Viewing all changes in revision 4478.
- Committer: Andreas Schneider
- Date: 2019-03-07 11:02:23 UTC
- Revision ID: git-v1:449954d99afc2a2074c18f44d46f7f196d2be68c
Fix crypto_free zeroing of encryption keys
The zeroing MUST use the correct cipher length as keys can be both
longer or shorter than the digest. In one case only some part of the key
may end up being zeroed, in the other memory corruption may happen as
we zero memory we do not own.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
The zeroing MUST use the correct cipher length as keys can be both
longer or shorter than the digest. In one case only some part of the key
may end up being zeroed, in the other memory corruption may happen as
we zero memory we do not own.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
- files modified:
- src/wrapper.c
expand all
collapse all
added
removed
