ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-13 02:14:40 +08:00
Code Issues Releases Wiki Activity

Zeroize tmp bufs in ctr_drbg.c functions

Browse Source
This commit is contained in:
Andres Amaya Garcia 2017-06-26 10:56:58 +01:00
parent 1f2666f9ec
commit 13f41e1c20
1 changed files with 13 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
library/ctr_drbg.c
View File

@ -430,12 +430,11 @@ int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char
goto exit; goto exit;
if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT ) if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
{
ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR; ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
goto exit; else
} ret = 0;
ret = 0; mbedtls_zeroize( buf, sizeof( buf ) );
exit: exit:
fclose( f ); fclose( f );
@ -444,6 +443,7 @@ exit:
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path ) int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
{ {
int ret = 0;
FILE *f; FILE *f;
size_t n; size_t n;
unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ]; unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
@ -456,20 +456,18 @@ int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char
fseek( f, 0, SEEK_SET ); fseek( f, 0, SEEK_SET );
if( n > MBEDTLS_CTR_DRBG_MAX_INPUT ) if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
{ ret = MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG;
fclose( f ); else if( fread( buf, 1, n, f ) != n )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG ); ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
} else
mbedtls_ctr_drbg_update( ctx, buf, n );
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
}
fclose( f ); fclose( f );
mbedtls_ctr_drbg_update( ctx, buf, n ); mbedtls_zeroize( buf, sizeof( buf ) );
if( ret != 0 )
return( ret );
return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) ); return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
} }