Lacking a proof that--for this implementation--exposure of Montgomery

multiplication or RSA blinding parameters doesn't permit retroactive timing analysis of the secrets, we'll do the stupidly cheap thing and cleanse them before freeing them. ok deraadt@
author: guenther <> 2014-04-19 13:31:24 +0000
committer: guenther <> 2014-04-19 13:31:24 +0000
commit: a092cc42c2784b8fd7d39254deb6e25e59f729a5 (patch)
tree: 3f95cbcaa6760ca5e2fb9f5c9be816b839525eae /src/lib/libcrypto/bn/bn_blind.c
parent: 6fe80265118d9f1ac3f68f9ac699d988e27d47b0 (diff)
download: openbsd-a092cc42c2784b8fd7d39254deb6e25e59f729a5.tar.gz
openbsd-a092cc42c2784b8fd7d39254deb6e25e59f729a5.tar.bz2
openbsd-a092cc42c2784b8fd7d39254deb6e25e59f729a5.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c
index 264531013e..f424e479d3 100644
--- a/src/lib/libcrypto/bn/bn_blind.c
+++ b/src/lib/libcrypto/bn/bn_blind.c
@@ -176,10 +176,10 @@ void BN_BLINDING_free(BN_BLINDING *r)
        if(r == NULL)
            return;
-        if (r->A  != NULL) BN_free(r->A );
+        if (r->A  != NULL) BN_clear_free(r->A );
-        if (r->Ai != NULL) BN_free(r->Ai);
+        if (r->Ai != NULL) BN_clear_free(r->Ai);
-        if (r->e  != NULL) BN_free(r->e );
+        if (r->e  != NULL) BN_clear_free(r->e );
-        if (r->mod != NULL) BN_free(r->mod); 
+        if (r->mod != NULL) BN_clear_free(r->mod); 
        free(r);
        }
author	guenther <>	2014-04-19 13:31:24 +0000
committer	guenther <>	2014-04-19 13:31:24 +0000
commit	a092cc42c2784b8fd7d39254deb6e25e59f729a5 (patch)
tree	3f95cbcaa6760ca5e2fb9f5c9be816b839525eae /src/lib/libcrypto/bn/bn_blind.c
parent	6fe80265118d9f1ac3f68f9ac699d988e27d47b0 (diff)
download	openbsd-a092cc42c2784b8fd7d39254deb6e25e59f729a5.tar.gz openbsd-a092cc42c2784b8fd7d39254deb6e25e59f729a5.tar.bz2 openbsd-a092cc42c2784b8fd7d39254deb6e25e59f729a5.zip

diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c index 264531013e..f424e479d3 100644 --- a/src/lib/libcrypto/bn/bn_blind.c +++ b/src/lib/libcrypto/bn/bn_blind.c
@@ -176,10 +176,10 @@ void BN_BLINDING_free(BN_BLINDING *r)
176	if(r == NULL)	176	if(r == NULL)
177	return;	177	return;
178		178
179	if (r->A != NULL) BN_free(r->A );	179	if (r->A != NULL) BN_clear_free(r->A );
180	if (r->Ai != NULL) BN_free(r->Ai);	180	if (r->Ai != NULL) BN_clear_free(r->Ai);
181	if (r->e != NULL) BN_free(r->e );	181	if (r->e != NULL) BN_clear_free(r->e );
182	if (r->mod != NULL) BN_free(r->mod);	182	if (r->mod != NULL) BN_clear_free(r->mod);
183	free(r);	183	free(r);
184	}	184	}
185		185