From e8950bc2aeaa06ebf81641672571928b23344a0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Sat, 30 Jun 2007 08:04:00 +0000
Subject: [PATCH] (HMAC_Init_ex): also zero out key material on re-init.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21391 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hcrypto/hmac.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/lib/hcrypto/hmac.c b/lib/hcrypto/hmac.c
index 848b987a9..b8156e38d 100644
--- a/lib/hcrypto/hmac.c
+++ b/lib/hcrypto/hmac.c
@@ -52,8 +52,10 @@ HMAC_Init_ex(HMAC_CTX *ctx,
 
     if (ctx->md != md) {
 	ctx->md = md;
-	if (ctx->buf)
+	if (ctx->buf) {
+	    memset(ctx->buf, 0, ctx->key_length);
 	    free (ctx->buf);
+	}
 	ctx->key_length = EVP_MD_size(ctx->md);
 	ctx->buf = malloc(ctx->key_length);
     }
@@ -67,10 +69,14 @@ HMAC_Init_ex(HMAC_CTX *ctx,
 	keylen = EVP_MD_size(ctx->md);
     }
 
-    if (ctx->opad)
+    if (ctx->opad) {
+	memset(ctx->opad, 0, ctx->key_length);
 	free(ctx->opad);
-    if (ctx->ipad)
+    }
+    if (ctx->ipad) {
+	memset(ctx->ipad, 0, ctx->key_length);
 	free(ctx->ipad);
+    }
 
     ctx->opad = malloc(EVP_MD_block_size(ctx->md));
     ctx->ipad = malloc(EVP_MD_block_size(ctx->md));