lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Ensure all md_<hash>_finish functions perform zeroization

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman
2023-09-11 12:59:36 +01:00
parent 33fbd373be
commit aafd1e0924
5 changed files with 35 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
library/sha1.c
View File

@ -322,7 +322,7 @@ int mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
memset(ctx->buffer + used, 0, 64 - used);
if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) {
return ret;
goto exit;
}
memset(ctx->buffer, 0, 56);
@ -339,7 +339,7 @@ int mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
MBEDTLS_PUT_UINT32_BE(low, ctx->buffer, 60);
if ((ret = mbedtls_internal_sha1_process(ctx, ctx->buffer)) != 0) {
return ret;
goto exit;
}
/*
@ -351,7 +351,11 @@ int mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
MBEDTLS_PUT_UINT32_BE(ctx->state[3], output, 12);
MBEDTLS_PUT_UINT32_BE(ctx->state[4], output, 16);
return 0;
ret = 0;
exit:
mbedtls_sha1_free(ctx);
return ret;
}
#endif /* !MBEDTLS_SHA1_ALT */
@ -382,7 +386,6 @@ int mbedtls_sha1(const unsigned char *input,
exit:
mbedtls_sha1_free(&ctx);
return ret;
}