svn commit: r362625 - head/sys/opencrypto

Thu Jun 25 20:18:56 UTC 2020

Author: jhb
Date: Thu Jun 25 20:18:55 2020
New Revision: 362625
URL: https://svnweb.freebsd.org/changeset/base/362625

Log:
  Zero the temporary HMAC key in hmac_init_pad().
  
  Reviewed by:	delphij
  Sponsored by:	Chelsio Communications
  Differential Revision:	https://reviews.freebsd.org/D25436

Modified:
  head/sys/opencrypto/crypto.c

Modified: head/sys/opencrypto/crypto.c
==============================================================================

--- head/sys/opencrypto/crypto.c	Thu Jun 25 20:17:34 2020	(r362624)
+++ head/sys/opencrypto/crypto.c	Thu Jun 25 20:18:55 2020	(r362625)
@@ -444,6 +444,7 @@ hmac_init_pad(struct auth_hash *axf, const char *key, 
 
 	axf->Init(auth_ctx);
 	axf->Update(auth_ctx, hmac_key, axf->blocksize);
+	explicit_bzero(hmac_key, sizeof(hmac_key));
 }
 
 void
