Clean premaster_secret for GOST

Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-06-04 11:16:16 +01:00 · 2015-06-04 11:16:16 +01:00 · b7ee4815f2
commit b7ee4815f2
parent c56353071d
1 changed files with 1 additions and 0 deletions
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@ -2825,6 +2825,7 @@ int ssl3_get_client_key_exchange(SSL *s)
                                                        s->
                                                        session->master_key,
                                                        premaster_secret, 32);
+        OPENSSL_cleanse(premaster_secret, sizeof(premaster_secret));
        if (s->session->master_key_length < 0) {
            al = SSL_AD_INTERNAL_ERROR;
            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);