cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-03 12:11:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add buffer zeroization when ecp_write_key fails

Browse Source 
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman 2020-08-05 16:07:20 +02:00
parent fd4d69a72e
commit b7f6deaae7
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
library/psa_crypto.c
View File

@ -863,9 +863,9 @@ static psa_status_t psa_export_ecp_key( psa_key_type_t type,
data,
PSA_BITS_TO_BYTES( ecp->grp.nbits ) ) );
if( status == PSA_SUCCESS )
{
*data_length = PSA_BITS_TO_BYTES( ecp->grp.nbits );
}
else
memset( data, 0, data_size );
return( status );
}
@ -5974,8 +5974,10 @@ static psa_status_t psa_generate_key_internal(
mbedtls_ecp_write_key( &ecp, slot->data.key.data, bytes ) );
mbedtls_ecp_keypair_free( &ecp );
if( status != PSA_SUCCESS )
if( status != PSA_SUCCESS ) {
memset( slot->data.key.data, 0, bytes );
psa_remove_key_data_from_memory( slot );
}
return( status );
}
else