Commit 1f83edda authored by EasySec's avatar EasySec Committed by Rich Salz
Browse files

Cleaning secret data after use 



Reviewed-by: default avatarPaul Dale <paul.dale@oracle.com>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4509)
parent fdc83a7c

apps/enc.c

+7 −3
Original line number Diff line number Diff line
@@ -476,10 +476,14 @@ int enc_main(int argc, char **argv) 
            BIO_printf(bio_err, "iv undefined\n");

            goto end;

        }

        if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {

        if (hkey != NULL) {

            if (!set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {

                BIO_printf(bio_err, "invalid hex key value\n");

                goto end;

            }

            /* wiping secret data as we no longer need it */

            OPENSSL_cleanse(hkey, strlen(hkey));

        }



        if ((benc = BIO_new(BIO_f_cipher())) == NULL)

            goto end;