fips: zeroization of public security parameters (PSPs)

ISO 19790:2012/Cor.1:2015 7.9 requires cryptographic module to provide methods to zeroise all unproctected security sensitive parameters (which inclues both Critical/Private **and** Public security parameters). And those that are temprorarly stored are required to be zeroised after they are no longer needed at security levels 2 and higher. Comply with the above requirements by always zeroising public security parameters whenever they are freed. This is currently done under the FIPS feature, however the requirement comes from the ISO 19790:2012 which may also be needed in other jurisdictions. If not always. Note FIPS 140-3 includes ISO 19790:2012 by reference. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24355)
author: Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk> 2024-04-28 19:40:26 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-05-13 11:14:11 +0200
commit: fa338aa7cd1e893679c3e1c47465dcb11f90abfb (patch)
tree: 1e6e01bf380c92578eb72d3ac6c61b21ac6886a8 /crypto/rsa
parent: fa4ee4043473185a5894274a2fa7fa2c4dc15a3c (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 5350a4e659..93ff951875 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -159,8 +159,13 @@ void RSA_free(RSA *r)
     CRYPTO_THREAD_lock_free(r->lock);
     CRYPTO_FREE_REF(&r->references);
 
+#ifdef FIPS_MODULE
+    BN_clear_free(r->n);
+    BN_clear_free(r->e);
+#else
     BN_free(r->n);
     BN_free(r->e);
+#endif
     BN_clear_free(r->d);
     BN_clear_free(r->p);
     BN_clear_free(r->q);
author	Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>	2024-04-28 19:40:26 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-05-13 11:14:11 +0200
commit	fa338aa7cd1e893679c3e1c47465dcb11f90abfb (patch)
tree	1e6e01bf380c92578eb72d3ac6c61b21ac6886a8 /crypto/rsa
parent	fa4ee4043473185a5894274a2fa7fa2c4dc15a3c (diff)