DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Clear temporary results from stack in PBKDF2-SHA1

Browse source 
Force stack memory to be cleared of temporary values that might contain
keying material.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
Jouni Malinen 2022-02-26 10:58:15 +02:00 committed by Jouni Malinen
parent 1364f322bf
commit 007fd6111d
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/crypto/sha1-pbkdf2.c
View file

@ -50,6 +50,8 @@ static int pbkdf2_sha1_f(const char *passphrase, const u8 *ssid,
for (j = 0; j < SHA1_MAC_LEN; j++) for (j = 0; j < SHA1_MAC_LEN; j++)
digest[j] ^= tmp2[j]; digest[j] ^= tmp2[j];
} }
forced_memzero(tmp, SHA1_MAC_LEN);
forced_memzero(tmp2, SHA1_MAC_LEN);
return 0; return 0;
} }
@ -87,6 +89,7 @@ int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len,
pos += plen; pos += plen;
left -= plen; left -= plen;
} }
forced_memzero(digest, SHA1_MAC_LEN);
return 0; return 0;
} }