The branch OpenSSL_1_0_2-stable has been updated via 0e4690165b4beb6777b747b0aeb1646a301f41d9 (commit) from 3ade92e785bb3777c92332f88e23f6ce906ee260 (commit)
- Log ----------------------------------------------------------------- commit 0e4690165b4beb6777b747b0aeb1646a301f41d9 Author: Dr. Matthias St. Pierre <matthias.st.pie...@ncp-e.com> Date: Sun Oct 16 00:53:33 2016 +0200 Fix leak of secrecy in ecdh_compute_key() A temporary buffer containing g^xy was not cleared in ecdh_compute_key() before freeing it, so the shared secret was leaked in memory. Reviewed-by: Kurt Roeckx <k...@openssl.org> Reviewed-by: Matt Caswell <m...@openssl.org> ----------------------------------------------------------------------- Summary of changes: crypto/ecdh/ech_ossl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c index df115cc..d3b0524 100644 --- a/crypto/ecdh/ech_ossl.c +++ b/crypto/ecdh/ech_ossl.c @@ -212,7 +212,9 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, BN_CTX_end(ctx); if (ctx) BN_CTX_free(ctx); - if (buf) + if (buf) { + OPENSSL_cleanse(buf, buflen); OPENSSL_free(buf); + } return (ret); } _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits