Clear some more places with potentially sensitive data.

MFC after: 1 week
author: pjd <pjd@FreeBSD.org> 2013-12-15 22:52:18 +0000
committer: pjd <pjd@FreeBSD.org> 2013-12-15 22:52:18 +0000
commit: 8f9b4c6a1e9be0e98ffdf5ee87683de092014b89 (patch)
tree: c33b8882ec5cca8e2566218024367fc641401c2b /sys/geom
parent: 170007786b70f8b6c757ce9ce2c4817d0a85d701 (diff)
download: FreeBSD-src-8f9b4c6a1e9be0e98ffdf5ee87683de092014b89.zip
FreeBSD-src-8f9b4c6a1e9be0e98ffdf5ee87683de092014b89.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/sys/geom/eli/g_eli_crypto.c b/sys/geom/eli/g_eli_crypto.c
index 8cf9ec1..e7217a1 100644
--- a/sys/geom/eli/g_eli_crypto.c
+++ b/sys/geom/eli/g_eli_crypto.c
@@ -288,10 +288,12 @@ g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize)
 	bzero(ctx, sizeof(*ctx));
 	SHA512_Update(&lctx, digest, sizeof(digest));
 	SHA512_Final(digest, &lctx);
+	bzero(&lctx, sizeof(lctx));
 	/* mdsize == 0 means "Give me the whole hash!" */
 	if (mdsize == 0)
 		mdsize = SHA512_MDLEN;
 	bcopy(digest, md, mdsize);
+	bzero(digest, sizeof(digest));
 }
 
 void
author	pjd <pjd@FreeBSD.org>	2013-12-15 22:52:18 +0000
committer	pjd <pjd@FreeBSD.org>	2013-12-15 22:52:18 +0000
commit	8f9b4c6a1e9be0e98ffdf5ee87683de092014b89 (patch)
tree	c33b8882ec5cca8e2566218024367fc641401c2b /sys/geom
parent	170007786b70f8b6c757ce9ce2c4817d0a85d701 (diff)
download	FreeBSD-src-8f9b4c6a1e9be0e98ffdf5ee87683de092014b89.zip FreeBSD-src-8f9b4c6a1e9be0e98ffdf5ee87683de092014b89.tar.gz