Commit a8f95768 authored by Kazuki Yamaguchi's avatar Kazuki Yamaguchi Committed by Rich Salz
Browse files

Properly zero cipher_data for ChaCha20-Poly1305 on cleanup 



Fix a typo. Probably this has not been found because EVP_CIPHER_CTX is
smaller than EVP_CHACHA_AEAD_CTX and heap overflow does not occur.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2294)
parent 8653e78f

crypto/evp/e_chacha20_poly1305.c

+1 −1
Original line number Diff line number Diff line
@@ -316,7 +316,7 @@ static int chacha20_poly1305_cleanup(EVP_CIPHER_CTX *ctx) 
{

    EVP_CHACHA_AEAD_CTX *actx = aead_data(ctx);

    if (actx)

        OPENSSL_cleanse(ctx->cipher_data, sizeof(*ctx) + Poly1305_ctx_size());

        OPENSSL_cleanse(ctx->cipher_data, sizeof(*actx) + Poly1305_ctx_size());

    return 1;

}