1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c
index d08c32d270..dae42b684f 100644
--- a/src/lib/libcrypto/kdf/tls1_prf.c
+++ b/src/lib/libcrypto/kdf/tls1_prf.c
@@ -50,7 +50,7 @@ static void pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx)
 {
    TLS1_PRF_PKEY_CTX *kctx = ctx->data;
    freezero(kctx->sec, kctx->seclen);
-    OPENSSL_cleanse(kctx->seed, kctx->seedlen);
+    explicit_bzero(kctx->seed, kctx->seedlen);
    OPENSSL_free(kctx);
 }
@@ -67,7 +67,7 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
            return 0;
        if (kctx->sec != NULL)
            freezero(kctx->sec, kctx->seclen);
-        OPENSSL_cleanse(kctx->seed, kctx->seedlen);
+        explicit_bzero(kctx->seed, kctx->seedlen);
        kctx->seedlen = 0;
        kctx->sec = OPENSSL_memdup(p2, p1);
        if (kctx->sec == NULL)
@@ -240,7 +240,7 @@ static int tls1_prf_P_hash(const EVP_MD *md,
    EVP_MD_CTX_free(ctx);
    EVP_MD_CTX_free(ctx_tmp);
    EVP_MD_CTX_free(ctx_init);
-    OPENSSL_cleanse(A1, sizeof(A1));
+    explicit_bzero(A1, sizeof(A1));
    return ret;
 }

diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c index d08c32d270..dae42b684f 100644 --- a/src/lib/libcrypto/kdf/tls1_prf.c +++ b/src/lib/libcrypto/kdf/tls1_prf.c
@@ -50,7 +50,7 @@ static void pkey_tls1_prf_cleanup(EVP_PKEY_CTX *ctx)
50	{	50	{
51	TLS1_PRF_PKEY_CTX *kctx = ctx->data;	51	TLS1_PRF_PKEY_CTX *kctx = ctx->data;
52	freezero(kctx->sec, kctx->seclen);	52	freezero(kctx->sec, kctx->seclen);
53	OPENSSL_cleanse(kctx->seed, kctx->seedlen);	53	explicit_bzero(kctx->seed, kctx->seedlen);
54	OPENSSL_free(kctx);	54	OPENSSL_free(kctx);
55	}	55	}
56		56
@@ -67,7 +67,7 @@ static int pkey_tls1_prf_ctrl(EVP_PKEY_CTX ctx, int type, int p1, void p2)
67	return 0;	67	return 0;
68	if (kctx->sec != NULL)	68	if (kctx->sec != NULL)
69	freezero(kctx->sec, kctx->seclen);	69	freezero(kctx->sec, kctx->seclen);
70	OPENSSL_cleanse(kctx->seed, kctx->seedlen);	70	explicit_bzero(kctx->seed, kctx->seedlen);
71	kctx->seedlen = 0;	71	kctx->seedlen = 0;
72	kctx->sec = OPENSSL_memdup(p2, p1);	72	kctx->sec = OPENSSL_memdup(p2, p1);
73	if (kctx->sec == NULL)	73	if (kctx->sec == NULL)
@@ -240,7 +240,7 @@ static int tls1_prf_P_hash(const EVP_MD *md,
240	EVP_MD_CTX_free(ctx);	240	EVP_MD_CTX_free(ctx);
241	EVP_MD_CTX_free(ctx_tmp);	241	EVP_MD_CTX_free(ctx_tmp);
242	EVP_MD_CTX_free(ctx_init);	242	EVP_MD_CTX_free(ctx_init);
243	OPENSSL_cleanse(A1, sizeof(A1));	243	explicit_bzero(A1, sizeof(A1));
244	return ret;	244	return ret;
245	}	245	}
246		246