diff options
| author | guenther <> | 2014-04-19 13:31:24 +0000 |
|---|---|---|
| committer | guenther <> | 2014-04-19 13:31:24 +0000 |
| commit | b9ebb64eeaa6ad5070ce2ace703c94382abf955f (patch) | |
| tree | 3f95cbcaa6760ca5e2fb9f5c9be816b839525eae /src/lib/libcrypto/bn/bn_blind.c | |
| parent | 7e0c192deac57ad25c3b253ccb32dfe88cfef27f (diff) | |
| download | openbsd-b9ebb64eeaa6ad5070ce2ace703c94382abf955f.tar.gz openbsd-b9ebb64eeaa6ad5070ce2ace703c94382abf955f.tar.bz2 openbsd-b9ebb64eeaa6ad5070ce2ace703c94382abf955f.zip | |
Lacking a proof that--for this implementation--exposure of Montgomery
multiplication or RSA blinding parameters doesn't permit retroactive
timing analysis of the secrets, we'll do the stupidly cheap thing and
cleanse them before freeing them.
ok deraadt@
Diffstat (limited to 'src/lib/libcrypto/bn/bn_blind.c')
| -rw-r--r-- | src/lib/libcrypto/bn/bn_blind.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c index 264531013e..f424e479d3 100644 --- a/src/lib/libcrypto/bn/bn_blind.c +++ b/src/lib/libcrypto/bn/bn_blind.c | |||
| @@ -176,10 +176,10 @@ void BN_BLINDING_free(BN_BLINDING *r) | |||
| 176 | if(r == NULL) | 176 | if(r == NULL) |
| 177 | return; | 177 | return; |
| 178 | 178 | ||
| 179 | if (r->A != NULL) BN_free(r->A ); | 179 | if (r->A != NULL) BN_clear_free(r->A ); |
| 180 | if (r->Ai != NULL) BN_free(r->Ai); | 180 | if (r->Ai != NULL) BN_clear_free(r->Ai); |
| 181 | if (r->e != NULL) BN_free(r->e ); | 181 | if (r->e != NULL) BN_clear_free(r->e ); |
| 182 | if (r->mod != NULL) BN_free(r->mod); | 182 | if (r->mod != NULL) BN_clear_free(r->mod); |
| 183 | free(r); | 183 | free(r); |
| 184 | } | 184 | } |
| 185 | 185 | ||