summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/cmac/cmac.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/cmac/cmac.c')
-rw-r--r--src/lib/libcrypto/cmac/cmac.c14
1 files changed, 7 insertions, 7 deletions
diff --git a/src/lib/libcrypto/cmac/cmac.c b/src/lib/libcrypto/cmac/cmac.c
index 18635b942a..d01ae0f3ae 100644
--- a/src/lib/libcrypto/cmac/cmac.c
+++ b/src/lib/libcrypto/cmac/cmac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cmac.c,v 1.9 2014/07/12 14:58:32 miod Exp $ */ 1/* $OpenBSD: cmac.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project. 3 * project.
4 */ 4 */
@@ -107,10 +107,10 @@ void
107CMAC_CTX_cleanup(CMAC_CTX *ctx) 107CMAC_CTX_cleanup(CMAC_CTX *ctx)
108{ 108{
109 EVP_CIPHER_CTX_cleanup(&ctx->cctx); 109 EVP_CIPHER_CTX_cleanup(&ctx->cctx);
110 OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH); 110 explicit_bzero(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
111 OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH); 111 explicit_bzero(ctx->k1, EVP_MAX_BLOCK_LENGTH);
112 OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH); 112 explicit_bzero(ctx->k2, EVP_MAX_BLOCK_LENGTH);
113 OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH); 113 explicit_bzero(ctx->last_block, EVP_MAX_BLOCK_LENGTH);
114 ctx->nlast_block = -1; 114 ctx->nlast_block = -1;
115} 115}
116 116
@@ -183,7 +183,7 @@ CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
183 return 0; 183 return 0;
184 make_kn(ctx->k1, ctx->tbl, bl); 184 make_kn(ctx->k1, ctx->tbl, bl);
185 make_kn(ctx->k2, ctx->k1, bl); 185 make_kn(ctx->k2, ctx->k1, bl);
186 OPENSSL_cleanse(ctx->tbl, bl); 186 explicit_bzero(ctx->tbl, bl);
187 /* Reset context again ready for first data block */ 187 /* Reset context again ready for first data block */
188 if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv)) 188 if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
189 return 0; 189 return 0;
@@ -260,7 +260,7 @@ CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
260 out[i] = ctx->last_block[i] ^ ctx->k2[i]; 260 out[i] = ctx->last_block[i] ^ ctx->k2[i];
261 } 261 }
262 if (!EVP_Cipher(&ctx->cctx, out, out, bl)) { 262 if (!EVP_Cipher(&ctx->cctx, out, out, bl)) {
263 OPENSSL_cleanse(out, bl); 263 explicit_bzero(out, bl);
264 return 0; 264 return 0;
265 } 265 }
266 return 1; 266 return 1;