[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Matt Caswell matt at openssl.org
Tue Oct 25 21:09:46 UTC 2016

The branch OpenSSL_1_0_1-stable has been updated
       via  a100602d58b0a2cfba1c0419470e637bb5fd227d (commit)
      from  9d9e0535366b4e5cfb2eb4d74be6b3d546b98fe8 (commit)

- Log -----------------------------------------------------------------
commit a100602d58b0a2cfba1c0419470e637bb5fd227d
Author: Dr. Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
Date:   Sun Oct 16 00:53:33 2016 +0200

    Fix leak of secrecy in ecdh_compute_key()
    A temporary buffer containing g^xy was not cleared in ecdh_compute_key()
    before freeing it, so the shared secret was leaked in memory.
    Reviewed-by: Kurt Roeckx <kurt at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (cherry picked from commit 0e4690165b4beb6777b747b0aeb1646a301f41d9)


Summary of changes:
 crypto/ecdh/ech_ossl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c
index d448b19..2d14252 100644
--- a/crypto/ecdh/ech_ossl.c
+++ b/crypto/ecdh/ech_ossl.c
@@ -202,7 +202,9 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
     if (ctx)
-    if (buf)
+    if (buf) {
+        OPENSSL_cleanse(buf, buflen);
+    }
     return (ret);

More information about the openssl-commits mailing list