aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/sha256_generic.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2014-10-24 15:33:32 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2014-10-24 15:33:32 -0400
commit14d4cc08832efb724e58944ba2ac22e2ca3143dc (patch)
treefebca1365a5306d5a44b2481ec41f13f4c2defc2 /crypto/sha256_generic.c
parent1c45d9a920e6ef4fce38921e4fc776c2abca3197 (diff)
parent7185ad2672a7d50bc384de0e38d90b75d99f3d82 (diff)
Merge tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random
Pull /dev/random updates from Ted Ts'o: "This adds a memzero_explicit() call which is guaranteed not to be optimized away by GCC. This is important when we are wiping cryptographically sensitive material" * tag 'random_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/random: crypto: memzero_explicit - make sure to clear out sensitive data random: add and use memzero_explicit() for clearing data
Diffstat (limited to 'crypto/sha256_generic.c')
-rw-r--r--crypto/sha256_generic.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/crypto/sha256_generic.c b/crypto/sha256_generic.c
index 0bb558344699..65e7b76b057f 100644
--- a/crypto/sha256_generic.c
+++ b/crypto/sha256_generic.c
@@ -211,10 +211,9 @@ static void sha256_transform(u32 *state, const u8 *input)
211 211
212 /* clear any sensitive info... */ 212 /* clear any sensitive info... */
213 a = b = c = d = e = f = g = h = t1 = t2 = 0; 213 a = b = c = d = e = f = g = h = t1 = t2 = 0;
214 memset(W, 0, 64 * sizeof(u32)); 214 memzero_explicit(W, 64 * sizeof(u32));
215} 215}
216 216
217
218static int sha224_init(struct shash_desc *desc) 217static int sha224_init(struct shash_desc *desc)
219{ 218{
220 struct sha256_state *sctx = shash_desc_ctx(desc); 219 struct sha256_state *sctx = shash_desc_ctx(desc);
@@ -317,7 +316,7 @@ static int sha224_final(struct shash_desc *desc, u8 *hash)
317 sha256_final(desc, D); 316 sha256_final(desc, D);
318 317
319 memcpy(hash, D, SHA224_DIGEST_SIZE); 318 memcpy(hash, D, SHA224_DIGEST_SIZE);
320 memset(D, 0, SHA256_DIGEST_SIZE); 319 memzero_explicit(D, SHA256_DIGEST_SIZE);
321 320
322 return 0; 321 return 0;
323} 322}