diff options
| author |   guenther <guenther@openbsd.org> | 2014-04-19 13:31:24 +0000 |
|---|---|---|
| committer | guenther <guenther@openbsd.org> | 2014-04-19 13:31:24 +0000 |
| commit | c3fb511f8056bda61af5a5bffef5bd4ab077c84e (patch) | |
| tree | 1b731c32d06a886e21d1824097a220304d59ec6f /lib/libssl/src | |
| parent | More KNF. (diff) | |
| download | wireguard-openbsd-c3fb511f8056bda61af5a5bffef5bd4ab077c84e.tar.xz wireguard-openbsd-c3fb511f8056bda61af5a5bffef5bd4ab077c84e.zip | |
Lacking a proof that--for this implementation--exposure of Montgomery
multiplication or RSA blinding parameters doesn't permit retroactive
timing analysis of the secrets, we'll do the stupidly cheap thing and
cleanse them before freeing them.
ok deraadt@
Diffstat (limited to 'lib/libssl/src')
| -rw-r--r-- | lib/libssl/src/crypto/bn/bn_blind.c | 8 | ||||
| -rw-r--r-- | lib/libssl/src/crypto/bn/bn_mont.c | 6 |
2 files changed, 7 insertions, 7 deletions
diff --git a/lib/libssl/src/crypto/bn/bn_blind.c b/lib/libssl/src/crypto/bn/bn_blind.c index 264531013ef..f424e479d36 100644 --- a/lib/libssl/src/crypto/bn/bn_blind.c +++ b/lib/libssl/src/crypto/bn/bn_blind.c @@ -176,10 +176,10 @@ void BN_BLINDING_free(BN_BLINDING *r) if(r == NULL) return; - if (r->A != NULL) BN_free(r->A ); - if (r->Ai != NULL) BN_free(r->Ai); - if (r->e != NULL) BN_free(r->e ); - if (r->mod != NULL) BN_free(r->mod); + if (r->A != NULL) BN_clear_free(r->A ); + if (r->Ai != NULL) BN_clear_free(r->Ai); + if (r->e != NULL) BN_clear_free(r->e ); + if (r->mod != NULL) BN_clear_free(r->mod); free(r); } diff --git a/lib/libssl/src/crypto/bn/bn_mont.c b/lib/libssl/src/crypto/bn/bn_mont.c index 133c597c333..456a80bde61 100644 --- a/lib/libssl/src/crypto/bn/bn_mont.c +++ b/lib/libssl/src/crypto/bn/bn_mont.c @@ -345,9 +345,9 @@ void BN_MONT_CTX_free(BN_MONT_CTX *mont) if(mont == NULL) return; - BN_free(&(mont->RR)); - BN_free(&(mont->N)); - BN_free(&(mont->Ni)); + BN_clear_free(&(mont->RR)); + BN_clear_free(&(mont->N)); + BN_clear_free(&(mont->Ni)); if (mont->flags & BN_FLG_MALLOCED) free(mont); } |