diff options
| author | jsing <> | 2015-09-12 12:17:00 +0000 |
|---|---|---|
| committer | jsing <> | 2015-09-12 12:17:00 +0000 |
| commit | 92f4e2ce0c9ddc92f921c99c2ca499dd86451dd4 (patch) | |
| tree | 75f0144981ebe2880ac5c5d651b4240a12974dec /src | |
| parent | 71c66c3cf85e874d743ea388506c9a1faf4806dd (diff) | |
| download | openbsd-92f4e2ce0c9ddc92f921c99c2ca499dd86451dd4.tar.gz openbsd-92f4e2ce0c9ddc92f921c99c2ca499dd86451dd4.tar.bz2 openbsd-92f4e2ce0c9ddc92f921c99c2ca499dd86451dd4.zip | |
Use explicit_bzero() instead of memset() when clearing private keys.
ok bcook@ beck@ miod@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_clnt.c | 7 |
2 files changed, 8 insertions, 6 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index c2da428955..12677319cc 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.129 2015/09/12 10:25:38 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.130 2015/09/12 12:17:00 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1978,7 +1978,7 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1978 | s->session->master_key, p, n); | 1978 | s->session->master_key, p, n); |
| 1979 | 1979 | ||
| 1980 | /* Clean up. */ | 1980 | /* Clean up. */ |
| 1981 | memset(p, 0, n); | 1981 | explicit_bzero(p, n); |
| 1982 | 1982 | ||
| 1983 | /* Send off the data. */ | 1983 | /* Send off the data. */ |
| 1984 | n = BN_num_bytes(dh_clnt->pub_key); | 1984 | n = BN_num_bytes(dh_clnt->pub_key); |
| @@ -2071,7 +2071,8 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2071 | s->method->ssl3_enc->generate_master_secret(s, | 2071 | s->method->ssl3_enc->generate_master_secret(s, |
| 2072 | s->session->master_key, p, n); | 2072 | s->session->master_key, p, n); |
| 2073 | 2073 | ||
| 2074 | memset(p, 0, n); /* clean up */ | 2074 | /* Clean up. */ |
| 2075 | explicit_bzero(p, n); | ||
| 2075 | 2076 | ||
| 2076 | /* | 2077 | /* |
| 2077 | * First check the size of encoding and | 2078 | * First check the size of encoding and |
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c index c2da428955..12677319cc 100644 --- a/src/lib/libssl/src/ssl/s3_clnt.c +++ b/src/lib/libssl/src/ssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.129 2015/09/12 10:25:38 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.130 2015/09/12 12:17:00 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1978,7 +1978,7 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 1978 | s->session->master_key, p, n); | 1978 | s->session->master_key, p, n); |
| 1979 | 1979 | ||
| 1980 | /* Clean up. */ | 1980 | /* Clean up. */ |
| 1981 | memset(p, 0, n); | 1981 | explicit_bzero(p, n); |
| 1982 | 1982 | ||
| 1983 | /* Send off the data. */ | 1983 | /* Send off the data. */ |
| 1984 | n = BN_num_bytes(dh_clnt->pub_key); | 1984 | n = BN_num_bytes(dh_clnt->pub_key); |
| @@ -2071,7 +2071,8 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2071 | s->method->ssl3_enc->generate_master_secret(s, | 2071 | s->method->ssl3_enc->generate_master_secret(s, |
| 2072 | s->session->master_key, p, n); | 2072 | s->session->master_key, p, n); |
| 2073 | 2073 | ||
| 2074 | memset(p, 0, n); /* clean up */ | 2074 | /* Clean up. */ |
| 2075 | explicit_bzero(p, n); | ||
| 2075 | 2076 | ||
| 2076 | /* | 2077 | /* |
| 2077 | * First check the size of encoding and | 2078 | * First check the size of encoding and |