eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 11:50:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add a comment about wiping derived key in benchmark.

Browse Source 
Fixes: #916
This commit is contained in:
Milan Broz
2024-11-23 18:23:40 +01:00
parent fb021bac3d
commit 609277d957
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/crypto_backend/pbkdf_check.c
View File

@@ -300,6 +300,7 @@ static int crypt_argon2_check(const char *kdf, const char *password,
} while (ms < ms_atleast || ms > ms_atmost); } while (ms < ms_atleast || ms > ms_atmost);
out: out:
if (key) { if (key) {
/* Key can be derived from a real provided password */
crypt_backend_memzero(key, key_length); crypt_backend_memzero(key, key_length);
free(key); free(key);
} }
@@ -381,6 +382,7 @@ static int crypt_pbkdf_check(const char *kdf, const char *hash,
} }
out: out:
if (key) { if (key) {
/* Key can be derived from a real provided password */
crypt_backend_memzero(key, key_length); crypt_backend_memzero(key, key_length);
free(key); free(key);
} }