From 6ed33c39344921294b782f004002a942cbd82eb6 Mon Sep 17 00:00:00 2001 From: lloyd Date: Sun, 23 Nov 2008 17:59:11 +0000 Subject: In Randpool and HMAC_RNG, zeroize the I/O buffer used for holding polled randomness data after the contents have been fed into the MAC. --- src/rng/hmac_rng/hmac_rng.cpp | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/rng/hmac_rng/hmac_rng.cpp') diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp index 95b119b9d..5f59a1691 100644 --- a/src/rng/hmac_rng/hmac_rng.cpp +++ b/src/rng/hmac_rng/hmac_rng.cpp @@ -72,6 +72,7 @@ void HMAC_RNG::randomize(byte out[], u32bit length) source_index = (source_index + 1) % entropy_sources.size(); extractor->update(io_buffer, got); + io_buffer.clear(); } } @@ -121,6 +122,7 @@ void HMAC_RNG::reseed_with_input(const byte input[], u32bit input_length) entropy += got; extractor->update(io_buffer, got); + io_buffer.clear(); } for(u32bit j = 0; j != entropy_sources.size(); ++j) @@ -130,6 +132,7 @@ void HMAC_RNG::reseed_with_input(const byte input[], u32bit input_length) entropy += got; extractor->update(io_buffer, got); + io_buffer.clear(); } } -- cgit v1.2.3