diff options
| author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-08-24 07:53:13 +0200 |
|---|---|---|
| committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-08-25 16:36:21 +0200 |
| commit | 78f1e4d0b063e17c9700f2aceecaca03bfa434f3 (patch) | |
| tree | 916c956c3ae2cc3b604eefbba555d3eed2404f58 /crypto/ec | |
| parent | bf208d9501b7b367da55236a418e6c3e09bf5877 (diff) | |
Clear secret stack values after use in curve25519.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4242)
Diffstat (limited to 'crypto/ec')
| -rw-r--r-- | crypto/ec/curve25519.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c index e467eef7d3..5c7182697a 100644 --- a/crypto/ec/curve25519.c +++ b/crypto/ec/curve25519.c @@ -3448,6 +3448,8 @@ static void ge_scalarmult_base(ge_p3 *h, const uint8_t *a) { ge_madd(&r, h, &t); ge_p1p1_to_p3(h, &r); } + + OPENSSL_cleanse(e, sizeof(e)); } /* Replace (f,g) with (g,f) if b == 1; @@ -3578,6 +3580,8 @@ static void x25519_scalar_mult_generic(uint8_t out[32], fe_invert(z2, z2); fe_mul(x2, x2, z2); fe_tobytes(out, x2); + + OPENSSL_cleanse(e, sizeof(e)); } static void x25519_scalar_mult(uint8_t out[32], const uint8_t scalar[32], @@ -4713,4 +4717,6 @@ void X25519_public_from_private(uint8_t out_public_value[32], fe_invert(zminusy_inv, zminusy); fe_mul(zplusy, zplusy, zminusy_inv); fe_tobytes(out_public_value, zplusy); + + OPENSSL_cleanse(e, sizeof(e)); } |