Clean premaster_secret for GOST

Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: N Rich Salz <rsalz@openssl.org>

Clean premaster_secret for GOST
Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: N Rich Salz <rsalz@openssl.org>
b7ee4815 · Matt Caswell · c5635307 · b7ee4815
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

ssl/s3_srvr.c ssl/s3_srvr.c +1 -0

未找到文件。
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2825,6 +2825,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                                                        s->
                                                        session->master_key,
                                                        premaster_secret, 32);
+        OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
        if (s->session->master_key_length < 0) {
            al = SSL_AD_INTERNAL_ERROR;
            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);