diff options
| author |   jsing <jsing@openbsd.org> | 2016-12-21 16:44:31 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2016-12-21 16:44:31 +0000 |
| commit | 0ad90c3e6b15b9b6b8463a8a0f87d70c83a07ef4 (patch) | |
| tree | 4195f6af684a02a81f54eb05c5a0b887181c7039 /lib/libssl/s3_lib.c | |
| parent | Update libcrypto regress to handle header and non-exported symbol changes. (diff) | |
| download | wireguard-openbsd-0ad90c3e6b15b9b6b8463a8a0f87d70c83a07ef4.tar.xz wireguard-openbsd-0ad90c3e6b15b9b6b8463a8a0f87d70c83a07ef4.zip | |
Add support for ECDHE with X25519.
Testing of an earlier revision by naddy@.
ok beck@
Diffstat (limited to 'lib/libssl/s3_lib.c')
| -rw-r--r-- | lib/libssl/s3_lib.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index db9292172d9..212de5f7a44 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.113 2016/12/06 13:17:52 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.114 2016/12/21 16:44:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -151,6 +151,7 @@ #include <limits.h> #include <stdio.h> +#include <openssl/curve25519.h> #include <openssl/dh.h> #include <openssl/md5.h> #include <openssl/objects.h> @@ -1835,6 +1836,10 @@ ssl3_free(SSL *s) DH_free(s->s3->tmp.dh); EC_KEY_free(s->s3->tmp.ecdh); + if (s->s3->tmp.x25519 != NULL) + explicit_bzero(s->s3->tmp.x25519, X25519_KEY_LENGTH); + free(s->s3->tmp.x25519); + if (s->s3->tmp.ca_names != NULL) sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); BIO_free(s->s3->handshake_buffer); @@ -1861,6 +1866,11 @@ ssl3_clear(SSL *s) EC_KEY_free(s->s3->tmp.ecdh); s->s3->tmp.ecdh = NULL; + if (s->s3->tmp.x25519 != NULL) + explicit_bzero(s->s3->tmp.x25519, X25519_KEY_LENGTH); + free(s->s3->tmp.x25519); + s->s3->tmp.x25519 = NULL; + rp = s->s3->rbuf.buf; wp = s->s3->wbuf.buf; rlen = s->s3->rbuf.len; |