commit 3d98b9744272652609931b451bcde71ec0d1392a
author Andres Amaya Garcia <Andres.AmayaGarcia@arm.com> Wed Sep 20 11:47:49 2017 +0100
committer Andres Amaya Garcia <Andres.AmayaGarcia@arm.com> Wed Sep 20 11:47:49 2017 +0100
tree 618bbf49e1ccb644fb14992b545ef6aad3b434d3
parent 2d829fb4b367427749727aeabb1bbfbd0f244567

Modify zeroize internal buffers in md modules

Modify all the following functions to zeroize an internal buffer before
exiting the function. The buffer could potentially contain confidential
data read from a file.

* md2_file()
* md4_file()
* md5_file()
* ripemd160_file()
* sha1_file()
* sha256_file()
* sha512_file()

library/ripemd160.c

diff --git a/library/ripemd160.c b/library/ripemd160.c
index 2c196f4..7b5d02e 100644
--- a/library/ripemd160.c
+++ b/library/ripemd160.c
@@ -388,6 +388,7 @@
  */
 int ripemd160_file( const char *path, unsigned char output[20] )
 {
+    int ret = 0;
     FILE *f;
     size_t n;
     ripemd160_context ctx;
@@ -402,17 +403,16 @@
     while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
         ripemd160_update( &ctx, buf, n );
 
-    ripemd160_finish( &ctx, output );
-    ripemd160_free( &ctx );
-
     if( ferror( f ) != 0 )
-    {
-        fclose( f );
-        return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR );
-    }
+        ret = POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR;
+    else
+        ripemd160_finish( &ctx, output );
 
+    ripemd160_free( &ctx );
+    polarssl_zeroize( buf, sizeof( buf ) );
     fclose( f );
-    return( 0 );
+
+    return( ret );
 }
 #endif /* POLARSSL_FS_IO */