Force cleanup before return

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm 2020-08-19 14:01:03 +02:00
parent 76749aea78
commit 4553dd46d6
No known key found for this signature in database
GPG key ID: 106F5A41ECC305BD

View file

@ -223,7 +223,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
unsigned int iteration_count,
uint32_t key_length, unsigned char *output )
{
int ret, j;
int ret = 0, j;
unsigned int i;
unsigned char md1[MBEDTLS_MD_MAX_SIZE];
unsigned char work[MBEDTLS_MD_MAX_SIZE];
@ -247,16 +247,16 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
// U1 ends up in work
//
if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 )
return( ret );
goto cleanup;
if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 )
return( ret );
goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 )
return( ret );
goto cleanup;
if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 )
return( ret );
goto cleanup;
memcpy( md1, work, md_size );
@ -265,13 +265,13 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
// U2 ends up in md1
//
if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 )
return( ret );
goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 )
return( ret );
goto cleanup;
if( ( ret = mbedtls_md_hmac_reset( ctx ) ) != 0 )
return( ret );
goto cleanup;
// U1 xor U2
//
@ -290,11 +290,12 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx,
break;
}
cleanup:
/* Zeroise buffers to clear sensitive data from memory. */
mbedtls_platform_zeroize( work, MBEDTLS_MD_MAX_SIZE );
mbedtls_platform_zeroize( md1, MBEDTLS_MD_MAX_SIZE );
return( 0 );
return( ret );
}
#if defined(MBEDTLS_SELF_TEST)