k_pad and tk were not cleared. Fix it.
Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@xxxxxxxxx>
---
src/crypto/sha256.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/crypto/sha256.c b/src/crypto/sha256.c
index 17af964ad0..166ca9b2f8 100644
--- a/src/crypto/sha256.c
+++ b/src/crypto/sha256.c
@@ -30,6 +30,7 @@ int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem,
unsigned char tk[32];
const u8 *_addr[11];
size_t _len[11], i;
+ int ret;
if (num_elem > 10) {
/*
@@ -84,7 +85,13 @@ int hmac_sha256_vector(const u8 *key, size_t key_len, size_t num_elem,
_len[0] = 64;
_addr[1] = mac;
_len[1] = SHA256_MAC_LEN;
- return sha256_vector(2, _addr, _len, mac);
+
+ ret = sha256_vector(2, _addr, _len, mac);
+
+ forced_memzero(k_pad, sizeof(k_pad));
+ forced_memzero(tk, sizeof(tk));
+
+ return ret;
}
--
2.25.1
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
