TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-29 08:31:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

ccm: zeroize buffers before and after usage

Browse Source 
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek
2020-11-04 13:20:24 +01:00
parent 5eba1d82a2
commit 142f09fb96
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
library/ccm.c
View File

@@ -246,6 +246,10 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
if( add_len > 0xFF00 )
return( MBEDTLS_ERR_CCM_BAD_INPUT );
mbedtls_platform_zeroize( b, 16 );
mbedtls_platform_zeroize( y, 16 );
mbedtls_platform_zeroize( ctr, 16 );
q = (uint_fast8_t) (16 - 1 - iv_len);
/*
@@ -390,6 +394,10 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
CTR_CRYPT( y, y, 16 );
mbedtls_platform_memcpy( tag, y, tag_len );
mbedtls_platform_zeroize( b, 16 );
mbedtls_platform_zeroize( y, 16 );
mbedtls_platform_zeroize( ctr, 16 );
return( ret );
}