commit 3d98b9744272652609931b451bcde71ec0d1392a
author Andres Amaya Garcia <Andres.AmayaGarcia@arm.com> Wed Sep 20 11:47:49 2017 +0100
committer Andres Amaya Garcia <Andres.AmayaGarcia@arm.com> Wed Sep 20 11:47:49 2017 +0100
tree 618bbf49e1ccb644fb14992b545ef6aad3b434d3
parent 2d829fb4b367427749727aeabb1bbfbd0f244567

Modify zeroize internal buffers in md modules

Modify all the following functions to zeroize an internal buffer before
exiting the function. The buffer could potentially contain confidential
data read from a file.

* md2_file()
* md4_file()
* md5_file()
* ripemd160_file()
* sha1_file()
* sha256_file()
* sha512_file()

library/sha256.c

diff --git a/library/sha256.c b/library/sha256.c
index 674fdf2..caae79f 100644
--- a/library/sha256.c
+++ b/library/sha256.c
@@ -366,6 +366,7 @@
  */
 int sha256_file( const char *path, unsigned char output[32], int is224 )
 {
+    int ret = 0;
     FILE *f;
     size_t n;
     sha256_context ctx;
@@ -380,17 +381,16 @@
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         sha256_update( &ctx, buf, n );
 
-    sha256_finish( &ctx, output );
-    sha256_free( &ctx );
-
     if( ferror( f ) != 0 )
-    {
-        fclose( f );
-        return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
-    }
+        ret = POLARSSL_ERR_SHA256_FILE_IO_ERROR;
+    else
+        sha256_finish( &ctx, output );
 
+    sha256_free( &ctx );
+    polarssl_zeroize( buf, sizeof( buf ) );
     fclose( f );
-    return( 0 );
+
+    return( ret );
 }
 #endif /* POLARSSL_FS_IO */