diff options
author | slontis <shane.lontis@oracle.com> | 2022-12-22 12:01:02 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-01-04 16:35:02 +0100 |
commit | 7736379c5c046c6fec7d41369d307db4c8702eac (patch) | |
tree | 0869068468459f3879788a4d800da7f29529f940 /crypto | |
parent | 1bd53640a2a57be33dad74866fa7cdc59cc4101e (diff) |
Cleanse internal BN_generate_dsa_nonce() buffers used to generate k.
Fixes #9205
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19954)
(cherry picked from commit 177d433bda2ffd287d676bc53b549b6c246973e6)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/bn/bn_rand.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 05d4c6ecd7..d4d574a5c1 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -320,7 +320,9 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, err: EVP_MD_CTX_free(mdctx); EVP_MD_free(md); - OPENSSL_free(k_bytes); + OPENSSL_clear_free(k_bytes, num_k_bytes); + OPENSSL_cleanse(digest, sizeof(digest)); + OPENSSL_cleanse(random_bytes, sizeof(random_bytes)); OPENSSL_cleanse(private_bytes, sizeof(private_bytes)); return ret; } |