SHA256_Init(&s);
SHA256_Bytes(&s, p, len);
SHA256_Final(&s, output);
+ smemclr(&s, sizeof(s));
}
/*
return s;
}
-static void sha256_bytes(void *handle, void *p, int len)
+static void sha256_bytes(void *handle, const void *p, int len)
{
SHA256_State *s = handle;
SHA256_State *s = handle;
SHA256_Final(s, output);
+ smemclr(s, sizeof(*s));
sfree(s);
}
static void sha256_free_context(void *handle)
{
+ smemclr(handle, 3 * sizeof(SHA256_State));
sfree(handle);
}
{
unsigned char correct[32];
hmacsha256_genresult(handle, correct);
- return !memcmp(correct, hmac, 32);
+ return smemeq(correct, hmac, 32);
}
static int sha256_verify(void *handle, unsigned char *blk, int len,
{
unsigned char correct[32];
sha256_do_hmac(handle, blk, len, seq, correct);
- return !memcmp(correct, blk + len, 32);
+ return smemeq(correct, blk + len, 32);
}
const struct ssh_mac ssh_hmac_sha256 = {