The branch master has been updated
via 1f83edda7b13b371b16de2ebff6455c8bc6dbbcd (commit)
from fdc83a7c50a0681c309e2249a43d7a21080c4265 (commit)
- Log -----------------------------------------------------------------
commit 1f83edda7b13b371b16de2ebff6455c8bc6dbbcd
Author: EasySec <[email protected]>
Date: Mon Oct 16 15:05:10 2017 -0400
Cleaning secret data after use
Reviewed-by: Paul Dale <[email protected]>
Reviewed-by: Rich Salz <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/4509)
-----------------------------------------------------------------------
Summary of changes:
apps/enc.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/apps/enc.c b/apps/enc.c
index 5117a49..14b029b 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -476,9 +476,13 @@ int enc_main(int argc, char **argv)
BIO_printf(bio_err, "iv undefined\n");
goto end;
}
- if ((hkey != NULL) && !set_hex(hkey, key,
EVP_CIPHER_key_length(cipher))) {
- BIO_printf(bio_err, "invalid hex key value\n");
- goto end;
+ if (hkey != NULL) {
+ if (!set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {
+ BIO_printf(bio_err, "invalid hex key value\n");
+ goto end;
+ }
+ /* wiping secret data as we no longer need it */
+ OPENSSL_cleanse(hkey, strlen(hkey));
}
if ((benc = BIO_new(BIO_f_cipher())) == NULL)
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
