Hi Thomas, Looking at the latest SRP patch [1], I noticed the patch was not zeroizing all keying buffers used with RAND_bytes [and perhaps erroneously RAND_pseudo_bytes]. For example, a particular buffer is last used in routine run_srp(const char *username, ...) at line 3171. But the buffer is not zeroized on exit even though due diligence is applied to the subsequent BIGNUM (which is cleared with BN_clear_free).
Jeffrey Walton [1] http://rt.openssl.org/Ticket/Attachment/25682/12416/srp-openssl-20100208-patch.txt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
