summaryrefslogtreecommitdiff
path: root/common/fpsensor/fpsensor_crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'common/fpsensor/fpsensor_crypto.c')
-rw-r--r--common/fpsensor/fpsensor_crypto.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/common/fpsensor/fpsensor_crypto.c b/common/fpsensor/fpsensor_crypto.c
index 6385b7116d..d5bbd03c38 100644
--- a/common/fpsensor/fpsensor_crypto.c
+++ b/common/fpsensor/fpsensor_crypto.c
@@ -5,6 +5,7 @@
#include "aes.h"
#include "aes-gcm.h"
+#include "cryptoc/util.h"
#include "fpsensor_crypto.h"
#include "fpsensor_private.h"
#include "fpsensor_state.h"
@@ -77,7 +78,7 @@ static int hkdf_expand_one_step(uint8_t *out_key, size_t out_key_size,
hmac_SHA256(key_buf, prk, prk_size, message_buf, info_size + 1);
memcpy(out_key, key_buf, out_key_size);
- memset(key_buf, 0, sizeof(key_buf));
+ always_memset(key_buf, 0, sizeof(key_buf));
return EC_SUCCESS;
}
@@ -100,7 +101,7 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
/* "Extract step of HKDF. */
hkdf_extract(prk, salt, FP_CONTEXT_SALT_BYTES, ikm, sizeof(ikm));
- memset(ikm, 0, sizeof(ikm));
+ always_memset(ikm, 0, sizeof(ikm));
/*
* Only 1 "expand" step of HKDF since the size of the "info" context
@@ -109,7 +110,7 @@ int derive_encryption_key(uint8_t *out_key, const uint8_t *salt)
*/
ret = hkdf_expand_one_step(out_key, SBP_ENC_KEY_LEN, prk, sizeof(prk),
(uint8_t *)user_id, sizeof(user_id));
- memset(prk, 0, sizeof(prk));
+ always_memset(prk, 0, sizeof(prk));
return ret;
}
View Lorry Controller Status