diff --git a/library/pkcs5.c b/library/pkcs5.c index 1533a929c..7d392a641 100644 --- a/library/pkcs5.c +++ b/library/pkcs5.c @@ -252,7 +252,7 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p unsigned int iteration_count, uint32_t key_length, unsigned char *output ) { - int ret, j; + int ret = 0, j; unsigned int i; unsigned char md1[MBEDTLS_MD_MAX_SIZE]; unsigned char work[MBEDTLS_MD_MAX_SIZE]; @@ -274,16 +274,16 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p // U1 ends up in work // if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) - return( ret ); + goto cleanup; if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 ) - return( ret ); + goto cleanup; if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 ) - return( ret ); + goto cleanup; if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 ) - return( ret ); + goto cleanup; memcpy( md1, work, md_size ); @@ -292,13 +292,13 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p // U2 ends up in md1 // if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 ) - return( ret ); + goto cleanup; if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 ) - return( ret ); + goto cleanup; if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 ) - return( ret ); + goto cleanup; // U1 xor U2 // @@ -317,11 +317,12 @@ int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *p break; } +cleanup: /* Zeroise buffers to clear sensitive data from memory. */ mbedtls_zeroize( work, MBEDTLS_MD_MAX_SIZE ); mbedtls_zeroize( md1, MBEDTLS_MD_MAX_SIZE ); - return( 0 ); + return( ret ); } #if defined(MBEDTLS_SELF_TEST)