diff options
| author | jsing <> | 2014-06-15 15:39:43 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-15 15:39:43 +0000 |
| commit | fcfbc2b8c849e919658e9f9b4fd91038fdd99925 (patch) | |
| tree | 40e6a1f772d6387cc727916c7d564f01c0244781 /src | |
| parent | 2a844ef43b13fc36ea1f6191afa62385ea91a7d3 (diff) | |
| download | openbsd-fcfbc2b8c849e919658e9f9b4fd91038fdd99925.tar.gz openbsd-fcfbc2b8c849e919658e9f9b4fd91038fdd99925.tar.bz2 openbsd-fcfbc2b8c849e919658e9f9b4fd91038fdd99925.zip | |
The OPENSSL_cleanse() in aes_gcm_cleanup() only cleans the gcm field of the
EVP_AES_GCM_CTX, leaving the AES key untouched - clean the entire context,
rather than just part of it.
ok beck@ miod@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/evp/e_aes.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/evp/e_aes.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/lib/libcrypto/evp/e_aes.c b/src/lib/libcrypto/evp/e_aes.c index 197333a6ed..07b3469f42 100644 --- a/src/lib/libcrypto/evp/e_aes.c +++ b/src/lib/libcrypto/evp/e_aes.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_aes.c,v 1.19 2014/06/12 15:49:29 deraadt Exp $ */ | 1 | /* $OpenBSD: e_aes.c,v 1.20 2014/06/15 15:39:43 jsing Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -651,7 +651,7 @@ aes_gcm_cleanup(EVP_CIPHER_CTX *c) | |||
| 651 | { | 651 | { |
| 652 | EVP_AES_GCM_CTX *gctx = c->cipher_data; | 652 | EVP_AES_GCM_CTX *gctx = c->cipher_data; |
| 653 | 653 | ||
| 654 | OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm)); | 654 | OPENSSL_cleanse(gctx, sizeof(*gctx)); |
| 655 | if (gctx->iv != c->iv) | 655 | if (gctx->iv != c->iv) |
| 656 | free(gctx->iv); | 656 | free(gctx->iv); |
| 657 | return 1; | 657 | return 1; |
diff --git a/src/lib/libssl/src/crypto/evp/e_aes.c b/src/lib/libssl/src/crypto/evp/e_aes.c index 197333a6ed..07b3469f42 100644 --- a/src/lib/libssl/src/crypto/evp/e_aes.c +++ b/src/lib/libssl/src/crypto/evp/e_aes.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: e_aes.c,v 1.19 2014/06/12 15:49:29 deraadt Exp $ */ | 1 | /* $OpenBSD: e_aes.c,v 1.20 2014/06/15 15:39:43 jsing Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2001-2011 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -651,7 +651,7 @@ aes_gcm_cleanup(EVP_CIPHER_CTX *c) | |||
| 651 | { | 651 | { |
| 652 | EVP_AES_GCM_CTX *gctx = c->cipher_data; | 652 | EVP_AES_GCM_CTX *gctx = c->cipher_data; |
| 653 | 653 | ||
| 654 | OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm)); | 654 | OPENSSL_cleanse(gctx, sizeof(*gctx)); |
| 655 | if (gctx->iv != c->iv) | 655 | if (gctx->iv != c->iv) |
| 656 | free(gctx->iv); | 656 | free(gctx->iv); |
| 657 | return 1; | 657 | return 1; |