From f37cf3f462b81d0eb1434ad587075e19158cbbf3 Mon Sep 17 00:00:00 2001 From: Dave Pate Date: Tue, 22 Jan 2019 07:38:36 -0800 Subject: [PATCH] lib: clear secrets in set_protected_mgm --- lib/util.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/util.c b/lib/util.c index 11ce389..f14cc43 100644 --- a/lib/util.c +++ b/lib/util.c @@ -1184,7 +1184,7 @@ ykpiv_rc ykpiv_util_set_protected_mgm(ykpiv_state *state, ykpiv_mgm *mgm) { } } - if (YKPIV_OK != (res = _ykpiv_begin_transaction(state))) return YKPIV_PCSC_ERROR; + if (YKPIV_OK != (res = _ykpiv_begin_transaction(state))) { res = YKPIV_PCSC_ERROR; goto Cleanup; } if (YKPIV_OK != (res = _ykpiv_ensure_application_selected(state))) goto Cleanup; /* try to set the mgm key as long as we don't encounter a fatal error */ @@ -1279,8 +1279,8 @@ ykpiv_rc ykpiv_util_set_protected_mgm(ykpiv_state *state, ykpiv_mgm *mgm) { Cleanup: - memset(data, 0, sizeof(data)); - memset(mgm_key, 0, sizeof(mgm_key)); + yc_memzero(data, sizeof(data)); + yc_memzero(mgm_key, sizeof(mgm_key)); _ykpiv_end_transaction(state); return res;