eden-emu/mbedtls
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Force cleanup before return

Browse source 
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2020-08-19 14:01:03 +02:00
parent d5253bba32
commit 5feba8dae1
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD
1 changed files with 10 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

19
library/pkcs5.c
View file

@ -247,7 +247,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
unsigned int iteration_count, unsigned int iteration_count,
uint32_t key_length, unsigned char *output ) uint32_t key_length, unsigned char *output )
{ {
int ret, j; int ret = 0, j;
unsigned int i; unsigned int i;
unsigned char md1[MBEDTLS_MD_MAX_SIZE]; unsigned char md1[MBEDTLS_MD_MAX_SIZE];
unsigned char work[MBEDTLS_MD_MAX_SIZE]; unsigned char work[MBEDTLS_MD_MAX_SIZE];
@ -269,16 +269,16 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
// U1 ends up in work // U1 ends up in work
// //
if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 )
return( ret ); goto cleanup;
if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 ) if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 )
return( ret ); goto cleanup;
if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 ) if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 )
return( ret ); goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 ) if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 )
return( ret ); goto cleanup;
memcpy( md1, work, md_size ); memcpy( md1, work, md_size );
@ -287,13 +287,13 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
// U2 ends up in md1 // U2 ends up in md1
// //
if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 )
return( ret ); goto cleanup;
if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 ) if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 )
return( ret ); goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 ) if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 )
return( ret ); goto cleanup;
// U1 xor U2 // U1 xor U2
// //
@ -312,11 +312,12 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p
break; break;
} }
cleanup:
/* Zeroise buffers to clear sensitive data from memory. */ /* Zeroise buffers to clear sensitive data from memory. */
mbedtls_platform_zeroize( work, MBEDTLS_MD_MAX_SIZE ); mbedtls_platform_zeroize( work, MBEDTLS_MD_MAX_SIZE );
mbedtls_platform_zeroize( md1, MBEDTLS_MD_MAX_SIZE ); mbedtls_platform_zeroize( md1, MBEDTLS_MD_MAX_SIZE );
return( 0 ); return( ret );
} }
#if defined(MBEDTLS_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)