summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/p5_crpt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/evp/p5_crpt.c')
-rw-r--r--src/lib/libcrypto/evp/p5_crpt.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 27a8286489..a1874e83b2 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -140,12 +140,14 @@ int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
140 EVP_DigestFinal_ex (&ctx, md_tmp, NULL); 140 EVP_DigestFinal_ex (&ctx, md_tmp, NULL);
141 } 141 }
142 EVP_MD_CTX_cleanup(&ctx); 142 EVP_MD_CTX_cleanup(&ctx);
143 OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= sizeof md_tmp);
143 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher)); 144 memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
145 OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
144 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), 146 memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
145 EVP_CIPHER_iv_length(cipher)); 147 EVP_CIPHER_iv_length(cipher));
146 EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de); 148 EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de);
147 memset(md_tmp, 0, EVP_MAX_MD_SIZE); 149 OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
148 memset(key, 0, EVP_MAX_KEY_LENGTH); 150 OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
149 memset(iv, 0, EVP_MAX_IV_LENGTH); 151 OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
150 return 1; 152 return 1;
151} 153}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 17:21:38 +0000