| Message ID | 11443550.8lhOr92W5F@myon.chronox.de (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Herbert Xu |
| Headers | show |
On Fri, Apr 17, 2015 at 02:54:08PM +0200, Stephan Mueller wrote: > The buffer uses for temporary data must be cleared entirely. In AES192 > the used buffer is drbg_statelen(drbg) + drbg_blocklen(drbg) as > documented in the comment above drbg_ctr_df. > > This patch ensures that the temp buffer is completely wiped. > > Signed-off-by: Stephan Mueller <smueller@chronox.de> Patch applied.
diff --git a/crypto/drbg.c b/crypto/drbg.c index b69409c..8d2944f 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -487,7 +487,7 @@ static int drbg_ctr_df(struct drbg_state *drbg, out: memset(iv, 0, drbg_blocklen(drbg)); - memset(temp, 0, drbg_statelen(drbg)); + memset(temp, 0, drbg_statelen(drbg) + drbg_blocklen(drbg)); memset(pad, 0, drbg_blocklen(drbg)); return ret; }
The buffer uses for temporary data must be cleared entirely. In AES192 the used buffer is drbg_statelen(drbg) + drbg_blocklen(drbg) as documented in the comment above drbg_ctr_df. This patch ensures that the temp buffer is completely wiped. Signed-off-by: Stephan Mueller <smueller@chronox.de> --- crypto/drbg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)