Commit 070ce40b authored by Matt Caswell's avatar Matt Caswell
Browse files

Reset the HKDF state between operations 



Fixes #7497

Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7501)

(cherry picked from commit ca55d70be031746daddd8bd0611db54ed81f1737)
parent 7e01266f

crypto/kdf/hkdf.c

+13 −1
Original line number Diff line number Diff line
@@ -175,6 +175,18 @@ static int pkey_hkdf_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, 
    return -2;

}



static int pkey_hkdf_derive_init(EVP_PKEY_CTX *ctx)

{

    HKDF_PKEY_CTX *kctx = ctx->data;



    OPENSSL_clear_free(kctx->key, kctx->key_len);

    OPENSSL_clear_free(kctx->salt, kctx->salt_len);

    OPENSSL_cleanse(kctx->info, kctx->info_len);

    memset(kctx, 0, sizeof(*kctx));



    return 1;

}



static int pkey_hkdf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,

                            size_t *keylen)

{
@@ -236,7 +248,7 @@ const EVP_PKEY_METHOD hkdf_pkey_meth = { 


    0, 0,



    0,

    pkey_hkdf_derive_init,

    pkey_hkdf_derive,

    pkey_hkdf_ctrl,

    pkey_hkdf_ctrl_str