[openssl-users] openssl 1.1.1 opaque structures
Matt Caswell
matt at openssl.org
Tue Nov 20 09:36:15 UTC 2018
On 20/11/2018 06:49, priya p wrote:
> Hi,
>
> In openssl-1.1.1, few structures have been made opaque like HMAC_CTX,
> EVP_CIPHER_CTX etc.,
> There are new API to get and set those structure members. But to zeroize those
> structure members in place, I dont see any API.
> Eg : DH strcuture has members like pub_key, priv_key. To zeroize the priv_key ,
> what API should be used ?
>
>
> Can anyone clarify this ?
In the case of DH, DH_free() also zeroizes.
Matt
More information about the openssl-users
mailing list