diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-08-24 08:09:31 +0200 |
---|---|---|
committer | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2017-08-25 16:36:21 +0200 |
commit | 3790a2f697985885821873e18c366690eba03e20 (patch) | |
tree | 43669fe12fd8c0a8e27dda9160d1b8869297e4fd /crypto | |
parent | 78f1e4d0b063e17c9700f2aceecaca03bfa434f3 (diff) |
Clear secret stack values after use in the ED25519-functions
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4242)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ec/curve25519.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c index 5c7182697a..8002b3e05a 100644 --- a/crypto/ec/curve25519.c +++ b/crypto/ec/curve25519.c @@ -4639,7 +4639,6 @@ int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, int ED25519_verify(const uint8_t *message, size_t message_len, const uint8_t signature[64], const uint8_t public_key[32]) { ge_p3 A; - uint8_t pkcopy[32]; uint8_t rcopy[32]; uint8_t scopy[32]; SHA512_CTX hash_ctx; @@ -4655,7 +4654,6 @@ int ED25519_verify(const uint8_t *message, size_t message_len, fe_neg(A.X, A.X); fe_neg(A.T, A.T); - memcpy(pkcopy, public_key, 32); memcpy(rcopy, signature, 32); memcpy(scopy, signature + 32, 32); @@ -4687,6 +4685,8 @@ void ED25519_public_from_private(uint8_t out_public_key[32], ge_scalarmult_base(&A, az); ge_p3_tobytes(out_public_key, &A); + + OPENSSL_cleanse(az, sizeof(az)); } int X25519(uint8_t out_shared_key[32], const uint8_t private_key[32], |