CTR_DRBG: clean stack buffers Wipe stack buffers that may contain sensitive data (data that contributes to the DRBG state.

commit: 17b2ac2a7c1fd5b7ca054357e5260dfd22f6dabf [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Tue Sep 11 15:34:17 2018 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Thu Sep 13 22:39:30 2018 +0200
tree: af4fe7dcb732cea2e787f5bc2d713d67e5b5aeed
parent: 96e0d8ebfcd89e509e1605664383e4e33792acb3 [diff] [blame]
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index e8fdd9b..c023c69 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c

@@ -264,6 +264,7 @@
     mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
     memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
 
+    mbedtls_zeroize( tmp, sizeof( tmp ) );
     return( 0 );
 }
 
@@ -281,6 +282,7 @@
 
         block_cipher_df( add_input, additional, add_len );
         ctr_drbg_update_internal( ctx, add_input );
+        mbedtls_zeroize( add_input, sizeof( add_input ) );
     }
 }
 
@@ -327,6 +329,7 @@
     ctr_drbg_update_internal( ctx, seed );
     ctx->reseed_counter = 1;
 
+    mbedtls_zeroize( seed, sizeof( seed ) );
     return( 0 );
 }
 
@@ -393,6 +396,8 @@
 
     ctx->reseed_counter++;
 
+    mbedtls_zeroize( add_input, sizeof( add_input ) );
+    mbedtls_zeroize( tmp, sizeof( tmp ) );
     return( 0 );
 }
commit	17b2ac2a7c1fd5b7ca054357e5260dfd22f6dabf	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Sep 11 15:34:17 2018 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Thu Sep 13 22:39:30 2018 +0200
tree	af4fe7dcb732cea2e787f5bc2d713d67e5b5aeed
parent	96e0d8ebfcd89e509e1605664383e4e33792acb3 [diff] [blame]