diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2011-01-11 15:44:24 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2011-01-11 15:44:24 +0000 |
| commit | 435025d175e2b2d41a07f2531200d4a785ef0b18 (patch) | |
| tree | 326f7f69c239be4c415c975b9ab48117f7f4cbd6 /sys/crypto | |
| parent | b8adaa72672fc21a17c44baf5ab66efb66e8c6f1 (diff) | |
in AES_GMAC_Final(), explicitly clear the local buffer
ok mikeb
Diffstat (limited to 'sys/crypto')
| -rw-r--r-- | sys/crypto/gmac.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/crypto/gmac.c b/sys/crypto/gmac.c index dc85294850a..d90f2ceaf4a 100644 --- a/sys/crypto/gmac.c +++ b/sys/crypto/gmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gmac.c,v 1.2 2010/11/08 10:27:50 mikeb Exp $ */ +/* $OpenBSD: gmac.c,v 1.3 2011/01/11 15:44:23 deraadt Exp $ */ /* * Copyright (c) 2010 Mike Belopuhov <mike@vantronix.net> @@ -153,4 +153,5 @@ AES_GMAC_Final(uint8_t digest[GMAC_DIGEST_LEN], AES_GMAC_CTX *ctx) rijndaelEncrypt(ctx->K, ctx->rounds, ctx->J, keystream); for (i = 0; i < GMAC_DIGEST_LEN; i++) digest[i] = ctx->ghash.S[i] ^ keystream[i]; + explicit_bzero(keystream, sizeof(keystream)); } |