From 74924dcb3802640d7e2ae2e80ca6515d0a53de7a Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Fri, 24 Apr 2015 16:39:40 -0400
Subject: More secure storage of key material.

Add secure heap for storage of private keys (when possible).
Add BIO_s_secmem(), CBIGNUM, etc.
Add BIO_CTX_secure_new so all BIGNUM's in the context are secure.
Contributed by Akamai Technologies under the Corporate CLA.

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 crypto/dh/dh_key.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/dh/dh_key.c')

diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index ff91d41d79..b6c3038976 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -125,7 +125,7 @@ static int generate_key(DH *dh)
         goto err;
 
     if (dh->priv_key == NULL) {
-        priv_key = BN_new();
+        priv_key = BN_secure_new();
         if (priv_key == NULL)
             goto err;
         generate_new_key = 1;
-- 
cgit v1.2.3