yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-08 10:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

RSA: wipe more stack buffers

Browse source 
MGF mask and PSS salt are not highly sensitive, but wipe them anyway
for good hygiene.
This commit is contained in:
Gilles Peskine 2017-05-05 19:24:06 +02:00
parent 8877ec23a3
commit 74fd868ca6
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
library/rsa.c
View file

@ -496,6 +496,8 @@ static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src,
dlen -= use_len;
}
mbedtls_zeroize( mask, sizeof( mask ) );
}
#endif /* MBEDTLS_PKCS1_V21 */
@ -1010,6 +1012,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
{
mbedtls_md_free( &md_ctx );
/* No need to zeroize salt: we didn't use it. */
return( ret );
}
@ -1020,6 +1023,7 @@ int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
mbedtls_md_update( &md_ctx, hash, hashlen );
mbedtls_md_update( &md_ctx, salt, slen );
mbedtls_md_finish( &md_ctx, p );
mbedtls_zeroize( salt, sizeof( salt ) );
// Compensate for boundary condition when applying mask
//