s390x assembly pack: cleanse only sensitive fields

of instruction parameter blocks. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10004)
author: Patrick Steuer <patrick.steuer@de.ibm.com> 2019-09-24 14:44:27 +0200
committer: Patrick Steuer <patrick.steuer@de.ibm.com> 2019-09-25 15:53:53 +0200
commit: 2281be2ed4a7df462677661d30b13826ae6b3e26 (patch)
tree: a26e61a806b4f3005a152aa46eacab7868c5b6e2
parent: ac037dc874a721ca81a33b4314e26cef4a7e8d48 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/ec/ecp_s390x_nistp.c b/crypto/ec/ecp_s390x_nistp.c
index be81f0b8f0..9533698b0f 100644
--- a/crypto/ec/ecp_s390x_nistp.c
+++ b/crypto/ec/ecp_s390x_nistp.c
@@ -110,7 +110,7 @@ ret:
     /* Otherwise use default. */
     if (rc == -1)
         rc = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
-    OPENSSL_cleanse(param, sizeof(param));
+    OPENSSL_cleanse(param + S390X_OFF_SCALAR(len), len);
     BN_CTX_end(ctx);
     BN_CTX_free(new_ctx);
     return rc;
@@ -203,7 +203,7 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign_sig(const unsigned char *dgst,
 
     ok = 1;
 ret:
-    OPENSSL_cleanse(param, sizeof(param));
+    OPENSSL_cleanse(param + S390X_OFF_K(len), 2 * len);
     if (ok != 1) {
         ECDSA_SIG_free(sig);
         sig = NULL;
author	Patrick Steuer <patrick.steuer@de.ibm.com>	2019-09-24 14:44:27 +0200
committer	Patrick Steuer <patrick.steuer@de.ibm.com>	2019-09-25 15:53:53 +0200
commit	2281be2ed4a7df462677661d30b13826ae6b3e26 (patch)
tree	a26e61a806b4f3005a152aa46eacab7868c5b6e2
parent	ac037dc874a721ca81a33b4314e26cef4a7e8d48 (diff)