[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Fri Aug 25 14:38:54 UTC 2017
The branch OpenSSL_1_1_0-stable has been updated
via f444552d7df09e40f5cdef144c8758f17e1cb48e (commit)
from 568a5210e0fde8b5cb6a70296276d4b4c3c7dd9b (commit)
- Log -----------------------------------------------------------------
commit f444552d7df09e40f5cdef144c8758f17e1cb48e
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Thu Aug 24 07:53:13 2017 +0200
Clear secret stack values after use in curve25519.c
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4242)
(cherry picked from commit 78f1e4d0b063e17c9700f2aceecaca03bfa434f3)
-----------------------------------------------------------------------
Summary of changes:
crypto/ec/curve25519.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c
index e535823..c8aa9aa 100644
--- a/crypto/ec/curve25519.c
+++ b/crypto/ec/curve25519.c
@@ -3226,6 +3226,8 @@ static void ge_scalarmult_base(ge_p3 *h, const uint8_t *a) {
ge_madd(&r, h, &t);
ge_p1p1_to_p3(h, &r);
}
+
+ OPENSSL_cleanse(e, sizeof(e));
}
/* Replace (f,g) with (g,f) if b == 1;
@@ -3356,6 +3358,8 @@ static void x25519_scalar_mult_generic(uint8_t out[32],
fe_invert(z2, z2);
fe_mul(x2, x2, z2);
fe_tobytes(out, x2);
+
+ OPENSSL_cleanse(e, sizeof(e));
}
static void x25519_scalar_mult(uint8_t out[32], const uint8_t scalar[32],
@@ -3391,4 +3395,6 @@ void X25519_public_from_private(uint8_t out_public_value[32],
fe_invert(zminusy_inv, zminusy);
fe_mul(zplusy, zplusy, zminusy_inv);
fe_tobytes(out_public_value, zplusy);
+
+ OPENSSL_cleanse(e, sizeof(e));
}
More information about the openssl-commits
mailing list