HMAC_DRBG: clean stack buffers

Wipe stack buffers that may contain sensitive data (data that
contributes to the DRBG state.
This commit is contained in:
Gilles Peskine 2018-09-11 15:35:41 +02:00
parent 17b2ac2a7c
commit 51de2d25a3

View File

@ -93,6 +93,8 @@ void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
}
mbedtls_zeroize( K, sizeof( K ) );
}
/*
@ -158,6 +160,7 @@ int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
ctx->reseed_counter = 1;
/* 4. Done */
mbedtls_zeroize( seed, seedlen );
return( 0 );
}