Signed-off-by: Tudor Ambarus <tudor.amba...@microchip.com>
---
crypto/authencesn.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/crypto/authencesn.c b/crypto/authencesn.c
index 15f91dd..3bed6d1 100644
--- a/crypto/authencesn.c
+++ b/crypto/authencesn.c
@@ -69,8 +69,10 @@ static int crypto_authenc_esn_setkey(struct crypto_aead
*authenc_esn, const u8 *
struct crypto_authenc_keys keys;
int err = -EINVAL;
- if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
- goto badkey;
+ if (crypto_authenc_extractkeys(&keys, key, keylen) != 0) {
+ crypto_aead_set_flags(authenc_esn, CRYPTO_TFM_RES_BAD_KEY_LEN);
+ goto out;
+ }
crypto_ahash_clear_flags(auth, CRYPTO_TFM_REQ_MASK);
crypto_ahash_set_flags(auth, crypto_aead_get_flags(authenc_esn) &
@@ -90,11 +92,8 @@ static int crypto_authenc_esn_setkey(struct crypto_aead
*authenc_esn, const u8 *
CRYPTO_TFM_RES_MASK);
out:
+ memzero_explicit(&keys, sizeof(keys));
return err;
-
-badkey:
- crypto_aead_set_flags(authenc_esn, CRYPTO_TFM_RES_BAD_KEY_LEN);
- goto out;
}
static int crypto_authenc_esn_genicv_tail(struct aead_request *req,
--
2.9.4
