Zeroize tmp buf in ctr_drbg_write_seed_file()

This commit is contained in:
Andres Amaya Garcia 2017-06-27 16:57:26 +01:00
parent 03d70504ca
commit 4e2c07c6e1

View File

@ -434,9 +434,9 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
else else
ret = 0; ret = 0;
exit:
mbedtls_zeroize( buf, sizeof( buf ) ); mbedtls_zeroize( buf, sizeof( buf ) );
exit:
fclose( f ); fclose( f );
return( ret ); return( ret );
} }
@ -456,8 +456,12 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
fseek( f, 0, SEEK_SET ); fseek( f, 0, SEEK_SET );
if( n > MBEDTLS_CTR_DRBG_MAX_INPUT ) if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG; {
else if( fread( buf, 1, n, f ) != n ) fclose( f );
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
}
if( fread( buf, 1, n, f ) != n )
ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
else else
mbedtls_ctr_drbg_update( ctx, buf, n ); mbedtls_ctr_drbg_update( ctx, buf, n );