diff options
author | slontis <shane.lontis@oracle.com> | 2022-12-22 12:01:02 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-01-04 16:34:34 +0100 |
commit | 98fa15347ea385e89cee78a4d682c6c071233812 (patch) | |
tree | 237ba01bf750c5e26adb9b47eba3f5f39538e78a /crypto/bn | |
parent | de87b146c43726f8dae235d274f0ecf03f125492 (diff) |
Cleanse internal BN_generate_dsa_nonce() buffers used to generate k.
Fixes #9205
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19954)
(cherry picked from commit 177d433bda2ffd287d676bc53b549b6c246973e6)
Diffstat (limited to 'crypto/bn')
-rw-r--r-- | crypto/bn/bn_rand.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 05d4c6ecd7..d4d574a5c1 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -320,7 +320,9 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, err: EVP_MD_CTX_free(mdctx); EVP_MD_free(md); - OPENSSL_free(k_bytes); + OPENSSL_clear_free(k_bytes, num_k_bytes); + OPENSSL_cleanse(digest, sizeof(digest)); + OPENSSL_cleanse(random_bytes, sizeof(random_bytes)); OPENSSL_cleanse(private_bytes, sizeof(private_bytes)); return ret; } |