pwhash_argon2i_str(): zero the output buffer even on error path

This commit is contained in:
Frank Denis 2016-03-08 13:55:04 +01:00
parent 3853d5a824
commit 7d4cfbf7af

View File

@ -105,6 +105,7 @@ crypto_pwhash_argon2i_str(char out[crypto_pwhash_argon2i_STRBYTES],
{ {
unsigned char salt[crypto_pwhash_argon2i_SALTBYTES]; unsigned char salt[crypto_pwhash_argon2i_SALTBYTES];
memset(out, 0, crypto_pwhash_argon2i_STRBYTES);
memlimit /= 1024U; memlimit /= 1024U;
if (passwdlen > ARGON2_MAX_PWD_LENGTH || if (passwdlen > ARGON2_MAX_PWD_LENGTH ||
opslimit > ARGON2_MAX_TIME || memlimit > ARGON2_MAX_MEMORY) { opslimit > ARGON2_MAX_TIME || memlimit > ARGON2_MAX_MEMORY) {
@ -117,7 +118,6 @@ crypto_pwhash_argon2i_str(char out[crypto_pwhash_argon2i_STRBYTES],
return -1; return -1;
} }
randombytes_buf(salt, sizeof salt); randombytes_buf(salt, sizeof salt);
memset(out, 0, crypto_pwhash_argon2i_STRBYTES);
if (argon2i_hash_encoded((uint32_t) opslimit, (uint32_t) memlimit, if (argon2i_hash_encoded((uint32_t) opslimit, (uint32_t) memlimit,
(uint32_t) 1U, passwd, (size_t) passwdlen, (uint32_t) 1U, passwd, (size_t) passwdlen,
salt, sizeof salt, STR_HASHBYTES, salt, sizeof salt, STR_HASHBYTES,