cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

zeroing the on-stack output in escrypt_r() doesn't hurt.

Browse Source
This commit is contained in:
Frank Denis 2014-05-07 00:12:10 -07:00
parent 688e724dfb
commit d1a1afb6e9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libsodium/crypto_pwhash/scryptxsalsa208sha256/crypto_scrypt-common.c
View File

@ -24,6 +24,7 @@
#include "crypto_pwhash_scryptxsalsa208sha256.h" #include "crypto_pwhash_scryptxsalsa208sha256.h"
#include "crypto_scrypt.h" #include "crypto_scrypt.h"
#include "runtime.h" #include "runtime.h"
#include "utils.h"
#define BYTES2CHARS(bytes) \ #define BYTES2CHARS(bytes) \
((((bytes) * 8) + 5) / 6) ((((bytes) * 8) + 5) / 6)
@ -170,8 +171,7 @@ escrypt_r(escrypt_local_t * local, const uint8_t * passwd, size_t passwdlen,
*dst++ = '$'; *dst++ = '$';
dst = encode64(dst, buflen - (dst - buf), hash, sizeof(hash)); dst = encode64(dst, buflen - (dst - buf), hash, sizeof(hash));
/* Could zeroize hash[] here, but escrypt_kdf() doesn't zeroize its sodium_memzero(hash, sizeof hash);
* memory allocations yet anyway. */
if (!dst || dst >= buf + buflen) { /* Can't happen */ if (!dst || dst >= buf + buflen) { /* Can't happen */
return NULL; return NULL;
} }