mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 06:33:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add cleanup for intermediate buffer

Browse Source 
Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>
This commit is contained in:
Kusumit Ghoderao 2023-06-15 22:15:43 +05:30
parent d07761c19c
commit 246e51fd0b
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
library/psa_crypto.c
View File

@ -5499,25 +5499,25 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
pbkdf2->password_length,
prf_alg);
if (status != PSA_SUCCESS) {
return status;
goto cleanup;
}
status = psa_mac_update(&mac_operation, pbkdf2->salt, pbkdf2->salt_length);
if (status != PSA_SUCCESS) {
return status;
goto cleanup;
}
status = psa_mac_update(&mac_operation, block_counter, sizeof(block_counter));
if (status != PSA_SUCCESS) {
return status;
goto cleanup;
}
status = psa_mac_sign_finish(&mac_operation, U_i, sizeof(U_i),
&mac_output_length);
if (status != PSA_SUCCESS) {
return status;
goto cleanup;
}
if (mac_output_length != prf_output_length) {
status = PSA_ERROR_CORRUPTION_DETECTED;
return status;
goto cleanup;
}
memcpy(U_accumulator, U_i, prf_output_length);
@ -5530,12 +5530,16 @@ static psa_status_t psa_key_derivation_pbkdf2_generate_block(
U_i, sizeof(U_i),
&mac_output_length);
if (status != PSA_SUCCESS) {
return status;
goto cleanup;
}
mbedtls_xor(U_accumulator, U_accumulator, U_i, prf_output_length);
}
return PSA_SUCCESS;
cleanup:
/* Zeroise buffers to clear sensitive data from memory. */
mbedtls_platform_zeroize(U_i, PSA_MAC_MAX_SIZE);
return status;
}
static psa_status_t psa_key_derivation_pbkdf2_read(