eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 19:00:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Do not call safe erase on benchmark data."

Browse Source 
This reverts commit 17f0261024.

The password can be set by user through expeorted API, we should
not keep traces of derived key from a real password.
This commit is contained in:
Milan Broz
2024-11-01 12:59:25 +01:00
parent 17f0261024
commit c0449fc24e
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/crypto_backend/pbkdf_check.c
View File

@@ -299,8 +299,10 @@ static int crypt_argon2_check(const char *kdf, const char *password,
} while (ms < ms_atleast || ms > ms_atmost);
out:
free(key);
if (key) {
crypt_backend_memzero(key, key_length);
free(key);
}
return r;
}
@@ -378,8 +380,10 @@ static int crypt_pbkdf_check(const char *kdf, const char *hash,
}
}
out:
free(key);
if (key) {
crypt_backend_memzero(key, key_length);
free(key);
}
return r;
}