diff options
author | slontis <shane.lontis@oracle.com> | 2022-12-22 12:01:02 +1000 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-01-04 16:33:47 +0100 |
commit | 177d433bda2ffd287d676bc53b549b6c246973e6 (patch) | |
tree | 4a271c31a5574f44655f4b4d44fdec8a2ae8801d | |
parent | a53d4f83fcfc3e12581da29f55ca5867d1e47ae0 (diff) | |
download | openssl-new-177d433bda2ffd287d676bc53b549b6c246973e6.tar.gz |
Cleanse internal BN_generate_dsa_nonce() buffers used to generate k.
Fixes #9205
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19954)
-rw-r--r-- | crypto/bn/bn_rand.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index 46ace0744d..3b213d46c5 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -318,7 +318,9 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, err: EVP_MD_CTX_free(mdctx); EVP_MD_free(md); - OPENSSL_free(k_bytes); + OPENSSL_clear_free(k_bytes, num_k_bytes); + OPENSSL_cleanse(digest, sizeof(digest)); + OPENSSL_cleanse(random_bytes, sizeof(random_bytes)); OPENSSL_cleanse(private_bytes, sizeof(private_bytes)); return ret; } |