diff options
Diffstat (limited to 'src/lib/libcrypto/evp/evp_key.c')
| -rw-r--r-- | src/lib/libcrypto/evp/evp_key.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c index 4271393069..5f387a94d3 100644 --- a/src/lib/libcrypto/evp/evp_key.c +++ b/src/lib/libcrypto/evp/evp_key.c | |||
| @@ -103,7 +103,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) | |||
| 103 | buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); | 103 | buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf); |
| 104 | ret = UI_process(ui); | 104 | ret = UI_process(ui); |
| 105 | UI_free(ui); | 105 | UI_free(ui); |
| 106 | memset(buff,0,BUFSIZ); | 106 | OPENSSL_cleanse(buff,BUFSIZ); |
| 107 | return ret; | 107 | return ret; |
| 108 | } | 108 | } |
| 109 | 109 | ||
| @@ -118,6 +118,8 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, | |||
| 118 | 118 | ||
| 119 | nkey=type->key_len; | 119 | nkey=type->key_len; |
| 120 | niv=type->iv_len; | 120 | niv=type->iv_len; |
| 121 | OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH); | ||
| 122 | OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH); | ||
| 121 | 123 | ||
| 122 | if (data == NULL) return(nkey); | 124 | if (data == NULL) return(nkey); |
| 123 | 125 | ||
| @@ -166,7 +168,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md, | |||
| 166 | if ((nkey == 0) && (niv == 0)) break; | 168 | if ((nkey == 0) && (niv == 0)) break; |
| 167 | } | 169 | } |
| 168 | EVP_MD_CTX_cleanup(&c); | 170 | EVP_MD_CTX_cleanup(&c); |
| 169 | memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); | 171 | OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE); |
| 170 | return(type->key_len); | 172 | return(type->key_len); |
| 171 | } | 173 | } |
| 172 | 174 | ||