From 8f9b4c6a1e9be0e98ffdf5ee87683de092014b89 Mon Sep 17 00:00:00 2001
From: pjd <pjd@FreeBSD.org>
Date: Sun, 15 Dec 2013 22:52:18 +0000
Subject: Clear some more places with potentially sensitive data.

MFC after:	1 week
---
 sys/geom/eli/g_eli_crypto.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'sys/geom')

diff --git a/sys/geom/eli/g_eli_crypto.c b/sys/geom/eli/g_eli_crypto.c
index 8cf9ec1..e7217a1 100644
--- a/sys/geom/eli/g_eli_crypto.c
+++ b/sys/geom/eli/g_eli_crypto.c
@@ -288,10 +288,12 @@ g_eli_crypto_hmac_final(struct hmac_ctx *ctx, uint8_t *md, size_t mdsize)
 	bzero(ctx, sizeof(*ctx));
 	SHA512_Update(&lctx, digest, sizeof(digest));
 	SHA512_Final(digest, &lctx);
+	bzero(&lctx, sizeof(lctx));
 	/* mdsize == 0 means "Give me the whole hash!" */
 	if (mdsize == 0)
 		mdsize = SHA512_MDLEN;
 	bcopy(digest, md, mdsize);
+	bzero(digest, sizeof(digest));
 }
 
 void
-- 
cgit v1.1