lib: clear secrets in ykpiv_import_private_key
This commit is contained in:
+2
-1
@@ -1695,7 +1695,8 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
|
|||||||
padding = elem_len - lens[i];
|
padding = elem_len - lens[i];
|
||||||
remaining = (uintptr_t)key_data + sizeof(key_data) - (uintptr_t)in_ptr;
|
remaining = (uintptr_t)key_data + sizeof(key_data) - (uintptr_t)in_ptr;
|
||||||
if (padding > remaining) {
|
if (padding > remaining) {
|
||||||
return YKPIV_ALGORITHM_ERROR;
|
res = YKPIV_ALGORITHM_ERROR;
|
||||||
|
goto Cleanup;
|
||||||
}
|
}
|
||||||
memset(in_ptr, 0, padding);
|
memset(in_ptr, 0, padding);
|
||||||
in_ptr += padding;
|
in_ptr += padding;
|
||||||
|
|||||||
Reference in New Issue
Block a user