

@ -5499,25 +5499,25 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
pbkdf2->password_length, pbkdf2->password_length,
prf_alg); prf_alg);
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
return status; goto cleanup;
} }
status = psa_mac_update(&mac_operation, pbkdf2->salt, pbkdf2->salt_length); status = psa_mac_update(&mac_operation, pbkdf2->salt, pbkdf2->salt_length);
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
return status; goto cleanup;
} }
status = psa_mac_update(&mac_operation, block_counter, sizeof(block_counter)); status = psa_mac_update(&mac_operation, block_counter, sizeof(block_counter));
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
return status; goto cleanup;
} }
status = psa_mac_sign_finish(&mac_operation, U_i, sizeof(U_i), status = psa_mac_sign_finish(&mac_operation, U_i, sizeof(U_i),
&mac_output_length); &mac_output_length);
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
return status; goto cleanup;
} }
if (mac_output_length != prf_output_length) { if (mac_output_length != prf_output_length) {
status = PSA_ERROR_CORRUPTION_DETECTED; status = PSA_ERROR_CORRUPTION_DETECTED;
return status; goto cleanup;
} }
memcpy(U_accumulator, U_i, prf_output_length); memcpy(U_accumulator, U_i, prf_output_length);
@ -5530,12 +5530,16 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
U_i, sizeof(U_i), U_i, sizeof(U_i),
&mac_output_length); &mac_output_length);
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {
return status; goto cleanup;
} }
mbedtls_xor(U_accumulator, U_accumulator, U_i, prf_output_length); mbedtls_xor(U_accumulator, U_accumulator, U_i, prf_output_length);
} }
return PSA_SUCCESS;
cleanup:
/* Zeroise buffers to clear sensitive data from memory. */
mbedtls_platform_zeroize(U_i, PSA_MAC_MAX_SIZE);
return status;
} }
static psa_status_t psa_key_derivation_pbkdf2_read( static psa_status_t psa_key_derivation_pbkdf2_read(