Add a comment about wiping derived key in benchmark.

Fixes: #916
2025-12-11 19:00:02 +01:00 · 2024-11-23 18:23:40 +01:00
parent fb021bac3d
commit 609277d957
1 changed files with 2 additions and 0 deletions
--- a/lib/crypto_backend/pbkdf_check.c
+++ b/lib/crypto_backend/pbkdf_check.c
@@ -300,6 +300,7 @@ static int crypt_argon2_check(const char *kdf, const char *password,
 	} while (ms < ms_atleast || ms > ms_atmost);
 out:
 	if (key) {
+		/* Key can be derived from a real provided password */
 		crypt_backend_memzero(key, key_length);
 		free(key);
 	}
@@ -381,6 +382,7 @@ static int crypt_pbkdf_check(const char *kdf, const char *hash,
 	}
 out:
 	if (key) {
+		/* Key can be derived from a real provided password */
 		crypt_backend_memzero(key, key_length);
 		free(key);
 	}