Commit 0e469016 authored by Dr. Matthias St. Pierre's avatar Dr. Matthias St. Pierre Committed by Matt Caswell
Browse files

Fix leak of secrecy in ecdh_compute_key() 



A temporary buffer containing g^xy was not cleared in ecdh_compute_key()
before freeing it, so the shared secret was leaked in memory.

Reviewed-by: default avatarKurt Roeckx <kurt@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent 3ade92e7

crypto/ecdh/ech_ossl.c

+3 −1
Original line number Original line Diff line number Diff line
@@ -212,7 +212,9 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, 
        BN_CTX_end(ctx);

        BN_CTX_end(ctx);

    if (ctx)

    if (ctx)

        BN_CTX_free(ctx);

        BN_CTX_free(ctx);

    if (buf)

    if (buf) {

        OPENSSL_cleanse(buf, buflen);

        OPENSSL_free(buf);

        OPENSSL_free(buf);

    }

    return (ret);

    return (ret);

}
 
}