libcli:smb: Zero sensitive memory after use

author Andreas Schneider <asn@samba.org>

Thu, 11 Oct 2018 12:33:52 +0000 (14:33 +0200)

committer Jeremy Allison <jra@samba.org>

Wed, 27 Feb 2019 00:35:19 +0000 (01:35 +0100)
author Andreas Schneider <asn@samba.org>
Thu, 11 Oct 2018 12:33:52 +0000 (14:33 +0200)
committer Jeremy Allison <jra@samba.org>
Wed, 27 Feb 2019 00:35:19 +0000 (01:35 +0100)
diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c

index 614a2b32dc0483075aac7601f1355f3bdc02d70f..18f5911ad5e45319865cf7fa7998efc65b57164a 100644 (file)
--- a/libcli/smb/smb2_signing.c
+++ b/libcli/smb/smb2_signing.c
@@ -76,6 +76,8 @@ NTSTATUS smb2_signing_sign_pdu(DATA_BLOB signing_key,
                                         vector[i].iov_len);
                 }
                 aes_cmac_128_final(&ctx, res);
+
+               ZERO_ARRAY(key);
         } else {
                 struct HMACSHA256Context m;
                 uint8_t digest[SHA256_DIGEST_LENGTH];
@@ -149,6 +151,8 @@ NTSTATUS smb2_signing_check_pdu(DATA_BLOB signing_key,
                                         vector[i].iov_len);
                 }
                 aes_cmac_128_final(&ctx, res);
+
+               ZERO_ARRAY(key);
         } else {
                 struct HMACSHA256Context m;
                 uint8_t digest[SHA256_DIGEST_LENGTH];
author	Andreas Schneider <asn@samba.org>
	Thu, 11 Oct 2018 12:33:52 +0000 (14:33 +0200)
committer	Jeremy Allison <jra@samba.org>
	Wed, 27 Feb 2019 00:35:19 +0000 (01:35 +0100)