mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 03:55:39 +01:00
pkcs11: zeroize buffer earlier on failure
Change the buffer zeroization so that it happens earlier
This commit is contained in:
parent
686a05e90c
commit
b23b04d177
@ -157,6 +157,8 @@ static int pkcs11_sign_core( mbedtls_pk_pkcs11_context_t *ctx,
|
|||||||
goto exit;
|
goto exit;
|
||||||
*sig_len = ck_sig_len;
|
*sig_len = ck_sig_len;
|
||||||
exit:
|
exit:
|
||||||
|
if( rv != CKR_OK )
|
||||||
|
memset( sig, 0, ck_sig_len );
|
||||||
return( pkcs11_err_to_mbedtls_pk_err( rv ) );
|
return( pkcs11_err_to_mbedtls_pk_err( rv ) );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_RSA_C */
|
#endif /* MBEDTLS_RSA_C */
|
||||||
@ -226,8 +228,6 @@ static int pkcs11_sign( void *ctx_arg,
|
|||||||
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
|
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ret != 0 )
|
|
||||||
memset( sig, 0, *sig_len );
|
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user