yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Wipe sensitive data in psa_mac_verify_finish

Browse source 
Wipe the whole MAC intermediate buffer, not just the requested MAC
size. With truncated MAC algorithms, the requested MAC size may be
smaller than what is written to the intermediate buffer.
This commit is contained in:
Gilles Peskine 2018-08-21 14:56:19 +02:00
parent 87b0ac49f8
commit 99b7d6b700
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
library/psa_crypto.c
View file

@ -1827,7 +1827,7 @@ cleanup:
else
psa_mac_abort( operation );
mbedtls_zeroize( actual_mac, mac_length );
mbedtls_zeroize( actual_mac, sizeof( actual_mac ) );
return( status );
}